Tuesday, May 31, 2011

Warrantless cell phone searches spread to more states


(CNN) -- Think about all the data -- photos, videos, text messages, calendar items, apps, call log, voice mail, and e-mail -- on your cell phone right now. If you're arrested, could the police search your cell phone? And would they need a warrant?

That depends on which state you're in.

In California, it is legal for police to search an arrestee's cell phone without a warrant -- ever since a January decision by the California Supreme Court.

California civil rights advocates are pushing back. The Electronic Frontier Foundation is supporting California Assembly Bill SB 914, which would require police in that state to get a warrant before searching an arrestee's cell phone.

EFF also recently filed an amicus brief in the Oregon case of James Tyler Nix, a criminal suspect who was arrested and placed in a holding cell.

According to EFF, "Forty minutes after the arrest, without a warrant, an investigator fished through the suspect's cell phone looking for evidence related to his alleged crime. Law enforcement officials claim they didn't need a warrant because the search was 'incident to arrest' -- an exception to the warrant requirement intended to allow officers to perform a search for weapons or to prevent evidence from being destroyed in exigent circumstances."


Monday, May 30, 2011

Lockheed attack highlights rise in cyber espionage


NEW YORK -- Lockheed Martin Corp. has admitted it was the recent target of a "significant and tenacious" cyber attack, although the defense contractor and the Department of Homeland Security insist the hack was thwarted before any critical data was stolen.

But what about next time? With top-secret military programs at stake, staying a step ahead of ever-evolving cyber spies is not just a task for corporate IT departments, it's a matter of national security. Information security experts say the rash of cyber attacks this year - including a massive security breach at Sony Corp. ( SNE - news - people ) last month that affected millions of PlayStation users - has emboldened hackers and made them more willing to pursue sensitive information.


Saturday, May 28, 2011

PayPal and eBay accuse Google of corporate espionage

SAN FRANCISCO: Google faced a lawsuit after it unveiled a free mobile application that turns a smartphone into an electronic wallet and is designed to replace plastic credit cards.

PayPal and eBay filed a lawsuit in a California state court on Thursday charging that the Internet giant tapped into trade secrets for its newly released Google Wallet. Google did not immediately respond to the allegations.

PayPal spent three years trying to work out a deal in which it would handle payments for Android smartphones, only to see Google scuttle the talks and hire its lead negotiator Osama Bedier, according to court documents.

Bedier worked at the eBay-owned online financial services unit as a vice-president of platform, mobile, and new ventures until being hired in January by Google.

He played a central role at Google’s official unveiling in New York with financial partners Citibank, MasterCard and First Data and telecom ally Sprint, saying Google Wallet is being field tested and will be available this summer.

Google Wallet will initially work with Google’s Nexus S 4G smartphone from Sprint, the third-largest US wireless provider, and will eventually be expanded to other phones equipped with near field communication (NFC) technology.


Friday, May 27, 2011

Insider Data Theft Costs Bank of America $10 Million

A Bank of America insider who sold customer data to criminals cost the bank at least US$10 million in losses.

Bank of America began notifying customers of the incident recently, but is not providing many details of the case which is still under investigation. The theft, "involved a now former associate who provided customer information to people outside the bank, who then used the information to commit fraud against our customers," said Bank of America spokeswoman Colleen Haggerty, in an email message.

The bank lost at least $10 million to the criminals, said James Kollar, a special agent with U.S. Secret Service in Los Angeles. "There was information that was coming from the bank to the outsiders," he said. "It was basically a check scam."

About 95 members of the loosely affiliated criminal gang behind the alleged fraud, including the bank employee, were swept up in a February 2011 law enforcement action, Kollar said. However, the names of the accused have not been released, and the court case is under seal as the investigation continues.


Thursday, May 26, 2011

Smart Phone Spy Software

Beware of the "Stealth Genie"....
From the manufacturers website:

Stealth Genie is a monitoring software which is easy to install and use for Android, Blackberry and Windows Mobile smart phones. The software is very feature rich and takes less than a minute to install. It is also 100% undetectable. All you have to do is install the software on to the mobile phone of the person you wish to monitor and our product does the rest.

Stealth Genie works in the background on a phone without disrupting its functionality. It allows you to track your employees and the delivery staff out in the field through its geo location feature (GPS). Through this software you can listen in to their calls, read their messages, emails and record their surroundings. You can also access their contacts, memo’s and appointment books. Our software enables you to see videos, pictures and internet browsing history on your subjects’ mobile phone as well.

Be aware...Stay tuned..JDL

Tuesday, May 24, 2011

Cyber-Hackers: Faster, Better Equipped Than You...


Mark Clancy is intimately familiar with the in’s and out’s of cyber hacking attacks. As managing director and Corporate Information Security Officer at the Depository Trust and Clearing Corporation (DTCC), Clancy’s job is to pay attention to how crooks use virtual highways to steal data and assets — and stay a step ahead. Today that means much more than loading up some anti-virus software and patching an operating system.

“Mass attacks still continue, but the more sophisticated ones are targeted attacks,” says Clancy. “This style uses social engineering where they collect information they can find on the Internet about a broker or a client, and then send an email so the conversation seems more plausible. And in the broker/dealer world, bad guys are going after more high-net-worth clients. You go where the money is.”

Cyber attacks are not just the territory of large Wall Street firms—independents too have chinks in their armor. And while an 8-man advisory may not have seemed like the prime target for a hack a few years ago, that’s no longer true as criminals have gotten more specific about who they target, in an effort to maximize their return on investment.


Monday, May 23, 2011

Millionaire hedge fund boss accused of spying on employees


She is a glamorous and ambitious businesswoman who rose to become the highest-paid female in Britain and one of the world's wealthiest women.

Elena Ambrosiadou, who made an estimated £200 million ($305 million) after setting up a London-based hedge fund, enjoys a glamorous social life and has several expensive homes, a private jet and a £60 million yacht.

But behind the scenes at her £1.65 billion fund, Ikos Asset management, the entrepreneur has been embroiled in bitter disputes with employees, including her estranged British husband, Martin Coward, 52, one of the world's leading financial mathematicians and co-founder of the company. Now one former senior employee has claimed that, as the strife deepened, Ms Ambrosiadou began a large-scale spying operation against her employees.

Saturday, May 21, 2011

Air Force’s D.I.Y. Satellite Hackers


“A number of countries are exploring and acquiring capabilities to counter, attack, and defeat U.S. space systems,” Undersecretary of State Robert G. Joseph… the senior arms control official at the State Department… said.
…He said terrorists and enemy states might view the U.S. space program as “a highly lucrative target,” while sophisticated technologies could improve their ability to interfere with U.S. space systems and services.
Joseph did not identify terror groups or nations that might have such motives.

Nor, apparently, did Joseph mention that the Air Force already has a team of satellite-attackers in place, who’s job is to replicate terror strikes — using nothing but gadgets they can pick up at Radio Shack. My Popular Mechanics article explains:

Three or four times a year, small groups of junior officers gather at an Air Force Research Laboratory facility in New Mexico and try to figure out how to take down an American satellite using nothing more than sweet talk and off-the-shelf gear.

The U.S. military relies on satellites to relay orders, guide precision bombs and direct flying drones. But those multibillion-dollar systems can be surprisingly vulnerable to the simplest of attacks. So, its up to the members of the Space Countermeasures Hands On Program Space CHOP, for short to find those weaknesses before enemies have a chance to crack them.


Wednesday, May 18, 2011

Military Tracking Tech, From Super Scents to Quantum Dots

Scents that make you trackable, indoors and out. Nanocrystals that stick to your body, and light up on night-vision goggles. Miniradar that maps your location on Google Earth.

You can run, but you'll learn it's hard to hide from a new range of military tech. The Defense Department calls it “tagging, tracking and locating,” or TTL, this business of finding and following high-value targets on the battlefield. Ever since SEAL Team 6 took out Osama bin Laden, we’ve learned a lot about the technology used by special operators to find and reach their targets, from stealth helicopters to biometric identification devices. TTL gear, though, ranks among the spookiest Special Operations’ extremely spooky arsenal.


Woman allergic to electricity, "electromagnetic sensitivity"


A British woman cannot use an electric kettle, keeps her washing machine in a concrete outhouse and cannot have neighbours with wireless internet because she is allergic to electricity.

Janice Tunnicliffe spends every night playing Scrabble by candlelight with her husband because she claims to have a rare condition called electrosensitivity.

She cannot bear to be anywhere near electromagnetic fields of any kind and, as a result, she cannot watch television, listen to the radio or talk on a mobile phone and has been left completely isolated from the modern world by her condition.

Mrs Tunnicliffe, 55, was struck down with the illness after receiving chemotherapy for bowel cancer three years ago.

Since then she has suffered constant headaches, chest pains, nausea and tingling in her arms and legs whenever she is near electrical devices or items that emit a signal.

Her only relief in this time was when her village, near Mansfield in rural Nottinghamshire, suffered a temporary power cut.


Tuesday, May 17, 2011

Android Malware Quadrupled in Six Months

Android malware samples quadrupled between June 2010 and January 2011, according to a report from Juniper Networks and BullGuard mobile security released Monday.

The figure itself means little, since the size of the Android Market more than tripled from 80,000 to 300,000 apps between August 2010 and May 2011, but as cybercriminals become more sophisticated Android users need to start protecting their phones like they would their computers.

See PCMag's pick of the top 15 Mobile Security Tools for more information.

The greatest mobile malware risk comes from legitimate apps that have been injected with malicious software and re-packaged for app stores, Juniper wrote. DroidDream, HongTouTou, and Geinimi all used this method.


Friday, May 13, 2011

Sons of Blackwater Open Corporate Spying Shop


Veterans from the most infamous private security firm on Earth and one of the military’s most controversial datamining operations are teaming up to provide the Fortune 500 with their own private spies.

Take one part Blackwater, and another part Able Danger, the military data-mining op that claimed to have identified members of al-Qaida living in the United States before 9/11. Put ‘em together, and you’ve got a new company called Jellyfish.

Jellyfish is about corporate-information dominance. It swears it’s leaving all the spy-world baggage behind. No guns, no governments digging through private records of its citizens.

“Our organization is not going to be controversial,” pledges Keith Mahoney, the Jellyfish CEO, a former Navy officer and senior executive with Blackwater’s intelligence arm, Total Intelligence Solutions. Try not to make a joke about corporate mercenaries.

His partners know from controversy. Along with Mahoney, there’s Michael Yorio, the executive vice president for business development and another Blackwater vet; Yorio recently prepped the renamed Xe Services for its life after founder Erik Prince sold it.

Jellyfish’s chief technology officer is J.D. Smith, who was part of Able Danger until lawyers for the U.S. Special Operations Command shut the program down in 2000. Also from Able Danger is Tony Shaffer, Jellyfish’s “military operations adviser” and the ex-Defense Intelligence Agency operative who became the public face of the program in dramatic 2005 congressional testimony.

But Jellyfish isn’t about merging mercenaries with data sifters. And it’s not about going after short money like government contracts. (Although, the firm is based in D.C., where the intel community is and the titans of corporate America aren’t.)

During a Thursday press conference in Washington that served as a coming-out party for the company, Jellyfish’s executives described an all-purpose “private-sector intelligence” firm.


Hackers turn Cisco phones into remote bugging devices


Internet phones sold by Cisco Systems ship with a weakness that allows them to be turned into remote bugging devices that intercept confidential communications in a fashion similar to so many Hollywood spy movies, SC Magazine reported.

The publication quoted consultants from Australia-based HackLabs, who said customers had lost $20,000 a day from exploits, which also included attacks that forced the devices to make calls to premium phone numbers. The consultants said the underlying weaknesses were present in the default settings and could be fixed only by making changes to the phones' configuration settings. “The book says to shut off web services,” HackLabs' Peter Wesley was quoted as saying, referring to the manual that shipped with the phones. “Who's going to read all that.”


Thursday, May 12, 2011

Battle Brews Over FBI’s Warrantless GPS Tracking

Kathy Thomas knew she was under surveillance. The animal rights and environmental activist had been trailed daily by cops over several months, and had even been stopped on occasion by police and FBI agents.

But when the surveillance seemed to halt suddenly in mid-2005 after she confronted one of the agents, she thought it was all over. Months went by without a peep from the FBI surveillance teams that had been tracking her in undercover vehicles and helicopters. That’s when it occurred to her to check her car.

Rumors had been swirling among activists that the FBI might be using GPS to track them — two activists in Colorado discovered mysterious devices attached to their car bumpers in 2003 — so Thomas (a pseudonym) went out to the vehicle in a frenzy and ran her hands beneath the rear bumper. She was only half-surprised to find a small electronic device and foot-long battery wand secured to her metal fender with industrial-strength magnets.

“I think I must have found it right after they put it on, because there was no grime on it at all,” she told Threat Level recently.

The use of GPS tracking devices is poised to become one of the most contentious privacy issues before the Supreme Court, if it agrees to hear an appeal filed by the Obama administration last month. The administration is seeking to overturn a ruling by a lower court that law enforcement officials must obtain a warrant before using a tracker.


Saturday, May 7, 2011

The Little-Known Agency That Helped Kill Bin Laden


The National Geospatial Agency mapped bin Laden's compound, analyzed drone data, and helped the SEALs simulate their mission

President Obama's first brush with the National Geospatial-Intelligence Agency was ignominious. Out for lunch in May 2009, at a Five Guys burger franchise in Washington, the new President started to shake the hands of other customers, TV cameras in tow. Then he turned to men with government ID badges.

"So what do you?" the president asked. "I work for at NGA, National Geospatial-Intelligence Agency," one said.

"Outstanding. How long have you been doing that?" Obama wondered. "Six years." Obama then asked: "So, explain to me exactly what this National Geospatial..." His voice trailed off. "Uh, we work with, uh, satellite imagery." Obama: "Sounds like good work." The response is obscured by the audio.

Suffice it to say: Obama knows what the NGA does today.


Thursday, May 5, 2011

You Can Stop iPhones from Spying on You, But Not Androids


With a new software update, Apple resolved its iPhone tracking scandal that emerged after two data scientists discovered the phones record users' every move for a year. Customers of Google's Android phones aren't so lucky. Apple's new iOS update 4.3.3. makes the iPhone stop backing up location data on your computer and deletes the data when Location Services is turned off. The company says the location information is not transmitted to Apple, however, the information still remains on your phone if you don't disable Location Services. The fix, available for download now, comes just one week after Apple initially addressed the issue.

If you've got an Android phone, however, good luck. As Engadget's former managing editor Nilay Patel tweets, "It took Apple just a week to deploy this update to all iPhone users, while Android makers are still shipping 2.2." Patael's quote speaks to Android's nagging fragmentation problem in which updates come slowly because software is not compatible with all the different Android models produced by various handset makers. TechCrunch's MG Siegler highlights the problem:


‘Osama Bin Laden’ Trojan Horse Spying on Online Banking Sessions

May 05, 2011 /

Online or offline, the specter of Osama bin Laden hounds internet users no end as cyber criminals and scammers are resorting to different tactics to lure willing victims to bite on their trap, including a new Trojan horse that purports to contain death images of the notorious al-Qaeda leader.

Some instances of spreading the bin Laden malware across the cyber space include the use of phony claims in emails with malicious texts presumably leading to the “shocking video” and the classic Nigerian Letter or “419” Fraud that asks for an advance fee in exchange for a percentage of millions of dollars that the sender purports to spirit away from Nigeria.


Wednesday, May 4, 2011

Lawsuit: Rental firm spies on users

PITTSBURGH (AP) - A major furniture rental chain has software on its computers that lets it track the keystrokes, screenshots and even webcam images of customers while they use the devices at home, according to a lawsuit filed Tuesday.

The lawsuit was filed on behalf of a Wyoming couple who said they learned about the PC Rental Agent "device and/or software" inside the computer they rented last year when an Aaron's Inc. store manager in Casper came to their home on Dec. 22.

The manager tried to repossess the computer because he mistakenly believed the couple hadn't finished paying for it, the couple said. Brian Byrd, 26, said the manager showed him a picture of Byrd using the computer — taken by the computer's webcam. The image was shot with the help of spying software, which the lawsuit contends is made by North East, Pa.-based Designerware LLC and is installed on all Aaron's rental computers.

"It feels like we were pretty much invaded, like somebody else was in our house," Byrd told The Associated Press in an exclusive telephone interview, the day before the suit was filed Tuesday in U.S. District Court in Erie. "It's a weird feeling, I can't really describe it. I had to sit down for a minute after he showed me that picture."


Sunday, May 1, 2011

James Bond-style gadgets to stop company spies


Corporate espionage is becoming more common, with bribery and bugging playing a large part in businesses keeping up with their competition.

Eavesdropping on a rival is expensive, but trying to prevent it can cost even more.

The BBC's Joe Lynam reports. He spoke to Andy Williams, head of security for banking firm Nomura, and Crispin Sturrock from the WhiteRock, which works to prevent corporate espionage.