Wed Oct 15, 2003
Security Scrapbook - Espionage & Privacy News of the Week.
To: Clients, colleagues and friends.
Subject: Espionage & Privacy News of the Week.
===================================================
Kevin's Security Scrapbook is published on an irregular
basis for a select audience. HTML versions are archived at http://www.spybusters.com/Security_Scrapbook.html
=================================================== SPECIAL SECTION -- Security Director News
SPECIAL SECTION -- We Salute Pennsylvania Bugs
SPECIAL SECTION -- Deja View or Corporate Espionage?
SPECIAL SECTION -- All Things Considered
SPECIAL SECTION -- Espionage Notes
SPECIAL SECTION -- Don't Waste Your Time Here... ===================================================
SPECIAL SECTION -- Security Director News
Cautionary Tale #657 - Lock Down Those Laptops! Philadelphia - An instructor teaching a group of new airport security screeners had his laptop stolen after leaving it in a hotel meeting room during a break in the seminar, officials said. The laptop contains sensitive — but not highly classified — material, a Transportation Security Administration official said. The files outlined standard airport screening procedures such as the use of magnetometers, which anyone visiting an airport could view. http://tinyurl.com/r1zk
No problem! You already have a counterespionage program... right? “Negligent failure to plan”—a new concept of liability that is rapidly gaining recognition in the courts—could devastate your company if you are unprepared when a security-related disaster strikes. ... The Institute of Management and Administration (IOMA) is sponsoring a panel of experts in a 90-minute audio conference discussing if you’re taking adequate steps to safeguard your organization. ($$$) http://www.ioma.com/products/audioconf.php?confid=58
Know what your opposition knows.
Read what they read...
"How To Get Anything On Anybody: Book 3" - How to tap.
- Find anyone's phone number.
- Lie to "Caller ID."
- How to track anyone.
- Intercept any pager.
- Build a Laser Listener.
- Procure the world's most powerful bug.
- How to set up electronic surveillance on anybody.
- How to choose a countermeasures expert.
...and many many more interesting chapters.
580 pages. ISBN 1880231131 http://www.intelligencehere.com
One man's garbage is another man's private possessions... New Hampshire - A divided state Supreme Court ruled yesterday that garbage is private, even when it is placed near the street for collection. The 4-1 ruling contradicts decisions by the U.S. Supreme Court and high courts in most other states. But the majority of the court said New Hampshire's constitution provides a stronger expectation of privacy than the federal constitution. http://www.cmonitor.com/stories/news/state2003/093003
More fun reading...
"Secrets of Computer Espionage" - Analyze your risk of becoming a target of espionage.
- Recognize and lock down vulnerabilities.
- Understand where electronic eavesdropping becomes illegal...
- ...and where it is perfectly legal.
- Discover how spies circumvent security measures.
- See how a determined spy can compromise [fill in any gadget here]. http://tinyurl.com/qo87
Eavesdropping inspections, cheap.
The look on "someone's" face, priceless. A college student was arrested yesterday on charges of hacking into someone else's online brokerage account and sticking him with an investment loss of more than $40,000 after the student obtained password information with surreptitiously installed software that recorded the investor's computer keystrokes. http://www.bizreport.com/article.php?art_id=5123 http://www.geocities.com/breranthony/jukebox/wipeout.mid (sing along)
Handicapable SpyWare... Spying with software has been around for several years, but Rick Eaton (TrueActive) decided that one new feature in his program crossed a line between monitoring and snooping. That feature is called silent deploy, which allows the buyer to place the program on someone else's computer secretly via e-mail, without having physical access to the machine. To Eaton, that constituted an invitation to install unethical and even illegal wiretaps. He removed the feature, he said, "so we could live with ourselves." http://www.ecommercetimes.com/perl/story/31849.html
Question of the Week...
Q. "With conference calls available on cell phones, how does one detect a third party on the line?" A. That evil possibility is a threat on regular phones too, of course. The difference is that we tend to think of cell phones as being strictly point-to-point and drop our caution. In both cases, you usually can't tell. Speak accordingly.
FutureWatch - Skype - Heads up folks... Skype (a free telephone service via Internet connection) 'is something to be scared of, and is probably set to become the biggest story of the year.' Critics dismiss it as hype. But Skype faces a potential court battle with the FBI. 'Because traffic over Skype is strongly encrypted and distributed over wide-ranging sources, it could hamper authorities' ability to wiretap.' An FBI spokesman says, '... it is something that we are looking into.' Of course last week's Minnesota federal court ruling that exempts VoIP from traditional telecom legislation doesn't hurt the case for VoIP. ... It is "a real opportunity to do something that is disruptive in a very positive way," Mr. Zennstrom said. "We have a big ambition with Skype: it is to make it the global telephone company." http://slashdot.org/articles/03/10/13/1120202.html?tid=126&tid=95&tid=99 http://www.skype.com/ http://tinyurl.com/r1af
SPECIAL SECTION -- We Salute Pennsylvania Bugs
Philadelphia Cheesy Steak ...out The discovery of listening devices in Mayor John F. Street's City Hall office has touched off a political furor just weeks before Election Day and raised strong suspicions that the bug was planted by the FBI as part of a criminal investigation. ... The devices were found Tuesday by police conducting a routine sweep of Street's City Hall office suite. (See.... routine sweeps do work!) http://tinyurl.com/qokd http://www.philly.com/mld/inquirer/news/front/6999636.htm Word on the Street... Officers from the Internal Affairs Division of the Philadelphia Police Department found the bug at 7:15 a.m. yesterday during a "sweep" of the mayor's office - City Hall Room 215 - for electronic devices. Such sweeps have been conducted periodically since the Goode administration, according to Police Commissioner Sylvester M. Johnson. What was found was described by one top investigator as an "extremely sophisticated" battery-powered device designed to broadcast to a remote location, such as another building or a van parked outside. "Whoever did it was professional," an official said. The bug was not a recording device. The base unit for the device was in the ceiling above the mayor's desk. Several remote microphones were placed in the ceiling throughout the spacious office. The unit had enough battery power to operate for several months. The discovery yesterday came at a time of heightened worry in the Street camp about surveillance. http://www.philly.com/mld/philly/6957314.htm Mayor suspects (oh, let me guess) the janitor... Did the events that have stopped Philadelphia's mayoral campaign in its tracks begin with a night janitor? Is that how the sophisticated eavesdropping devices discovered Tuesday morning in Mayor Street's office got there? Even the mayor himself thinks that might be how the bugger avoided prevention by the police officers who guard Street's office around the clock. http://www.philly.com/mld/dailynews/news/local/6968379.htm Public reaction... The revelation that Mayor Street's office was bugged has fueled sales of countersurveillance products in the area, as residents and businesses wonder whether their homes and offices are safe from unwanted eavesdroppers. http://www.philly.com/mld/inquirer/news/local/6976880.htm This just in... The bugging lasted only two weeks. The device used to eavesdrop on conversations in Mayor Street's City Hall office was secretly planted about two weeks before Philadelphia police discovered it in the ceiling, people familiar with the investigation said yesterday. The bugging was limited in another important way: FBI agents were not permitted to listen in on all of the dozens of people who met with the mayor, but only to conversations involving a short list of visitors, the sources said yesterday. The judge who approved the bugging signed off on a restricted order that sought to strike a balance between the FBI's attempt to ferret out possible evidence of wrongdoing and the right to privacy of Street and any citizens who met with him, the official said. The fact that the bug - a state-of-the-art device powering two microphones - had to be turned on and off strongly suggests something else: That the FBI, either by tailing suspects or relying on an informant, knew when the selected list of people would arrive for meetings at City Hall Room 215, the spacious mayoral office. It could not be learned precisely which people the judge gave the FBI agents approval to bug. http://www.philly.com/mld/inquirer/news/front/7014707.htm
(...and remember this story from the last Security Scrapbook?) Thus proving... Ignorance of the lawyer is no excuse. PA - A former Chester County lawyer who pleaded guilty yesterday to bugging his ex-girlfriend's bedroom was sentenced to five years' probation. The attorney also was ordered to have no contact with the victim, Kim Nguyen, or her family. ... he pleaded guilty to criminal trespass and two counts of violating state wiretap laws, all felonies. ... She told police she suspected her apartment was bugged. When police searched the bedroom, they found a hidden listening device attached to a phone line. Police learned that he had paid for the phone line, according to an affidavit. Police believe he broke into Nguyen's apartment to plant the bug. http://www.philly.com/mld/inquirer/news/local/6806442.htm One of our sources provides first-hand insights... "I used to think that most 'spy shop' stuff was such junk that although it was sometimes found in domestic sweeps it was rather ineffective for information gathering. I saw this device right after the preventives located it behind a dresser and still didn't think too much of it. Then, about three weeks later, I got to read the multi-page affidavit of probable cause developed to get the mutt popped: This relatively cheap piece of spy shop junk sure gave the dude the keys to her kingdom!" Another confidential rejoinder echoed this respect for 'cheap' bugs... "I was amazed when we discovered a wireless baby monitor acting as a bug in FL last weekend. Only $30. but so sensitive that anything said, in any part of the 2-story office condo, could be heard..."
SPECIAL SECTION -- Deja View or Corporate Espionage?
Is that your mini-peeper, or are you just glad to see me? JonesCAM LX is a mobile "hands free" micro-video product which when configured with facial recognition software, will “recognize” suspects, and permit law enforcement and security agents to record and broadcast what they see while providing “real-time situational awareness." http://www.jonescam.tv/jonescam_lx.html (with photo)
Is that your mini-peeper, or are you just glad to see me too? Deja View, of Brick, N.J., says it will soon produce the Camwear 100, a digital video camera about an inch long and smaller than a nickel in diameter. The lipstick container-sized camera can be worn, as the name implies, by unobtrusively clipping it to a pair of eyeglasses or on a baseball cap's bill. And the camera sends its images to a cell phone-sized device worn on a person's hip. http://www.newsfactor.com/perl/story/22393.html
SPECIAL SECTION -- All Things Considered
The Uber-Bug... (Seller and product unverified.) From product literature... "THE ULTIMATE TELEPHONE RECORDER AND ROOM BUG!!!! This is, without a doubt, the ultimate automatic telephone recorder. It’s the most sophisticated device of its kind ever offered, yet is very simple to use and does not require any tapes. It has an unprecedented recording capacity of 2600 hours! ... It’s even capable of functioning as a room “bug”! Just set it to its voice-activated room-recording mode, and you’ll have time-stamped recordings of everything that was said in your room while you were away." http://www.sell.com/2K6V6
FutureWatch - See the wave. Catch the bug. I found someone else who has the same dream about being able to visualize radio waves. They have a different approach and different reasons for wanting to do it, but the concept is the same. What a kick. Be sure to view the movie... http://people.interaction-ivrea.it/d.agnelli/on/fv/
More "Free" phone call news... "Voice-over-IP service provider Vonage today said it has provisioned 50,000 lines since launching its service in April 2002 and is adding new customers at a rate of 2000 lines per week." ... We bought one of their VoIP phones last week for testing. Works great, sounds great. $34.99 per month for unlimited calls anywhere in the US & Canada. Australia... 6 cents per minute. http://tinyurl.com/qofj http://www.vonage.com/
...thus offering guests another 'ace in the hole.' Tropicana Casino and Resort on Tuesday disclosed the 42 tenants who will occupy The Quarter, the $245 million, Old Havana-themed expansion scheduled to open in five months. ... There are all sorts of shops: including the Spy Store for electronic surveillance products. http://tinyurl.com/r11q
SPECIAL SECTION -- Espionage Notes
LoverSpy... Spyware.LoverSpy allows the remote controller to perform any of the following actions:
- Monitors the emails transmitted through Hotmail, Yahoo, AOL, Excite, and Outlook and forwards the email messages to the predefined email address.
- Download/Upload/Execute/Delete files.
- Steal passwords.
- Keylogger.
- Monitors Web sites visited and instant messaging communication.
The logged information is periodically sent to a predefined email address.
Norton just updated their AntiVirus program to handle this little bugger. http://securityresponse.symantec.com/avcenter/venc/data/
Speaking of LoverSpy...
This Week in Spy History: Dutch spy H21, also known as Mata Hari, is executed in Paris by a 12-man firing squad. The dancer, born Gertrude Zelle, had slept with a number of high-ranking military officers from around the world and passed secrets along to the German high command. After death, her body is given to the University of Paris medical school for dissection. (October 15, 1917)
Quote of the Week... "It's so nice when espionage can bring a son closer to his father." - Adam Berstein
...writing in The Washington Post about Dan Pinck (ex-OSS hero) and his son Charlie Pinck (renowned Washington PI). http://www.osssociety.org/oss_fall_03.pdf
This Week at The International Spy Museum...
Spy School Workshop: Surveillance 101
Wednesday, 15 October 2003; 6 – 9 pm KidSpy School: Disguise Workshop
Sunday, 19 October 2003; 2 – 4 pm
SPECIAL SECTION -- Don't Waste Your Time Here...
...and we nab Moose and Squirrel.
So whadz youz say, Fearless Leader? If you live in Russia's Far East and don't pay your electricity bills on time, you would be well advised to keep a close eye on your pets ... "We will take their nearest and dearest - their pets," says Dalenergo chief Nikolai Tkachev, whose company is owed $10m. "And let a dad explain to his daughter why their beloved moggie was taken away." The company would then hold the pets in detention until their owners stump up. If they don't, it will sell them to the highest bidder. ... Dalenergo's parent company, Unified Energy Systems, quickly intervened to disown the pet-snatching plan. http://news.bbc.co.uk/2/hi/europe/3159182.stm
Frank's franks and other perf-people... Snap-happy Japan's love affair with the camera has reached new heights -- people now can put their face or favorite pic on a stamp. ...take a snapshot down to the local post office and order stamps made from it. http://money.cnn.com/2003/10/03/news/funny/stamps.reut/index.htm
Mmm... Yellow Stickies. Real life 'drama'. Phone call recording released from a federal investigation. http://tinyurl.com/r1i4
Fri Oct 10, 2003
Security Scrapbook - Espionage & Privacy News of the Week.
To: Clients, colleagues and friends.
Subject: Espionage & Privacy News of the Week.
===================================================
Kevin's Security Scrapbook is published on an irregular
basis for a select audience. HTML versions are archived at
http://www.spybusters.com/Security_Scrapbook.html
=================================================== SPECIAL SECTION -- Murray Associates visits "K Street" ===================================================
SPECIAL SECTION -- Murray Associates visits "K Street"
HBO television this Sunday (10/12) at 10PM
Ever try to explain an eavesdropping prevention "sweep" to your boss, family or friends?
Maybe it would be easier if you just showed them!
This week Murray Associates swept James Carville's "K Street" offices. Our inspection process will be briefly highlighted on this week's episode along with the special prevention instrumentation we developed - Thermal Emissions Spectrum Analysis (TESA®), and Radio Reconnaissance Spectrum Analysis (RRSA®).
Also featured on the show is a follow-up eavesdropping countermeasures product called Noisebath®. Developed by Noel Matchett, a former NSA employee, Noisebath is recognized as the technically correct way to create sound masking environments (as opposed to filterable 'white' or 'pink' noise). Noel's firm is Information Security Incorporated (301-565-8168).
About the show... "Executive produced by George Clooney and Steven Soderbergh, HBO's latest groundbreaking series is an experimental fusion of reality and fiction -- an entertaining, fly-on-the-wall look at government, filmed in and around the corridors of power in Washington. Starring Beltway insiders James Carville, Mary Matalin, Michael Deaver -- and a host of political celebrities."
http://www.hbo.com/kstreet/
Just interesting... George Clooney does his own camera work and is one of the nicest, most unassuming people you could ever meet.
Our thanks to the producers, cast and crew for including us in their show, putting us up (and, up with us) for two days, and for their warm hospitality.
Eavesdropping Detection Services
United Kingdom Eavesdropping Detection Services
