Tuesday, July 29, 2014

Security Scrapbook Post #5000 - FREE SpyWarn™ Announcement

Thank you to everyone who has enjoyed and contributed to Kevin's Security Scrapbook over the years. 5000 is a milestone, and a good time for you to dig into the archives. Enjoy!

It is also a good time to let my clients (and potential clients) know about a new benefit of using Murray Associates services...


1. Free Cell Phone MicSpike with Carry Container
    Prevents phones from being turned into bugging devices.

2. Free Anti-Spyware Kit for Smartphones
    Includes the MicSpike™ and more security items.
    SpyWarn™ security kit works for all types of phones.
    It is not available elsewhere. (patent pending)
    Details and free smartphone security tips at...

3. Free SpyWarn™ Android app.
    A forensic evaluation for discovering spyware
    infections on smartphones.
    Details at... http://www.spywarn.com

4. Free book, "Is My Cell Phone Bugged?
    Amazon rated...



Available only to clients and those whose offices we inspect.

This is the perfect time to add our Information
Security / TSCM* services to your security program.
*Technical Surveillance Countermeasures (aka, a bug sweep)

Download our introductory booklet.

Have questions? Need an estimate?
Just call me... from a "safe" phone.


Best regards,
Kevin D. Murray, CPP, CISM, CFE, MPSC

"Hey, what's your TSCM provider doing for you?"

Monday, July 28, 2014

Son Bugs Mom's Phone - $500.00 Fine

IL - A judge has fined a Lincoln man $500 for bugging his 90-year-old mother’s phone.

Richard Stamler, 60, pleaded no contest to disturbing the peace last week, and Lancaster County District Judge Andrew Jacobsen fined him... 

Stamler’s sister called police March 28, 2013, after she found a recording device in the basement of their mother’s home that had been connected to the phone line and set to record any time someone in the house picked up a phone.

She told police she recognized her brother’s voice reciting date information on the tape. He admitted to police he recorded calls on his mother's phone, but didn't think it was illegal. (more)

Snooping & Bugging: Five High Profile Cases (and this is just in India)

Was Nitin Gadkari's house bugged? The reported recovery of listening devices from Union Minister Gadkari's house has set tongues wagging in political circles, with Congress suggesting that this shows there is lack of trust among the NDA leaders. Even former Prime Minister Manmohan Singh has demanded a probe into this matter.

However, this is not the first time that news of political leaders being snooped upon by their adversaries has surfaced in the media. Let's look back at some similar controversies from the past... (more)

Sunday, July 27, 2014

The FBI Speaks Out: Economic Espionage and Protecting Trade Secrets

When: 7/30/2014
From 5:00 PM until 7:00 PM

Where: Boston Bar Association
16 Beacon Street
Boston, Massachusetts
United States

Trade secret thefts, both domestic and international, cost U.S. companies billions of dollars per year.  Over 85 percent of trade secret thefts involve employees and business partners.  It is imperative to put a trade secret protection program in place. The FBI will show you why and how. 

In a joint BBA/BPLA sponsored event, federal enforcement specialists Carmine Nigro and Ted Distaso, Brian Moriarty of Hamilton Brook Smith Reynolds, P.C., and Russell Beck of Beck Reed Riden LLP discuss methods of trade secret theft and best practices in theft prevention. (more) (register)

FYI - Just up the street from:
Cheers (pub)
84 Beacon St.
Boston, MA 02108

"Where everybody knows your name." (But that's another privacy issue.)

Reports of India Minister Bedroom Being Bugged

India - Former Prime Minister Manmohan Singh today said there should be an investigation into the report of bugging devices having been found in Union Minister Nitin Gadkari's residence and asked Government to explain the issue in Parliament.

"If Ministers' houses are bugged, then it is not a good omen. It should be investigated. How can it happen? it should be explained by the Government in the House," he told reporters at an Iftar get-together hosted by Congress President Sonia Gandhi

A media report has claimed that high power listening devices were found in the bed room at the 13 Teen Murti Lane residence here of Gadkari, the Road Transport and Highways Minister. (more)

Cost of Corporate Espionage in Germany Today

Every year, industrial espionage costs German businesses around 11.8 billion euros ($16 billion), according to a survey released Monday by the German security firm Corporate Trust.

Every second company in Germany has faced attacks - whether successful or not - with more than three-quarters of those surveyed registering financial losses as a result.

Corporate Trust said the survey reflected answers from 6,767 companies, some 40 percent of which estimated the damage from espionage had cost them anywhere from 10,000 euros to 100,000 euros.

Twelve percent said they lost more than 100,000 euros, and 4.5 percent said they lost more than 1 million euros. (more)

The Easy Fix to About 70% of Data Hacks

You never know when malware will bite. Even browsing an online restaurant menu can download malicious code, put there by hackers.

Much has been said that Target’s hackers accessed the giant’s records via its heating and cooling system. They’ve even infiltrated thermostats and printers among the “Internet of Things”.
It doesn’t help that swarms of third parties are routinely given access to corporate systems. A company relies upon software to control all sorts of things like A/C, heating, billing, graphics, health insurance providers, to name a few. If just one of these systems can be busted into, the hacker can crack ‘em all...

One way to strengthen security seems too simple: Keep the networks for vending machines, heating and cooling, printers, etc., separate from the networks leading to H.R. data, credit card information and other critical information. Access to sensitive data should require super strong passwords and be set up with a set of security protocols that can detect suspicious activity. (more)

See Around Corners with Pocket Drone

Researchers at the U.S. Army Natick Soldier Research, Development and Engineering Center are developing a pocket-sized aerial surveillance device for Soldiers and small units operating in challenging ground environments.

The Cargo Pocket Intelligence, Surveillance and Reconnaissance program, or CP-ISR, seeks to develop a mobile Soldier sensor to increase the situational awareness of dismounted Soldiers by providing real-time video surveillance of threat areas within their immediate operational environment.

While larger systems have been used to provide over-the-hill ISR capabilities on the battlefield for almost a decade, none of those delivers it directly to the squad level, where Soldiers need the ability to see around the corner or into the next room during combat missions. (more)

See around Corners. Turn Walls into Mirrors. Well, sort of...

The functional difference between a diffuse wall and a mirror is well understood: one scatters back into all directions, and the other one preserves the directionality of reflected light.
The temporal structure of the light, however, is left intact by both: assuming simple surface reflection, photons that arrive first are reflected first. In this paper, we exploit this insight to recover objects outside the line of sight from second-order diffuse reflections, effectively turning walls into mirrors. (more)

SpyCam'er Goes Free - Guilty or Not - You Decide

UK - A man who hid his phone in a toilet with the intention of filming his colleagues has been cleared of three charges of voyeurism – after magistrates accepted he has an extreme phobia of diarrhea and vomit.

A psychologist was called in to explain how Thomas Clark's actions were not as perverse as was being claimed by prosecutors.

The 28-year-old, from Barry Close in Tilgate, told a court he was petrified someone using the unisex toilet at his workplace before him might have suffered a bout of diarrhea or been sick.

Between November 1, 2012, and June 5, 2013, Mr Clark's phone was found on three occasions hidden in the toilet, by women he worked with at an office in Southgate.

On one occasion it was found in a bin, on another in a newspaper and on the third occasion in an Argos catalog. (more)

Yo, Barry... check it out.

Friday, July 25, 2014

NJ's Top Court Proposes Change to Spousal Immunity

New Jersey's Supreme Court is proposing an exception to the law that keeps conversations between a husband and wife private...

The state's highest court sided with the appeals court that marital communication does not lose its privacy just because it's heard by wiretap. But the justices proposed that the Legislature create a crime-fraud exception when spouses are jointly involved in criminal activity. (more)

Ford - Listening Devices Found in Company Meeting Rooms

A former Ford engineer is being probed by the FBI after listening devices were found in meeting rooms at company offices.

Ford issued a statement saying that it "initiated an investigation of a now-former employee and requested the assistance of the FBI."

It also adds that Ford's offices were not searched by the agency. "Ford voluntarily provided the information and items requested in the search warrant. We continue to work in cooperation with the FBI on this joint investigation. As this is an ongoing investigation, we are not able to provide additional details." (more)

(Sharon) Leach admitted hiding the devices under tables to help her transcribe meetings, her lawyer said... 

The devices were installed before meetings but could not be easily removed, her lawyer said. The audio devices were left in the conference rooms and unintentionally recorded other meetings.

In all, Leach gave Ford security eight Sansa recording devices, her lawyer said. Those are the same devices listed on the FBI’s search warrant on July 11. (more)

From the 'Things are Tough All Over' Files - Scottish Espionage Bankrupt

A renowned four-floor Old Town nightclub has been put up for sale after its parent companies plunged into administration.

Dozens of jobs are at risk while the future of Espionage – based inside India Buildings in Victoria Street – is thrashed out. (more)

What Cats Can Teach You About Personal Privacy

Ever posted a picture of your cat online?

Unless your privacy settings avoid making APIs publicly available on sites like Flickr, Twitpic, Instagram or the like, there's a cat stalker who knows where your liddl' puddin' lives, and he's totally pwned your pussy by geolocating it. 

Mundy, a data analyst, artist, and Associate Professor in the Department of Art at Florida State University, has been working on the data visualization project, which is called I Know Where Your Cat Lives.

It's a data experiment that takes advantage of a furry monolith: some 15 million images currently tagged with the word "cat" on public image hosting sites, with more being uploaded at a rate of thousands more per day.

Mundy isn't even particularly a cat person. He could just have easily called the project "I know where your kid sleeps". Creepy? Oh yeah - much worse than kitty-stalking creepy. That is, of course, the point of the project... (more) (The Map)

Tip: Go tighten up your privacy settings. Better yet, turn off geo-location when taking photos. Ultimate better, stop posting.

Thursday, July 24, 2014

Proof the Surveillance Society is Making us Crazy - CV Dazzle

This is how bad things are getting...

"The NSA made me slather my face in make-up... I had slathered the paint on my face in order to hide from computers. The patterns in which I applied the paint were important: To the pixel-calculating machinations of facial recognition algorithms, they transformed my face into a mess of unremarkable pixels. In the computer’s vision, my face caused a momentary burst of confusion. That’s why the patterns are called computer vision dazzle (or CV dazzle). When it works, CV dazzle keeps facial-recognition algorithms from seeing a face...

...more unexpected was what CV dazzle taught me about the physical world. It reminded me of another tech experiment I’d undertaken

My phone’s Reminders app can tie a message to a specific place, it triggers an alert tone every time a user comes within 500 feet. I’d tried tying these reminders to a different kind of location—the 176 embassies and diplomatic missions in Washington, D.C. Whenever I got within a couple hundred feet of one, my phone sent me a little ping: “Iceland.” “Thailand.” “Equitorial New Guinea.”...

...here is the essence of CV dazzle’s strangeness: The very thing that makes you invisible to computers makes you glaringly obvious to other humans."  (more) (official site cvdazzle.com)

Blank Reg would have loved this.