Sunday, January 21, 2018

White Marsh Mall Spycam Man Suspect Charged - Day job... runs business that installs security cameras.

Baltimore County police say they are analyzing electronic items seized from the Abingdon home of a man charged with secretly recording people in a bathroom at White Marsh Mall.

The suspect, 40-year-old Mussawwir Sterrett, is general manager of a company that provides technology services including security camera installation, police said.

Sterrett is accused of placing a small camera, pointed toward a toilet, in the family bathroom near the mall’s food court on Dec. 23. The camera recorded 11 people, both children and adults, according to police spokeswoman Officer Jennifer Peach.

Sterrett faces charges of “peeping Tom” and visual surveillance with prurient intent. more

Vineyard Owners Arrested for Eavesdropping... didn't hear it through the grapevine.

The owners of a Monroe County winery accused of recording customers and employees without their knowledge say they were surprised by their arrests and subsequent criminal charges.

Randy and Linda Rice, who own and operate Mountain View Vineyards in Hamilton and Jackson Townships, were arrested Thursday and charged with interception of oral communications and possession of devices utilized to surreptitiously record oral communications.

The Monroe County District Attorney's Office said it was tipped off in December that there was illegal wiretapping at the winery part of the business at 2332 Walters Road in Hamilton Township.

Detectives on Thursday found wireless surveillance cameras in the new winery, but no signs indicating the cameras were recording video and audio. Prosecutors say only two employees knew audio was being recorded and monitored. more sing-a-long

Economic Espionage, Theft of Trade Secrets - 5 Year Sentence

A former software engineer for IBM in China has been sentenced to five years in prison for stealing the source code for highly valuable software developed by the tech company, the U.S. Justice Department announced Friday.

Xu Jiaqiang, 31, was sentenced Thursday by a federal judge in White Plains, New York, months after he pleaded guilty to three counts of economic espionage and three counts of theft, possession and distribution of trade secrets. 

Prosecutors said Xu stole the source code for computer performance-enhancing software while working for IBM from 2010 and 2014, with the intent to benefit China's National Health and Family Planning Commission.

Acting Assistant Attorney General Dana J. Boente of the Justice Department's national security division said the agency “will not hesitate to pursue and prosecute those who steal from American businesses.” Xu, a Chinese national, “is being held accountable for engaging in economic espionage against an American company,” Boente said in a statement. more

PI Sued for Planting Tracking Device... on a politician's pick-up truck.

An Oklahoma lawmaker who found a tracking device attached to his pickup truck last month is suing a private investigation company and an investigator who works for the company over the device.
Click to enlarge.
 Discovery of the tracking device has shocked Oklahoma politicians, who are wondering who was spying.

Rep. Mark McBride, a Republican from the Oklahoma City suburb of Moore, is suing Eastridge Investigations and Asset Protection and Eastridge investigator H.L. Christensen for unspecified damages of more than $10,000, according to an attorney for Eastridge. more

Tuesday, January 16, 2018

Hawaiian Emergency Management - Passwords on Post-it Notes on Computer Screens

The Hawaii Emergency Management false alarm mess was not caused by pressing the wrong button. It was caused by poor design.

Ever select the wrong thing from a drop-down menu? Sure, it happens all the time.

The Washington Post reports...
The menu, which triggers alerts, contains a jumble of options, ranging from Amber alerts to Tsunami warnings to road closures. Some of them, such as “High Surf Warning North Shores,” are in plain English.

Others, including the one for a missile attack, “PACOM (CDW)-STATE ONLY,” use shorthand initials. (PACOM refers to the United States Pacific Command based in Hawaii.)

And the menu contained no ballistic missile defense false alarm option — which has now been added at the top of the image, marked up by officials for explanatory purposes. more
1. Separate the messages into smaller groups: Routine Tests | Advisories | Life Threatening
2. Drop the jargon. Say what you mean, clearly.
3. Do not use instant-select dropdown menus.
4. Use radio buttons to select the message, plus a CONFIRMATION and CANCEL button to activate the selected alert, or not. Two extra seconds of thought can prevent a lot of mistakes.

If you need help with design, call on the master, John McWade. He can teach you.

And, what's with posting the passwords to an emergency management computer screen?!?!
If the personnel can't memorize a password as lame as this, they shouldn't be allowed anywhere near a keyboard. more

Password: Warningpoint2

Monday, January 15, 2018

Spy Drone Filming - Detection Method Developed

The first technique to detect a drone camera illicitly capturing video is revealed in a new study published by Ben-Gurion University of the Negev (BGU) and Weizmann Institute of Science cyber security researchers.

The study addresses increasing concerns about the proliferation of drone use for personal and business applications and how it is impinging on privacy and safety.

In a new paper, "Game of Drones - Detecting Captured Target from an Encrypted Video Stream," the researchers demonstrate techniques for detecting if a targeted subject or house is being recorded by a drone camera. "The beauty of this research is that someone using only a laptop and an object that flickers can detect if someone is using a drone to spy on them," says Ben Nassi... more video

"Listening In: Cybersecurity in an Insecure Age" (book)

A cybersecurity expert and former Google privacy analyst’s urgent call to protect devices and networks against malicious hackers​.

New technologies have provided both incredible convenience and new threats. The same kinds of digital networks that allow you to hail a ride using your smartphone let power grid operators control a country’s electricity—and these personal, corporate, and government systems are all vulnerable.

In Ukraine, unknown hackers shut off electricity to nearly 230,000 people for six hours. North Korean hackers destroyed networks at Sony Pictures in retaliation for a film that mocked Kim Jong-un. And Russian cyberattackers leaked Democratic National Committee emails in an attempt to sway a U.S. presidential election.

And yet despite such documented risks, government agencies, whose investigations and surveillance are stymied by encryption, push for a weakening of protections. In this accessible and riveting read, Susan Landau makes a compelling case for the need to secure our data, explaining how we must maintain cybersecurity in an insecure age. more

Saturday, January 13, 2018

Ikea Spying Trial Recommended by French Prosecutors

French prosecutors are recommending that Ikea France and 15 people, including police officials, be put on trial on charges of spying on employees and customers.

Three former senior Ikea executives including two ex-chief executive officers (CEOs) are among those charged after an investigation that dates back to 2012. more

40 Second Spy Chase... commercial

Creepy Peeper Spied 1000+ Computer Mics and Cameras... for 13+ years!

The technical description of the “Fruitfly” malware is “spyware.” But given the way it has allegedly been used, a better label would be creepware...

According to a 16-count indictment unsealed on Wednesday in US District Court for the Northern District of Ohio, its creator, Phillip R. Durachinsky, 28, used it to spy on thousands of victims for more than 13 years. Durachinsky spent this time not only collecting personal data but also watching and listening to victims through their webcams and microphones, and using some of what he collected to produce child abuse imagery...

The victims ranged from individuals to companies, schools, a police department and government entities including one owned by a subsidiary of the US Department of Energy.

According to the DoJ:
(It) enabled him to control each computer by accessing stored data, uploading files, taking and downloading screenshots, logging a user’s keystrokes, and turning on the camera and microphone to surreptitiously record images and audio.

(He) used the malware to steal the personal data of victims, including their logon credentials, tax records, medical records, photographs, banking records, internet searches, and potentially embarrassing communications.
It said he saved millions of images, kept detailed notes on what he observed, and designed it to alert him if a user typed words associated with pornography. more

Spycam Found in Mall Family Restroom

MD - Authorities say a man set up a spy camera that recorded both children and adults in the family restroom of a Baltimore-area mall.

The Baltimore Sun reports a patron at White Marsh Mall found the camera Dec. 23, and the incident was made public Thursday, when Baltimore County police released footage of the suspect. The camera was found at a restroom located near the food court. more

Like most spycamers, this guy gets our Darwin Award... for taking a video of himself while installing the camera. 

Do you offer restrooms to employees, visitors and the public. A spycam incident will put you at risk of being sued. Proactive due diligence is your best defense. Click here for the complete solution.

Telephone Eavesdropping Prevention - Then and Now

1920's - Hush-A-Phone...
Click to enlarge. Video. More.
2018 - Hushme...

1960 v 2018...

Thursday, January 11, 2018

TSCM History: Wiretapped Phone Found at Nuclear Regulatory Commission’s Predecessor

According to the FBI file, a few months before it was abolished, a bug was discovered in the Honolulu offices of the Atomic Energy Commission. The device would not only let someone listen in on phone calls, but any conversations held around the phone - even when it wasn’t in use.

According to the file, the bug was discovered by one Lt. Colonel Harry Tear Jr., assigned to Army counterintelligence at Fort Shafter. While performing a regular electronics sweep in June of 1974, Tear discovered a modification to the phone of Williams Hills, who was the Director for the Atomic Energy Commission’s Pacific Area Support Office, reporting to the Nevada Operations Office.

When it was discovered, the phone wasn’t being used to monitor the room. The file notes, however, that it easily could be. When connected, the phone wouldn’t just transmit the conversation being held, but every conversation in the room that happened to be in range of the phone’s receiver. They were unable to determine when it had been installed or how often it had been used, but noted that the wiring appeared to have been done professionally. They were also able to confirm that the device could pick up conversation in the room in practice, not just in theory...
And now for some good advice if you find an electronic surveillance device...
...Simply knowing what information has gotten out does little good without an idea of who will have it, and it’s next to impossible to judge how information will be used without knowing who has it. This is one of the primary reasons for law enforcement to leave a bug in place. While counterintelligence officers would also be interested in the same information, a clever officer or group of officers would use the bug as a way of feeding the listener specific information and misinformation in order to manipulate them in various ways. more

Wednesday, January 10, 2018

Krebs Arraigned for Wiretapping (Joshua, not our esteemed Brian.)

What a teacher's lounge should look like.
Pleasant Valley School District Director of Support Services Joshua Krebs was arraigned on wiretapping charges...

Court papers allege Krebs electronically eavesdropped on conversations in the elementary school faculty break room in April 2016...

On April 5, 2016, it is alleged that Krebs, with the assistance of Pleasant Valley School District Technology Supervisor Alex Sterenchock planted a video and audio recording device in the teacher’s lounge, in order, Krebs later said, to catch a custodial staff member in dereliction of their duties.

The device, was discovered a day later, positioned to capture audio and video in the seating area of the lounge. more