Archive for the ‘Eavesdropping’ Category

FBI confirms probe of possible collusion between Trump campaign, Russia

March 20th, 2017

Enlarge (credit: C-Span)

James Comey, the director of the Federal Bureau of Investigation, said Monday that there was "no information" that President Donald Trump was wiretapped by President Barack Obama during the 2016 presidential election. The director, testifying before a House Permanent Select Committee on Intelligence, also said that the agency was probing whether there was collusion between the Trump campaign and the Russian government. The US intelligence community has suggested Russia that hacked the Democratic National Committee during the election to embarrass Trump's presidential rival, Hillary Clinton.

"I have been authorized by the Department of Justice to confirm that the FBI, as part of our counter-intelligence mission, is investigating the Russian government's efforts to interfere in the 2016 presidential election, and that includes investigating the nature of any links between individuals associated with the Trump campaign and the Russian government, and whether there was any coordination between the campaign and Russia’s efforts. As with any counter-intelligence investigation, this will also include an assessment of whether any crimes were committed," Comey said.

Moments later, in response to a question about Trump's claims on Twitter earlier this month that he was wiretapped by Obama during the election, Comey responded: "The department has no information that supports those tweets."

Read 4 remaining paragraphs | Comments

Posted in Barack Obama, Donald Trump, Eavesdropping, FBI, House of Representatives, james comey, Law & Disorder | Comments (0)

Reported “backdoor” in WhatsApp is in fact a feature, defenders say

January 14th, 2017

Enlarge

The Guardian roiled security professionals everywhere on Friday when it published an article claiming a backdoor in Facebook's WhatsApp messaging service allows attackers to intercept and read encrypted messages. It's not a backdoor—at least as that term is defined by most security experts. Most would probably agree it's not even a vulnerability. Rather, it's a limitation in what cryptography can do in an app that caters to more than 1 billion users.

At issue is the way WhatsApp behaves when an end user's encryption key changes. By default, the app will use the new key to encrypt messages without ever informing the sender of the change. By enabling a security setting, users can configure WhatsApp to notify the sender that a recently transmitted message used a new key.

Critics of Friday's Guardian post, and most encryption practitioners, argue such behavior is common in encryption apps and often a necessary requirement. Among other things, it lets existing WhatsApp users who buy a new phone continue an ongoing conversation thread.

Read 11 remaining paragraphs | Comments

Posted in Eavesdropping, encryption, Law & Disorder, Risk Assessment, Technology Lab, WhatsApp | Comments (0)

Threatpost News Wrap, December 16, 2016

December 16th, 2016
Mike Mimoso and Chris Brook discuss the news of the week including Yahoo's latest breach announcement, a DDoS-for-hire crackdown, hackers seeking help with Mirai, and some new Adobe patches.

Posted in adobe, Darkweb, DDoS, DDoS-for-hire, Eavesdropping, hackers, IoT, law enforcement, malware, mirai, patch tuesday, Podcasts, privacy, vulnerabilities, Web Security, Yahoo, Yahoo breach, Zero-Day | Comments (0)

How your speakers could be turned into eavesdropping microphones

November 24th, 2016
A proof of concept attack uses malware to turn headphones into microphones that can eavesdrop from across a room.

Posted in audio, Eavesdropping, jack retasking, privacy, Security threats | Comments (0)

Snoops can tell what you type while you Skype, researchers find

October 20th, 2016
Researchers developed an acoustic eavesdropping attack scenario using VoIP, hitting an accuracy rate of up to 91.7%.

Posted in Eavesdropping, privacy, research, skype, VoIP | Comments (0)

Mayor arrested, accused of secretly recording strip poker game with teens

August 5th, 2016

This is the booking photo of Stockton Mayor Anthony Silva. (credit: Amador County Sheriff)

The mayor of Stockton, California was arrested Thursday and charged with felony eavesdropping, among other misdemeanor charges, related to a strip poker game that he allegedly played with teenage counselors at a camp for economically disadvantaged kids last year, according to prosecutors in neighboring Amador County.

Mayor Anthony Ray Silva was taken into custody Thursday morning at the annual mayor’s Youth Camp in Silver Lake, just outside of Stockton, an inland port city approximately 80 miles east of San Francisco.

N. Allen Sawyer, Silva's attorney, told Ars that his client remains mayor, has posted bail, and has returned Thursday afternoon to the camp to help final clean up. The City of Stockton said in a statement that law enforcement are on site at the camp, presumably to keep the peace.

Read 14 remaining paragraphs | Comments

Posted in anthony silva, Eavesdropping, Law & Disorder, mayor, Recording, stockton, strip poker | Comments (0)

How hackers eavesdropped on a US Congressman using only his phone number

April 18th, 2016

Enlarge (credit: 60 Minutes)

A US congressman has learned first-hand just how vulnerable cellphones are to eavesdropping and geographic tracking after hackers were able to record his calls and monitor his movements using nothing more than the public ten-digit phone number associated with the handset he used.

The stalking of US Representative Ted Lieu's smartphone was carried out with his permission for a piece broadcast Sunday night by 60 Minutes. Karsten Nohl of Germany-based Security Research Labs was able to record any call made to or from the phone and to track its precise location in real-time as the California congressman traveled to various points in the southern part of the state. At one point, 60 minutes played for Lieu a crystal-clear recording Nohl made of one call that discussed data collection practices by the US National Security Agency. While SR Labs had permission to carry out the surveillance, there's nothing stopping malicious hackers from doing the same thing.

The representative said he had two reactions: "First it's really creepy," he said. "And second it makes me angry. They could hear any call. Pretty much anyone has a cell phone. It could be stock trades you want someone to execute. It could be a call with a bank."

Read 7 remaining paragraphs | Comments

Posted in carriers, Eavesdropping, Law & Disorder, mobile networks, Risk Assessment, smartphones, ss7, Surveillance, Technology Lab | Comments (0)

Forget iPhone backdoors, here’s a *side* door that can steal your keys

March 4th, 2016
Researchers planted a magnetic coil under the table and sniffed out cryptographic keys using electromagnetic emissions.

Posted in android, cryptography, Eavesdropping, ios, iphone, side-channel | Comments (0)

Moment of truth: Feds must say if they used backdoored Juniper firewalls

January 26th, 2016

(credit: Jeremy Brooks )

Congressional oversight leaders are requiring most federal agencies to audit their networks to see if they use Juniper-manufactured firewalls that for four years contained an unauthorized backdoor for eavesdropping on encrypted communications.

Members of the House of Representatives Committee on Oversight and Government Reform gave the agencies until February 4 to produce documents showing whether they use Juniper's NetScreen line of firewall appliances. The committee is also requiring agency heads who used the vulnerable devices to show how they learned of the eavesdropping threat and whether they fixed it prior to the release of last month's patch. That update removed the unauthorized code from ScreenOS, the operating system that manages NetScreen firewalls.

The Committee on Oversight and Government Reform is the chief oversight body for the US House of Representatives, with broad authority to investigate most matters pertaining to federal agencies. Committee members informed agency heads of the eavesdropping-related investigation involving Juniper hardware in letters dated late last week.

Read 4 remaining paragraphs | Comments

Posted in backdoor, congress, Eavesdropping, Juniper, Law & Disorder, NetScreen, Risk Assessment, ScreenOS, Technology Lab | Comments (0)