You are currently browsing the category archive for the 'Spying' category.
A presentation and paper on Reverse engineering JTAG at the 26th Chaos Communication Congress is now available to download here:
http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/3670.en.html
Other Hacking and reverse engineering papers and talks from the conference can be found here:
http://events.ccc.de/congress/2009/Fahrplan/index.en.html
The hacking track is here:
http://events.ccc.de/congress/2009/Fahrplan/track/Hacking/index.en.html
Hackers claim to have stolen all T-Mobile US’s corporate data, customer accounts and network infrastructure. More information from the Register can be found below:
Three individuals who allegedly hacked into telephone systems in the United States and abroad and sold information about the compromised telephone systems to Pakistani nationals residing in Italy. Italian law enforcement arrested the financiers of the hacking activity. Those financiers allegedly used the information to transmit over 12 million minutes of telephone calls valued at more than $55 million over the hacked networks of victim corporations in the United States alone. Read more below:
http://www.net-security.org/secworld.php?id=7645
The research team, which included Edith Cowan University of Australia and BT, revealed some early results yesterday in news reports by the BBC and British television affiliates.
To read more about the research go here:
http://news.bbc.co.uk/2/hi/uk_news/wales/8036324.stm
and here:
http://www.darkreading.com/security/storage/showArticle.jhtml?articleID=217400054&cid=nl_DR_DAILY_H
The video talks about a couple of people who’s lives are ruled by harrasing calls and threats. They claim that their phones are tapped with special software.
Rick Mislan talks about the software and how easy it is to be placed on mobile phones.
Software such as:
- http://www.mobile-spy.com/
- http://www.world-tracker.com/
- http://www.flexispy.com/
- http://www.e-stealth.com/
- http://www.fonefunshop.co.uk/spyphone/
- http://www.thespyphone.com/allinone.html
Link to Video on YouTube:
http://www.youtube.com/watch?v=uCyKcoDaofg
It looks and functions like a Blackberry 8830 but it sure is NOT a regular Blackberry. It is locked down by NSA. I am not really sure if it is a good idea at all. NSA is installing the SecurVoice software on it for both voice and messaging as one of the ways to secure the phone. I am sure that there is a whole infrastructure that is required to run his handset services. Even considering all that, I Still believe that a mobile-phone-carrying president opens so many doors for hackers.
Can NSA and Obama get away with using a (persumably) secure mobile phone service and handset? That is the question of the day!
Read more here:
http://blog.wired.com/gadgets/2009/04/obama-to-get-ba.html
It is persumed that the phones can be modified and used in receiving SMS verification codes sent from banks:
criminals have already collected thousands of login details for online bank accounts in countries such as Germany and Holland where banks send a transaction authentication number (TAN) code by SMS to a person’s mobile phone in order to complete transactions.
Read the original post byUltraScan here:
http://www.ultrascan.nl/html/press_room.html#25.000%20Euro%20for%20your%208%20years%20old%20Nokia%201100
Read more about it here:
http://www.arabianbusiness.com/553344-hackers-pay-top-dollar-for-old-nokia-1100-handsets
and here:
http://www.dialaphone.co.uk/blog/?p=2922
A man accused of raping a university student was cleared because of the mobile phone footage showing the woman ‘actively’ having sex with him. The jurors voted to acquit the man, who’d been charged with four counts of rape, including two of rape by oral penetration.
Read more here:
http://www.dailymail.co.uk/news/article-1166466/Man-cleared-rape-court-shown-phone-footage-woman-actively-taking-sex.html
Chris Ogle (29) from Whangerei, New Zealand has stumbled across the sensitive military details of U.S. military personnel after purchasing a secondhand MP3 player in Oklahoma, USA. He discovered around 60 sensitive military files dating from 2005 on the used music player. The files were clearly marked as ’secret’ and contained the phone numbers of numerous soldiers serving in Afghanistan and Iraq.
For more on the story visit:
Watch in on Fora.tv to see the whole transcript as in the Pouge video in the previous post.
Cellphone Gun:
Pen Gun:
GadgetTrack software was used to track and arrest a thief in Anchorage, Alaska. For more details visit the site below:
http://www.usbhacks.com/2008/11/24/mobile-phone-thief-captured-with-tracking-software/
On the G1, T-Mobile customers will be the first to check out about 50 available applications. T-Mobile says that all apps are free until 2009. Here is a look at the top 15 out of those.
The one that scares me is the sex offender warning application. It tells you where your G1-carrying daughter or grandma are and how far and in which direction is the nearest registered sex offender to them!
See what I mean by watching the demo here:
http://www.freefamilywatch.com/demo.html
Follow the link for the story and pictures:
http://www.pcworld.com/article/152384/in_pictures_15_killer_android_apps_for_the_g1.html
The beggest selling points for the Android and the G1 in my openion are the simultanious execution of applications and street level on google maps. Who needs any of these?!
You can run applications in the background on iPhone by using the Cydia app Backgrounder and you can use google earth for now to get street level pictures and wait for 2.2 iPhone software for full street view capabilities 
I am sticking to my iPhone for now Gotta love the big screen and the safari browser responsiveness and page browsing speed.
The LayerOne 2008 talk by David Hulton titled: Intercepting Mobile Phone/GSM
Visit the GSM Hakcing WIKI at:
http://wiki.thc.org/gsm
The USRP is available at: http://www.ettus.com
Learn more about the GNU RADIO project at: http://www.gnu.org/software/gnuradio
David is the Chairman of Toorcon
An interesting news article about the work of BT (formerly British Telecom), Glamorgan University, Australia’s Edith Cowan University and Sim Lifecycle Services where researchers recovered data from handsets from mobile phone recycling companies:
Mobile phones can never be totally wiped clean of data
To get more information on the research at Edith Cowan University and its upcoming conferences please visit SECAU Security Research Centre’s website:
Here are some published refereed journal and conference papers to give you an idea of what to expect for the Edith Cowan University conferences in December:
- Valli, C. and A. Jones (2008). A study of 2nd Hand Blackberry for sale - World class security foiled by humans. Proceedings of the 2008 World Congress in Computer Science, Computer Engineering, and Applied Computing - SAM 2008 - The 2008 International Conference on Security & Management., Las Vegas, USA.
- Al-Zarouni, M. (2007, 3rd December, 2007). Introduction to Mobile Phone Flasher Devices and Considerations for their Use in Mobile Phone Forensics. Paper presented at the The 5th Australian Digital Forensics Conference, Edith Cowan University, Mount Lawley Campus, Western Australia.
- Yap, L. F., & Jones, A. (2007, 3rd December, 2007). Profiling Through a Digital Mobile Device. Paper presented at the The 5th Australian Digital Forensics Conference, Edith Cowan University, Mount Lawley Campus, Western Australia.
- Yap, L. F., & Jones, A. (2007). Deleted Mobile Device’s Evidence Recovery:. Paper presented at the Media and Information-War Conference 2007, Kaula Lumpur, Malaysia.
You can register to attend Edith Cowan University’s conferences here:
http://conferences.scis.ecu.edu.au/
Hope to see you there
According to the article below, iPhone 2.2 beta which was provided to developers contained an Android-like Street View capability within the Google Maps App.
I Don’t know about you, but to me, it seemed like the street view feature was one of the most attractive features that Google used in selling the Android platform to consumers. I personally see a great potential in Android for app development but I still think that the iPhone will keep on keeping on especially after the dropped the NDA requirement for app developers 
The CSI Stick is a portable USB stick kind of device that can be connected to a mobile phone to conduct a copy of some sort of memory from the mobile phone device without the need for a computer to be connected to the mobile phone. The type of data collected form the mobile phone can be chosen through a slider switch. The device currently supports certain Motorola and Samsung phone models with more manufacturer support coming soon. The data collected by the device can then be interpreted via the use of Paraben’s Device Seizure or DS Lite. The cost is $199 USD.
For more information, please visit:
http://www.physorg.com/news139460365.html
and
http://computing.in.msn.com/safe/article.aspx?cp-documentid=1658902
or the device’s official website:
http://csistick.com/
I know many people will look at this and go “We’ve seen this before…Â Cellular phone spying is not new” but I have to say that the technology is now more readily available than before. To understand what I am talking about, please read the following from zone labs:
- http://blog.zonelabs.com/blog/2007/04/they_can_hear_y.html
- http://blog.zonelabs.com/blog/2007/03/warning_this_ce_1.html
Also, visit this site:
Beware of cellphones left in your office, on your table at a coffee shop and in meetings. The FBI has been doing cell phone spying apparently:
http://www.youtube.com/watch?v=O61YfvPZGJs
