Protecting your privacy on the phone

Tapping phone lines and recording conversations is a classic spy technique, but it can be easy to protect yourself from these actions with a few simple gadgets and security practices. Make sure you are being proactive about your privacy and protecting your phone calls from unwarranted or illegal recording.

There are a few ways to protect your privacy on the phone. Whether the person on the other end is recording the call or you think your own line has been tampered with, make sure you’re taking the right steps toward eliminating these threats and having private conversations in peace.

Bug sweep – Bugging a room or phone is a key way to record or spy on conversations. Getting a Multi-Functional All Purpose All-in-One Sweep Unit can help you find and disable audio recording devices in your phone, as well as hidden cameras and other spying devices.

Tap detection – For increased protection from phone tapping, you can install a Super Tap Buster on your phone line. This tool will constantly monitor line voltage and detect changes that indicate a phone tap. This will further protect you from taps installed outside your home, and can remotely disable bugs, while alerting you to secondary listening devices on a line – such as when a second line is picked up and muted during a call to listen in.

Voice changer – If you’re trying to keep your identify a secret during a phone call, a Telephone Voice Transformer is the best way to go. This device will alter the pitch and tone of your voice to mask it and keep your identify a secret – an excellent way to prevent a phone tap from gathering too much information.

View Source

FBI boss ‘concerned’ by smartphone encryption plans

Plans by Apple and Google to do more to protect customers’ privacy have made the FBI “very concerned”.

Speaking to reporters, FBI boss James Comey said the plans to enable encryption by default could thwart law enforcement investigations.

Lives could depend on police forces continuing to get access to the data on devices used by criminals and terrorists, he said.

The FBI was talking to both Apple and Google about its fears, said Mr Comey.

Protect privacy
The conversations with tech firms needed to be had before the day when police forces lost access to those devices, he said.

“I’d hate to have people look at me and say, ‘Well how come you can’t save this kid?’ ‘How come you can’t do this thing?’” said Mr Comey in a briefing.

His comments came in reaction to a decision by Apple to enable a file encryption system on its iOS 8 software for which it has no keys. This means it would not be able to comply with any official request to help police get at the data on those devices.

Google has said it too is planning to enable a similar encryption system by default on the next version of Android.

Mr Comey said he was “very concerned” about these plans because of what they would allow people to do.

“What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law,” he said.

“I am a huge believer in the rule of law, but I am also a believer that no-one in this country is beyond the law,” he added.

Apple and Google have yet to respond to Mr Comey’s comments.

Ten days prior to Mr Comey’s press statement, iOS data forensics expert Jonathan Zdziarski pointed out that Apple’s encryption system would not stop police getting at data on portable devices.

Specifically weakening security systems just to aid the police was a bad decision, he said.

“For the sake of privacy and overall security, the only logical solution is to make products as secure as possible, and let good detective work do the crime solving, rather than an easy button,” he wrote in a blogpost.

View Source

Google Just Bought a Company That Snoops on Your Chats

Google just bought another online communications channel it can fill with ads.

The tech giant confirms it has acquired Emu, a startup that offers a kind of instant messaging tool. The price was not disclosed, but Google’s interest in the company isn’t hard to divine: Emu has built a system that can monitor chats, infer what people are talking about, and insert relevant links—including ads.

Emu, which has been subsisting for two-and-a-half years on venture funding, doesn’t insert such ads today. Instead, it uses its monitoring tools to identify certain other information that might be helpful to you. For example, if you’re chatting on the Emu service and the other person types something about getting lunch, Emu might suggest nearby restaurants or show the mid-day schedule from your calendar. But it’s a very short leap from such information to commercial promotion. A nearby cafe might pay for ad to appear every time the word “coffee” comes up in your chat.

The Emu buy is part of a much larger trend to monitor and thus profit from new chunks of people’s lives. Foursquare just rolled out a new version that, by default, tracks your movements continuously, negating the need for a “check in” button. Google, meanwhile, isn’t just interested in chats; the company has said that it may eventually show ads on internet-connected home devices, such as thermostats.

A NEARBY CAFE MIGHT PAY FOR AD TO APPEAR EVERY TIME THE WORD “COFFEE” COMES UP IN YOUR CHAT.

Emu fills a growing hole in Google’s ad offerings. Google mines search terms and emails for advertising purposes, but not yet chats. As people shift their computing to smartphones and other mobile devices, chatting—short, immediate, and part of phone culture for decades—has become more popular.

Read More

Phone texts don’t die: they hide

The computer forensics expert who recovered the text messages that brought down parliamentary Speaker Peter Slipper has warned that any messages or files you think you have deleted from your smartphone are still there if someone really wants to find them.

The national head of the IT forensics practice at corporate advisory firm PPB Advisory, Rod McKemmish, was brought in by the legal team of Mr Slipper’s former staffer James Ashby, as some of the messages he had received from the former speaker had been deleted.

He was able to use an automated forensic process to bring the messages back from the dead.

“The delete button on the phone should really be called the ‘hide’ button, because the data is still there, you just can’t see it,” Mr McKemmish said. “In the forensic process we can bring it all back.”

While most politicians and business people are unlikely to be communicating about the sort of topics that brought down Mr Slipper, many might rethink the privacy of their communications.

With soaring levels of smartphone penetration in Australia, it is fair to assume that a significant amount of sensitive discussions take place via SMS.

Mr McKemmish said his skills were increasingly being called upon to investigate corporate cases, where firms were concerned about confidential information residing on the phones of staff leaving. Most phones have a “factory reset feature”, which is supposed to revert the phone to the state when it was first used, but it’s insufficient.

IBRS technology analyst James Turner said businesses needed to be more alert to the permanent nature of digital communication, as more important conversations were handled by SMS and email.

“This can be share price-impacting information, because deals can be made via an SMS that are worth a lot of money,” he said. “The audit trail is all important when it comes to being able to report that due process has been followed, so i f people are using electronic communications, then they must expect that there is a record.”

Not all communication via SMS or email is related to big deals of course. Much could be slotted into the files marked “harmless banter” or “office gossiping”. Common stuff, but not necessarily words that people want to be accessible once the messages have been deleted.

Unfortunately for regular texters,cA computer forensics expert and adjunct professor at Queensland University of Technology, Bradley Schatz, says smartphones were designed to hold on to data as a guard against accidental loss.

He says there are a number of factors that will govern how long a message exists on a phone after it has supposedly been deleted, but a basic guide is that it will remain somewhere on the phone until all available space for new data has been exhausted.

“The memory inside many of these small-scale digital devices is called flash memory, which is the same kind of memory that you would find in a USB key,” Schatz said.

Read More

Comcast is turning your home router into a public Wi-Fi hotspot

If you’re a Comcast cable customer, your home’s private Wi-Fi router is being turned into a public hotspot.

It’s been one year since Comcast (CMCSA) started its monster project to blanket residential and commercial areas with continuous Wi-Fi coverage. Imagine waves of wireless Internet emitting from every home, business and public waiting area.

Comcast has been swapping out customers’ old routers with new ones capable of doubling as public hotspots. So far, the company has turned 3 million home devices into public ones. By year’s end it plans to activate that feature on the other 5 million already installed.

Anyone with an Xfinity account can register their devices (laptop, tablet, phone) and the public network will always keep them registered — at a friend’s home, coffee shop or bus stop. No more asking for your cousin’s Wi-Fi network password.

But what about privacy? It seems like Comcast did this the right way.t’s potentially creepy and annoying. But the upside is Internet everywhere.

Outsiders never get access to your private, password-protected home network. Each box has two separate antennae, Comcast explained. That means criminals can’t jump from the public channel into your network and spy on you.

And don’t expect every passing stranger to get access. The Wi-Fi signal is no stronger than it is now, so anyone camped in your front yard will have a difficult time tapping into the public network. This system was meant for guests at home, not on the street.

As for strangers tapping your router for illegal activity: Comcast said you’ll be guilt-free if the FBI comes knocking. Anyone hooking up to the “Xfinity Wi-Fi” public network must sign in with their own traceable, Comcast customer credentials.

Still, no system is foolproof, and this could be unnecessary exposure to potential harm. Craig Young, a computer security researcher at Tripwire, has tested the top 50 routers on the market right now. He found that two-thirds of them have serious weaknesses. If a hacker finds one in this Comcast box, all bets are off.

“If you’re opening up another access point, it increases the likelihood that someone can tamper with your router,” he said.

Read More

Google Glass wearers can steal your password

But this time he’s wearing Google Glass — and he’s after your iPad PIN.

Cyber forensics experts at the University of Massachusetts in Lowell have developed a way to steal passwords entered on a smartphone or tablet using video from Google’s face-mounted gadget and other video-capturing devices. The thief can be nearly ten feet away and doesn’t even need to be able to read the screen — meaning glare is not an antidote.

The security researchers created software that maps the shadows from fingertips typing on a tablet or smartphone. Their algorithm then converts those touch points into the actual keys they were touching, enabling the researchers to crack the passcode.

They tested the algorithm on passwords entered on an Apple (AAPL, Tech30) iPad, Google’s (GOOGL, Tech30) Nexus 7 tablet, and an iPhone 5.

Why should you be worried?

“We could get your bank account password,” researcher Xinwen Fu said.

The software can be applied to video taken on a variety of devices: Fu and his team experimented with Google Glass, cell phone video, a webcam and a camcorder. The software worked on camcorder video taken at a distance of over 140 feet.

Of course, pointing a camcorder in a stranger’s face might yield some suspicion. The rise of wearable technology is what makes this approach actually viable. For example, a smartwatch could stealthily record a target typing on his phone at a coffee shop without drawing much attention.

Fu says Google Glass is a game-changer for this kind of vulnerability.

“The major thing here is the angle. To make this attack successful the attacker must be able to adjust the angle to take a better video … they see your finger, the password is stolen,” Fu said.

Google says that it designed Glass with privacy in mind, and it gives clear signals when it is being used to capture video.

“Unfortunately, stealing passwords by watching people as they type them into ATMs and laptops is nothing new,” said Google spokesman Chris Dale. “The fact that Glass is worn above the eyes and the screen lights up whenever it’s activated clearly signals it’s in use and makes it a fairly lousy surveillance device.”

Read More

New Technology Could Let Thieves Copy Keys

Using a simple camera or camera phone, it is now possible to snap a photo of almost any key ring and use the image to make a physical copy of a key.

The I-Team did just that, using a web site called keysduplicated.com.

With a smartphone camera, the I-Team took a photo of a key ring lying unarranged on a desk. After the image was run though photo-editing software, and one house key was isolated, the image was uploaded to the web site. Within a week, the company sent the I-Team a copy of the key,which opened the front door of a home.

In crowded Bryant Park one recent day, Devon White’s key ring was one of several the I-Team found sitting in plain sight, vulnerable to a camera phone snapshot.

“It’s always cool when new technology moves in a new direction, but it is a bit worrying,” said White, of Queens, after learning about this new vulnerability. “You wonder … anybody could just take a picture of anybody else’s key.”

Police in Nassau County said they first became aware of the new key-cutting technology in recent months. They said they have not linked any crimes to it yet, but they are urging people to use caution in how they handle their keys.

“All it takes to cut a key is you just have to have the outline of the key,” said Detective Sgt. Richard Harasym, who heads Nassau’s Crimes Against Property Unit. “It’s unlocking the keys to your castle, so to speak, and if you leave them out there, then you run the risk that something bad could happen.”

The I-Team contacted Ali Rahimi, the founder of the web site. Rahimi admitted News 4′s demonstration reveals a security risk, and said he will look for ways to close it. Still, but he said he’s unaware of any customer who’s ever used one of his keys illegally.

“It’s worth incorporating the lessons we’ve learned from your experiment. It’ll take some thought,” said Rahimi.

Rahimi said one possibility might be to use software that detects when photos have been doctored. The web site does require a credit card for payment. Until better security checks can be implemented, he said his employees will screen for any suspicious-looking pictures, and ask for additional photos of the key in the customer’s hands.

“That’ll ensure they have physical access to the key,” he said.

View Source

Google fielding ‘take-down requests’ after privacy ruling

Google is already receiving demands from people to remove links from its search results just days after Europe’s highest court said people worried about their privacy have the “right to be forgotten” on the Internet.

The European Court of Justice on Tuesday found Google and other search engines control information and are responsible for removing unwanted links if requested. In the ruling, the court decided that Google results linking to a newspaper’s notice about a Spanish man’s social security debts in 1998 were no longer relevant and must be deleted.

Google can, however, decline requests the company believes are in the public interest to remain in its search results.

Google declined to say how many people have requested information to be taken down as a result of the ruling. But some of the people who have requested that Google remove unsavory Web pages about them demonstrate the murky situation Google finds itself in: A politician, a poorly reviewed doctor and a pedophile are among the first to have issued take-down requests.

A person with knowledge of the requests said a man convicted of possession of child pornography has requested that Google (GOOG, Fortune 500) remove links to Web pages about his conviction. A former politician has also requested that the search engine remove links to a news article about his behavior while he was holding office. And a physician has requested that links to a review site be removed.

Google has not yet taken the links down. The company said it first needs to develop a procedure to handle a potential flood of requests for removal.

“The ruling has significant implications for how we handle take-down requests,” a Google spokesman said. “This is logistically complicated — not least because of the many languages involved and the need for careful review. As soon as we have thought through exactly how this will work, which may take several weeks, we will let our users know.”

Google is used to handling take-down requests. The search engine said it received more than 25 million requests from companies claiming Google results linked to material that infringes on copyrights. Google also receives thousands of requests from governments to take down links to websites that violate laws. Google complies with fewer than half of the government take-down requests but does not specify its compliance rate for copyright-related requests.

But copyright and many other laws are considerably clearer-cut that the test of “relevance to public interest,” which Google will now need to abide by in the European Union.

Read More

Once Searched, Forever Seized?

How private is the data on your cell phone? That was the big question before the Supreme Court last week in a pair of cases, Riley v. California and United States v. Wurie, with the potential for huge consequences for the future of information privacy.

The cases involve a longstanding exception to the Fourth Amendment that permits the police to search items on or near someone they have arrested, no warrant required. The rule was intended to keep officers safe and prevent the destruction of evidence. In recent years, however, the rule has given police free rein to seize and search the devices that store our calls, text messages, e-mails, and troves of other personal data such as our financial history, medical information, and daily movements.

Many of the Justices expressed concern over the disproportionate invasion of privacy, suggesting that a warrant should be required for a cell phone search. But there was another question that caught the Court’s attention: What happens to all that data once the police have it?

It is common practice to copy the contents of device before searching it. But if the police don’t need a warrant to do that, then there is also no judicial check on what happens to that information, how it’s used, or who gets to see it. A warrant requirement would serve two purposes. It would be a bulwark against highly invasive fishing expeditions resembling the “general warrants” so abhorred by the nation’s Founding Fathers. And it would provide a way to limit the sensitive information that the government is allowed to keep and share about you.

The retention of cell phone data raises extraordinary privacy concerns above and beyond whatever visual inspection a police officer might need to conduct on the spot. In the Riley case, for example, a San Diego detective admitted to downloading “a lot of stuff” from the cell phone at a regional computer forensics lab run by the FBI. The lab gave local police access to sophisticated forensics technology capable of making mirror copies of data stored on electronic devices.

An amicus brief filed by the Brennan Center for Justice points out that this kind of sophisticated data extraction is not unusual. It is a law enforcement tactic that has become increasingly popular around the country. Since 1999, the FBI has partnered with local law enforcement agencies to establish a network of forensic computer labs in 19 states. When it comes to cell phone data, these laboratories provide local police access to “Cell Phone Investigative Kiosks,” which allow officers to “extract data from a cell phone, put it into a report, and burn the report to a CD or DVD in as little as 30 minutes.” In other words, the police can pull data off your cell phone about your ‘whole life’ in the time it takes you to upload pictures of your vacation to Facebook.

Read More

Officers fear body cameras raise privacy concerns

LOS ANGELES — Officers at thousands of law enforcement agencies are wearing tiny cameras to record their interactions with the public, but in many cases the devices are being rolled out faster than departments are able to create policies to govern their use.

And some rank-and-file officers are worried the technology might ultimately be used to derail their careers if, for example, an errant comment about a superior is captured on tape.

Most law enforcement leaders and civil liberties advocates believe the cameras will ultimately help officers because the devices give them a way to record events from their point of view at a time when citizens armed with cellphones are actively scrutinizing their every move.

They say, however, that the lack of clear guidelines on the cameras’ use could potentially undermine departments’ goals of creating greater accountability of officers and jeopardize the privacy of both the public and law enforcement officers.

“This is a brave new world that we’re entering here, where citizens and police both are going to be filming each other,” said Chuck Wexler, the executive director of the Police Executive Research Forum, a nonprofit police research and policy organization.

The U.S. Justice Department has asked Wexler’s group to help develop guidelines for the cameras’ use, from when the devices should be turned on to how departments can protect the privacy of those who are inadvertently captured on the footage.

Equipping police with cameras isn’t a new concept. For decades police have used cameras mounted to the dashboards of their patrol cars — initially referred to with suspicion by officers as “indict-o-cams” until they discovered the footage exonerated them in most cases.

As camera technology and data storage has become more affordable and reliable, the use of portable cameras has increased over the last five years. Now officers in one of every six departments are patrolling with them on their chests, lapels or sunglasses, according to Scott Greenwood, general counsel for the national American Civil Liberties Union and an expert on the cameras.

With the push of a finger, officers can show the dangers and difficulties of their work. Unlike dashboard cameras, body cameras follow the officer everywhere — when their cruiser stays parked at the curb, when they go into homes on search warrants or when they are running after a suspect.

The cameras, if they aren’t turned off, can go with officers into a bathroom or locker room, or capture private conversations between partners. Footage can become evidence in a criminal case, or be used to discipline officers or exonerate them of false accusations.

Without strong policies, experts say, departments could lose the public’s trust. The public needs to know cameras aren’t only being turned on when it’ll help officers. But there are certain moments such as during the interview of a sexual assault victim or talk with a confidential informant when filming may be sensitive or even compromise a case, said Bay Area attorney Mike Rains, whose firm often represents officers and has worked on body camera policies with departments.

The Los Angeles Police Department is now field testing cameras with an eye toward ultimately deploying them to all patrol officers — a move that would make its program the nation’s largest. For the six months of the test, underway now, there will be no official policy. Department officials say a policy will be created with input from the community and union, when they know more about how the cameras work in the field.

Union chief Tyler Izen, who represents more than 9,900 sworn officers, said that while there’ve been no complaints so far, the strategy is risky and could be problematic for his officers as well as the public, which has become an involuntary guinea pig in the trial. “They’re basically taking their chances,” Izen said.

There’s still very little research into the impacts of these cameras on policing and their ripple effects on the criminal justice system, said Justin Ready, assistant professor at Arizona State’s department of criminology and criminal justice. But more studies are underway, including two that Ready is involved in.

The police department in Rialto, Calif., concluded a yearlong University of Cambridge study last year that found an 89 percent drop in complaints against officers during the camera trial. The chief has since mandated its deployment to its roughly 90 sworn officers.

Rialto police Sgt. Richard Royce said he was exonerated by the footage during the study.

“I’d rather have my version of that incident captured on high-definition video in its entirety from my point of view, then to look at somebody’s grainy cellphone camera footage captured a 100 feet away that gets cropped, edited, changed or manipulated,” Royce said.

Greenwood of the ACLU said he’s provided input in drawing up the Justice Department guidelines. He said the proposed policy is pretty good, but gives officers more discretion than is wise.

“It’s a far better policy decision to mandate the encounter be recorded and deal with the unwanted video,” Greenwood said. Because if a situation goes bad quickly and there’s no footage, the officer is in trouble, Greenwood said.

Captured video could protect the department — and ultimately the taxpayer— from a false claim and expensive litigation or result in disciplining a problem officer.

One case, also in Oakland, is being used to educate officers in California about the technology. An officer chasing a suspect said he saw the suspect with a gun in his hand before fatally shooting him three times in ¾ of a second. A gun was later found in the grass.

It cost the city $10,000 to have roughly 15 seconds of video analyzed by an expert, and because of the angle of where the camera was placed — on the officer’s chest — no gun was seen in the suspect’s hand on film, said Rains, an attorney whose firm represented the officer.

Sgt. Barry Donelan, the police union chief in Oakland, said the department initially moved to terminate the officer for an excessive response, but he was ultimately exonerated because the video analysis backed up the officer’s account.

Donelan said the danger with such footage is it taps into a human tendency to over rely on video at the expense of other accounts of an event, and can be especially problematic in high-adrenaline situations.

When that happens, “it’s just about the camera,” Donelan said. “It’s the ultimate Monday morning quarterbacking tool.”

View Source