HOWTO Commit Corporate Espionage 97
bart_scriv writes "Worried about who might be spying at your company? Businessweek looks at the latest in espionage gadgets and technology in response to the recent HP boardroom scandal. The article looks at devices designed for counter-espionage, which range from mundane confidential email services to sophisticated camera and listening-device detectors. '...for every method of spying, there's a counteroffensive. One of them is the eavesdropping protection kit, manufactured by Dynasound in Norcross, Ga. To secure a room in an office building, devices are placed on ceiling plenums, floors, HVAC ducts, doors, walls or windows — basically anywhere voices can travel.'"
Yeah, that'll work (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2)
I recall from a PGP app, the ability to show the e-mailed text in a muddy yellow box with slightly darker writing, this any compression from a screen capture makes it very hard, if not impossible to read.
All of this still doesn't address your concern though - it just
Re: (Score:2)
Re: (Score:3, Insightful)
Re:If you comply you should have nothing to hide (Score:5, Insightful)
Because I don't like to be spied on. The thought of people going through my personal files or even listening in on my private conversations creeps me out. I also don't like to use public restrooms with the stall door open, and I don't live in a completely transparent house.
If I'm a business, I want privacy because I don't want my competitors learning information about my future plans or strategies that they could use to their advantage. If I have a product that I've spent billions researching and developing, I don't want my competitor to steal it and start selling it before I do.
Re:If you comply you should have nothing to hide (Score:4, Insightful)
The government always follows this saying with "Do as I say not as we do." BTW Nice sig.
Re: (Score:1)
Why do I need secrecy? (Score:2)
Re: (Score:2)
Re: (Score:1)
Re: (Score:1)
Re: (Score:3, Insightful)
I'm hoping your questions is rhetorical. Let me give you a few examples:
Re: (Score:1)
Heh, I realize that this poster is only trying to get a rise out of the rest of us, but I thought I might post in response to this.
I find it interesting that every time privacy is brought up, this is the phrase that we hear EVERY time. However, I never hear anyone ask them a simple question in response --- "Do you close the door when using the public restroom?" Think about it, you close the door because you really don't want to be both
Re: (Score:3, Insightful)
Re: (Score:2)
FTFA I REALLY like the lazer listener idea though. How clever is that! I want one now. But I'm not going to falk out 50,000USD for it. I'm quite sure that I could build one for less than a grand.
Re: (Score:2)
I bet using a modern phototransistor matched to the wavelength of an off-the-shelf laser diode plus a $100 Ta
Re: (Score:2)
Re: (Score:2)
And just so you don't think you're safe just because you're IMing over an SSL port, with the proper sensor (a Hamamatsu H6780-01 photosensor module) the same telescope can be used to s
Re: (Score:2)
Or take a picture of the screen. My monitor is 1600x1200 and my camera is 2048x1536. It takes "screenshots" just fine.
Get smart phone. (Score:2, Funny)
Great lengths at great heights (Score:5, Interesting)
Along with the obvious requisites like the bedroom and the seperate airconditioning (he was the only person in the building allowed to smoke!), the windows were double-glazed and had a white-noise generator in between the panes to foil any sneaky lasers from other oil companies' CBD high-rises!
I was at first bemused at the expense of it all, but then I thought about the millions he'd get as salary, and the hundreds of millions affected by the decisions made in that office, and thought better of it...
Re:Great lengths at great heights (Score:4, Funny)
Re:Great lengths at great heights (Score:5, Funny)
Re:Great lengths at great heights (Score:4, Funny)
Re: (Score:1)
That's why I run Linux (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:3, Insightful)
Find a IT guy that is disgruntled, (not hard at any company) and either pay him for a copy ofthe CEO's laptop contents or other tidbits.
$10,000.00 cash waved in front of a IT guy that is training his indian outsourced replacement or hearing of the cost cutting changes that management is goign to aim for would be all over that low risk bit of work.
Hell I bet you could get entire copies of the accounting database for the right amount of money.
All you ne
Re: (Score:3, Interesting)
Serve them right (Score:5, Funny)
Bozon cloud? (Score:1)
Bozon: A quantum unit of stupidity.
This term I picked up from Headcrash (Roadkill on the Information Superhighway) by Bruce Bethke. A very entertaining read, I might add. Bruce himself is a great guy too, as I discovered while he was our Special Guest at the last Chattacon (a Science-Fiction convention in Chattanooga). I could say something about the ProctoProd(tm), but I don't want to ruin the book.
Re: (Score:2)
Re: (Score:1)
Fixed 40 Years Ago (Score:5, Funny)
Best Device USB thumbdrive (Score:1)
Re: (Score:3, Informative)
Illegal in the US and many other countries (Score:4, Informative)
http://en.wikipedia.org/wiki/Trade_secret [wikipedia.org]
Interestingly (Score:4, Interesting)
the US / NSA has been proven to use echelon for industrial espionage in other countries eg. on Enercon in Germany: www.europarl.eutopa.eu, search for "Enercon" [europa.eu]. It's quite difficult to find anything in English on this, but there's a lot of stuff in German about this case.
k2r
Re: (Score:1, Insightful)
Good think he didn't take it... (Score:1)
assuming it's already in CVS (Score:5, Funny)
But I want to know where to sell the info!! (Score:3, Funny)
Seriously. I want this to be my full time job, but this article doesn't tell you shite.
Re: (Score:2)
Sure, I've collected all this great data, but now how to I find a buyer?
we-buy-secret-corporate-info.com
Re: (Score:3, Informative)
You could do something like that...
http://www.washingtonpost.com/wp-dyn/content/artic le/2006/07/05/AR2006070501717.html [washingtonpost.com]
Re: (Score:1)
Re: (Score:1, Informative)
Re: (Score:1)
go after their supply chain. The F500 as well as banks and insurances cooperate.
If youre prepared to do the time, I would recommend small to medium sized businesses
to whom you can indeed sell competitor information. Dont expect to be paid
millions though.
Re: (Score:2)
Trade Secrets (Score:2, Interesting)
http://flickr.com/photos/reboof/259086845/ [flickr.com]
Three words (Score:1, Redundant)
Cone of Silence.
Re: (Score:2)
WHAT??
Anyone else thinking.. (Score:2)
Odd use of "buy antispy stuff" FUD here... (Score:2)
Well, that does it. (Score:5, Funny)
Re: (Score:3, Funny)
If you think that's bad, how do you think your employer feels when they see you reading about Uranus...
Note: Ha-ha! Didn't expect a Uranus joke in an article on corporate espionage, did you?!?
Re: (Score:2, Funny)
Ha-ha!
It's Easy (Score:2, Interesting)
Bug sweeps might not find anything because no RF is emitted.
For added discretion: (Score:2)
http://www2.elecom.co.jp/cable/accessory/ld-rj45c
monkey see monkey do (Score:1)
White Noise Generator ... $6,000 and up ... WTF?!? (Score:2, Informative)
Am I getting something wrong here, or did corporate greed just get worse?
Bugging (Score:2)
Old toys (Score:5, Interesting)
Most of the toys mentioned in article are pretty lame and sucky. Granted, for the PI or Spy that buys everything off-the-shelf, the counter-surveilance mentioned works, but otherwise it sucks, here's why (pont by point)
White-noise generators assume that You have no access to the room or that it is impossible to plant a small piece on the person. Say, bump in "accidentally" into the CEO in question and place a 5 square milimeter chip. It will have an internal clock and mic. Once the CEO is out in fresh air, it will transmit the data back in one encrypted burst and destroy the information it had.
Pretty much the same applies for cameras. One, you assume they are broadcasting within some pre-defined spectrum and do so all the time. Again, do a remote on/off or encrypted packet burst and such suverlance mechanisms fail. Besides, with advent of WiFi, if your super agent picks up emissions in 2.4Ghz range, he'll assume it's wifi and let it rest. Also, you can sramble the transmission, do a frequeny hop and bob knows what else.
About that phone-line tap: Do we live in dark ages? Nobody has analogue phones and taps that feed off phone current.You can't detect it over ISDN lines (most offices) and it deosn't do anything for cell networks.
No comments on vapourstream :)
I have to admit, that the laser window snooping is the most effective in the list, as it is probably the easiest method and most reliable. For nice security, go low-tech : Have a friendly chat near a cooler (no windows), in a bath-house (most devices choke on humid air, transmission also would suck) or in a pool or sea (waves splashing, children, loud music).
Besides, the entire chain of communications should be scure, aka TEMPEST approach - if once bit of wire is not tempest - entire chain is invalid. If one of the two persons in conversation, repeats what he heard over dinner table with his wife - what's the point?Re: (Score:2)
And that's the thing. Most industrial espionage is from disgruntled employees / former employees with lose lips. You can't solve this problem with electronics. Look at the HP thing: Sure the leaker used email to talk to the reporter, but he didn't have to. Remember Deep Throat?
Re: (Score:2, Funny)
Duh, wifi spy clock. (Score:2)
Something like this: http://www.spycameras.com/item4.htm [spycameras.com]
I'd look for a more real office type wall clock, but you get the idea. After all, what corporate meeting room doesn't have wifi?
Privacy Lost (Score:2, Funny)
Gadgets and HP Scandal (Score:4, Insightful)
Re: (Score:1, Insightful)
News for^H^H^H^H^H^H^H^H Nerds.^H^H Stuff that matters^H^H^H^H^H^H^H^H^H^H^H^H
Place sensitive calls from server room (Score:1)
Ego and adolescent mentality (Score:2)
And those X-Ray Specs... (do they really see through clothing? Better get a pair, it's the only way to find out! And even if you can't, you always get a reaction by pretending they do...)
Gee whillikers, CEOs must be saying to themselves, now that I'm a big-deal important person, I can send away for ALL that stuff! Boy, will my friends be impressed when they realize my words are so important th
Low Tech and Cheap (Score:3, Interesting)
White noise generator
Defeat laser listener
Place radio on window sill with sub woofer pointed at glass
Stop all eaves dropping
don't talk us a #2 pencil and legal pad
Shred the pad then burn the shredded paper then put the ashes in a bucket of water
Secure phones (Score:1)
Simple principle - also available in Germany (Score:2)
Furthermore, unless the source is available for the product it will not be subjected to independent review, and any claim that it's thus 'the best' or even 'secure' is thus meaningless, as is your website claim "no backdoors to our knowledge". That claim would still be valid if you allowed a US NSA official s
Re: (Score:1)
Why not ask us about our price?.
The main problem with source code to independent review is the fact of deploying sensible code to be copied and deployed under another product name.
About "no backdoors to our knowledge" :
It is under contract:
The "no backdoors" exists in our product because we
Re: (Score:2)
As for 'not publishing for fear of duplication' - I agree, that is on one hand a problem. On the other hand, it would allow others to pitch in as well, not to mention the fact that you could publicly be seen as having the best code. So, in the middle lies the question if your code could be reviewed under NDA by an independent party.
I can see you commit yourself contractually to the 'no backdoors', but I'm observing the fact that such a committment
Re: (Score:1)
About "The best" i wrote in my site, was about "one of the best" encryption specifications using key exchange, i corrected the errors i wrote previously, thank you.
About "No backdoors", i agree with you, it is not a solution to the problem, but it is a good beginning.
About "An independent evaluation", i agree with you, the best way is deploying the source code to an independent review under a
Re: (Score:2)
And I stand by my comments - there is ALWAYS a potential for unintentional backdoors. Your assurances, although well intended, are not enough to sell in the security market. Without independent product evaluation you're asking people to believe you that it's not spyware infested, wi
Re: (Score:1)
Sorry if i did not respond to your e-mail, i will see what is happening because i did not receive them.
I personally reply all incoming e-mails my site receives and your information is very important for me.
I will deploy a message page inside my site to allow direct messages and correct this problem.
Again sorry for this problem, my product is a decent product, works well and i have customers using it for more than two years and they enjoy it a lot.
Regards.
Cesar.
what about REAL spy gadgets? (Score:1)
anybody know of real high-tech (or highly sneaky) gadgets that real spies use or used?
one of my favourites was the Great Seal Bug [spybusters.com]
Doing bad business (Score:1)
Re: (Score:1)