• Home

  • Documents

  • I spy with my little eye: Samsung is about to ban camera phones from its factories — why?
2

Click here to load reader

I spy with my little eye: Samsung is about to ban camera phones from its factories — why?

Embed Size (px)

Citation preview

Page 1: I spy with my little eye: Samsung is about to ban camera phones from its factories — why?

4

CAUGHT RED HANDED

Big corporations are catching on to thisthreat also. From 14 July Samsung willban the use of camera phones in some ofits factories due to fears of industrial espi-onage. As it is a leading manufacturer ofthis technology, it should know the risk. Now consider the potential investigativeor evidential uses (or indeed misuses) ofsuch devices. Clandestinely photograph-ing the people at the next table in arestaurant becomes simplicity itself. Thistechnology significantly raises the stakesfor all of you engaged in furtive meetingswith the mistress or lover, or, indeed,those of you flirting with the competitionor leaking information to the press. Goneare the days when covert cameras had tobe hidden in ties, suit lapels, briefcases orhandbags.

The spy kit content of the ‘black bag’,for want of a better expression, hasadvanced rapidly in recent years. Thecumbersome listening and monitoringdevices of a few years ago have been con-signed to history, replaced by ever smaller,more durable and versatile systems. Inprevious times an investigator was forcedto waste valuable minutes changing tapesand batteries or resetting recordingdevices hidden in their clothing or brief-case — this could jeopardize an under-cover operation and was always a seriousinconvenience, particularly if these

adjustments were needed mid-interview,during a meeting or ‘sting’, or immediate-ly prior to a confession. Not so today.Nearly all of the information captured, beit audio, visual or data can be digitallystored and transferred near effortlessly,using devices that have immense storagecapacity – the MMC/SD memory cardfor the MBR-64 Micro-Bar Digital VoiceRecorder, for example, can store up to512 hours of audio recording.

The quality of recorded audio data hasimproved quantifiably with digital technology and mastering, which hasenabled improvements in audiotapeenhancement methods1. Digital recordershave also got more compact and discreet,making them easier to conceal.

Operationally, remote access to audiodata is now standard procedure, particu-larly on telephone intercepts. On a recentinvestigation, audio data from one suchintercept was transmitted to a laptopcomputer operated in a car outside thetarget building for subsequent review andtranscription. All of this was done withno strings (transmission wires) attachedand, again, without the need to changeany audio-tapes or batteries on-site.

Remote monitoring is not restricted tointerception using a wiretap or transmit-ter inserted into the target frame-room ortelephone handset. With the advent of

wireless local area networks significantnew opportunities have arisen for theprofessional eavesdropper. Given theright equipment (and it is not expensive,complex or difficult to find), wirelessLANs can be intercepted from outsidethe target building and downloaded orread. Drive-by hackers, operating wirelessLAN interception software and receiversfrom cars or vans, can identify preciselywhich organizations transmit their dataunencrypted. All of this can be intercept-ed. This type of hacking is a passive

interception – it does not require thehacker to access any of the target’s sys-tems or processes. It is debatable, there-fore, whether any criminal offence takesplace when this method is used, even inthose countries that have computer mis-use legislation.

Direct access to systems, processes andcomputers presents even greater opportuni-ties to the eavesdropper. Computer Fraud &Security has run articles before on keystrokeloggers, be they hardware or software configured. The hardware logger may be hardwired into the target’s keyboard andits EEPROM memory downloaded once

I spy with my little eyeSamsung is about to ban camera phones from its factories — why?

Julian Parker, Director, Data Genetics International Limited

The other day I was having lunch with an investigator who received a call on hismobile telephone. As he took the call I noticed he was using the latest video andcamera mobile phone technology. As an amateur photographer I was tempted toridicule the abysmal quality of the picture image that these cameras usually produce.I have seen my own image captured unawares by friends and colleagues using thesedevices and the picture quality was never good – despite my movie star looks andnatural photogenic charm. But as I gently ridiculed this technology, the investigatorraised a salient point that I had failed to appreciate – that I had been photographed,yet again completely unawares, this time by him as he answered his call.

Figure 1. Allied Data’s TornadoUSB Memory Watch. Data stor-age capacities offered rangefrom 64 Megabytes to 256Megabytes. Files can be down-loaded using a standard USBport. The diversity of data stor-age formats is causing a radicaloverhaul of police search andseizure procedures.

Page 2: I spy with my little eye: Samsung is about to ban camera phones from its factories — why?

email & web abuse

5

the device has been retrieved. DGI has con-ducted a number of successful investiga-tions using this method. The memory onthese devices is substantial – so much sothat the target’s activity at the computermay be monitored for months and evenyears. In the last year DGI encountered onespecific instance where key-logging deviceshad been used offensively to snoop on spe-cific computer users within a major com-mercial organization.

Other methods employed to snoop oncomputers include the remote installa-tion of embedded programs such as‘Back Orifice’ developed by the self-styled hacker group ‘The Cult of theDead Cow’. Back Orifice enables thesnooper to administer and control a PCremotely. Obviously, email is also opento abuse. DGI has investigated numer-ous cases of private and confidentialelectronic mails being routed to unautho-rized users without the knowledge or con-sent of the intended recipients.

Paradoxically, computer technology isgetting both larger and smaller simultane-ously. The data storage capacity increases asthe physical size of the storage and process-ing devices decreases. Memory sticks,roughly the size of a small box of matchesor a lipstick, with up to 512 megabytes of

storage capacity, can be purchased for a fewhundred dollars. Available, also, are fullyfunctioning wristwatches capable of storing256 megabytes of data, downloadableusing a standard USB 1.1 port.Understandably, these and similar develop-ments, not least solid state storage for digi-tal cameras, have caused some majorrevisions in the training of law enforcementofficers in search and seizure procedures.

This technology is now at the disposalof the skilled investigator but it naturallyfollows that it can equally be used bycriminals and others to misappropriateinformation, or to aid and abet fraud andcomputer misuse.

As previously reported in ComputerFraud & Security, DGI noted that the sin-gle most prevalent computer misuse inthe year 2002-3 was the theft of intellec-tual property and proprietary data bytrusted insiders. I predict that we will seea commensurate increase in data misap-propriation by outsiders, professionalsnoopers and amateur hackers alike, giventhe plethora of tools now at their disposal.

To conclude, it has never been easier tosnoop on you and your organization, orsteal your data, than it is now. You havebeen warned.

References1To reduce background noise or clutterand enhance the clarity of a recorded con-versation.

Data Genetics International LimitedLondon WC2N 6AADirect: +44 (0)20 7520 9386/7www.dgiforensic.com.

Figure 2. A memory stick. Thismodel from Sony stores 64megabytes of data — approxi-mately the equivalent of 44 high-density diskettes.

Most of the really offensive materialmoves quite regularly, either to prevent itbeing taken offline by law enforcementor, for the more blatant, after being takenactually offline.2 Added to that, the reallydedicated pr0n barons can easily set up aremote SSL proxy and navigate that way.The committed, especially away fromHead Office, could, with a bit of helpfrom IT, set up a special proxy withinyour infrastructure to allow them tobrowse at will. I have heard of cases wherethis has happened, not looking for pr0n,but to allow people to access gamblingand gaming sites.

Now, given that you have the blocks inplace, what can you do? Well, you couldwatch the reports from the blocking sys-tem – but that isn’t too great a solution. Ibounce off the corporate blocking system

Email and Web Abuse — Monitoring &Investigations: Part IIMatthew Pemble

Web monitoringWith the Web, there is a little more preventative work that can be done to prevent abusethan with email. URL filters, although I fundamentally oppose them from an engineer-ing design point-of-view1, are a necessary and unpleasant evil in the corporate world.They can prevent the vast majority of the innocent and casual browsing of offensive andsimilar material, although the dedicated seeker after pornography will always be able tofind sites that have not yet been picked up by the filter database team.


Ceasars Spy

Ceasars Spy

Documents
Reputation spy

Reputation spy

Technology
Incident Management and ChatOps - USENIX Forget the incident response procedure spy pre-oncall reminders spy check reminders spy oncall spy cmd #war-room spy incident $

Incident Management and ChatOps - USENIX Forget the incident response procedure spy pre-oncall reminders spy check reminders spy oncall spy cmd #war-room spy incident $

Documents
THE FACTORIES ACT, 1948 and THE ASSAM FACTORIES RULES, 1950factory.eodbassam.in/wp-content/uploads/2017/01/The-Factories-Act... · THE FACTORIES ACT, 1948 and THE ASSAM FACTORIES

THE FACTORIES ACT, 1948 and THE ASSAM FACTORIES RULES, 1950factory.eodbassam.in/wp-content/uploads/2017/01/The-Factories-Act... · THE FACTORIES ACT, 1948 and THE ASSAM FACTORIES

Documents
Spy Counter Spy

Spy Counter Spy

Documents
Revolutionaries and spies: Spy-good and spy-bad graphswest/pubs/revspy.pdfRevolutionaries and spies: Spy-good and spy-bad graphs Jane V. Butterfield∗, Daniel W. Cranston†, Gregory

Revolutionaries and spies: Spy-good and spy-bad graphswest/pubs/revspy.pdfRevolutionaries and spies: Spy-good and spy-bad graphs Jane V. Butterfield∗, Daniel W. Cranston†, Gregory

Documents
SPY Fluorescence Imaging Technology - Stryker Corporation...SPY-PHI’s fluorescent signal is not affected by ambient room light, ensuring a fluid workflow. SPY-PHI utilizes SPY Fluorescence

SPY Fluorescence Imaging Technology - Stryker Corporation...SPY-PHI’s fluorescent signal is not affected by ambient room light, ensuring a fluid workflow. SPY-PHI utilizes SPY Fluorescence

Documents
Spy and Counter Spy

Spy and Counter Spy

Documents
enVision - Anadolu Üniversitesi · spy 255 masa tenis1 (t) spy 253 tenis (t) spy 255 masa tenisi (u) spy 253 spy 255 masa tenisl spy 253 (u) ana 126 kinesiyolojik anatomi (t) ana

enVision - Anadolu Üniversitesi · spy 255 masa tenis1 (t) spy 253 tenis (t) spy 255 masa tenisi (u) spy 253 spy 255 masa tenisl spy 253 (u) ana 126 kinesiyolojik anatomi (t) ana

Documents
spy in-plant holiday detectors - SPY Pipeline Inspection

spy in-plant holiday detectors - SPY Pipeline Inspection

Documents
Suga BURKE FINE SEASHELL TRANSFER POPSICLE THEMED I SPY GAME spy: POPSICLES spy … · 2018-05-22 · POPSICLE THEMED I SPY GAME spy: POPSICLES spy: POPSICLES Collages Sponge Bombs

Suga BURKE FINE SEASHELL TRANSFER POPSICLE THEMED I SPY GAME spy: POPSICLES spy … · 2018-05-22 · POPSICLE THEMED I SPY GAME spy: POPSICLES spy: POPSICLES Collages Sponge Bombs

Documents
Spy Emporium - Spy Gadgets Store Houston

Spy Emporium - Spy Gadgets Store Houston

Documents
Comcast Spy

Comcast Spy

Documents
Summer University 2004 · BAN Sardegna BAN Lazio BAN Campania BAN Puglia BAN Calabria BAN Lombardia BAN: the Italian photography 10 Regional BANs North West BAN BIC Vallée d’Aoste

Summer University 2004 · BAN Sardegna BAN Lazio BAN Campania BAN Puglia BAN Calabria BAN Lombardia BAN: the Italian photography 10 Regional BANs North West BAN BIC Vallée d’Aoste

Documents
Cellbrite Spy

Cellbrite Spy

Documents
SPY-DVR16HYB2 & SPY-DVR16HYB2ND - Metra Home …metrahometheater.com/media/files/SPY-DVR16HYB2 MANUAL (2).pdf · SPY-DVR16HYB2 & SPY -DVR16HYB2ND ... • Up to 16 camera capacity

SPY-DVR16HYB2 & SPY-DVR16HYB2ND - Metra Home …metrahometheater.com/media/files/SPY-DVR16HYB2 MANUAL (2).pdf · SPY-DVR16HYB2 & SPY -DVR16HYB2ND ... • Up to 16 camera capacity

Documents
Spy Mission

Spy Mission

Documents
Spy Wireless Camera In Delhi +91 ( 9999302406 - Spy Products - Spy Gadgets )

Spy Wireless Camera In Delhi +91 ( 9999302406 - Spy Products - Spy Gadgets )

Sales
Embrace Factories Factories - CFUnited

Embrace Factories Factories - CFUnited

Documents
spy teaser

spy teaser

Documents
Spy Brothers

Spy Brothers

Documents
spy story2

spy story2

Documents
Spy vs Spy Score

Spy vs Spy Score

Documents
GAME-SPY through GACP - Cisco...GAME-SPY Name/CLI Keyword game-spy Full Name game-spy Description Game-spy online gaming Reference - Global ID L4:1349 ID 1349 Known Mappings UDP Port

GAME-SPY through GACP - Cisco...GAME-SPY Name/CLI Keyword game-spy Full Name game-spy Description Game-spy online gaming Reference - Global ID L4:1349 ID 1349 Known Mappings UDP Port

Documents
Spy v Spy - Treachery in the Dev/Ops Trenches

Spy v Spy - Treachery in the Dev/Ops Trenches

Technology
Verizon Spy

Verizon Spy

Documents
Spy thriller

Spy thriller

Education
SES San Francisco: Spy vs. Spy - Competitive Research

SES San Francisco: Spy vs. Spy - Competitive Research

Technology
Microsoft Spy

Microsoft Spy

Documents
Spy camera

Spy camera

News & Politics