From: Shawn Hughes Date: Thu Jan 24, 2002 0:12pm Subject: Ames' computer Ok, Thanks to everyone who replied on and off board. So, the results seem to be that a tech guy has to initially manipulate the computer and install something (extra card, WLAN, dongle, etc.) in order for this exploit to work. I was afraid there was some kinda backdoor weakness in all computers that allowed them to be woken up (a'la the wake key) by a signal superimposed on the mains. I feel better now. And I agree on Ames. What really burns me is that as sloppy as he apparently was, you still have to jump through all the PRP hoops that you do. It's all a joke. I guess it would cost too much to revamp, though. Thanks again, guys!! Shawn 4624 From: A Grudko Date: Thu Jan 24, 2002 11:18am Subject: Re: China plane bugs Sloppy U.S. spying or untrue? - Quote - > The experts expressed skepticism that American spies had a hand in > what newspaper reports said were more than two dozen bugs found inside a > plane to be used by Chinese President Jiang Zemin, including in the bathroom > and the headboard of the bed. Perhaps his wife planted them? ;-) Andy G - Jo'burg 4625 From: James M. Atkinson Date: Thu Jan 24, 2002 8:39pm Subject: WANTED: 900 New FBI Special Agents http://www.pittsburghfirst.com/rc/news/docs/1740845l.htm Posted: 05:31 PM EST Wednesday, January 23, 2002. WANTED: 900 New FBI Special Agents WASHINGTON (Reuters) - The FBI has a new ``most wanted'' list -- 900 new special agents. The FBI said on Wednesday it is launching one of its most aggressive hiring campaigns in recent years as it seeks to hire about 900 people over the next eight months to become special agents. ``The events on, and subsequent to, Sept. 11, 2001, have resulted in a realignment of the FBI's resources to enhance its ability to address terrorism and homeland security,'' the statement said. As a result, the FBI plans to focus on identifying candidates with certain skills to become special agents. People who have a background in computer sciences, engineering and physical sciences are needed, as are candidates who know languages like Arabic, Farsi, Urdu, Chinese or Japanese. Other skills of interest include foreign counter-intelligence and counter-terrorism work, and people who have a background in military intelligence or a fixed-wing pilot's license. The FBI said applicants must be U.S. citizens between the ages of 23 and 36, be available for assignment anywhere within the FBI's jurisdiction and possess a valid driver's license. A spokesman said the bureau hires substantially fewer than 900 special agents during a typical year, and added that as of Dec. 1 there were just over 11,000 special agents on the force. Copyright © 2002 Reuters Limited. -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4626 From: Hawkspirit Date: Thu Jan 24, 2002 9:48pm Subject: Books on terrorism these books may be of interest to anyone is the anti-terrorist field. http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1504288978 4627 From: James M. Atkinson Date: Thu Jan 24, 2002 9:45pm Subject: A spy's remorse - students should think twice about joining 'The Agency' http://www.woza.co.za/jan02/cia24.htm A spy's remorse - students should think twice about joining 'The Agency' by Bob Beyers, Pacific News Service As thousands of American college students rush to join the Central Intelligence Agency, they might listen to a few cold warriors' tales before signing on the dotted line. One comes from a man we'll call Fred. We met in a cancer clinic, where my wife was a patient. Fred was terminal, and knew it. But he didn't look that way at all. Part of the Greatest Generation, he had good color, walked briskly, sat down with ease and waited for his drugs. "Are you retired?" I asked. "Yes." "What did you do?" "Worked for the government." "What area?" "Can't say..." "Oh, the Agency," I guessed. "Can't say." I told Fred I had been supported financially by the CIA in the 1950s, but didn't know about it until much later. At the U.S. National Student Association, I'd been among a handful of staffers whose leaders successfully challenged the communist-influenced International Union of Students. All the challengers did was say that student groups should be run by people in their 20s, not by old Party hacks. As staffers, we were told that any international expenses should be charged to the Foundation for Youth and Student Affairs. "It was a front funded by the CIA," I explained. Fred relaxed a little. "A lot of bright young people were attracted to government back then," he said. "I still remember my interview (at the Agency). Very hush-hush. I was pledged to secrecy." He didn't even tell his family his true profession. Years ago, I told Fred, a friend who had served with the Office of Strategic Services (the CIA's predecessor) in Vienna confirmed that the United States had forced about 2 million anti-communist Russian refugees back into the Soviet Union. Stalin had them slaughtered or sent back to Siberia. A Soviet double agent in the CIA was key to FDR's complicity. "I worked in Europe. I'm ashamed about a lot that happened," Fred said. Fred regretted much of the Agency's domestic work, too. He knew that the CIA helped introduce LSD to the United States, hoping to use it as a truth serum. Two of my colleagues, I told him, were involved in private experiments secretly funded by the CIA in the early 1960s. One later blew his brains out. "The Summer of Love in San Francisco (in 1967) was a social experiment gone wild..." Fred volunteered. "It turns out my shrink sees several others with severe remorse about what happened, what they did." And with that, he received his ration of drugs and left. In his book "The Secret History of the CIA," journalist Joseph J. Trento interviews the CIA's legendary James Angleton, a smoker with terminal lung cancer "dying in total emotional isolation." "You know how I got to be in charge of counter-intelligence (for the Agency)?" Angleton asks. "I agreed not to polygraph or require detailed background checks on (CIA Director) Allen Dulles and 60 of his closest friends. "They were afraid that their own business dealings with Hitler's pals would come out. They were too arrogant to believe that the Russians would discover it all." Which the Russians did. The real problem, Angleton told Trento, was that "there was no accountability. And without real accountability everything turned to s---." "You know, the CIA got tens of thousands of brave people killed," Angleton said. "We played with lives as if we owned them. We gave false hope. We -- I -- so misjudged what happened." While Soviet agents penetrated both the CIA and FBI at extraordinarily high levels, their regime eventually crumbled in the face of more open, dynamic democracies. Now, in the wake of Sept. 11, a new generation of would-be recruits flocks to the Agency. Politicians scramble to provide it sweeping new domestic investigating authority. Legal and financial constraints are swept away. It's a great time to grab power and cloak it in secrecy. Who cares about old spies' remorse? Those in Congress who dare seek accountability for past intelligence failures are portrayed as aiding the terrorists. Beat the crowd. Sign up now. from Misanet/PNS info@w... © WOZA Internet (Pty) Ltd -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4628 From: James M. Atkinson Date: Thu Jan 24, 2002 10:04pm Subject: Which number applies to you? 1. There's always a lot to be thankful for if you take time to look for it. For example, I am sitting here thinking how nice it is that wrinkles don't hurt. 2. When I'm feeling down, I like to whistle. It makes the neighbor's dog that barks all the time run to the end of his chain and gag himself. 3. If you can't be kind, at least have the decency to be vague. 4. A penny saved is a government oversight. 5. The older you get, the tougher it is to lose weight, because by then your body and your fat are really good friends. 6. The easiest way to find something lost around the house is to buy a replacement. 7. He who hesitates is probably right. 8. If you can smile when things go wrong, you have someone in mind to blame. 9. The sole purpose of a child's middle name is so he can tell when he's really in trouble. 10. How long a minute is depends on what side of the bathroom door you're on. 11. If ignorance is bliss, why aren't more people happy? 12. Most of us go to our grave with our music still inside of us. 13. If Wal-Mart is lowering prices every day, how come nothing is free yet? 14. You may be only one person in the world, but you may also be the world to one person. 15. Some mistakes are too much fun to only make once. 16. Don't cry because it's over: smile because it happened. 17. We could learn a lot from crayons: some are sharp, some are pretty, some are dull, some have weird names, and all are different colors.. but they all have to learn to live in the same box. 18. Everything should be made as simple as possible, but no simpler. 19. A truly happy person is one who can enjoy the scenery on a detour. 20. Happiness comes through doors you didn't even know you left open. 21. Once over the hill, you pick up speed. 22. I love cooking with wine. Sometimes I even put it in the food. 23. If not for STRESS I'd have no energy at all. 24. Whatever hits the fan will not be evenly distributed. 25. Everyone has a photographic memory. Some just don't have film. 26. I know God won't give me more than I can handle. I just wish He didn't trust me so much. 27. You don't stop laughing because you grow old. You grow old because you stop laughing. 28. Dogs have owners. Cats have staff. 29. We cannot change the direction of the wind... but we can adjust our sails. 30. If the shoe fits......buy it in every color. 31. Have an awesome day, and know that someone has thought about you -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4629 From: James M. Atkinson Date: Thu Jan 24, 2002 10:34pm Subject: re: computer question David, Feel free to post information related the TSCM, but try to stay on topic. I would also point out that "secured" machine will also have their microphones and web cams deactivated and removed as well. -jma At 4:47 PM +0000 1/24/02, David Alexander wrote: >This is my area of expertise. I'm a computer security/Information Warfare >geek, not a 'bug-hunter' (no offence intended or implied). > >I'll give you the short answer: > >Yes, there is a system that allows LAN awakening and control of a PC. >This system normally depends on a special cable from the Network card to a >connector on the motherboard that awakens the PC. > >Any self-respecting company removes this cable to disable the facility as >the very first thing they do when the PC arrives as it is a massive security >hole and should never, ever be allowed to be active. Half of me wants to say >that any company that does not deserves everything they get, but that is >counter to the philosophy of this group. If your outfit has these cables in >place, get them removed ASAP, they are a hackers dream. > >On Windows 2000 and Windows XP (TM acknowledged) there is another way of >taking over a PC through the Netmeeting utility. Great for remote support >and software installations. The remote install function via network wake-up >is not needed due to something called Remote Install Server. I won't bore >you with the details here. > >If anyone has more questions I'd be happy to take them offline direct to my >e-mail address unless JMA thinks the info is of interest to all (your call) > >regards > >_____________________________ >David Alexander M.INSTIS >Global Client-Server, Communications >& Infrastructure Director > >Bookham Technology plc >Tel: +44 (0) 1235 837823 >Mobile: +44 (0) 7799 881284 >Fax: +44 (0) 1235 837201 >http://www.bookham.com -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4630 From: Paul Timmins Date: Thu Jan 24, 2002 11:31am Subject: Re: computer question parts 2 Last I knew, you needed line of sight to do this. So people don't notice suspicious vehicles (i.e. vans with no logos and no windows, not belonging to a neighbor) parked across the street in their neighborhoods? Plus last I knew, this was not something that is very trivial to do... -Paul At 11:52 AM 1/24/2002, you wrote: >Fibre-glass bodied van with aerial inside and you can sit some distance away >and see what's happening without entering premises and leaving a bug to be >found or anything to recover afterwards. > >Any surveillance team could do this...if they are not putz's (with >acknowledgement to the previous poster) 4631 From: enemyatthegate007 Date: Thu Jan 24, 2002 10:51pm Subject: not to knowledable what does wakening of the pc mean?im sory im sure its very basic but im trying to get my feet wet.this field is huge in knowledge and my hat is off to the operators in this field.im an executive protection specialist(bodyguard) and i stay keyed in a lot of areas(anti/counter terrorism)especially.but this field is very impressive.so once again if you here a lot of basic questions from me sorry trying to learn a little. james jones EPS chief of operations www.bodyguardinc.com 4632 From: James M. Atkinson Date: Thu Jan 24, 2002 11:04pm Subject: Re: computer question parts 2 Ah David, No offense, and I really hate to have to tell you tell this this, but let's just say that you may be experiencing a moment of dental distress caused by elements of your own footwear being lodged therein. Given the dimensions of a Yagi needed to efficiently intercept a baseband rasterized signal coming off a monitor the eavesdroppers would have be be less then 12 feet away, or use an antenna about 68 feet wide and 84 feet long. Also, while a Yagi is less directional then a small loop is does give use a more favorable usable angle but is wider band. The biggest problem with using a Yagi for something like this is the size and the relatively low frequencies involved, which you bet best handled by an equiangular antenna. It is a rather academic question: What frequencies does the monitor normally emit for radiated signals, and what is their wavelength... given this, consider the antenna parameters just to squeeze 20-24 dB over an isotropic out of the Yagi. Sure, we can stack Yagi's, but your going to have to use at least four units to make a appreciable difference. If you work out the timing signals from a monitor you will see that the majority of the raster is fairly limited and that a free space interception is tough unless you use a secondary carrier. Attempting to exploit the radiated emissions of a monitor, computer, laser printer, or other kind of digital device would strictly be used as a last result. It is far more effective to simply break in to the subjects home, plant some device which uses the power lines for the backdoor, and exit to a nearby listening post. You might want to visit the following link and brush up of some TEMPEST info: http://www.tscm.com/TSCM101tempest.html Only a surveillance team consisting of putz's would attempt an interception of this nature, but then DOJ is not well known for their ability to design and launch rockets. -jma At 4:52 PM +0000 1/24/02, David Alexander wrote: >There is a much simpler way that Ames could have been monitored - TEMPEST >emissions > >In case some of you are unaware, with a decent yagi and some software you >can see what someone's' PC is doing real-time while they are doing it. > >Fibre-glass bodied van with aerial inside and you can sit some distance away >and see what's happening without entering premises and leaving a bug to be >found or anything to recover afterwards. > >Any surveillance team could do this...if they are not putz's (with >acknowledgement to the previous poster) > >_____________________________ >David Alexander M.INSTIS >Global Client-Server, Communications >& Infrastructure Director > >Bookham Technology plc >Tel: +44 (0) 1235 837823 >Mobile: +44 (0) 7799 881284 >Fax: +44 (0) 1235 837201 >http://www.bookham.com -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4633 From: enemyatthegate007 Date: Thu Jan 24, 2002 11:15pm Subject: CIA remorse how does the cia find agents?i have read and seen documents but are they true?i know its a hush hush agency and i know they employ engineers,chemist,bio etc..and have a huge web site but what about other agents like espionage or other agents that just do spying.just wondering. james jones EPS www.bodyguardinc.com 4634 From: Ray Van Staden Date: Fri Jan 25, 2002 0:23am Subject: City's surveillance given international thumbs-up http://www.cbn.co.za/issue/1240202.htm City's surveillance given international thumbs-up CAPE TOWN's Strategic Surveillance Unit, which provides the closed-circuit TV monitors in the City centre and other locations, has been granted ISO 9001 accreditation by the International Standards Organisation in Switzerland. The Unit becomes the first law enforcement agency in South Africa to receive ISO 9001 accreditation, which gives global recognition of achievement of international standard. The Strategic Surveillance Unit is owned by the City of Cape Town and run and managed by City traffic and law enforcement officers. ISO 9001 accreditation is granted in recognition of the service rendered by the Unit having complied with internal standards both in the documentation of its procedures and in the observance and implementation of these, based on audits conducted by officials of the South African Bureau of Standards which is the accredited agent of ISO in the Republic. The presentation of ISO 9001 certification to the City will be made by Mr Tom Gash, Western Cape regional director of the SABS. The recipient, on behalf of the City, will be Councillor Ian Neilson, the City Council's Executive Committee member for Health and Safety. Councillor Neilson said today that the CCTV multiple camera system in Cape Town's central business district had proved its worth in the detection of crime-in-progress and had led to many arrests and prosecutions and a marked reduction in crime. The system had been expanded to camera surveillance of public places and roads in high-crime areas of the Cape Flats. More recently the Vanguard Drive surveillance system of Sun West had become incorporated in the system. The ISO 9001 accreditation came at a time when the City was changing the focus of camera surveillance from traditional crime-prevention pursuits, to the broader usage of the monitoring systems for the benefit of communities. The network provided visual information for use by the Council traffic and road branches in freeway management and the detection of traffic offenders. The cameras also provided information on informal traders, protest marches , advertising billboards and fire hazards. The City was constantly developing partnerships in this regard and the new status of the Strategic Surveillance Unit in terms of its ISO 9001 ranking would augur well for development in this regard and indirectly contribute to the process of developing Cape Town as a model city in global terms. --- From the desk of Raymond van Staden Van Staden and Associates cc P.O. Box 1150 Amanzimtoti 4125 South Africa Tel: +27 (0)31 916-1262 Fax: +27 (0)31 916-1263 Email: raymond@v... Internet: http://www.vanstaden.co.za [Non-text portions of this message have been removed] 4635 From: A Grudko Date: Fri Jan 25, 2002 1:35am Subject: Siemens equip Sweeping a private residence yesterday I came across something new to me involving 2 Siemens Gigaset 1000s and one Gigaset 3000 Comfort cordless phones. I'd appreciate a private chat with anyone who is familiar with this equipment's normal operation. Andy Grudko D.P.M., Grad I.S, (S.A.) - Grudko Associates - www.grudko.com , Est. 1981 International business intelligence and investigations - ICQ 146498943 Johannesburg (+27 11) 465 9673 - 465 1487 (Fax), Pretoria (+27 12) 244 0255 - 244 0256 (Fax) SACI, WAD, CALI, SAMLF, UKPIN, AFIO (OS), IWWA, PRETrust, AmChamCom When you need it done right - first time 4636 From: Brad Hayes Date: Fri Jan 25, 2002 7:02am Subject: Un-identified problem Dear Group, This is not a TSCM question per se but, with having a panel of electronic,electrical experts on this list I though some one may have an answer to this particular situation. Here goes. I have a client who beleives she may have a former employee stalking her, following her or conducting surveillance on her home. Prior to moving a couple of months ago, someone was ringing her doorbell early in the morning on a fairly consistent basis. She moves to the opposite side of town and the very next morning, her doorbell rings, again early in the morning.(6:00 a.m) I install two coverts cameras for her, one that has a commanding view covering the front of the home and the second that is disguised as a peephole so I can obtain video of the front door. A couple of days ago,she contacts me and says her doorbell rang on Sunday morning (8:00 a.m.) but nobody is at the door. Upon reviewing the tape, I see a vehicle pull up in front of her house at 5:00 a.m. and another vehicle enter the cul-de-sac around 8:00 a.m. Both vehicles stay momentarily and leave. My question is this. Is there any possible way that electrical or RF interference could trigger this doorbell? I examined both the doorbell and the unit mounted on the wall inside the condo. Being a condo, her neighbor is on the opposite end and therefor I want to rule out the neighbors doorbell reverberating thru the walls. Am I missing something here? This gal lives alone and was visibly spooked by the car in front of her house at 5:00 a.m. By the way, upon reviewing both tapes, no one gets out of the car and/or approaches the door. Thank you in advance for any insight on this matter. Brad American Investigation Group (317) 823-2677 ===== Brad Hayes American Investigation Group Investigations/Executive Protection Indianapolis, Indiana (317) 823-2677 __________________________________________________ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com 4637 From: Hawkspirit Date: Fri Jan 25, 2002 9:09am Subject: Evaluation Form http://www.sci.ky/evalu.html 4638 From: James M. Atkinson Date: Fri Jan 25, 2002 9:03am Subject: Re: Un-identified problem I take it that her doorbell system is a wireless variety that is rather cheap in quality? If so, then it is likely that the front end of the receiver was simply being overloaded by strong RF fields operating on frequencies near that used by the door bell. Installing a hardwired doorbell sysetm may clear up the problem, but also make sure that the wiring for it is twisted pair. -jma At 5:02 AM -0800 1/25/02, Brad Hayes wrote: >Dear Group, >This is not a TSCM question per se but, with having a >panel of electronic,electrical experts on this list I >though some one may have an answer to this particular >situation. Here goes. I have a client who beleives she >may have a former employee stalking her, following her >or conducting surveillance on her home. Prior to >moving a couple of months ago, someone was ringing her >doorbell early in the morning on a fairly consistent >basis. She moves to the opposite side of town and the >very next morning, her doorbell rings, again early in >the morning.(6:00 a.m) I install two coverts cameras >for her, one that has a commanding view covering the >front of the home and the second that is disguised as >a peephole so I can obtain video of the front door. A >couple of days ago,she contacts me and says her >doorbell rang on Sunday morning (8:00 a.m.) but nobody >is at the door. Upon reviewing the tape, I see a >vehicle pull up in front of her house at 5:00 a.m. and >another vehicle enter the cul-de-sac around 8:00 a.m. >Both vehicles stay momentarily and leave. My question >is this. Is there any possible way that electrical or >RF interference could trigger this doorbell? I >examined both the doorbell and the unit mounted on the >wall inside the condo. Being a condo, her neighbor is >on the opposite end and therefor I want to rule out >the neighbors doorbell reverberating thru the walls. >Am I missing something here? This gal lives alone and >was visibly spooked by the car in front of her house >at 5:00 a.m. By the way, upon reviewing both tapes, no >one gets out of the car and/or approaches the door. >Thank you in advance for any insight on this matter. >Brad >American Investigation Group >(317) 823-2677 > > >===== >Brad Hayes >American Investigation Group >Investigations/Executive Protection >Indianapolis, Indiana >(317) 823-2677 -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------------------------------- 4639 From: Hawkspirit Date: Fri Jan 25, 2002 9:45am Subject: Masking products Any one have experience with these masking products? Roger http://www.streetsavvywares.com/BD_acoustic_generators.htm 4640 From: Hawkspirit Date: Fri Jan 25, 2002 10:00am Subject: Lets get educated! http://www.ipg-protect.com/doc021.htm Technical Security Specialist (TSS) - Advanced Level * (Tuition $1,575.00) TSCM Professional Services TSCM Documentation Counter Intelligence Survey TSCM Antenna Management Device Detection / Identification / Location PC Based Detection / Monitoring / Analysis / Documentation Panoramic RF Spectrum Analysis Broadband RF Near Field Receivers Very Low Frequency (VLF) Infrared (IR) / Laser Detection Non-Linear Junction Detectors Telephone Network / Equipment Inspection Computer Network Analysis Acoustical Leakage Inspection Time Domain Reflectometer (TDR) Radio Direction Finding Found Device Protocol Reports and Evidence Documentation * Topics and sub-topics are subject to on-going amendment and continued program development. Some topics and sub-topics are not indicated in the above outline. 4641 From: Hawkspirit Date: Fri Jan 25, 2002 10:05am Subject: Statistics http://www.ipg-protect.com/doc094.htm Our TSCM statistics last updated - October 2001 In 19% of these investigations, one or more actual functioning electronic devices were discovered and removed by our technicians, or we were able to verify a non-electronic compromise of confidential proprietary information. Of these investigations, 6% were of a domestic nature, and 12% were related to business interests or corporate affairs, and 1% were related to vehicle tracking technology or Emergency Locator Transmitters (ELT) and Emergency Position Indicating Radio Beacon (EPIRB). · In 22% of the investigations, positive proof was discovered to indicate a device was present or had been removed prior to the investigation, or strong evidence suggested that a real compromise had indeed taken place. · In 23% of the investigations the loss of information appeared real, however no specific evidence was discovered to confirm that a compromise had actually taken place. In 5% of these cases the client indicated making the call to our office from a area of compromise or discussing his / her suspicions with others. · In 22% of the investigations conducted, no compromise could be proven and no evidence was discovered to confirm any compromise had taken place, however, in 16% of these inspections, the investigation was initiated by the client as a preventative measure, usually without any specific reason for initiating the investigation. · In 14% of all investigations conducted, it appeared that the client's suspicions were unfounded, or as the result of a paranoid mind. In our best estimation, it would also appear that in approximately 65% of the TSCM services preformed by our technical personnel, the client was not totally forthcoming as to the real reason for contracting our services, and therefore the actual risk could not be established. Covert surveillance may be electronic in nature or by a wide range of intelligence gathering techniques. In fact, both of these methods are widely used in domestic spying, stalking incidents, gaining a business competitive advantage, labour disputes, or dissatisfied or disgruntled employees hoping to gain an edge within the work place environment. It is strongly recommended that all business environments regardless of size or perceived risk, consider an annual TSCM inspection and sweep as part of a long term due diligence with respect to the identification of technical security concerns. In fact, when proprietary information or research and development is a factor, various insurance policies require such inspections to be conducted in order to remain in force. 4642 From: Greg H. Walker, Attorney At Law Date: Fri Jan 25, 2002 9:58am Subject: Damage To Electronic Equipment I apologize if this has been posted before, however, I received this info today from a Project Manager at NASA who is a friend. Subject: Be careful shipping electronic parts through the mail At the JEDEC meeting it was mentioned several times that at least one company had lost functionality of some populated printed circuit boards sent through the U.S. mail. It seems that the post office is now E-beam irradiating all mail sent through area codes that feed mail into Washington DC to kill any potential "nasty bugs". That process can/will destroy active electronic devices. The word is: BUYER BEWARE WHEN SHIPPING ELECTRONIC PARTS THROUGH THE U.S. MAIL. Rather use Federal Express or another similar shipper. The JEDEC web page (www.jedec.org) provides more detail and in fact names a number of items that may be subject to damage. GREG -- Greg H. Walker Attorney At Law President RisKontroL -- Risk Management, Security Consulting & Investigations Houston, Texas (713) 850-0061 WARNING NOTICE BY GHW: Greg H. Walker's comments are not intended to be and should absolutely not be taken as legal advice. Unless you have entered into a specific written agreement with him for legal services, signed by both you and him, and paid him a retainer in good funds, then he is not your Attorney, does not intend to be your Attorney and you should not act nor refrain from acting based, in whole or in part, on his comments. 4643 From: Dr. Pepper Date: Fri Jan 25, 2002 10:04am Subject: RE: Un-identified problem jma, you are making unsubstantiated assumptions. And then taking off in that direction. A TDR would tell you about the door bell wiring. If it actually IS a wireless doorbell, then jma may be correct. Even if it is a hard wired bell, it could STILL be actuated by a ham radio or CB, however it is unlikely. The tip about checking the neighbors doorbell wiring might shed some light on the subject. -- Dr Pepper aka WB6GKI in the High Desert of California. Check out my LIVE Hamshack Cam at: http://www1.iwvisp.com/DrPepper/ham/ham.htm ======================================== -----Original Message----- From: James M. Atkinson [mailto:jmatk@t...] Sent: Friday, January 25, 2002 7:04 AM To: TSCM-L@yahoogroups.com Subject: Re: [TSCM-L] Un-identified problem I take it that her doorbell system is a wireless variety that is rather cheap in quality? If so, then it is likely that the front end of the receiver was simply being overloaded by strong RF fields operating on frequencies near that used by the door bell. Installing a hardwired doorbell sysetm may clear up the problem, but also make sure that the wiring for it is twisted pair. -jma At 5:02 AM -0800 1/25/02, Brad Hayes wrote: >Dear Group, >This is not a TSCM question per se but, with having a >panel of electronic,electrical experts on this list I >though some one may have an answer to this particular >situation. Here goes. I have a client who beleives she >may have a former employee stalking her, following her >or conducting surveillance on her home. Prior to >moving a couple of months ago, someone was ringing her >doorbell early in the morning on a fairly consistent >basis. She moves to the opposite side of town and the >very next morning, her doorbell rings, again early in >the morning.(6:00 a.m) I install two coverts cameras >for her, one that has a commanding view covering the >front of the home and the second that is disguised as >a peephole so I can obtain video of the front door. A >couple of days ago,she contacts me and says her >doorbell rang on Sunday morning (8:00 a.m.) but nobody >is at the door. Upon reviewing the tape, I see a >vehicle pull up in front of her house at 5:00 a.m. and >another vehicle enter the cul-de-sac around 8:00 a.m. >Both vehicles stay momentarily and leave. My question >is this. Is there any possible way that electrical or >RF interference could trigger this doorbell? I >examined both the doorbell and the unit mounted on the >wall inside the condo. Being a condo, her neighbor is >on the opposite end and therefor I want to rule out >the neighbors doorbell reverberating thru the walls. >Am I missing something here? This gal lives alone and >was visibly spooked by the car in front of her house >at 5:00 a.m. By the way, upon reviewing both tapes, no >one gets out of the car and/or approaches the door. >Thank you in advance for any insight on this matter. >Brad >American Investigation Group >(317) 823-2677 > > >===== >Brad Hayes >American Investigation Group >Investigations/Executive Protection >Indianapolis, Indiana >(317) 823-2677 -- ---------------------------------------------------------------------------- ---------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------------- ---------------------- James M. AtkinsonPhone: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... ---------------------------------------------------------------------------- ---------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell -------------------------------------------------------------------------- ------------------------ ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 4644 From: Hawkspirit Date: Fri Jan 25, 2002 10:15am Subject: Back in the USSR http://www.tradeport.org/ts/countries/russia/isa/isar0025.html 4645 From: Bryan Date: Fri Jan 25, 2002 8:32am Subject: Re: computer question - Dangling the Dongle On Wed, 23 Jan 2002, James M. Atkinson wrote: > Shawn, > > It's really no big mystery. > > Most computers have a specific key on the keyboard (or motherboard) > that when pressed allows the computer to wake up and go through a > boot. > > This function can be remotely controlled by installing a "remote boot > dongle" inside the keyboard, or inside the computer so an > eavesdropper can turn the computer on or off remotely. > > The dongle either turns the machine on/off at a preset time, waits > until a certain period of non usage has occurred, or wakes up in > response to a remote command. The remote activation command can come > in via any variety of conductors (phone line, power line, Cable TV, > LAN, etc) or though a wireless connection. A few novice questions about this: How is this device reached? What protocols does it use? With standard internet communication I understand that any machine(device) on the network must be bound by an IP address. That is how deviceA knows how to get to deviceB. If this device uses the computers power souce, would it not require the PC to alredy be on? Unless of course it had it's own power supply, but that would mean a much larger device, yes? > > Once the computer is up and booted the eavesdropper can then access > the OS remotely, and depending on which software they are using they > perform any number of tasks. OK, so we have a device that can power up the box....we still need an account on the box or the username/passwd. So given we installed a keylogger on the device, wait, no, we couldn't do that until we actually had access to the already booted and logged in machine/account. So far, to me, it seems we would have to gain physical access to the box while it is already running and with the user we want to monitor already logged in...or a root/admin account...which seems rather unlikely. Especially if they are hiding something or even just *slightly* security concious. Depending on the mission, it may be easier to just take a disk imager to the location and image the drive. Take it back to the lab and break it down there and perform forensics, etc... As you can see, I am a virgin to the TSCM world, so know very little about what is available and what can/cannot be done. But I am very curious! I apologize for the juvenile questions that probably could have been answered by doing a bit more research on my own. Thanks, Bryan > > Occasionally, you will come across such goodies on larger corporate > sweeps, and most often on servers, remote machines, or problem > children where the sys admin doesn't want to keep running to remote > parts of the campus to tweak software. Such a system allows the sys > admin to remotely wake-up or boot the machine in question and "do > those things which admins do so well". Usually on the corporate > sweeps the 'wake up" signal goes out though the LAN as a wake-up > packet addressed to the dongle, and more recently though a 802.11 > network. > > If the bug the FBI used on Ames utilized the power lines, then the > listening post would have to be fairly close to the Ames home as you > lose quite a bit of your signal at the distribution transformer. In > all probability they where camped out in a home nearby and simply > brought up the OS, and then issued basic DOS commands (from their > end) to browse through the hard drive and suck down files. After they > where done it would have been quite simple to shut the machine down. > > > -jma > > > PS: Ames was a putz, and didn't follow good tradecraft > > Technical Counterintelligence Rule #374 > Agent shall always turn of his/her computer when not in immediate > use, and shall remove the power cord from the wall and/or disengaged > the breaker on the individual UPS when the machine will not be in use > for more then two hours. In the event the agent does not have a > positive 7/24 security force in place the computer will also be > powered down and locked into an approved security container (such as > a safe) and physically disconnected from both the telephone circuits, > LAN circuits, and all other conductive or radiated paths. > > > > > > > At 12:32 AM -0500 1/23/02, Shawn Hughes wrote: > >I'm sitting here watching a show on cable ( I know). They are discussing > >the encroachment of surveillance by the gov against citizens. > > > >One detail they gave was on the Ames case. They stated that the FBI was > >remotely powering on Ames home computer, then subsequently removed data > >from, and powered it back down via the residential power lines. > > > >I am a little skeptical, unless they put a black box inside his pc. For > >instance, what kept ALL pc's on that transformer circuit from waking up? > > > >But, I am low on the knowledge base totem pole. What say ye, experts? > > > >Thanks! > > > >Shawn > > -- ------------------------------------------------------------------------- People sleep peaceably in their beds at night only because rough men stand ready to do violence on their behalf. - George Orwell ------------------------------------------------------------------------- 4646 From: Date: Fri Jan 25, 2002 6:20am Subject: Re: Statistics In a message dated 1/25/02 8:02:50 AM Pacific Standard Time, hawkspirit@e... writes: << http://www.ipg-protect.com/doc094.htm Our TSCM statistics last updated - October 2001 In 19% of these investigations, one or more actual functioning electronic devices were discovered and removed by our technicians, or we were able to verify a non-electronic compromise of confidential proprietary information. >> Interesting statistics. 4647 From: Aimee Farr Date: Fri Jan 25, 2002 0:00pm Subject: RE: A spy's remorse - students should think twice about joining 'The Agency' > http://www.woza.co.za/jan02/cia24.htm > > A spy's remorse - students should think twice about joining 'The Agency' Anti-intelligence propaganda seems to be a hot item lately. Recent juror poll on surveillance and faith/trust in institutions: "Some 67 percent of those polled say they favor increased wiretap and Internet surveillance powers. Support on the issue broke down by age group, with 54 percent of potential jurors older than 65 supporting broader powers as compared to only 24 percent support among jurors between the ages of 18 and 24." FYI, in 1965, 61 percent of the American people approved Vietnam and only 24 percent were opposed. (The domestic scene went to Hell shortly thereafter.) At age 10, 60s radicals were watching the Mouseketeers. At age 10, the youth cohort mentioned above was playing a game called "Mortal Kombat." Polling on faith in federal institutions: http://pollingreport.com/institut.htm#Federal The unpredictability of our environment makes these statistics somewhat concerning. ~Aimee "You never beat us on the battlefield." "That may be so. But it's also irrelevant." 4648 From: Steve Uhrig Date: Fri Jan 25, 2002 1:13pm Subject: Re: Un-identified problem Once upon a midnight dreary, Brad Hayes pondered, weak and weary: > Prior to moving a couple of months ago, someone was ringing > her doorbell early in the morning on a fairly consistent > basis. She moves to the opposite side of town and the very > next morning, her doorbell rings, again early in the > morning.(6:00 a.m). A couple of days ago,she contacts me and > says her doorbell rang on Sunday morning (8:00 a.m.) but > nobody is at the door. Since it is unlikely she would move her doorbell from one house to the other, it seems highly unlikely any technical problems relating to the doorbell hardware would be the cause. Falsing a doorbell is extremely unlikely to start with. For it to happen in two different locations is practically beyond statistical probability. And since your video did not reveal anyone pushing the doorbell, this would indicate the problem is between her ears. Has anyone other than your client heard the doorbell ring at both locations at these weird hours? Almost certainly the answer is no. If you wanted to pursue it, you could put a min/max recording DVM (recent Fluke 87-III with time/date stamp) across the doorbell to see if any power is applied when it allegedly rang. The only possibility I can see is if the woman lives with someone hostile who is causing the bell to ring from inside the house, or possibly from outside with a short range radio link. Even though she moved and the very next morning heard the bell ring, how long might someone (son, husband) have had access to the new place before she moved in, to wire it. There was one instance of something vaguely related where the son wanted to have the mother committed for some reason or another. But situations like this are extremely rare, where mysterious phenomenon actually are manmade occurrences. Far more often, the problem is not physical in nature, but psychological. Many of us have had this sort of call, and beyond a certain point, that point being when signs point to the problem being in the client's head, you have to question whether you are acting ethically in continuing to work on the case and, especially, taking money for doing so. If you can calm her fears and give her the warm fuzzies in a kind manner, this likely is the best course of action. In any case, it probably would be wise to discontinue any involvement. People like this can be real energy soaks, and that is not the way to earn a living. Also, keep in mind, lunatics many times eventually get the attention of the authorities by wearing them down until they assign someone to research the matter so they can justify closing the case. You do not want to develop the local reputation with authorities of taking advantage of the lunatic by accepting money from him/her/it when signs seem pretty clear the person is a nut case. When I do mercy sweeps (one where the client is insisting on spending money, so I do the work just to make sure they get the real thing and are not totally ripped off), I charge a token amount. If I would do it for free, I would not be respected. If I charge a token amount, my conscience as well as my legal exposure is clear. When the lunatic goes to the authorities and mentions you swept them, you don't want the authorities asking you why you took advantage of the obvious lunatic by taking their money. It has happened to me, more than once. My reply is: Look. here are some recent (sanitized) invoices for the identical work showing I charge X thousands of dollars for similar work. I charged Miss Lunatic 5% of that amount. Is that taking advantage? Cover your six, always, in matters like this. Once I was accused of murder for not finding a bug which the lunatic was certain was there, therefore the stress created by being bugged which caused the father of Miss Lunatic to have a stroke was my fault. I was obviously incompetent because I didn't find the bug, so I get sued. Good thing I was able to demonstrate I was competent in TSCM and charged only a token amount, or I could have wasted a ton of money fighting crap like this. My contract now covers things like this without directly mentioning lunatics. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 4649 From: Steve Uhrig Date: Fri Jan 25, 2002 3:12pm Subject: Excellent Frequency Allocation Chart Hi all, Here: http://www.ntia.doc.gov/osmhome/allochrt.pdf is an excellent, color, frequency allocation chart. Extremely detailed. A product of our tax dollars. If you have a color printer, it would be most useful. I am not sure how it would look printed in B&W. It would be a good thing to print and keep in one of the accessory pouches in one of your pieces of sweep gear. Or if you carry a laptop on sweeps, you could merely save the file to your local drive and call it up on the screen when needed. The chart likely would have some small (or large) differences in countries other than the U.S. It is in Adobe, so you will need that reader installed to open the file. i encourage anyone with earlier versions of Adobe Acrobat reader used for viewing PDF files ( versions prior to V5.00) to upgrade. The latest version of the free reader includes some nice features not available in earlier versions. www.adobe.com. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 4650 From: Guy Urbina Date: Fri Jan 25, 2002 0:23pm Subject: Re: Un-identified problem Hi Brad, What type of doorbell system does the young woman have? Some wireless units can be falsely triggered. I had an idea that you could possibly gather some data by triggering your cameras whenever the doorbell rings. Or time stamp the doorbell and look for the event on video. Another idea, if you have the equipment, is to capture an event by monitoring the spectrum when the doorbell rings and look for spikes. Of course, this is to determine whether the actual culprit is the stalker and not some transient RF anomaly. best regards, -Guy 4651 From: enemyatthegate007 Date: Thu Jan 24, 2002 10:32pm Subject: hello my name is james jones an im new to the group.id like to say thanxs to the host for allowing me to be here.im so impressed by the survalliance field.its huge in knowledge and education.my hats off a thousand times to the operators in this field.im trying to get my feet wet but i cant fathom the education of it(huge).im an executive protection specialist(bodyguard) and i try to stay knowledgable in a lot of fields.if anyone has any tips please let me know. sincerely, james jones EPS www.bodyguardinc.com 4652 From: Steve Uhrig Date: Fri Jan 25, 2002 10:27pm Subject: Re: Damage To Electronic Equipment Once upon a midnight dreary, Greg H. Walker, Attorney At Law pondered, weak and weary: > I apologize if this has been posted before, however, I received > this info today from a Project Manager at NASA who is a friend. > Subject: Be careful shipping electronic parts through the mail Here is info sent to contractors of the FBI: ====================== The U.S. Postal Service (USPS) advised that certain types of incoming U.S. Government mail in zip code range 202-205 will continue to be for the foreseeable future irradiated in Lima, Ohio. As you are aware, FBIHQ's Zip Code is 20535, which falls in the category of mail being targeted for irradiation. The USPS advised that mail being irradiated include letters, flats, express and priority mail with stamps for postage, as well as other packages with stamps for postage. Mail from known mailers is not being irradiated, which includes USPS Express mail with meter strips or corporate accounts, priority mail with meter strips or permit indicia, all registered mail and bulk quantity mail such as catalogs and magazines. Because of the effects of irradiation, the USPS recommends that the following items should not be irradiated: Magnetic media (credit card, floppy disk, CD-ROM, etc); Plastics sensitive to heat and radiation warping that is a component of a device or instrument; Bacterial growth media for research and industry; Chemical and biochemical compounds for research and for industrial use; Electronics (to be evaluated); Organic clothing: silk, cotton, wool (need further analysis); Prescription or non-prescription pharmaceuticals; Vitamins; Baby formula; Photographic film (exposed and unexposed); Photosensitive film and paper; Consumer electronics; Clinical laboratory samples (biomedical) for analysis; Forensic evidence for analysis; Germinative matter (seeds, cuttings); Heat sensitive materials to include colorimetric heat tabs; Legitimate bacterial, viral, yeast (baking industry) and other cultures for medical, research and industrial use; Living matter, either plant or animal; Luminous material; Medical diagnostic kits and reagents; and Urine samples for drug analysis. Should you need to send correspondence or other items to U.S. Government facilities located in the above zip codes, you are to seek another method of shipment. Alternatives include USPS express mail with meter strips or corporate accounts, priority mail with meter strips or permit indicia, registered mail or private shipping companies such as FedEx, UPS, DHL, and Airborne. Significant backlogs are occurring at the USPS as a result of the irradiation process. These backlogs will continue for the foreseeable future until an additional irradiation facility is tested and opened in Bridgeport, New Jersey. =============== Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" *******************************************************************