Sigillu

Secure Communications

Uribe blames wiretap scandal on plot by ‘mastermind’

Colombian President Alvaro Uribe says that a “mastermind” has been “plotting against the government in the issue of illegal wiretaps,” following reports by Semana magazine which implicated the government in the wiretapping scandal enveloping security agency DAS.

The information obtained by Semana indicates that the results of illegal wiretapping of Colombian judges, politicians, journalists and trade unionists were reported to the government. A former official in DAS’s analysis department alleges that he “received orders with the objective of working on issues that were sensitive for the government.”

Uribe claims that the allegedly incriminating documents presented to Semana by DAS officials featured forged signatures, such as that of the president’s lawyer, Jaime Lombada, who Uribe says was “astonished” by the news.

“Where is the proof that the president of the republic or the palace officials have given an illegal order? Who had given it? And when? There is all this pursuit to discredit the government,” Uribe said on radio station, Ondas del Meta.

The president said that on another occasion “someone from DAS delivered a tape to Semana magazine, which featured a DEA agent talking to an assistant court judge, to discredit the government.”

“Why are they doing this illegal recording and immediately taking it to the media to try to discredit the government? How do they that?” the president asked…

May 24, 2010 Posted by | Uncategorized | Leave a comment

Protestan en Italia contra decreto que limita escuchas telefónicas

Cientos de personas protestaron hoy ante el Parlamento italiano contra un decreto de ley que prevé multas y penas carcelarias para diarios y periodistas que publiquen escuchas telefónicas realizadas durante investigaciones judiciales.

“El gobierno busca una sola cosa: debilitar la actividad indagatoria, en especial contra la mafia y la corrupción, imponiendo el oscurecimiento mediático sobre todo cuando el caso involucra al poder y sus negocios”, dijo el eurodiputado Luigi De Magistris, quien apoya la protesta.

El decreto de ley en cuestión, cuya discusión se reiniciará el lunes próximo en el Senado, prevé limitar el uso de escuchas telefónicas en las indagaciones judiciales y de la policía.

En particular, contempla que las intercepciones de conversaciones telefónicas sean autorizadas solamente “en presencia de graves indicios de delito” y si resultan “absolutamente indispensables” para las investigaciones.

Para los magistrados lo anterior carece de sentido pues, han dicho, si existen “graves indicios” de delito, se procede al arresto y no a las escuchas.

El decreto también prevé multas de hasta 500 mil euros (unos 600 mil dólares) para los periódicos que publiquen las escuchas.

Para los periodistas se contemplan multas de unos 20 mil euros (unos 30 mil dólares), dos meses de cárcel y la suspensión temporal de la licencia para ejercer la profesión.

Las asociaciones de periodistas y magistrados se han movilizado contra la iniciativa, al tiempo que el subsecretario de Justicia estadunidense, Lanny A. Brauer, la criticó.

“No quisiéramos que sucediera algo que impidiera a los magistrados italianos hacer su óptimo trabajo: las interceptaciones son un instrumento esencial para las investigaciones y el combate a la mafia”, señaló en rueda de prensa en la embajada estadunidense en Roma.

Brauer dijo que “Italia ha hecho grandes progresos en las investigaciones y en la persecución de grupos mafiosos que operan dentro de sus fronteras”.

Por su parte, medios de comunicación, como periódicos o la televisora Sky, han anunciado que impugnarán ante diversas cortes europeas el decreto, en caso de que sea aprobado.

La normativa también vetaría las grabaciones televisivas de un juicio si al menos una de las partes se opone.

El decreto ha sido presentado luego de las recientes publicaciones por la prensa de interceptaciones telefónicas que han destapado casos de corrupción en la política o el mundo del deporte.

Asimismo la prensa ha dado a conocer escuchas comprometedoras contra el primer ministro Silvio Berlusconi, como conversaciones en las que la prostituta de lujo Patrizia D’Addario confirmaba haber sido pagada para entretenerlo.

“Muchos italianos han sufrido la barbarie de ver noticias privadas publicadas en las primeras planas de los periódicos sin ningún filtro. Esta barbarie debe acabar”, declaró a su vez el canciller, Franco Frattini.

May 22, 2010 Posted by | Uncategorized | Leave a comment

Blackberry Debuts in Russia |

http://www.mobilemarketingmagazine.co.uk/content/blackberry-debuts-russia?quicktabs_1=0

Russian network operators MTS and Vimpelcom have announced that two-year negotiations with Blackberry maker Research In Motion (RIM) and with the FSB (the former KGB) have been successfully completed.
The bottleneck was e-mail encryption and the FSB. The FSB was requesting access to the Blackberry e-mail encryption code, while RIM was unwilling to provide code for decryption. But a compromise solution has been reached. For Russian users, a Blackberry server will be installed not on the client side, as anywhere in the rest of the world, but on the mobile carrier side. And Russian enforcement agencies will be able to monitor the traffic. All Russian telecom companies are required by law to have a so-called SORM (System of Operative Investigative Activities) system to provide enforcement bodies with access to monitoring voice and data traffic.
MTS and Vimpelcom have each been granted permission to import into Russia 300 Blackberry 8800s, 300 Blackberry 7290s, 480 Blackberry 8700Gs, as well as the Blackberry Enterprise Server v4.1.
The third largest Russian mobile operator, MegaFon, has announced a competing service called MegaSync. This also allows users to receive e-mail on their mobile with online data encryption, but does not require the user to use a specific device. The service is based on Nokia Intellisync technology. It is currently available on seven Nokia business mobile and soon will be available on over 100 mobile phones and PDAs from various manufacturers.

May 21, 2010 Posted by | Uncategorized | Leave a comment

U.S. organizations face the highest data breach costs

Organizations in the United States incurred the highest costs associated with data breaches last year compared to businesses located in other countries, according to a report released Wednesday by the Ponemon Institute.

The report assessed the costs of activities resulting from more than 100 data breach incidents affecting organizations in the United States, U.K., Australia, France and Germany. Breach costs were much higher for organizations located in countries with notification laws, such as the United States, according to the study.

In the United States, where 46 states have enacted laws mandating customers be alerted if their personal information has been exposed, breach costs were 43 percent higher than the global average.

“In the U.S., we have strict state notification laws,” Larry Ponemon, chairman and founder of the Ponemon Institute, told SCMagazineUS.com on Monday. “Notification over time has become part of what we do. In other countries, there might not be mandatory notification.”

The global average cost of a data-loss incident was $3.43 million last year, or $142 per compromised record. The average cost for U.S. organizations was $6.75 million or $204.

“That’s a pretty healthy sum of money to have to commit to something you didn’t anticipate,” Ponemon said.

In Germany, which in 2009 passed an amendment to its Federal Data Protection Act requiring organizations to publicly announce breaches and notify victims, costs were second highest at $3.44 million, or $177 per lost record.

In comparison, in the U.K., where only public-sector and financial organizations are mandated to disclose breaches, such incidents cost $2.57 million, or $98 per record lost, which is 44 percent lower than the global average and less than half the expense incurred by U.S. organizations. In Australia and France, which currently lack data breach notification laws, costs also were below average.

“It’s perhaps no surprise that, in the U.S., where data protection laws are both stringent and mature, the financial fallout of a breach is at its most severe,” Jonathan Armstrong, technology lawyer at Duane Morris, said in a statement. “However, the relatively low levels of expense incurred by British firms may raise a few eyebrows. With the U.K. Information Commissioner’s Office [an independent privacy watchdog organization, sponsored by the British Ministry of Justice] toughening its stance on data protection, imposing hefty fines and scrutinizing more and more organizations, it will be interesting to see how steeply U.K. costs rise in the future.”

Researchers believe that as other countries enact breach notification laws, costs associated with such incidents will increase, according to the report.

Lost business was universally the greatest contributor to costs associated with breach incidents, accounting for 44 percent of costs. The cost of lost business was higher than average for U.S. firms, accounting for 66 percent of overall breach expenses.

Other costs included activities to detect and investigate the breach, to notify victims and to provide credit monitoring services. U.S. firms also paid more than those in other countries to notify breach victims – $15 per compromised record, compared to $10 in the U.K., $9 in Germany, $6 in France and $4 in Australia, the report showed.

May 13, 2010 Posted by | Uncategorized | , , , , , , , , , , , , , , , , , , , | Leave a comment

Legal spying via the cell phone system

Two researchers say they have found a way to exploit weaknesses in the mobile telecom system to legally spy on people by figuring out the private cell phone number of anyone they want, tracking their whereabouts, and listening to their voice mail.
Independent security researcher Nick DePetrillo and Don Bailey, a security consultant with iSec Partners, planned to provide details in a talk entitled “We Found Carmen San Diego” at the Source Boston security conference on Wednesday.
“There are a lot of fragile eggs in the telecom industry and they can be broken,” Bailey said in an interview with CNET. “We assume the telecom industry protects our privacy. But we’ve been able to crack the eggs and piece them together.”
The first part of the operation involves getting a target’s cell phone number from a public database that links names to numbers for caller ID purposes. DePetrillo used open-source PBX software to spoof the outgoing caller ID and then automated phone calls to himself, triggering the system to force a name lookup.
“We log that information and associate it with a phone number in a (caller ID) database,” DePetrillo said. “We created software that iterates through these numbers and can crawl the entire phone database in the U.S. within a couple of weeks… We have done whole cities and pulled thousands of records.”
“It’s not illegal, nor is it a breach of terms of service,” Bailey said.
Next up is matching the phone number with a geographic location. The SS7 (Signaling System) public switched network routes calls around the world and uses what’s called the Home Location Register to log the whereabouts of numbers so networks can hand calls off to one another, DePetrillo said. Individual phones are registered to mobile switching centers within specific geographic regions and they are logged in to that main register, he said.
Only telecom providers are supposed to have access to the location register, but small telcos in the EU are offering online access to it for a fee, mostly to companies using it for marketing data and cost projections, according to DePetrillo.
“Using previous research on the subject as a starting point, we’ve developed a way to map these mobile switching center numbers to caller ID information to determine what city and even what part of a city a phone number is in” at any given moment, he said. “I can watch a phone number travel to different mobile switching centers. If I know your phone number, I can track your whereabouts globally.”
For instance, the researchers were able to track a German journalist talking to a confidential informant in Serbia and follow his travels back to Germany, as well as obtain the informant’s phone number, Bailey said.
Bailey said he had contacted telecom providers with the information on how industry outsiders were able to get to information believed to be privileged to the providers, but said the hands of GSM providers in the U.S. are tied.
“The attack is based on the assumption of how the networks work worldwide,” he said. “For interoperability and peer sake, the larger providers in the U.S. have to hand out the information to other providers.”
Asked what cell phone users can do to protect themselves, Bailey said, “people are just going to have to be made aware of the threat.”
It’s also relatively easy to access other people’s voice mail, a service that’s been around for years from providers like SlyDial. They operate by making two nearly simultaneous calls to a target number, one of which disconnects before it is picked up and another that goes straight into voice mail because of the earlier call. This enables the caller to go directly to voice mail without the phone ringing. DePetrillo and Bailey re-created that functionality for purposes of their legal spying scenario.
“If I want to find Brad Pitt, I find his number using the caller ID database, use Home Location Register access to figure out what provider he has. T-Mobile is vulnerable to voice mail spoofing so I get into his voice mail and listen to his messages,” said DePetrillo. “But I can also have the system tell me the numbers of the callers and I can take those numbers and look them up in the caller ID database and use the Home Location Register system to find their providers and break into their voice mail, and so on.”
This can allow someone to make a social web of people, their cell numbers, the context of their voice mail, and their relationships to others, he said.
“These attack scenarios are applicable to corporations and individual users alike,” DePetrillo said. “Corporations specifically should start to take a look at their security policies for executives as this can impact a business very hard, with insider trading, tracking of executives, etc.”

May 13, 2010 Posted by | bugging devices, cellular phone, countersurveillance, eavesdrop, encryption, English, illegal, mobile, phone tap, privacy, security, spy, surveillance, tap, technology, text message, Uncategorized, wireless, wiretap | | Leave a comment

Uribe descarta que haya ordenado realizar seguimientos y escuchas ilegales

El presidente de Colombia aseguró que “jamás” ha pasado por su mente pedir al Departamento Administrativo de Seguridad que haga “cosas contrarias a la ley”.

El Espectador.com

“Una cosa es pedir resultados, como los pido yo, y otra cosa es pedir que se hagan cosas mal hechas, que se viole la ley”, sostuvo el mandatario.

Bogotá. El presidente de Colombia, Álvaro Uribe, reiteró que nunca ordenó a la central estatal de inteligencia, (DAS), hacer escuchas y seguimientos ilegales contra magistrados, políticos, periodistas y defensores de derechos humanos, como han declarado algunos testigos ante la Fiscalía.

“Una cosa es pedir resultados, como los pido yo, y otra cosa es pedir que se hagan cosas mal hechas, que se viole la ley”, sostuvo el mandatario.

Uribe aseguró que “jamás” ha pasado por su mente pedir al Departamento Administrativo de Seguridad que haga “cosas contrarias a la ley” , al subrayar que ha procurado “dar buen ejemplo” exigiendo “eficacia y transparencia” en sus ocho años de Gobierno, que terminará el próximo 7 de agosto.

“Yo les he preguntado (a los funcionarios del DAS) que, si en mis gestos, en mis palabras, en mis ademanes, en mi lenguaje verbal, les he hecho la insinuación de hacer algo contrario a la ley, díganme”, remarcó el gobernante.

Link

May 12, 2010 Posted by | Colombia, escuchas telefonicas, espionaje, ilegal, intercepcion, privacidad, seguridad, Spanish, Uncategorized | Leave a comment

Encryption Software Business Development Manager

Gold Lock 3G is the preferred solution for thousands of users around the world.

Here’s why:

Licensed by the Israeli Ministry of Defense, Gold Lock 3G is a world-class software-based solution providing military-grade encryption for voice and data communications.

Gold Lock’s triple layered security scheme turns your PC/laptop, Nokia phone, iPhone, Blackberry or Windows mobile device into a military grade encrypted communicator, protected against any interception attempt by private, governmental or military entities.
————————————————————————————–
Position details:
Currently seeking sales professionals to sell the Gold Lock line of products to the security and information security industry.
* No territorial limits inside the US and Canada
* Company generated leads
* Responsible for outgoing calls and lead generation
* Min sales experience 5 years
* Excellent verbal skills
* Excellent computer skills
* Must speak fluent English
* Cell phone, software, and/or encryption experience a plus.
* 14% commission ($10,000 minimum sales volume)
————————————————————————————–
Please review the following websites to familiarize yourself with the products.
Do not register for either website as these are used for sale leads.
http://www.gold-lock.com
http://www.sigillu.com

Email inquiries to: rorym@gold-lock.com

May 12, 2010 Posted by | Canada, security, technology, Uncategorized, USA | Leave a comment