From: Charles P Date: Sun Jan 14, 2001 11:28pm Subject: Re: What would YOU do? I can give you one scenarios that is not exactly what you described but may be worth consideration. A potential client called wanting a sweep of his home office. He said he was not sure if there even was a need for a sweep but was just concerned about his privacy. He wanted to know if I could come out and do a "small sweep". I explained that there really is no such thing. Since he seemed sincerely concerned, just undecided, so I offered to meet with him on a consulting basis for a few hours at a much smaller fee. I would look over his situation, explain typical problems and where he seems to be most vulnerable. I would also explain in greater detail what a full sweep would be able to do for him. He was very pleased with that suggestion and immediately accepted. He has not contacted me for a full sweep, but I don't think he really needed one either. But he does have my name and appreciated my service. A "small sweep" is like putting an alarm on only the front door of your house, since the burglars in your neighbor hood are rather lazy and you think that's the simplest place for them to enter. Charles Charles Patterson charles@t... Global Communications Tarrytown, NY www.telephonesecurity.com ----- Original Message ----- From: "1RCM" <1RCM@M...> To: "TSCM List - Post" Sent: Sunday, January 14, 2001 10:33 AM Subject: [TSCM-L] What would YOU do? > Hi List, > > Let's see if we can't spawn some creative debate here. Many on this list > have run across these type instances which fall right in that blurry area > somewhere between standing on true ethics and paying the bills. What do YOU > do?? Ah yes, before you consider both scenarios think back to all of the > debate that has taken place on this list over the past year relating to > professionals vs. charlatans; just what constitutes performing a proper > sweep; enlightening a potential client; fees vs. services performed; etc., > etc. Then respond honestly! > > Scenario #1 ..... You are contacted by a potential client who feels that > he/she has reason to have a sweep done. During the discussion that follows > you are convinced that a sweep is legitimately needed, but also that the > potential client does not have the foggiest idea of what is involved. And so > you do a bit of education before you quote a fee. At the end of the > discussion the client states that he/she fully understands what you have > explained but has reached this decision: "Instead of the 6 hours that you > quoted I want you to do the best that you can in 2 hours with your fee being > reduced accordingly. I understand what you have explained to me and I accept > the fact that I will be receiving less than what you recommend - but as the > client that's my decision to make". > > Now remember that the office copy machine needs repair and you could use > those few extra $$$'s to buy that new piece of equipment you want - all to > the tune of about what you would make doing this 'mini-sweep'; the location > is only 15 minutes from your office; you are satisfied that the client is > making an 'informed decision'; and you have absolutely nothing work-wise > going on the next day. What would YOU do??? > > Scenario #2 ...... You are contacted by a PI firm regarding handling a > referral job. After a discussion regarding your services, fees and > recommendations they want you to do: " a check of a hotel meeting room for > transmitters and a quick look-around with a flashlight - bring just your sp > ectrum analyzer, your CPM-700, your Opto Xplorer, or what ever you told us > you have that you want to use, and your flashlight - we want this done very > low-keyed. And you will only have about an hour alone in the room". After > explaining your feelings regarding doing 'proper' sweeps the PI that you are > talking to states emphatically that it is he who has been retained to look > after the best interests of the client; no, you may not speak with the > client; he is making his request based upon an investigation that he is > conducting for the client; and yes, it is his neck on the line and not yours > as the client will not know who you are. However, at the end of this > discussion you are not really sure whether or not the PI fully understands > what you had attempted to explain to him regarding TSCM and you have this > lingering feeling that he is to a high degree basing his request on what he > is willing to pay out of his billable fee for your services. But still, he > is offering a decent buck for the work that you will actually have to do. > > Same conditions exist for this one as for the scenario above. What do YOU > do???? > > Respond or not; do it on or off list; included your name or be anonymous - > your choice. I'm not trying to embarrass anyone or to pry. I have my own > reasons for posing these questions. But I truly believe that the diverse > answers - and accompanying debate - that hopefully will be generated can > benefit us all. > > > Bob Motzer > 1RCM@M... > > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.onelist.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > 2313 From: Craig Snedden Date: Mon Jan 15, 2001 4:13am Subject: Re: What would YOU do? Now now boys! I'd have to agree with Miguel and Hoffman to a broad degree. I'm also a great believer in pride in the job and ethics, but being too stuck up your own .... never paid any bills! What is ethically wrong in taking the job, but only after explaining to the "client" that a sweep comes with no guarantees (something you should do anyway) and that any reduction in your service will only serve his fiscal needs and lead to a false sense of security. If the client is willing to accept that, and you have the appropriate riders on paper, signed by him, then go ahead, take his money. By the way, where do we get off calling each other "whores"? "Providing a service in return for money" isn't that what we all do? Maybe there are too many out there who can afford to sit back and be picky about what work they do and don't? :-) [Non-text portions of this message have been removed] 2314 From: Hoffman Date: Mon Jan 15, 2001 0:14pm Subject: Re: Re: What would YOU do? ---------------------------------------------------------- SWS> Why is this not the definition of a whore? Yes, and also the alternative definition of capitalism and entrepreneurship. -------------------------------------------------------- SWS> What does YOUR need for money have to do SWS> with whether you do an honest job or not? The scenario which was described has nothing whatsoever to do with a so-called "honest job." Dishonesty is when you deceive people either intentionally, or sometimes it can apply when your involves in a trade which your not qualified for, and attempt to pass yourself off as qualified. There is absolutely no dishonesty in doing a "half-assed job" provided you have made it clear to the customer in both writing, and verbally that what they are requesting (i.e. the economy job for half price) has it's consequences and that you feel that performing the service in such a manner may lead to substandard results. Treat these clients like the adults that they are! It's pretty damned self righteous, patronizing, and outright insulting to me, that anyone feels as if need to "baby" these customers with the "I'm doing this for your own good" mentality. As customer, it's their decision, and your only obligation in terms of professional integrity is to be as accurate and straightforward as possible. I'm not implying that one needs to do a job every time some customers say's "Hey look, I'd like the $800.00 economy special sweep job." If it's not worth it to you; then dont do it. It's your call and your business. However, what perturbs me in regards to this particular discussion is there is a blurry line to be crossed when you use your influence to set up an arbitrary "code of ethics" for an entire industry. In my opinion, it is just as dishonest to "smear" otherwise honest security professionals just because some professionals choose not to treat their customers like children (much like our politicians think they can do... everytime they pass another regulation for our own good... because they know better.) -------------------------- SWS> Having pride in one's work and trying to be the SWS> absolute best at what you do is a sign of a quality SWS> practitioner. Some of us strive for that constantly. SWS> What do you propose -- strive to be mediocre? And of course... the ultimate point gets missed. Your in business no doubt for a variety of reasons. People in this particular field, usually love their work, so no doubt that there must go along with it a self satisfaction, and an arbitrary set of standards which one adheres to. You want to run a quality service, and be known as a quality guy. However, the flip side of the coin is the customers NEEDS. They called you because they either want or need a service. You are there to serve the customer. If you feel the customer is a scumbag; you just walk away; as is the case in any line of work. However, I think professional who claims that they are "helping their customer" by refusing to do a job simply because they cant get their way, that professional clearly has ulterior motives and is placing their real or imaginary reputation ahead of the immediate needs of the customers. If you want it that way; fine.... but dont impose that mentality on the entire profession. Most professionals in any industry realize that business is a compromise, and different customers have different economic means, and different job requirements. Not everyone needs the ultra-deluxe $5,000+ TSCM service. I see no dishonest in providing an appropriate service for the appropriate fee. The hypothetical question posed by the original poster as far as I am concerned, is open to great interpretation. I'm not implying that one should "wave the magic boxes around the room and declare the room is clean." Rather, I think it's perfectly honest simply to perform a "limited" service, where your just checking for a few specific threats, as opposed to an all-inclusive job where you drag out all the equipment. It should be made clear to the customer that a "limited service" has it's consequences, and not all potential threats can be detected. There is obviously a threshold where doing a job is clearly a waste of time (i.e. if the customer tells you to go sweep the place with a Radio Shack frequency counter; THAT is a waste of time...) but theres nothing dishonest about performing a limited service. Looking at this from a logical perspective, it is totally impossible to honestly claim that a clients premise is vulnerability and threat-free; regardless of how thorough your service is. Therefore, no matter how much equipment and manpower you decide to use on the job; there will never be a 100 percent certainty as to threats. Hence, that being the case... there is nothing wrong with doing "limited-sweeps" (i.e "economy sweeps") because in essence, all sweeps are limited in some manner. 2315 From: Bcrews Date: Mon Jan 15, 2001 2:49pm Subject: ECS vs. TSCM I was recently reading an article that made a distinction between ECS (electronic countermeasures) equipment versus TSCM (technical surveillance countermeasures) equipment. I am familar with the later but am unsure about the former. Comments? Bill C. 2316 From: Date: Sun Jan 14, 2001 6:14pm Subject: Re: The Football Check out the dcurrent edition of MAXIM--a men's magazine. They give a very complete breakdown of what is allegedly inside. Also, some nice phoographs of it. 2317 From: Miguel Puchol Date: Mon Jan 15, 2001 4:47pm Subject: RE: ECS vs. TSCM ECS, more commonly known as ECM, are used in military weapon systems, like combat aircraft. They range from passive target spoofing to active radar & communications jamming. You may check out Jane's for some examples of this equipment, like the ECM pods used in the F-16. Cheers, Mike > -----Mensaje original----- > De: Bcrews [mailto:bcrews@s...] > Enviado el: lunes, 15 de enero de 2001 21:49 > Para: TSCM-L@egroups.com > Asunto: [TSCM-L] ECS vs. TSCM > > > I was recently reading an article that made a distinction > between ECS (electronic countermeasures) equipment > versus TSCM (technical surveillance countermeasures) equipment. > I am familar with the later but am unsure about the former. > Comments? > > Bill C. > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.onelist.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > 2318 From: James M. Atkinson, Comm-Eng Date: Mon Jan 15, 2001 5:03pm Subject: Re: What would YOU do? At 12:28 AM -0500 1/15/01, Charles P wrote: >I can give you one scenarios that is not exactly what you described but may >be worth consideration. > >A potential client called wanting a sweep of his home office. He said he >was not sure if there even was a need for a sweep but was just concerned >about his privacy. He wanted to know if I could come out and do a "small >sweep". I explained that there really is no such thing. > >Since he seemed sincerely concerned, just undecided, so I offered to meet >with him on a consulting basis for a few hours at a much smaller fee. I >would look over his situation, explain typical problems and where he seems >to be most vulnerable. I would also explain in greater detail what a full >sweep would be able to do for him. > >He was very pleased with that suggestion and immediately accepted. He has >not contacted me for a full sweep, but I don't think he really needed one >either. But he does have my name and appreciated my service. > >A "small sweep" is like putting an alarm on only the front door of your >house, since the burglars in your neighbor hood are rather lazy and you >think that's the simplest place for them to enter. > >Charles > >Charles Patterson >charles@t... >Global Communications >Tarrytown, NY >www.telephonesecurity.com I usually tell such a client that the minimum amount of time that I charge for any work on site is four hours. In such cases it gives me just enough time to unpack a small amount of gear and check for anything obvious, with only a bare minimum of protection being offered. It doesn't matter to me if I have to drag out some equipment of not, I still charge the same four hour minimum any time I have to go somewhere, or do something away from the office. If the client only wants a one hour consultation fine, I'll do it over the phone where I bill in 15 minute blocks of time (but not in person). Personally, I prefer to have at least 12 hours on-site for any sweep work, and like to spend about half the time of any sweep just doing the radiated and conducted signals analysis. -jma -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2319 From: James M. Atkinson, Comm-Eng Date: Mon Jan 15, 2001 6:25pm Subject: Re: What would YOU do? Yes, it works out to be one person for 12 hours, and I would point out that for each person you add to the team you only get an productivity increase of about 30-35% and not an actual doubling. I only utilize extra people if the sweep will involve more then 36 hours of time (three sweep days) as the extra people tend to be much disruptive and much less covert. In cases where the time on target is limited, or when heavy furniture has to be moved I will use extra help (but no more then three or four extra people). I call it a "-3 dBnerd rule", which cuts the secrecy and security of the sweep in half for each extra nerd you involve in the sweep. I also have a "-6 dBclient rule" where each of the clients employees that are involved in the sweep drop the secrecy by a factor of four. When the client contacts me via his cell phone the "-40 dBcellular rule" kicks in, and if he is calling from a suspect phone or from within the suspect facility a "-110 dBdumbass rule" applies. -jma At 10:58 AM +1100 1/16/01, Mike Dever wrote: >Jim > >Is that 12 hours on site for one person? > >Typically our minimum would be four hours with a two or three man team which >equates to 8-12 man hours total on site. > >Regards >Mike Dever CPP > > >"James M. Atkinson, Comm-Eng" wrote: > >> At 12:28 AM -0500 1/15/01, Charles P wrote: >> >I can give you one scenarios that is not exactly what you described but may >> >be worth consideration. >> > >> >A potential client called wanting a sweep of his home office. He said he >> >was not sure if there even was a need for a sweep but was just concerned >> >about his privacy. He wanted to know if I could come out and do a "small >> >sweep". I explained that there really is no such thing. >> > >> >Since he seemed sincerely concerned, just undecided, so I offered to meet >> >with him on a consulting basis for a few hours at a much smaller fee. I >> >would look over his situation, explain typical problems and where he seems >> >to be most vulnerable. I would also explain in greater detail what a full >> >sweep would be able to do for him. >> > >> >He was very pleased with that suggestion and immediately accepted. He has >> >not contacted me for a full sweep, but I don't think he really needed one >> >either. But he does have my name and appreciated my service. >> > >> >A "small sweep" is like putting an alarm on only the front door of your >> >house, since the burglars in your neighbor hood are rather lazy and you >> >think that's the simplest place for them to enter. >> > >> >Charles >> > >> >Charles Patterson >> >charles@t... >> >Global Communications >> >Tarrytown, NY >> >www.telephonesecurity.com >> >> I usually tell such a client that the minimum amount of time that I >> charge for any work on site is four hours. In such cases it gives me >> just enough time to unpack a small amount of gear and check for >> anything obvious, with only a bare minimum of protection being >> offered. >> >> It doesn't matter to me if I have to drag out some equipment of not, >> I still charge the same four hour minimum any time I have to go >> somewhere, or do something away from the office. If the client only >> wants a one hour consultation fine, I'll do it over the phone where I >> bill in 15 minute blocks of time (but not in person). >> >> Personally, I prefer to have at least 12 hours on-site for any sweep >> work, and like to spend about half the time of any sweep just doing >> the radiated and conducted signals analysis. >> >> -jma >> >> -- >> >> ======================================================================= >> Sed quis custodiet ipsos Custodes? >> "In a time of universal deceit, telling the >> truth is a revolutionary act" - George Orwell >> ======================================================================= >> James M. Atkinson Phone: (978) 546-3803 >> Granite Island Group Fax: (978) 546-9467 > > 127 Eastern Avenue #291 http://www.tscm.com/ >> Gloucester, MA 01931-8008 jmatk@t... >> ======================================================================= >> The First, The Largest, The Most Popular, and The Most Complete TSCM, >> Technical Security, and Counterintelligence Site on the Internet. >> ======================================================================= >> >> ======================================================== >> TSCM-L Technical Security Mailing List >> "In a multitude of counselors there is strength" >> >> To subscribe to the TSCM-L mailing list visit: >> http://www.onelist.com/community/TSCM-L >> >> or email your subscription request to: >> subTSCM-L@t... >> =================================================== TSKS -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2320 From: James M. Atkinson, Comm-Eng Date: Mon Jan 15, 2001 6:47pm Subject: Re: What would YOU do? At 10:13 AM +0000 1/15/01, Craig Snedden wrote: >Now now boys! > >I'd have to agree with Miguel and Hoffman to a broad degree. I'm >also a great believer in pride in the job and ethics, but being too >stuck up your own .... never paid any bills! > >What is ethically wrong in taking the job, but only after explaining >to the "client" that a sweep comes with no guarantees (something you >should do anyway) and that any reduction in your service will only >serve his fiscal needs and lead to a false sense of security. If >the client is willing to accept that, and you have the appropriate >riders on paper, signed by him, then go ahead, take his money. > >By the way, where do we get off calling each other "whores"? > >"Providing a service in return for money" isn't that what we all do? >Maybe there are too many out there who can afford to sit back and be >picky about what work they do and don't? > >:-) That is a good subject for discussion... Let me ask the list how they view the following "Ethical Continuum", and how they relate it to TSCM services. How far would someone have to go before the action would escalate the action on the scale. How would padding your invoice rank, or planting a device only to find it. Would you rank the illegal possession of eavesdropping equipment, or planting a bug to catch a criminal. 1) Public Image or Client Perception 2) Job Pride or Private Image 3) Professional Ethics (as generally accepted by your associates) 4) Personal Ethics (can you look at yourself in the mirror) 5) Professional Integrity (Do you feel good about what you do for a living) 6) Personal Integrity (can you sleep at night?) 7) Willingness to "bend the rules" 8) Willingness to "bend the law" for a higher cause 9) Willingness to "bend the law" for profit or personal gain 10) Willingness to "break the law" for a higher cause 11) Willingness to "break the law" for profit or personal gain 12) Willingness to "break the law" just for fun 13) Willingness to do anything legal for money (assuming that the thing may be embarrassing or humiliating, and you are in a real hurt for the money) 14) Willingness to do anything legal, but unethical or immoral for money (assuming you are in a real hurt for the money) 14) Willingness to do anything illegal, but ethical or moral for money (assuming you are in a real hurt for the money) 15) Willingness to do anything illegal (assuming you will not get caught, and assuming you are in a real hurt for the money) -jma -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2321 From: James M. Atkinson, Comm-Eng Date: Mon Jan 15, 2001 7:07pm Subject: Re: ECS vs. TSCM At 3:49 PM -0500 1/15/01, Bcrews wrote: >I was recently reading an article that made a distinction >between ECS (electronic countermeasures) equipment >versus TSCM (technical surveillance countermeasures) equipment. >I am familar with the later but am unsure about the former. >Comments? > >Bill C. ECS (electronic countermeasures) is used to JAM or otherwise interfere with a surveillance activity. For example if we pickup a 398 Mhz eavesdropping signal ECS activities would simply jam the signal in a rude, crude, and totally overt manner. TSCM (technical surveillance countermeasures) on the other hand is the careful and elegant procedures use for ferreting out of the eavesdropping device, and other hunting down the actual spy. A good example is when you pickup a 2.4 GHz video signal in ant are your check, and then DF on 480 MHz IF signal to locate who is operating the equipment on the receiving end. -jma -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2322 From: Steve Uhrig Date: Mon Jan 15, 2001 9:27pm Subject: Full coverage R8500 receivers for sale Hello list, I have come across a small supply of government trade in ICOM R8500 receivers, and am offering them for sale here first before posting them on my used equipment page. These generally sell very quickly once they are posted. Many are familiar with the R8500. This is ICOM's newest wideband HF/VHF/UHF receiver, quite common with sweepers. The problem is getting them with 800 megacycle coverage. All the ones sold commercially are cellular blocked, with no provision for TSCM practitioners to obtain unblocked ones legally. We do not want receivers with holes in the coverage. Here are some that don't have the holes. These are full coverage receivers originally purchased by the government, generally used for one weekend surveillance, then traded in. Basic specs are 100kc to 2 gigs, AM, Wide FM, Narrow FM, CW, SSB. This is a triple conversion tabletop receiver powered by 12VDC or 110VAC with included power supply. Can be used portable or mobile or fixed station. Go here for full specs and a photo: http://www.icomamerica.com/receivers/tabletop/icr8500.html This receiver is the best one ICOM has released to date, significantly better than the R9000, and a later model in the series of R7000/R7100. Remember this is a full coverage receiver, and covers from 100kc (0.1 megacycles) to 2 gigs (2000 megacycles). You do not need an additional receiver to cover the HF portion of the spectrum. When not sweeping, you will use this as a lab receiver on your test bench. There is an RS232 input port as part of this receiver, so you do not need the expensive external level converter to computer control it. There are a number of third party software packages available to remotely operate the receiver. Rather than one of the computer-controlled black box receivers, the R8500 can be computer controlled as well as it has a full featured front panel for standalone use. There may be times when you do not want to drag a laptop around just to run your receiver. One of the standard internal features will scan and store any signals found in a special memory bank for later review. ICOM just raised the price on these substantially, and that higher price will soon be reflected on dealers' pricing. Even then, you can't buy them full coverage without a government sponsor willing to give you a blessing. I only have a few of these, so don't wait if you need a portable, decent full coverage receiver. Price is $2000 shipped in the U.S. This is less than current retail for a blocked receiver. Anyone buying an R8500 receiver is eligible to purchase a wideband discone antenna for $75, which is a $50 discount off the normal price of $125. This antenna is ideal for this receiver, and is a good antenna for sweeping. Mount it on a tripod or microphone stand and move the antenna around the area you are sweeping. Antenna can be used for transmit also, from 25- 2000 megs. I take credit cards for payment. And I will consider trades for other pieces of high end TSCM equipment. Swap something you don't need for something you do. Also have a few full coverage R100s just came in if anyone needs one of them. Inquire. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 2323 From: Craig Snedden Date: Tue Jan 16, 2001 3:36am Subject: Re: Re: What would YOU do? Good morning all, James Atkinson has given us some food for thought..... To answer all the questions that he poses truthfully, I probably come out as a conniving, sneaky, self-serving, two faced individual that you wouldn't touch with a 10 foot pole! (I'd be really upset if I thought anyone thought I was any of these things) My own standpoint on these issues are shades of grey. For the record, (before you get a really jaundiced view of me) I regularly decline to undertake work for potential clients, when I feel that they would be wasting my time and thier money. I quite often get people who are clearly mentally disturbed contacting me, saying that they are bugged. It usually doesn't take long to find out that they are already seeing a professional more suited to thier needs and it's not a TSCM operative! See answers below: Craig ----- Original Message ----- ---Cut as irrelevant----- > Let me ask the list how they view the following "Ethical Continuum", > and how they relate it to TSCM services. How far would someone have > to go before the action would escalate the action on the scale. > > How would padding your invoice rank, or planting a device only to > find it. Would you rank the illegal possession of eavesdropping > equipment, or planting a bug to catch a criminal. > > 1) Public Image or Client Perception 50/50 balance, but I wouldn't do a "risky" job just to keep a client happy. It's a delicate balancing act, because a poor public image will lead to a decline in clients, but dis-satisfied clients will also lead down that road. > > 2) Job Pride or Private Image again 50/50 > > 3) Professional Ethics (as generally accepted by your associates) 100% > > 4) Personal Ethics (can you look at yourself in the mirror) No problem > > 5) Professional Integrity (Do you feel good about what you do for a living) Sure 100% > > 6) Personal Integrity (can you sleep at night?) Yep! > > 7) Willingness to "bend the rules" Depends very much on the degree of "bending" and the "rule" to be bent, but generally no. > > 8) Willingness to "bend the law" for a higher cause As above, but to a lesser degree, I.m going to jail for no-one! However, it depends on the situation and whether I could justify my actions to a Court at a later date. > > 9) Willingness to "bend the law" for profit or personal gain No. > > 10) Willingness to "break the law" for a higher cause > No, again I'm going to jail for no-one. > 11) Willingness to "break the law" for profit or personal gain As above. > > 12) Willingness to "break the law" just for fun > Depends on the law and the possible outcome, but generally no. > 13) Willingness to do anything legal for money (assuming that the > thing may be embarrassing or humiliating, and you are in a real hurt > for the money) Maybe, depends on what I'm being asked to do, the hurt and the money on offer. Having said that, I do tend to shy away from situations that could lead to personal or professional embarrassment. I'd probably consider it for a few seconds, then decline. > > 14) Willingness to do anything legal, but unethical or immoral for > money (assuming you are in a real hurt for the money) Generally no. As above. > > 14) Willingness to do anything illegal, but ethical or moral for > money (assuming you are in a real hurt for the money) No > > 15) Willingness to do anything illegal (assuming you will not get > caught, and assuming you are in a real hurt for the money) No. > > > -jma > > > > > > > -- > > ======================================================================= > Sed quis custodiet ipsos Custodes? > "In a time of universal deceit, telling the > truth is a revolutionary act" - George Orwell > ======================================================================= > James M. Atkinson Phone: (978) 546-3803 > Granite Island Group Fax: (978) 546-9467 > 127 Eastern Avenue #291 http://www.tscm.com/ > Gloucester, MA 01931-8008 jmatk@t... > ======================================================================= > The First, The Largest, The Most Popular, and The Most Complete TSCM, > Technical Security, and Counterintelligence Site on the Internet. > ======================================================================= > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.onelist.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS 2324 From: Steve Uhrig Date: Tue Jan 16, 2001 10:40am Subject: Gordon Liddy again http://www.sunspot.net/content/cover/story?section=cover&pagename =story&storyid=1150540205511 Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 2325 From: James M. Atkinson, Comm-Eng Date: Tue Jan 16, 2001 3:15pm Subject: The Lone Ranger and Tonto are camping in the desert... The Lone Ranger and Tonto are camping in the desert, set up their tent, and are asleep. Some hours later, The Lone Ranger wakes his faithful friend. "Tonto, look up at the sky and tell me what you see." Tonto replies, "Me see millions of stars." "What does that tell you?" ask The Lone Ranger. Tonto ponders for minute. "Astronomically speaking, it tells me that there are millions of galaxies and potentially billions of planets. Astrologically, it tells me that Saturn is in Leo. Time wise, it appears to be approximately a quarter past three. Theologically, it's evident the Lord is all powerful and we are small and insignificant. Meteorologically, it seems we will have a beautiful day tomorrow. What it tell you, Kemo Sabi?" The Lone Ranger is silent for a moment, then speaks: "Tonto, you Dumb Ass, someone has stolen our tent". -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2326 From: Larry Malmberg Date: Wed Jan 17, 2001 11:16am Subject: Interesting "stuff" Cut and paste from another group I am a member of. Larry > TRANSMISSION TROUBLE? > The Toronto Globe and Mail reported yesterday that the Eagles and > Minnesota Vikings, who visited the New York Giants in playoff games the > last two weekends, accused the Giants of intercepting the transmissions > between the wireless headsets of the coaches and quarterbacks. Then, the > report said, the Giants adjusted their defense by using hand signals. > That defense was dominant in both games, surrendering 10 points total, > including shutting out the combustible Vikings. > > Andy Reid yesterday denied knowing of any such accusation and did not > complain of any irregularities during his team's 20-10 loss at Giants Stadium. > http://inq.philly.com/content/daily_news/2001/01/17/sports/EAGL17.htm > (Contributed by Joe Canone.) > > --- > > There are serious suggestions in the National Football League that the > New York Giants have been cheating in the playoffs by intercepting radio transmissions. > > The matter was first brought to the attention of NFL commissioner Paul > Tagliabue after the Giants defeated the Philadelphia Eagles in their > playoff game two weekends ago. > > The Eagles said they have reason to believe the Giants were able to > listen to the plays being sent via radio from coaches to their > quarterback, Donovan McNab. All NFL quarterbacks have helmets equipped > with special radios. Once the Giants heard the plays, the Eagles are > claiming, they were able to set up their defense accordingly with hand signals. > > Yesterday, similar fears were being expressed by the Minnesota Vikings, > who were crushed 41-0 by the Giants in the National Football Conference > final on Sunday. > > The NFL is desperately is trying to keep the issue quiet, what with the > Giants having qualified for the Super Bowl. But, rest assured, you'll > hear more about this sinister stuff in the next few weeks. > http://archives.theglobeandmail.com/ > > --- > > Background Information... > One of the most amazing new devices being used in the NFL is the > radio-equipped helmet. Quarterbacks used to wear helmets just to protect > their heads. Not anymore! Now quarterbacks also use helmets to get plays > from their coaches. > > The radio-equipped helmets let coaches give plays to quarterbacks much > faster than they could when they used hand signals or brought plays in > through substitute players. To talk to a quarterback, a coach on the > sidelines presses a button on a box strapped to his waist. The button > activates a radio transmitter, which is something like a walkie-talkie. > When the coach speaks into his microphone, the transmitter sends the > message. A device in the quarterback's helmet picks up the signal. > > Are the two teams picking up each other's radio signals and stealing > plays? Nope-because each radio signal is scrambled, or encrypted, using > a secret electronic code. The quarterback's radio receiver unscrambles > the signal, so he can understand it. But if anyone else tried to listen > to the signal, all he or she would get is a high-pitched noise that > sounds like a bunch of squawking geese! -- Amin Bey (Weekly Reader) > > --- > > RADIOS IN HELMETS -- History 101 > > April 7, 1943 - The NFL made the wearing of helmets mandatory. > > October 18, 1956 - Football commissioner Bert Bell turned thumbs down on > the use of radio-equipped helmets by NFL quarterbacks. Bell had > received, um, a lot of static about the devices which were quite popular > with coach Paul Brown of Cleveland. Word was that severe whiplash was > possible with the long antennas used. > > 1995 - Quarterbacks may now receive communication from the bench via a > small radio transmitter in their helmets. This proposal was originally > run on a test basis last year during the pre-season, but was scrapped. > > The systems, provided by Control Dynamics Corp. of Ivyland, Pa., consist > of small circuit boards encased in silicon. The > device is about 2.5 inches by 1.25 inches. It allows the quarterback > only to hear signals, not to talk back to the sideline. > > 1998 - The NFL went wireless with Telex equipment. > > June 2, 2000 - The NFL is considering a plan to let its broadcasters put > miniature cameras inside helmets and wire its players with microphones > during exhibition games. Another possibility might be putting cameras on > the umpire. No final decision as yet. However... the World Wrestling > Federation announced that its new football league, the XFL, was planning > to use miniature cameras in helmets of some players and microphones in > huddles and on the sidelines. NBC plans to televise the XFL games, which > are to begin in February. > > 1999 - Motorola became the NFL official Wireless Communications Sponsor. > > 2000 - Trakus Inc., an MIT-affiliated technology company, hopes to put > radio tags in the helmets of every NFL player starting in the 2001 > season. The information received from these tags would be processed into > information that could completely change the way we watch TV sports and > could possibly revolutionize the sports themselves. > http://exn.ca/Stories/2000/01/21/53.cfm > > --- > > We don't know how this eavesdropping story will develop. It is our > understanding that the transmissions are encrypted. We will be looking > into this further. Larry Malmberg Investigations and Security 638 North D Street San Bernardino, CA 92401-1110 P.I. 15211, P.P.O. 12466 909-383-8565, 800-655-4549 Facsimile-909-383-8566 www.larrypi.com Not everything that counts can be counted and not everything that can be counted, counts. 2327 From: Tom Suess Date: Thu Jan 18, 2001 1:08am Subject: Telephone Line Questions Hi, Comments would be appreciated from list subscribers on the following telephone line balance/audio amp./line noise questions: Background * high rise apartment, no access to NID box * computer dial up connection fails ~ 80% on each of two different computers...a random group of alpha-numeric symbols appear in the log-in boxs on the computer screens after the telephone line is plugged into the computer modular jack, but only about 80% of the time. * ISP reports no problems at their end * TelCo is not interested... * all phone equipment unplugged, and line balance tested as per Ted Swifts book, "A Guide to Checking Telephone Lines", pages 48-54 * line balance measurements made with a Fluke 189 multimeter * both resisters match exactly @ 3013.8 Ohms, solder connection is good * the ring-to-earth-ground (table, A, page 53), voltage was fluctuating from -51.2 to -52 volts, regardless of multimeter range, and all connections were secure. The average (mean) reading was used * the tip-to-earth-ground reading (table, B, page 53) was also fluctuating * the series imbalance (table, H, page 53) is calculated to be 45.78 Ohms, but I do not have confidence in this number due to the phone line voltage fluctuation Additional Items * ongoing minor telephone harassment - crank/hang-up calls * phone displays "line-is-busy" after each crank phone call terminates. After unplugging and reconnecting the phone line, the "line-is-busy" warning disappears from the display * Some background voice and DTMF tones were audible during the test performed with the mini audio amplifier (Ted Swift book, p 40), but they were barely audible. Questions * Is it a normal TSCM experience to hear slight background voice and DTMF tones on the phone line during the amplifier check (the test amp. was the low cost RS model recommended by the book)? * What are the most likely causes of phone line noise? What sequence of test methods would identify intermittent phone line noise? * Is fluctuation in phone line voltage normal? If so, what is the average voltage fluctuation? If not, what are the possible causes? Thanks in advance for the help. 2328 From: St. Clair, James Date: Thu Jan 18, 2001 6:50am Subject: FW: Cellular telephone may have caused deadly Swiss air crash Cellular telephone may have caused deadly Swiss air crash Air Disaster.com, 01/17/2001 http://www.airdisaster.com/news/0101/12/news.html Swiss aviation investigators said yesterday that a mobile phone may have caused a Saab 340 to crash shortly after take-off from Zurich airport a year ago, killing all 10 passengers and crew on board. According to Chris Mason, a spokesman for the Civil Aviation Authority, it would be the first time a mobile phone had caused a crash. Studies have proved that radio waves from mobile phones while switched on can interfere with aircraft electronic and navigation systems and that the use of mobile phones aboard aircraft presents even greater safety risks. Jean Overney, leading investigations into the crash of Crossair flight LX 498 on January 10 last year, said tests with the same aircraft model had shown that the Saab 340's navigation system could be disrupted by a mobile phone. Mr Overney said: "We have asked mobile phone operators to check whether a call was made or a message sent just before the crash. These are recorded precisely to the second. We need a court order to give us access, but should have this data by the end of May." The use of mobile phones on board a plane is outlawed in most countries. But passengers often forget to switch off mobile phones, and in some cases have packed working phones in the aircraft hold. This has led to a series of alerts. This week, a Slovenian airliner made an emergency landing in Ljubljana after a mobile phone caused the electronics system to malfunction and falsely indicate an onboard fire. An investigation showed that the alarm had been caused by the mobile phone, which had been stowed in the luggage compartment and had not been switched off. Two years ago a Briton was sentenced to a year in jail by a Manchester court for "recklessly and negligently endangering" an international flight by refusing to switch off his phone. 2329 From: Charles P Date: Thu Jan 18, 2001 10:33am Subject: Re: Telephone Line Questions Tom, some questions: what type of telephone set? Since it has some kind of display that says "line in use", is it part of a phone system? Some high rise appartments have phone systems installed, but the voltage probably would not be 52v if that was the case. Voltage fluctuation of a small amount may be normal. Can you make normal phone calls on the line with no problem? i.e. does is sound clear for a normal conversation? If you are hearing voices and dtmf on the pair when the phone is not in use, it is probably crosstalk or possibly picking up rf on the wires or a combination. This is probably an old building with very old wiring that has been moved around and updated many times over the years, therefore the wire for that phone line may have poor connections or perhaps is twisted around other pairs in such a way that it picking up extraneous signals. This would also cause poor dial-up connection as well. You did not mention what software you were trying for dial up. If you are trying to log onto the Internet through the ISP, are you using Internet Explorer, Netscape, or AOL? If you are just using a terminal program to log in to another computer you frequently will get garbage on the screen if you have the wrong terminal settings or if you have a bad connection. You can try connecting the computer on a different phone line to see if it is working properly by itself. Note that these days, many people believe that they are being harrassed by hang up calls but it is actually a multitude of automatic dialers for telemarketers, auto fax dialers, and the like. (And I do mean _multitude_). Companies that have multiple lines with numbers in sequence (i.e. 555-1200, 1201, 1202, 1203, etc) often report hang up calls that they can see come on line 1 then 2 then 3 then 4... as the auto dialers make their rounds, it happens at my office fairly regularly. Someone else may have a more indepth analysis of the line balance, but the 45 ohms may just be some of the bad wiring in the building, with an extra loop stuck on it somewhere that could also help to create cross talk. A tdr would be useful to track it down. These are some of the "non-threatening" possibilities. Have fun! Charles Charles Patterson charles@t... Global Communications Tarrytown, NY www.avtele.com www.telephonesecurity.com ----- Original Message ----- From: "Tom Suess" To: Sent: Thursday, January 18, 2001 2:08 AM Subject: [TSCM-L] Telephone Line Questions > Hi, > > Comments would be appreciated from list subscribers on the following > telephone line balance/audio amp./line noise questions: > > Background > > * high rise apartment, no access to NID box > * computer dial up connection fails ~ 80% on each of two different > computers...a random group of alpha-numeric symbols appear in the > log-in boxs on the computer screens after the telephone line is > plugged into the computer modular jack, but only about 80% of the > time. > * ISP reports no problems at their end > * TelCo is not interested... > * all phone equipment unplugged, and line balance tested as per Ted > Swifts book, "A Guide to Checking Telephone Lines", pages 48-54 > * line balance measurements made with a Fluke 189 multimeter > * both resisters match exactly @ 3013.8 Ohms, solder connection is > good > * the ring-to-earth-ground (table, A, page 53), voltage was > fluctuating from -51.2 to -52 volts, regardless of multimeter > range, and all connections were secure. The average (mean) reading > was used > * the tip-to-earth-ground reading (table, B, page 53) was also > fluctuating > * the series imbalance (table, H, page 53) is calculated to be 45.78 > Ohms, but I do not have confidence in this number due to the phone > line voltage fluctuation > > Additional Items > > * ongoing minor telephone harassment - crank/hang-up calls > * phone displays "line-is-busy" after each crank phone call > terminates. After unplugging and reconnecting the phone line, the > "line-is-busy" warning disappears from the display > * Some background voice and DTMF tones were audible during the test > performed with the mini audio amplifier (Ted Swift book, p 40), but > they were barely audible. > > Questions > > * Is it a normal TSCM experience to hear slight background voice and > DTMF tones on the phone line during the amplifier check (the test > amp. was the low cost RS model recommended by the book)? > * What are the most likely causes of phone line noise? What sequence > of test methods would identify intermittent phone line noise? > * Is fluctuation in phone line voltage normal? If so, what is the > average voltage fluctuation? If not, what are the possible causes? > > Thanks in advance for the help. > > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.onelist.com/community/TSCM-L > > or email your subscription request to: > subTSCM-L@t... > =================================================== TSKS > > 2330 From: James M. Atkinson, Comm-Eng Date: Thu Jan 18, 2001 10:41am Subject: Re: Telephone Line Questions This is why it is critical to use a TDR when checking phone lines. The "balance line test" is of greatest value if the suspect device is series in nature, and is parasitic in it's power draw. Professional taping equipment is typically PARALLEL in nature, and does not draw current from the targeted line. When performing the audio check you need a very high impedance LOW NOISE audio amplifier, and you need to punch up the gain to at least 100 dB (over 110 dB is ideal). When you do this you will hear what is called "cross talk" and "line noise". This is normal, but the presence of stable tones (ie" DTMF "C") could indicate a slave located on the cable (but not on the current pair). My preference is to perform the high impedance audio checks, and then attach a buffer amplifier/transient limiter and route the output to a spectrum analyzer. This way I can SEE what is on the line, as opposed to trying to hear it. (of course all of this is done in a non-alerting fashion). Balanced line tests, Wet and Dry Time Domain Reflectometry, giga-ohm testing, milli-ohm testing, crosstalk analysis, capacitance testing, and so on are also important (and would not be used until you get to the alerting stages). A voltage variation means virtually nothing.... but it is nice to know. You HAVE TO LOCATE what is causing the voltage variation, and why. It could be completely normal, or maybe not... but you have to find out and not just assume its a bug because your volt meter twinkles. The Radio Shack audio amp is shit... complete and utter shit... buy a couple of Kaiser 1059's and you will be stunned at the difference. I notice that you didn't indicate how much loop current was being drawn to "draw tone", nor the resistance of the line and instrument.... these things are critical. Also, how much C-Message band noise was there, and where where the loading coils (if any). -jma At 11:08 PM -0800 1/17/01, Tom Suess wrote: >Hi, > >Comments would be appreciated from list subscribers on the following >telephone line balance/audio amp./line noise questions: > >Background > > * high rise apartment, no access to NID box > * computer dial up connection fails ~ 80% on each of two different > computers...a random group of alpha-numeric symbols appear in the > log-in boxs on the computer screens after the telephone line is > plugged into the computer modular jack, but only about 80% of the > time. > * ISP reports no problems at their end > * TelCo is not interested... > * all phone equipment unplugged, and line balance tested as per Ted > Swifts book, "A Guide to Checking Telephone Lines", pages 48-54 > * line balance measurements made with a Fluke 189 multimeter > * both resisters match exactly @ 3013.8 Ohms, solder connection is > good > * the ring-to-earth-ground (table, A, page 53), voltage was > fluctuating from -51.2 to -52 volts, regardless of multimeter > range, and all connections were secure. The average (mean) reading > was used > * the tip-to-earth-ground reading (table, B, page 53) was also > fluctuating > * the series imbalance (table, H, page 53) is calculated to be 45.78 > Ohms, but I do not have confidence in this number due to the phone > line voltage fluctuation > >Additional Items > > * ongoing minor telephone harassment - crank/hang-up calls > * phone displays "line-is-busy" after each crank phone call > terminates. After unplugging and reconnecting the phone line, the > "line-is-busy" warning disappears from the display > * Some background voice and DTMF tones were audible during the test > performed with the mini audio amplifier (Ted Swift book, p 40), but > they were barely audible. > >Questions > > * Is it a normal TSCM experience to hear slight background voice and > DTMF tones on the phone line during the amplifier check (the test > amp. was the low cost RS model recommended by the book)? > * What are the most likely causes of phone line noise? What sequence > of test methods would identify intermittent phone line noise? > * Is fluctuation in phone line voltage normal? If so, what is the > average voltage fluctuation? If not, what are the possible causes? > >Thanks in advance for the help. -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2331 From: Robert G. Ferrell Date: Thu Jan 18, 2001 0:48pm Subject: Re: Telephone Line Questions > * computer dial up connection fails ~ 80% on each of two different > computers...a random group of alpha-numeric symbols appear in the > log-in boxs on the computer screens after the telephone line is > plugged into the computer modular jack, but only about 80% of the > time. Are you sure they're 'random?' Modem commands often appear to be 'random groups of alpha-numeric' characters. In the standard Hayes command set, for example, ATE0 Q0 V1 X1 is an initialization string that turns on command echoing and long result codes, and selects blind dialing (no dial tone confirmation). It would help to see one of these sets of random symbols... Cheers, RGF Robert G. Ferrell, CISSP Information Systems Security Officer National Business Center U. S. Dept. of the Interior Robert_G_Ferrell@n... ======================================== Who goeth without humor goeth unarmed. ======================================== 2332 From: James M. Atkinson, Comm-Eng Date: Thu Jan 18, 2001 3:02pm Subject: Two new FBI agents were in a parking lot... [humor] Two new FBI agents were in a parking lot trying to unlock the door of their car with a coat hanger. They tried and tried to get the door open, but they couldn't. The one with the coat hanger stopped for a moment to catch his breath, and fellow agent said anxiously, "Hurry up! It's starting to rain and the top is down." -jma -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2333 From: Tom Suess Date: Thu Jan 18, 2001 0:08pm Subject: Re: Telephone Line Questions Reply to: Charles Patterson Thanks for the help. The answers to your questions are listed below: Date: Thu Jan 18, 2001 5:29pm Subject: Re: Telephone Line Questions Reply to: Robert Ferrell Thanks for the help. The replies are listed below: Date: Fri Jan 19, 2001 0:57am Subject: Freq hopper? I've isolated what appears to be a digital frequency hopping transmission near a client's office. The pulses are extremely fast, and follow each other on a wide bandwidth (across some 50 KHz) around 2.455 GHz. The signal is relatively powerful, and easily spotted with a whip antenna. Each pulse has very narrow deviation. Monitored over time, the pulses span the entire bandwidth. The office is somewhat shielded from L.A. area RF congestion by nature of its location. Am I missing something really obvious? Can't sleep well at night... -Eric Leonard 2336 From: Tom Suess Date: Thu Jan 18, 2001 5:40pm Subject: Re: Telephone Line Questions Reply to: James Atkinson Thanks for the help. The replies are listed below: Date: Fri Jan 19, 2001 9:57am Subject: How Electronic Tags Work to Foil Shoplifters Technology in Store How Electronic Tags Work to Foil Shoplifters By Todd Campbell Q U E S T I O N: How do those little sensor strips that are embedded in the cover of books in libraries and in products in the store work? A N S W E R: Welcome to the world of "loss protection," an entire industry dedicated to the art of preventing something called "shrinkage," better known to the rest of us as "shoplifting." How big a problem is shrinkage? Estimates of the dollar value vary widely, but here is a nice round number for the total value of goods that are secreted out of stores in the United States by nonpaying customers each year: $26 billion, according to a University of Florida study. That's a lot of shrinkage! So what's a store owner to do? Watching every customer - either in person or with a closed circuit video camera - isn't practical, and putting all of your goods in cases and behind counters isn't good for business. Electronic Tags Instead, a lot of stores (and libraries) use something called Electronic Article Surveillance, or EAS. All EAS systems have three components: labels or hard tags that are attached to the merchandise; detectors within the tag or label that trigger an alarm if you try to leave a store without paying for an item; and deactivators, which allow a sales person to turn off or remove a tag or label once you've paid for an item. There are four basic EAS systems used in stores today. The oldest type uses microwave technology. In these systems, the detector consists of two transmission antennas which send out two different signals: one is a high-frequency signal between 902 and 906 MHz, the second is a much lower frequency, around 111.5 kHz. The detector also includes a high-frequency receiver. The tags in these systems - which are usually those big hard plastic things that can make it a pain to try on an article of clothing - consist of a microwave diode and an antenna that can receive both the high and low frequency signals and also send a high frequency signal. If you are attempting a little "shrinkage" action with a piece of clothing sporting a microwave tag, when you walk by a detector the tag will read the two frequencies, combine them, and then retransmit them as a single signal. The detector then checks to make sure that the signal it is receiving is the right frequency (say, 903 MHz plus 111.5 kHz). If it is, the detector triggers the alarm. The only way to disarm this system is to remove the tag. Occasionally, someone forgets to remove it and the tag fails to trigger the alarm. That's one of life's more annoying retail moments: getting home with a spiffy new sweater only to realize you can't wear it because it still has that clunky tag on it. Actually, it happens more than occasionally: these systems fail about 20 percent of the time. But I did mention that this is an old technology? Radio Systems More common these days, especially in the United States, are radio frequency (RF) systems. Detectors in these systems use two pedestals which serve as gates that you pass between when you leave a store. One is a transmitter that sends out a signal (the normal range is 7.4 to 8.8 MHz). The other pedestal is a receiver. RF systems use small flat, usually square-shaped, labels that have an electronic circuit containing a capacitor and an inductor. When the label receives a signal from the detector, it energizes the capacitor and the inductor, which causes them to send energy back and forth at a specific frequency. The tag then transmits a signal that is picked up by the receiver. The receiver also picks up the signal sent by the transmitter in the other gate. It compares the two signals and if the difference is correct, the alarm goes off. When you pay for an item with an RF tag, the salesperson exposes the tag to a very strong RF pulse that burns out the components of the electronic circuit, rendering the tag incapable of transmitting a signal. In Europe, many stores use an electromagnetic (EM) system in which a low frequency electromagnetic field is generated between the two pedestals or gates. That field changes strength and polarity, switching back and forth from positive to negative. The labels in EM systems have a small embedded wire that changes magnetic state when it is exposed to the changing electromagnetic field. Each time the wire flips from positive to negative, it generates a signal which is picked up by a receiver in the detector. EM labels are easy to deactivate - exposing them to a magnet does the trick - and reactive, a feature that makes them ideal for use in libraries hoping to cut down on book shrinkage. AM Systems A fourth system, called acousto-magnetic, or AM for short, sends out a radio frequency signal (58 kHz is typical) in short bursts, transmitting anywhere from 50 to 90 pulses per second. AM system labels have a resonator and a magnetic strip. The radio frequency burst makes the resonator vibrate, initiating a signal that is tuned to match the original signal from the transmitter. The resonator works like a tuning fork, sending out a sustained signal and if the receiver continues to detect the proper radio frequency in between pulses, the alarm is triggered. The label can be turned off by demagnetizing it. Until recently, adding sensor tags and labels was left up to the store. The newest trend is called source tagging. With source tagging, a security label is added by the manufacturer, embedded in the packaging, say, or placed under a label, or even woven directly into an article of clothing. There is talk that these tags will eventually be used to help with inventory control as well as shoplifting. So how useful is "loss prevention" in reducing "shrinkage"? Industry estimates are that EA systems can reduce theft by up to 60 percent. EAS systems are such a strong disincentive to would-be shoplifters that some stores have taken to putting fake detector gates and fake tags on items, which provides at least some of the deterrence at a much reduced cost. Such dummy systems also increase the likelihood that you'll end up with a brand new article of clothing with a plastic tag still attached. I don't know about you, but I hate it when that happens. -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= 2338 From: James M. Atkinson, Comm-Eng Date: Fri Jan 19, 2001 10:22am Subject: Re: Freq hopper? At 6:57 AM +0000 1/19/01, Eric wrote: >I've isolated what appears to be a digital frequency hopping >transmission near a client's office. The pulses are extremely fast, >and follow each other on a wide bandwidth (across some 50 KHz) around >2.455 GHz. The signal is relatively powerful, and easily spotted >with a whip antenna. Each pulse has very narrow deviation. >Monitored over time, the pulses span the entire bandwidth. > >The office is somewhat shielded from L.A. area RF congestion by >nature of its location. > >Am I missing something really obvious? Can't sleep well at night... > >-Eric Leonard It was probably a microwave oven. They use (or are supposed to use) a signal at 2.450 GHz, and use a "chopper circuit" which almost makes the signal look like a pulse modulated signal. The pulse repetition rate and pulse duration is what gives the psuedo-bandwidth. Try this, park your rock stable spectrum analyzer right at 2.450 GHz and use an IF BW of say 100 kHz, then drop into zero span. You should see a nice 60 Hz signal (of a harmonic/sub harmonic thereof) if a microwave oven is being used. Then use a direction antenna/waveguide to find what is actually causing the signal (and never just assume that it is a microwave oven). I would point out that it could also be an ISM devices, a network connection, a pulse modulated data stream, and any one of a hundred different eavesdropping signals... but only a very careful analysis will tell for sure. Following the below sequence and you will find it easier to hunt down such devices.. 1) Isolate in the FREQUENCY domain (using a spectrum analyzer or search receiver) 2) Isolate in the TIME domain (use an Oscilloscope, or Zero Span on your SA Always go back to #1 your not successful in isolating the signal in the time domain) 3) Isolate in the SPACE domain (use a directional antenna to find WHERE the signal is coming from, and WHAT is causing it. Always go back to #2 your not successful in isolating the signal in the space domain) 4) Isolate in the PHYSICAL domain (use various hand tools, Xray equipment, and so on to determine if the thing creating the signal is supposed to be creating the signal, and determine if it is hostile or not. Always go back to #3 your not successful in isolating the signal in the physical domain) -jma -- ======================================================================= Sed quis custodiet ipsos Custodes? "In a time of universal deceit, telling the truth is a revolutionary act" - George Orwell ======================================================================= James M. Atkinson Phone: (978) 546-3803 Granite Island Group Fax: (978) 546-9467 127 Eastern Avenue #291 http://www.tscm.com/ Gloucester, MA 01931-8008 jmatk@t... ======================================================================= The First, The Largest, The Most Popular, and The Most Complete TSCM, Technical Security, and Counterintelligence Site on the Internet. ======================================================================= [Non-text portions of this message have been removed] 2339 From: Dawn Star Date: Fri Jan 19, 2001 0:07pm Subject: Telephone Line Questions From: Tom Suess Subject: Telephone Line Questions Hi, Comments would be appreciated from list subscribers on the following telephone line balance/audio amp./line noise questions: This ones easy, if you are not using a TDR you should not be sweeping telephone lines for compensation. Roger [Non-text portions of this message have been removed] 2340 From: Dawn Star Date: Fri Jan 19, 2001 0:10pm Subject: Key to the puzzle "Professional taping equipment is typically PARALLEL in nature, and does not draw current from the targeted line." jma I give you a hint of a key to the puzzle " what is the impedance of the drop wire or wire extension to the loop?" Roger [Non-text portions of this message have been removed] 2341 From: Robert G. Ferrell Date: Fri Jan 19, 2001 0:13pm Subject: Re: Re: Telephone Line Questions >I will contact the ISP for the copy directions, and foreword >the symbols to you. FYI for the list, he did forward them, and they were truly random. Looks like the typical noise I used to see on analog lines. Generally that sort of manifestation was accompanied by audible static. If there are no spurious signals on the line itself, then perhaps the interference is being injected further downstream (i.e., at the modem or the PC com port)... Cheers, RGF Robert G. Ferrell, CISSP Information Systems Security Officer National Business Center U. S. Dept. of the Interior Robert_G_Ferrell@n... ======================================== Who goeth without humor goeth unarmed. ========================================