From: Matt Paulsen Date: Sat Jan 18, 2003 1:28pm Subject: RE: Public input on hacker sentencing $$$ -m Don't get me wrong.. Hacking is hacking, and murder is murder, but why can murder sometimes be called pre-meditated and sometimes called manslaughter? jmtpw -----Original Message----- From: Steve Uhrig [mailto:steve@s...] Sent: 17 January 2003 01:17 To: tscm-l@yahoogroups.com Subject: [TSCM-L] Public input on hacker sentencing OFF WITH THEIR HEADS! ... Steve "Feds Seek Public Input on Hacker Sentencing" SecurityFocus Online (01/13/03); Poulsen, Kevin The United States Sentencing Commission (USSC) engaged the public for advice last week on whether prison or probation sentences for cybercriminals are adequate enough, or should be stronger. Michael O'Neill of George Mason University Law School says, "We want to know whether or not the relevant community...believes that serious penalties will deter people from engaging in that sort of conduct." The public can provide suggestions by accessing a formal "Issue for Comment" posted on the USSC Web site; the period for public comment will continue until Feb. 18. In addition to a general overview of the question of whether penalties for cyber miscreants are strong enough, the forum seeks advice on eight proposals to take additional factors into consideration when determining a sentence. One proposal suggests adding points--and thus extra jail time--to sentences if the hackers commit their crimes for financial gain, or to violate a person's privacy. For now, the sentencing guidelines for computer crimes are the same as those for larceny, embezzlement, and theft, in which the financial loss inflicted is the primary consideration. However, the Homeland Security Act and the congressional emphasis on cyberterrorism required the USSC to review its cyber crime sentencing guidelines so that they take into account "the serious nature of such offenses, the growing incidence of such offenses, and the need for an effective deterrent and appropriate punishment to prevent such offenses." The Homeland Security Act also authorized the creation of penalties for hackers whose activities result in a loss of human life. Orin Kerr of George Washington University Law School thinks that computer crime sentences are as harsh as normal sentences, if not harsher, according to some provisions. http://online.securityfocus.com/news/2028 ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6784 From: Matt Paulsen Date: Sat Jan 18, 2003 1:51pm Subject: RE: This is already happening with some lunatics we know imho these systems are placebo panacea's for the public. They provide none, to very little real value, except to the telco's if phones are going to be used, guess you should buy some stock... I had the 'pleasure' of working with the VA recently on their patient locator system and was less than impressed - modems, telco's and landlines, good god, have we learned nothing yet? Next I get to see FEMA's efforts. I'm not encouraged, and I see 2 hours a month in work time going down the drain from hereon. At least there are still ham operators around, albeit, a dying breed. That's where real info will come from (imho again), at least, those that remain after an actual disaster. Hey.. that's interesting, EAS just ran their weekly test while I typed this up... And my wife says to me while she cleans some dishes "I don't even think they used that when September 11th happened." Now isn't that interesting..... -----Original Message----- From: Steve Uhrig [mailto:steve@s...] Sent: Friday, January 17, 2003 11:12 AM To: tscm-l@yahoogroups.com Subject: [TSCM-L] This is already happening with some lunatics we know Officials consider faster ways to alert U.S. to terrorism By Audrey Hudson THE WASHINGTON TIMES Television sets suddenly turning on in the middle of the night, Internet messages or nontraditional telephone rings may be the next way Americans are alerted by the government they are under attack by terrorists. The Emergency Alert System (EAS) in 1997 replaced the Emergency Broadcast System that historically warned that "this is only a test," but lawmakers say new technology is needed to give Americans faster and more practical information. In announcing his candidacy for president, Sen. John Edwards, North Carolina Democrat, first proposed a telephone warning system for in the event a terrorist attack occurs while Americans are sleeping. "There are a lot of folks in this country who have no idea what they are supposed to do if an attack occurs," Mr. Edwards said. Mr. Edwards and Sen. Ernest F. Hollings, South Carolina Democrat and soon-to-be ranking member of the Commerce, Science and Transportation Committee, yesterday announced legislation to explore new alert systems. The bill would authorize the Homeland Security and Commerce departments to work with other government agencies and the media to set standards for warnings. The color-code warning system established by Tom Ridge, White House homeland security adviser, fails to give information on how to react to a terrorist attack, Mr. Edwards said. "We have to make sure effective warnings get to every American in times of danger, and we have to make sure those warnings tell folks just what they can do to protect themselves and their loved ones," Mr. Edwards said in a statement. The EAS is used daily on the local level to issue warnings of events that can endanger the public, including hazardous-material spills. The EAS is also used to transmit warnings from the AMBER (America's Missing Broadcast Emergency Response) alert system, which notifies the public about child abductions. AMBER was established on a state-by-state voluntary basis in 1996 in response to the abduction and slaying of 9-year-old Amber Hagerman in Dallas. It would be up to Congress to require the EAS to transmit terrorism warnings from a new alert system. The EAS has never been used for its primary function, which is to provide the president with a means to address the nation through all broadcast, cable and satellite systems in the event of a national emergency. It was not activated on September 11 because President Bush did not address the nation. The bill requires the Commerce Department to develop new technologies to issue warnings based on the National Weather Service system, which is decoded by EAS equipment at broadcast and cable stations and can be delivered almost immediately. Commerce would also explore new ways to disseminate the warnings through the Internet, cell phones and new technology to turn on TV sets. Specially equipped televisions, radios, pagers and other devices already exist to decode EAS messages, according to a fact sheet distributed by the Federal Communications Commission. Consumers can program these products to turn on automatically for the messages they want to receive. The Edwards-Hollings bill was based on recommendations from the Partnership for Public Warning. "National warning systems need significant improvement. They enable Americans at risk to save lives and reduce losses from natural and manmade disasters," said Peter Ward, partnership chairman. ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6785 From: Andre Holmes <1ach@g...> Date: Sat Jan 18, 2003 3:22pm Subject: EBAY Greetings I have found 2 items that may be of interest. Item number 2906323884 ANDRE [Non-text portions of this message have been removed] 6786 From: Mitch D Date: Sun Jan 19, 2003 3:47am Subject: Marriot WiFi (test report, off topic) I tested the wireless network at a marriot recently,for all of 10 minutes. After I got the access package from the front desk at a nameless Marriot,(card, instructions,driver cd)I set my laptop up with the 2.4 gig card and found it really difficult to maintain an acceptable signal by holding the laptop over my head, with the top of the card facing the top of the wall by the room entrance(which was where I got the highest useable signal level)I tried reflecting it,moving it and waving the whole setup all over the room to no avail.......no wonder they keep Pringles in the "Mini Bar" in guests rooms,as well as coat hangars in the closet.( I didnt but I thought about it) What sucks even worse is Marriot charges over 10 bucks a day for this "vaporful" wifi svc....Ended up using my dial-up anyhow......no overhead contortion neccessary...... __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com 6787 From: James M. Atkinson Date: Sun Jan 19, 2003 6:49am Subject: Re: Marriot WiFi (test report, off topic) If your going to use WiFi at a hotel bring along a small 16 dBi panel antenna and a really small palm sized tripod. Convert the connector on the antenna to an SMA and connect some premium grade coaxial cable (25-30 feet is good). I have found it helpful to have a right angle SMA connector on the cable where it connects to the antenna as it keeps things neat (remember to use a torque wrench on the connection). The 16 dBi panel antenna is roughly 10*10 inches square, and you can coil the cable around the back of the housing. Only use this antenna when you can't pick up a decent signal, otherwise you risk saturating the WiFi card in your computer. Also, if your room has a microwave oven you should use a gain antenna with caution. -jma At 1:47 AM -0800 1/19/03, Mitch D wrote: >I tested the wireless network at a marriot recently,for all of >10 minutes. >After I got the access package from the front desk at a >nameless Marriot,(card, instructions,driver cd)I set my laptop >up with the 2.4 gig card and found it really difficult to >maintain an acceptable signal by holding the laptop over my >head, with the top of the card facing the top of the wall by the >room entrance(which was where I got the highest useable signal >level)I tried reflecting it,moving it and waving the whole setup >all over the room to no avail.......no wonder they keep Pringles >in the "Mini Bar" in guests rooms,as well as coat hangars in the >closet.( I didnt but I thought about it) >What sucks even worse is Marriot charges over 10 bucks a day for >this "vaporful" wifi svc....Ended up using my dial-up >anyhow......no overhead contortion neccessary...... -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- Vocatus atque non vocatus deus aderit -------------------------------------------------------------------------------------------------- 6788 From: Date: Sun Jan 19, 2003 8:28am Subject: File - Gold List The current version of this list may be found at: http://www.tscm.com/goldlist.html ------------------------------------------------------------------------ Recommended U.S. TSCM Firms The following is a list of private TSCM firms who specialize in "bug sweeps" and wiretap detection and all of whom have legitimate TSCM training, credentials, and equipment (all are very well respected within the industry). While most TSCM specialists are available for travel outside of a specific geographic area they tend to avoid such engagements, or will limited the services to vulnerability analysis, pre-construction assistance, non-instrumented inspections, simple RF checks, in-place monitoring, or limited TSCM services involving only a briefcase sized in-place monitoring system (such as a single spectrum analyzer, MSS, Eagle, ScanLock, OSCOR, SPECTRE, ROSE, or similar system). These private TSCM firms tend to operate in a specific geographic area limited to a few hundred miles (usually within a four to six hour automobile drive). However, all of the TSCM firms listed here are available for travel anywhere in the United States or the World on short notice, but only provide limited services when operating outside of their normal coverage area. This limited coverage area is due to the logistics involved in transporting hundreds and often thousands of pounds of sophisticated, highly sensitive electronic instruments, equipment and tools. Bug sweeps and wiretap detection involves the use of ladders, pole climbing equipment, LAN analyzers, X-ray systems, large antennas and other equipment which is not easily transported by airplane. TSCM firms also tend to restrict their operations to a specific geographic area to facilitate an expert level of knowledge regarding the RF environment, construction methods used, community zoning, population demographics, civil engineering, aeronautic or maritime facilities, local military bases, and related areas. Knowledge of such regional information is critical for a successful TSCM project. The TSCM specialist must also have an intimate knowledge of the telephone systems, engineering methods, fiber optics, major cable locations, central office switches, test numbers, and related communications infrastructure present or being used in an area (which tends to be very regional). An understanding of what types of eavesdropping devices, methods, and frequencies are being used in an area is also important, as is a knowledge of what type of surveillance equipment is being sold within that region (and other areas). The TSCM Procedural and Protocols Guides used by a specialist also tend to be based on specific issues and variables present in that specific geographic area. On a more interesting note, many of these firms are located in, or near major maritime port cities. The heaviest concentrations are around major cities on the East and West coasts with a very limited presence in the Mid-West, Great Plains, and Rockies. If you are in the Mid-West, Great Plains, or Rockies area you would need to engage a TSCM firm from one of the major port cities. For example customers in Chicago, St. Louis, Memphis, Denver, Salt Lake City, Minneapolis, Billings, etc. would need to fly a TSCM specialist in from Boston, New York, Washington DC, Los Angles, Lexington, or Seattle. ------------------------------------------------------------------------ Please be patient when contacting these firms, as if they are out serving a client they may not be able to return your call for several hours. Rates generally are non-negotiable and reflect the cost of the sweep practitioner's time, investment in equipment acquisition and maintenance, several weeks of in-service training a year, travel, administrative and communications time and expense to coordinate the sweep and written report, and a fair profit for their services. It is very unwise to shop for sweeps by using price as a criteria as it only invites getting ripped off. Legitimate TSCM professionals are not interested in, nor will then engage in negotiating for a lower price. When you contact persons on this list, you are talking with someone in the same league as an attorney or surgeon, not a salesman. In fact most of the people listed on this page have more time in their specialized training than do most attorneys or medical professionals. Anything beyond an initial phone call usually will be billable time. Attorneys and doctors don't consult for free, and neither do legitimate TSCM specialists. If a potential client calls with a long list of questions not pertaining directly to hiring the practitioner, or wants to know how to do his own sweep, or wants to know how to use the sweep kit he purchased on his own, expect to pay an hourly rate in advance for consulting services. If you are considering engaging (or have already engaged) a TSCM firm and they are not listed in the following directory you would do well to immediately ask some awkward questions. It is also important you understand that legitimate services by a competent TSCM firm rarely start at less then several thousand dollars for even a basic sweep. Keep in mind that there only a small number of legitimate and competent TSCM counterintelligence specialists or "Bug Sweepers" in the U.S. private sector. Legitimate TSCM firms are in very high demand, hard to find, and expensive; so be patient when trying to find one to help you. Also, the firms listed on this page are not attorneys and cannot tell you whether it is legal or illegal for you to monitor your own phones. Always call a competent licensed attorney for legal advice. Without exception, no one listed here performs eavesdropping services or sells surveillance equipment to any other than government agencies AND WILL NOT REFER YOU TO ANYONE WHO DOES. When you contact any of the following firms please mention that you saw them listed on this web site. ------------------------------------------------------------------------ All of New England, Upstate New York, and the Boston Metropolitan Area (MA, RI, CT, VT, NH, ME, New York State including Long Island, and some of New Jersey) Available on a limited basis to cover any location within 1000 miles of Boston. James M. Atkinson Granite Island Group 127 Eastern Avenue #291 Gloucester, MA 01931-8008 (978) 546-3803 Telephone URL: http://www.tscm.com/ E-mail: jmatk@t... ------------------------------------------------------------------------ Stamford, Connecticut Metropolitan Area (also, Manhattan, Long Island, and New Jersey) Sam Daskam Information Security Associates, Inc. 38 Settlers Trail Stamford, CT 06903 (203) 329-8387 Telephone URL: http://www.isa-tscm.com/ E-mail:sales@i... ------------------------------------------------------------------------ Norwalk, and Lower Fairfield Country Area (also, Manhattan, Long Island, Philadelphia, and New Jersey) Rob Muessel TSCM Technical Services 11 Bayberry Lane Norwalk, CT 06851 (203) 354-9040 Telephone URL: http://www.tscmtech.com/ E-mail:rmuessel@t... ------------------------------------------------------------------------ Greater Philadelphia and Harrisburg Metropolitan Area (also, serving South-Eastern and Central Pennsylvania) Bob Motzer RCM and Associates 609 Sandra Lane Phoenixville, PA 19460 (888) 990-6265 Telephone E-mail: 1RCM@M... ------------------------------------------------------------------------ Washington DC and Baltimore Metropolitan Area (also, Virginia, Delaware, and Pennsylvania) Steve Uhrig SWS Security 1300 Boyd Road Street, MD 21154-1836 (410) 879-4035 Telephone URL: http://www.swssec.com/ E-mail: steve@s... ------------------------------------------------------------------------ Houston, Dallas, Austin, and Galveston (also, Gulf Coast of Texas and Louisiana) Rick Udovich Communication Security, Inc. 2 Shadow Lane Bay City, TX 77414 (979) 244-4920 Telephone URL: http://www.bugsweep.com/ E-mail: rjudo@s... ------------------------------------------------------------------------ Atlanta Metropolitan Area, Southeastern US (also, AL, FL, GA, NC, SC, TN) Buzz Benson Executive World Services, Inc. P.O. Box 33 Braselton, Georgia 30517-0033 (678) 316-7002 Telephone URL: http://www.executiveworldservices.com/ E-mail: sales@e... ------------------------------------------------------------------------ Lexington KY Metropolitan Area (also, Louisville, Cincinnati, and Central Midwest) Bill G. Rhoads Intelcom, Inc. 121 Prosperous Place, Suite 4B Lexington, KY 40509 (859) 263-9425 Telephone E-mail: bgr101@a... ------------------------------------------------------------------------ Michigan and Surrounding Area (also, Indiana, Ohio, and Northern Midwest Region) Chad Margita Off Duty Security 18301 Eight Mile Rd, Suite 214 Eastpointe, MI 48021 (586) 774-1675 Telephone E-mail: offdutysecurity@c... ------------------------------------------------------------------------ Washington State and Seattle WA Metropolitan Area (also, Oregon, and the Pacific North West) Gordon Mitchell Future Focus, Inc. P.O. Box 2547 Woodinville, WA 98072 (888) BUG-KILR Telephone URL: http://www.bug-killer.com/ E-mail: enquiries@b... ------------------------------------------------------------------------ San Francisco and all of Northern California (also, Silicon Valley Area) William Bennett Walsingham Associates, Inc. P.O. Box 4264 San Rafael, CA 94913 (415) 492-1594 Telephone E-mail: walsingham@c... ------------------------------------------------------------------------ 6789 From: Date: Sun Jan 19, 2003 8:28am Subject: File - mission.txt TSCM-L Technical Security Mailing List Dedicated to TSCM specialists engaging in expert technical and analytical research for the detection, nullification, and isolation of eavesdropping devices, wiretaps, bugging devices, technical surveillance penetrations, technical surveillance hazards, and physical security weaknesses. This also includes bug detection, bug sweep, and wiretap detection services. Special emphasis is given to detecting and countering espionage and other threats and activities directed by foreign intelligence services against the United States Government, United States corporations, establishments, and citizens. The list includes technical discussion regarding the design and construction of SCIF facilities, Black Chambers, and Screen Rooms. This list is also for discussing DIAM 50-3, NSA-65, and DCID 1/21, 1/22 compliance. The primary goal and mission of this list is to "raise the bar" and increase the level of professionalism present within the TSCM business. The secondary goal of this list is to increase the quality and effectiveness of our efforts so that we give spies and eavesdroppers no quarter, and to neutralize all of their espionage efforts. This mailing list is moderated by James M. Atkinson and sponsored by Granite Island Group as a public service to the TSCM, Counter Intelligence, and technical security community. 6790 From: Steve Uhrig Date: Sun Jan 19, 2003 4:21pm Subject: Motorola HT-220 portables The other day, list member Charles Patterson and I were reminiscing over communications and got to discussing some of our early ham radio activities 30 years ago. Back then you didn't buy a radio. You built it. My first non-HF radio was a Motorola 80D converted from taxicab service on lowband, operating on 6 volts and using a dynamotor for TX high voltage and a vibrator for RX high voltage. If you were around back in those days, you might enjoy this page: http://www.batnet.com/mfwright/HT220.html While this was not my first portable radio, it was an early one. I had an amateur HT200 portable before the local police had one. Most two way radios used tubes in those days. Nothing to do with TSCM, just remembering good times from 30 years ago. Steve (WA3SWS) ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 6791 From: Matt Paulsen Date: Mon Jan 20, 2003 1:08am Subject: multilayered security system, update A while back I posted on a requirements list for 3 levels of security for pc's. The one area that drew a blank was the locality activated ID system - mostly comments such as 'that can be done easily' were returned, but nothing concrete. After a few months of research, this was put together for all 3 levels... comments anyone? www.rfideas.com - proximity activation - note: the bonus here is that this integrates with the existing physical security badge access system. www.rsasecurity.com - 2 phase fob, 5 year battery www.identix.com - biometric interface 6792 From: Matt Paulsen Date: Mon Jan 20, 2003 8:06pm Subject: RE: Marriot WiFi (test report, off topic) http://www.cantenna.com/ -----Original Message----- From: James M. Atkinson [mailto:jmatk@t...] Sent: Sunday, January 19, 2003 4:50 AM To: tscm-l@yahoogroups.com Subject: Re: [TSCM-L] Marriot WiFi (test report, off topic) If your going to use WiFi at a hotel bring along a small 16 dBi panel antenna and a really small palm sized tripod. Convert the connector on the antenna to an SMA and connect some premium grade coaxial cable (25-30 feet is good). I have found it helpful to have a right angle SMA connector on the cable where it connects to the antenna as it keeps things neat (remember to use a torque wrench on the connection). The 16 dBi panel antenna is roughly 10*10 inches square, and you can coil the cable around the back of the housing. Only use this antenna when you can't pick up a decent signal, otherwise you risk saturating the WiFi card in your computer. Also, if your room has a microwave oven you should use a gain antenna with caution. -jma At 1:47 AM -0800 1/19/03, Mitch D wrote: >I tested the wireless network at a marriot recently,for all of >10 minutes. >After I got the access package from the front desk at a >nameless Marriot,(card, instructions,driver cd)I set my laptop >up with the 2.4 gig card and found it really difficult to >maintain an acceptable signal by holding the laptop over my >head, with the top of the card facing the top of the wall by the >room entrance(which was where I got the highest useable signal >level)I tried reflecting it,moving it and waving the whole setup >all over the room to no avail.......no wonder they keep Pringles >in the "Mini Bar" in guests rooms,as well as coat hangars in the >closet.( I didnt but I thought about it) >What sucks even worse is Marriot charges over 10 bucks a day for >this "vaporful" wifi svc....Ended up using my dial-up >anyhow......no overhead contortion neccessary...... -- ---------------------------------------------------------------------------- ---------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ---------------------------------------------------------------------------- ---------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... ---------------------------------------------------------------------------- ---------------------- Vocatus atque non vocatus deus aderit ---------------------------------------------------------------------------- ---------------------- ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6793 From: Romeo Mabasa Date: Mon Jan 20, 2003 3:56am Subject: TSCM Survey Information Database Hi guys, I'm currently designing a database to maintain the sweep information for scheduled tasks, incidence response, and ad-hoc tasks. So what I'd like to know is the kind of information/survey questions I need to ask for the following specialists - IT consultant (computer hardware, networks) - Telecomms consultant (telephone devices, fax machines) - Building services consultant (air ducts, aircons, etc) And what kind of output would I deal with? Your help in this regard would really be appreciated. P.S any interesting information on Scanlock M2 and Delta V? -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup Meet Singles http://corp.mail.com/lavalife 6794 From: Hawkspirit Date: Tue Jan 21, 2003 11:17am Subject: Double Sweep Last week I performed a sweep where the clients phone lines were compromised with two wiretaps. One a conventional bridge tap in the phone utility closet and the other a cordless phone intercept. At the end of the inspection, the client's lawyer decided that he would have me meet with telephone company security the next morning to verify and evidence the hardwire bridge tap. The next morning when I arrived, the client had on hand a second sweep team (separate independent company) to verify my results and have them do a complete inspection to further determine there own results. This is the first time in my thirty years of sweeping that I have had a "second team verification". It shows you how careful and accurate you must be in this business and have those results prepared and provable early on. Roger Tolces Electronic Security Co. www.bugsweeps.com 6795 From: Steve Uhrig Date: Tue Jan 21, 2003 0:03pm Subject: Re: Double Sweep On 21 Jan 2003 at 9:17, Hawkspirit wrote: > Last week I performed a sweep where the clients phone lines were > compromised with two wiretaps. And at this point you stopped, did your best to secure the scene and minimize every low level stupervisor from having to stick his nose in, and reported the find to law enforcement and remained on the scene until they arrived? Took some photos and kept everyone out of the area with their big muddy boots? Made a written record of everything from the moment you walked in the door up to and including a copy of the police report? Since you uncovered evidence of a felony? And any other action could lead to a conspiracy charge? > At the end of the inspection, the client's lawyer decided that he would > have me meet with telephone company security the next morning And this lawyer indemnified you in writing to hold up in court, promising to pay any and all legal bills you incur and to take a bullet for you if someone wants to make an issue of your actions in not immediately reporting a felony? Of course you had this in hand before beginning the job, and the client acknowledged in your contract any finds immediately would be reported to law enforcement as evidence of a crime? > The next morning when I arrived, the client had on hand a second sweep > team (separate independent company) to verify my results What a difference between coasts! Here my company is called to verify finds of Jim Ross and PI $500 sweepers. The only other group who has verified one of our finds was the FBI themselves, and I felt like a kindergarten teacher. Position yourself to where you're the one verifying other's work. You're the expert, not the lowball priced novice whose work needs vetting by someone else. You're the ultimate authority. > It shows you how careful and accurate you must be in this business and > have those results prepared and provable early on. And cover your ass legally if you do find something (which by the way is extremely unusual, for the novices on the list). Look out for #1 first. No one else will look out for you. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 6796 From: Andre Holmes <1ach@g...> Date: Tue Jan 21, 2003 0:25pm Subject: Re: Double Sweep Hello It does not suprise me that a Second opinion was requested. There are Sweep companies that are missing or just not using the equipment correctly to ferret out the bug. Some client knows that the bug are gathering information but cannot find a good company to do the Sweep. I have been approach on the issue that there still is a bug there. I have witnessed a Large Sweep company inside a Sac box all service to customers were halted while they did there thing then they went down the line futher to install,inspect,or remove something. Phone service was restored they left. 1 They were not the phone company 2 I saw them there 3 My phone service was temp. down 4I know the name of the company who by the way they were convicted it made World news 2 guys own the company. 5 I cannot spell the name of the company begins with a A and ends with a F or a. maybe six letters. Andre Holmes ----- Original Message ----- From: "Hawkspirit" To: "TSCM" Sent: 21 January, 2003 12:17 PM Subject: [TSCM-L] Double Sweep > Last week I performed a sweep where the clients phone lines were > compromised with two wiretaps. One a conventional bridge tap in the phone > utility closet and the other a cordless phone intercept. > At the end of the inspection, the client's lawyer decided that he would > have me meet with telephone company security the next morning to verify and > evidence the hardwire bridge tap. > The next morning when I arrived, the client had on hand a second sweep > team (separate independent company) to verify my results and have them do a > complete inspection to further determine there own results. > This is the first time in my thirty years of sweeping that I have had a > "second team verification". It shows you how careful and accurate you must > be in this business and have those results prepared and provable early on. > > Roger Tolces > Electronic Security Co. > www.bugsweeps.com > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > It is by caffeine alone I set my mind in motion. > It is by the juice of Star Bucks that thoughts acquire speed, > the hands acquire shaking, the shaking is a warning. > It is by caffeine alone I set my mind in motion. > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > 6797 From: Fernando Martins Date: Tue Jan 21, 2003 4:46pm Subject: Re: Re: Double Sweep I find here several things as the same kind of issues as in a IT security audit or penetration test, probably it's more like a zero knowledge pen-test. When Steve says "and at this point you stopped" it's kind of familiar :> Anyway ... one even being the best technician in the business, can step in some nasty legal problems, and the best way to avoid those is a very well made contract (=with a very good lawyer/law department at your side), that can clarify EVERY (and 10 more ....) possible grey issues. About the secound team ... also sometimes if one did his job well and found problems, sometimes a secound team that for sure will not find anything is needed ... yeah, such is life! the novice 20cents ;) FM ----- Original Message ----- From: "Steve Uhrig" To: Sent: Tuesday, January 21, 2003 6:03 PM Subject: [TSCM-L] Re: Double Sweep > On 21 Jan 2003 at 9:17, Hawkspirit wrote: > > > Last week I performed a sweep where the clients phone lines were > > compromised with two wiretaps. > > And at this point you stopped, did your best to secure the scene and > minimize every low level stupervisor from having to stick his nose > in, and reported the find to law enforcement and remained on the > scene until they arrived? Took some photos and kept everyone out of > the area with their big muddy boots? Made a written record of > everything from the moment you walked in the door up to and including > a copy of the police report? > > Since you uncovered evidence of a felony? > > And any other action could lead to a conspiracy charge? > > > At the end of the inspection, the client's lawyer decided that he would > > have me meet with telephone company security the next morning > > And this lawyer indemnified you in writing to hold up in court, > promising to pay any and all legal bills you incur and to take a > bullet for you if someone wants to make an issue of your actions in > not immediately reporting a felony? > > Of course you had this in hand before beginning the job, and the > client acknowledged in your contract any finds immediately would be > reported to law enforcement as evidence of a crime? > > > The next morning when I arrived, the client had on hand a second sweep > > team (separate independent company) to verify my results > > What a difference between coasts! > > Here my company is called to verify finds of Jim Ross and PI $500 > sweepers. The only other group who has verified one of our finds was > the FBI themselves, and I felt like a kindergarten teacher. > > Position yourself to where you're the one verifying other's work. > You're the expert, not the lowball priced novice whose work needs > vetting by someone else. You're the ultimate authority. > > > It shows you how careful and accurate you must be in this business and > > have those results prepared and provable early on. > > And cover your ass legally if you do find something (which by the way > is extremely unusual, for the novices on the list). Look out for #1 > first. No one else will look out for you. > > Steve > > > ******************************************************************* > Steve Uhrig, SWS Security, Maryland (USA) > Mfrs of electronic surveillance equip > mailto:Steve@s... website http://www.swssec.com > tel +1+410-879-4035, fax +1+410-836-1190 > "In God we trust, all others we monitor" > ******************************************************************* > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > It is by caffeine alone I set my mind in motion. > It is by the juice of Star Bucks that thoughts acquire speed, > the hands acquire shaking, the shaking is a warning. > It is by caffeine alone I set my mind in motion. > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > 6798 From: Matt Paulsen Date: Tue Jan 21, 2003 8:25pm Subject: RE: Re: Double Sweep The 2nd team should have been around from the beginning, and suggested by the 1st team as a 2ndary validation for independant verification. -----Original Message----- From: Fernando Martins [mailto:fernando.martins@e...] Sent: Tuesday, January 21, 2003 2:47 PM To: tscm-l@yahoogroups.com Subject: Re: [TSCM-L] Re: Double Sweep I find here several things as the same kind of issues as in a IT security audit or penetration test, probably it's more like a zero knowledge pen-test. When Steve says "and at this point you stopped" it's kind of familiar :> Anyway ... one even being the best technician in the business, can step in some nasty legal problems, and the best way to avoid those is a very well made contract (=with a very good lawyer/law department at your side), that can clarify EVERY (and 10 more ....) possible grey issues. About the secound team ... also sometimes if one did his job well and found problems, sometimes a secound team that for sure will not find anything is needed ... yeah, such is life! the novice 20cents ;) FM ----- Original Message ----- From: "Steve Uhrig" To: Sent: Tuesday, January 21, 2003 6:03 PM Subject: [TSCM-L] Re: Double Sweep > On 21 Jan 2003 at 9:17, Hawkspirit wrote: > > > Last week I performed a sweep where the clients phone lines were > > compromised with two wiretaps. > > And at this point you stopped, did your best to secure the scene and > minimize every low level stupervisor from having to stick his nose > in, and reported the find to law enforcement and remained on the > scene until they arrived? Took some photos and kept everyone out of > the area with their big muddy boots? Made a written record of > everything from the moment you walked in the door up to and including > a copy of the police report? > > Since you uncovered evidence of a felony? > > And any other action could lead to a conspiracy charge? > > > At the end of the inspection, the client's lawyer decided that he would > > have me meet with telephone company security the next morning > > And this lawyer indemnified you in writing to hold up in court, > promising to pay any and all legal bills you incur and to take a > bullet for you if someone wants to make an issue of your actions in > not immediately reporting a felony? > > Of course you had this in hand before beginning the job, and the > client acknowledged in your contract any finds immediately would be > reported to law enforcement as evidence of a crime? > > > The next morning when I arrived, the client had on hand a second sweep > > team (separate independent company) to verify my results > > What a difference between coasts! > > Here my company is called to verify finds of Jim Ross and PI $500 > sweepers. The only other group who has verified one of our finds was > the FBI themselves, and I felt like a kindergarten teacher. > > Position yourself to where you're the one verifying other's work. > You're the expert, not the lowball priced novice whose work needs > vetting by someone else. You're the ultimate authority. > > > It shows you how careful and accurate you must be in this business and > > have those results prepared and provable early on. > > And cover your ass legally if you do find something (which by the way > is extremely unusual, for the novices on the list). Look out for #1 > first. No one else will look out for you. > > Steve > > > ******************************************************************* > Steve Uhrig, SWS Security, Maryland (USA) > Mfrs of electronic surveillance equip > mailto:Steve@s... website http://www.swssec.com > tel +1+410-879-4035, fax +1+410-836-1190 > "In God we trust, all others we monitor" > ******************************************************************* > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > It is by caffeine alone I set my mind in motion. > It is by the juice of Star Bucks that thoughts acquire speed, > the hands acquire shaking, the shaking is a warning. > It is by caffeine alone I set my mind in motion. > =================================================== TSKS > > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ > > > ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6799 From: Keith Ray Date: Tue Jan 21, 2003 10:54am Subject: RE: Rx powered when cell phone off Quoting George Shaw : > Out of curiosity tonight I took apart a Nokia 3210e (Orange) powered > down and took readings across the range on the Rx side of the circuits > and YES it is powered even when the "switch" is off. I am running > further tests now to see what exactly it is capable of receiving but all > indications are that it can indeed Rx when in "off" mode which really is > a standby mode I guess. I have several other phones here I can hack this > week. Now if Nokia are doing it I guess the others are as well, whether > its in the spec or not. I was going through some of the old TSCM-L archives and ran across this post from last May. Was there ever any more information regarding the ability of cell phones to be remotely programmed/operated even though in the off mode? -- Keith Ray -- OpenPGP Key: 0x79269A12 6800 From: kondrak Date: Wed Jan 22, 2003 0:42pm Subject: Re: RE: Rx powered when cell phone off Yes, sprint can do this here (US), and can make the cphone into a bug from remote. The obvious disadvantage is battery life. You turn on the transmitter, and battery life goes real fast. It takes a software load from the switch, and it can be done without any customer knowledge, no lights or any indication the phone transmitting. Readings on the contacts doesn't necessarily mean the phone is compromised. Most all phones show a small amount of current being drawn, even when off. Memories need to be held, dialing lists etc, which are almost always eprom stored. The only reliable method of securing the phone, IMHO is removal of the battery. At 10:54 1/21/03 -0600, you wrote: >Quoting George Shaw : > > > Out of curiosity tonight I took apart a Nokia 3210e (Orange) powered > > down and took readings across the range on the Rx side of the circuits > > and YES it is powered even when the "switch" is off. I am running > > further tests now to see what exactly it is capable of receiving but all > > indications are that it can indeed Rx when in "off" mode which really is > > a standby mode I guess. I have several other phones here I can hack this > > week. Now if Nokia are doing it I guess the others are as well, whether > > its in the spec or not. > >I was going through some of the old TSCM-L archives and ran across this post >from last May. Was there ever any more information regarding the ability of >cell phones to be remotely programmed/operated even though in the off mode? > > -- >Keith Ray -- OpenPGP Key: 0x79269A12 > > >======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > It is by caffeine alone I set my mind in motion. > It is by the juice of Star Bucks that thoughts acquire speed, > the hands acquire shaking, the shaking is a warning. > It is by caffeine alone I set my mind in motion. >=================================================== TSKS > >Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6801 From: James M. Atkinson Date: Wed Jan 22, 2003 7:24pm Subject: THEN and NOW THEN and NOW 1972: Long hair 2002: Longing for hair 1972: KEG 2002: EKG 1972: Acid rock 2002: Acid reflux 1972: Moving to California because it's cool 2002: Moving to California because it's warm 1972: Trying to look like Marlin Brando or Liz Taylor 2002: Trying NOT to look like Marlin Brando or Liz Taylor 1972: Hoping for a BMW 2002: Hoping for a BM 1972: The Grateful Dead 2002: Dr. Kevorkian 1972: Going to a new, hip joint 2002: Receiving a new hip joint 1972: Rolling Stones 2002: Kidney Stones 1972: Being called into the principal's office 2002: Calling the principal's office 1972: Screw the system 2002: Upgrade the system &! nbsp;1972: Disco 2002: Costco 1972: Parents begging you to get your hair cut 2002: Children begging you to get their heads shaved 1972: Passing the drivers' test 2002: Passing the vision test 1972: Whatever 2002: Depends Just in case you weren't feeling too old today, this will certainly change things: The people who are starting college this fall across the nation were born in 1983. They are too young to remember the space shuttle blowing up. Their lifetime has always included AIDS. Bottle caps have always been screw off and plastic. The CD was introduced the year they were born. They have always had an answering machine. They have always had cable. They cannot fathom not having a remote control. Jay Leno has always been on the Tonight Show. Popcorn has always been cooked in the microwave. They never took a swim and thought about Jaws. They can't imagine what hard contact lenses are. They don't know who Mork was or where he was from. They never heard: "Where's the Beef?", "I'd walk a mile for a Camel," or "de plane Boss, de plane." They do not care who shot J. R. and have no idea who J. R. even is. Michael Jackson has always been white. McDonald's never came in Styrofoam containers. They don't have a clue how to use a typewriter. Do you feel old yet? Pass this on to the other old fogies in your life. The statistics on sanity are that one out of every four is suffering from some form of mental illness. Think of your three best friends. If they're okay, then it's you. Have a good day! -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- Vocatus atque non vocatus deus aderit -------------------------------------------------------------------------------------------------- 6802 From: Charles P. Date: Wed Jan 22, 2003 9:24pm Subject: Re: THEN and NOW Signs of age. A friend of mine who installs hi-end home theater systems asked me if I would help him set up and program the phone system at Paul Simon's new house in CT (the singer, not the politician). My 18 year old son came along to lend a hand. His question: "who's Paul Simon?" sigh Charles ----- Original Message ----- From: "James M. Atkinson" To: "TSCM-L Mailing List" Sent: Wednesday, January 22, 2003 8:24 PM Subject: [TSCM-L] THEN and NOW > > THEN and NOW > > 1972: Long hair > 2002: Longing for hair > > 1972: KEG > 2002: EKG > > 1972: Acid rock > 2002: Acid reflux > > 1972: Moving to California because it's cool > 2002: Moving to California because it's warm > > 1972: Trying to look like Marlin Brando or Liz Taylor > 2002: Trying NOT to look like Marlin Brando or Liz Taylor > > 1972: Hoping for a BMW > 2002: Hoping for a BM > > 1972: The Grateful Dead > 2002: Dr. Kevorkian > > 1972: Going to a new, hip joint > 2002: Receiving a new hip joint > > 1972: Rolling Stones > 2002: Kidney Stones > > 1972: Being called into the principal's office > 2002: Calling the principal's office > > 1972: Screw the system > 2002: Upgrade the system > > &! nbsp;1972: Disco > 2002: Costco > > 1972: Parents begging you to get your hair cut > 2002: Children begging you to get their heads shaved > > 1972: Passing the drivers' test > 2002: Passing the vision test > > 1972: Whatever > 2002: Depends > > Just in case you weren't feeling too old today, this will certainly > change things: > > The people who are starting college this fall across the nation were > born in 1983. > > They are too young to remember the space shuttle blowing up. > > Their lifetime has always included AIDS. > > Bottle caps have always been screw off and plastic. > > The CD was introduced the year they were born. > > They have always had an answering machine. > > They have always had cable. > > They cannot fathom not having a remote control. > > Jay Leno has always been on the Tonight Show. > > Popcorn has always been cooked in the microwave. > > They never took a swim and thought about Jaws. > > They can't imagine what hard contact lenses are. > > They don't know who Mork was or where he was from. > > They never heard: "Where's the Beef?", "I'd walk a mile for a > Camel," or "de plane > Boss, de plane." > > They do not care who shot J. R. and have no idea who J. R. even is. > > Michael Jackson has always been white. > > McDonald's never came in Styrofoam containers. > > They don't have a clue how to use a typewriter. > > Do you feel old yet? > Pass this on to the other old fogies in your life. > > The statistics on sanity are that one out of every four is suffering > from some form of > mental illness. > > Think of your three best friends. If they're okay, then it's you. > > Have a good day! > -- > > -------------------------------------------------------------------------- ------------------------ > The First, The Largest, The Most Popular, and The Most Complete TSCM, > Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. > -------------------------------------------------------------------------- ------------------------ > James M. Atkinson Ph: (978) 546-3803 > Granite Island Group Fax: (978) 546-9467 > 127 Eastern Avenue #291 http://www.tscm.com/ > Gloucester, MA 01931-8008 mailto:jmatk@t... > -------------------------------------------------------------------------- ------------------------ > Vocatus atque non vocatus deus aderit > -------------------------------------------------------------------------- ------------------------ > > Yahoo! Groups Sponsor > ADVERTISEMENT > > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > It is by caffeine alone I set my mind in motion. > It is by the juice of Star Bucks that thoughts acquire speed, > the hands acquire shaking, the shaking is a warning. > It is by caffeine alone I set my mind in motion. > =================================================== TSKS > > Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. > > 6803 From: Steve Uhrig Date: Wed Jan 22, 2003 10:03pm Subject: Growth of American Surveillance The sky apparently is falling. And has been for as long as I can remember. http://www.wired.com/news/politics/0,1283,57226,00.html http://zdnet.com.com/2100-1105-980964.html We're all doomed. ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 6804 From: Matt Paulsen Date: Wed Jan 22, 2003 10:42pm Subject: RE: THEN and NOW Here's one - About 10 years ago, a cub scout here in Portland didn't know how to use the rotary phone in the local church to call his mother to pick him up. He had to come back, get a 'grown up' to show him how to use it... no buttons... sigh... -----Original Message----- From: Charles P. [mailto:charles@t...] Sent: Wednesday, January 22, 2003 7:25 PM To: James M. Atkinson; TSCM-L@yahoogroups.com Subject: Re: [TSCM-L] THEN and NOW Signs of age. A friend of mine who installs hi-end home theater systems asked me if I would help him set up and program the phone system at Paul Simon's new house in CT (the singer, not the politician). My 18 year old son came along to lend a hand. His question: "who's Paul Simon?" sigh Charles ----- Original Message ----- From: "James M. Atkinson" To: "TSCM-L Mailing List" Sent: Wednesday, January 22, 2003 8:24 PM Subject: [TSCM-L] THEN and NOW > > THEN and NOW > > 1972: Long hair > 2002: Longing for hair > > 1972: KEG > 2002: EKG > > 1972: Acid rock > 2002: Acid reflux > > 1972: Moving to California because it's cool > 2002: Moving to California because it's warm > > 1972: Trying to look like Marlin Brando or Liz Taylor > 2002: Trying NOT to look like Marlin Brando or Liz Taylor > > 1972: Hoping for a BMW > 2002: Hoping for a BM > > 1972: The Grateful Dead > 2002: Dr. Kevorkian > > 1972: Going to a new, hip joint > 2002: Receiving a new hip joint > > 1972: Rolling Stones > 2002: Kidney Stones > > 1972: Being called into the principal's office > 2002: Calling the principal's office > > 1972: Screw the system > 2002: Upgrade the system > > &! nbsp;1972: Disco > 2002: Costco > > 1972: Parents begging you to get your hair cut > 2002: Children begging you to get their heads shaved > > 1972: Passing the drivers' test > 2002: Passing the vision test > > 1972: Whatever > 2002: Depends > > Just in case you weren't feeling too old today, this will certainly > change things: > > The people who are starting college this fall across the nation were > born in 1983. > > They are too young to remember the space shuttle blowing up. > > Their lifetime has always included AIDS. > > Bottle caps have always been screw off and plastic. > > The CD was introduced the year they were born. > > They have always had an answering machine. > > They have always had cable. > > They cannot fathom not having a remote control. > > Jay Leno has always been on the Tonight Show. > > Popcorn has always been cooked in the microwave. > > They never took a swim and thought about Jaws. > > They can't imagine what hard contact lenses are. > > They don't know who Mork was or where he was from. > > They never heard: "Where's the Beef?", "I'd walk a mile for a > Camel," or "de plane > Boss, de plane." > > They do not care who shot J. R. and have no idea who J. R. even is. > > Michael Jackson has always been white. > > McDonald's never came in Styrofoam containers. > > They don't have a clue how to use a typewriter. > > Do you feel old yet? > Pass this on to the other old fogies in your life. > > The statistics on sanity are that one out of every four is suffering > from some form of > mental illness. > > Think of your three best friends. If they're okay, then it's you. > > Have a good day! > -- > > -------------------------------------------------------------------------- ------------------------ > The First, The Largest, The Most Popular, and The Most Complete TSCM, > Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. > -------------------------------------------------------------------------- ------------------------ > James M. Atkinson Ph: (978) 546-3803 > Granite Island Group Fax: (978) 546-9467 > 127 Eastern Avenue #291 http://www.tscm.com/ > Gloucester, MA 01931-8008 mailto:jmatk@t... > -------------------------------------------------------------------------- ------------------------ > Vocatus atque non vocatus deus aderit > -------------------------------------------------------------------------- ------------------------ > > Yahoo! Groups Sponsor > ADVERTISEMENT > > > > > ======================================================== > TSCM-L Technical Security Mailing List > "In a multitude of counselors there is strength" > > To subscribe to the TSCM-L mailing list visit: > http://www.yahoogroups.com/community/TSCM-L > > It is by caffeine alone I set my mind in motion. > It is by the juice of Star Bucks that thoughts acquire speed, > the hands acquire shaking, the shaking is a warning. > It is by caffeine alone I set my mind in motion. > =================================================== TSKS > > Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service. > > ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6805 From: Matt Paulsen Date: Thu Jan 23, 2003 0:25am Subject: RE: Growth of American Surveillance Ask me again in 50 years Mr. Yakamoto. Agency: Department of the Air Force Office: Air Force Materiel Command Location: ESC - Electronic Systems Center Posted: January 22, 2003 Type: RFP Program Files Title: 63--Force Protection Integrated Base Defense Security System SOL: R485 Agency: Department of the Army Office: Army Contracting Activity, North Region Location: ACA, White Sands Missile Range Posted: January 21, 2003 Type: Synopsis Title: 35--SUBJECT: THE OFFICE OF NATIONAL DRUG CONTROL POLICY, COUNTERDRUG TECHNOLOGY ASSESSMENT CENTER IS SEEKING STATE-OF-THE-ART COUNTERDRUG EQUIPMENT FOR DISTRIBUTION TO STATE AND LOCAL LAW ENFORCEMENT AGENCIES. SOL: DABJ47-03-R-ONDCP Agency: Department of the Treasury Office: Bureau of Alcohol, Tobacco and Firearms (ATF) Location: Acquisition and Property Management Division Posted: January 16, 2003 Type: Synopsis Title: 58 -- Long Haul Video Systems SOL: Reference-Number-LHVideo1 January 08, 2003 Agency: Department of Commerce Office: National Institute of Standards and Technology (NIST) Location: Acquisition and Logistics Division Posted: January 08, 2003 Type: Synopsis Title: X -- Biometric Consortium SOL: Reference-Number-03-346-2027 November 05, 2002 Agency: Department of Justice Office: Immigration & Naturalization Service Location: Headquarter's Procurement Division Posted: November 05, 2002 Type: Modification 1 Title: 70 -- Entry Exit System SOL: COW-2-R-0056 June 20, 2002 Agency: Department of Transportation Office: Research and Special Programs Administration (RSPA) Location: Research and Special Programs Administration HQ Posted: June 20, 2002 Type: Synopsis Title: A -- Transportation Worker Identification Credential (TWIC) System SOL: DTRS56-02-BAA-0005 May 29, 2002 Agency: Department of Health and Human Services Office: National Institutes of Health Location: National Library of Medicine Posted: May 29, 2002 Type: Amendment Title: A -- Application of Advanced Network Infrastructure in Health and Disaster Management SOL: BAA-RFP-NLM-02-103-VMS April 03, 2002 Agency: Department of Health and Human Services Office: National Institutes of Health Location: National Library of Medicine Posted: April 03, 2002 Type: Solicitation Title: A -- Application of Advanced Network Infrastructure in Health and Disaster Management SOL: BAA-RFP-NLM-02-103-VMS March 21, 2002 Agency: Other Defense Agencies Office: Defense Advanced Research Projects Agency Location: Contracts Management Office Posted: March 21, 2002 Type: Solicitation Title: A -- INFORMATION AWARENESS SOL: BAA02-08 Posted: March 21, 2002 Type: Synopsis Title: A -- INFORMATION AWARENESS SOL: BAA02-08 March 08, 2002 Agency: Department of Health and Human Services Office: National Institutes of Health Location: National Library of Medicine Posted: March 08, 2002 Type: Synopsis Title: A -- Application of Advanced Network Infrastructure in Health and Disaster Management SOL: BAA-RFP-NLM-02-103-VMS August 09, 2001 Agency: Department of Justice Office: Drug Enforcement Administration Location: Office of Acquisition Management Posted: August 09, 2001 Type: Synopsis Title: A -- Live-scan ultrasound imaging system SOL: DEA-01-R-0004 October 24, 2000 Agency: Department of the Air Force Office: Air Force Materiel Command Location: ESC - Electronic Systems Center Posted: October 24, 2000 Type: Synopsis Title: 63--Alarm, Signal; Security Detection Equipment SOL: R122 Posted: October 24, 2000 Type: Other Files Title: 63--Alarm, Signal; Security Detection Equipment SOL: R122 -----Original Message----- From: Steve Uhrig [mailto:steve@s...] Sent: Wednesday, January 22, 2003 8:04 PM To: tscm-l@yahoogroups.com Subject: [TSCM-L] Growth of American Surveillance The sky apparently is falling. And has been for as long as I can remember. http://www.wired.com/news/politics/0,1283,57226,00.html http://zdnet.com.com/2100-1105-980964.html We're all doomed. ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6806 From: Ocean Group Date: Wed Jan 22, 2003 9:13am Subject: 2nd Sweep et al..... > At the end of the inspection, the client's lawyer decided that he would > have me meet with telephone company security the next morning And this lawyer indemnified you in writing to hold up in court, promising to pay any and all legal bills you incur and to take a bullet for you if someone wants to make an issue of your actions in not immediately reporting a felony? ## Is it your duty of care to report it to the Police or the telephone company.....if your duty of care is to report it to the telephone company for verification then surely it would be the phone company's duty of care to report it to the police.....Am I right? Of course you had this in hand before beginning the job, and the client acknowledged in your contract any finds immediately would be reported to law enforcement as evidence of a crime? ## Surely if the client said that he/she would report the find then the court would accept that you made a fair assumption that he would unless there was evidence to show that you knew the client was acting in bad fate....???! Here my company is called to verify finds of Jim Ross and PI $500 sweepers. The only other group who has verified one of our finds was the FBI themselves, and I felt like a kindergarten teacher. ## Ross Engineering right? Wait aren't they supposed to be respected professionals....why would their work usually need to be verified....? Position yourself to where you're the one verifying other's work. You're the expert, not the lowball priced novice whose work needs vetting by someone else. You're the ultimate authority. ## Well either way...people are human....if you make a mistake you shouldn't be shot for it....I'm sure pro's miss things from time to time....it's ok for a client to get a 2nd opinion...people do it with doctors all the time....a decent thing to do would be to inform the first specialist that you will be automatically getting a second opinion....that way they know and won't feel untrusted. And cover your ass legally if you do find something (which by the way is extremely unusual, for the novices on the list). Look out for #1 first. No one else will look out for you. ## I was just curious about some of the legal points raised here(at least the american side)....Here if you find something for a corporate company(depending on who they are) they may just ask you to keep the find confidential.....legally I'm not sure what your duty of care is in the Irish courts....I'll ring a lawyer and find out and post it up later...however if your goverment contracted...well lets just say it's slightly different reaction.... However any PI that got into that situation would simply claim ignorance...."Your honour I didn't have a f**kin clue what that little box was...I thought it was a on hold music generator.....I swear.... What? Why did I tell the client I thought it was a bug?.....For the cash....Duh!" Note: Thats not a reflection of any PI's professionalism or integrity. Just in case anyone gets mad....its just that here the people that sweep are PI's. There are some guy's from the UK on the list so I'd be interested to know what the situation is in the UK courts....? Cheers Vance Deran Ocean Group, Technical Security Division, Ireland. 6807 From: Ocean Group Date: Wed Jan 22, 2003 2:21pm Subject: 2nd sweeper.... I had a chat with a lawyer friend and she informed me that the specialist would not be charged as an accessory because the planting of the bug was not a joint enterprise between the specialist and the 3rd party(the bugger,em shall we say the bug planter.). The specialist would also have no reason to suspect that the client was acting in bad fate(unless he did) etc etc and it does not make the specialist liable by assuming that the client would report it. However interesting enough, she said that should the client keep the bug and "use" it, for any incrimination, the information would be naturally enough inadmissable but the specialist could be very well charged for accessory to the fact. So the moral of the story is, if you find a bug, a- to not give it to the client unless he is totally trustworthy or b- disable etc take reasonable precautions etc..... This is the situation as regards the Irish courts however I'd assume it's a pretty standard issue. All the best, Vance Deran Ocean Group, Technical Security Division, Ireland. 6808 From: Craig Snedden Date: Thu Jan 23, 2003 9:52am Subject: RE: 2nd sweeper....Long Post. My apologies My apologies in advance for the length of this posting. Got carried away with myself. :~ (sheepish smile) To follow up Vance's post, I believe the situation in the UK criminal justice system would be different in as much as; 1. Ownership and possession of a transmitting device of any type is not a crime within mainland UK. Unauthorised transmission or reception of RF emissions is.... 2. The connection of any type of device (which would include a simple parallel connection to a "speaker") to the "private" side of a telecommunications system (PBX) (or single line) is not "normally" a criminal offence (however there are lots of potholes with the Data Protection Act which fall into place at this point - a minefield which for the purposes of this discussion I shall ignore.). The principal exception being any device which might be deemed to cause "damage or disruption to the public telephone system - i.e. the carrier network. This would be a point for the courts to decide. 3. The connection of any device to the "private" side of a PBX (or single line) can only be done with the knowledge and consent of the system owner (usually whoever pays the phonebill). So...... What does all that mean? Scenario 1. If a "stand alone" (mic & tx) transmitter was discovered on the premises of a client which had been planted by a third party then the client is not the person responsible for either the tx or rx of any signal. Is he/she expected to know if the person who planted it has the necessary licence? Likewise, is the specialist expected to know if the buggist has the necessary licence? In law, no: Therefore, no trouble to the client if he leaves the device in situ. If he left it in situ and later reported it to the authorities, only the buggist (or any person found to be listening to the tx freq) not having the required authority to tx/rx on that freq (emission type, power etc.) would face any criminal charge. Scenario 2. If the specialist discovers a device connected to the "private" side of the telephone system and brings it to the attention of the system owner, then the call is with the system owner to decide whether to advise any responsible authority. If the device is left and later found to be a "hazard" to the public network, then the system owner, being knowledgeable about it's presence, would possibly be liable, as would be the buggist if caught. Scenario 3. A device having been found on the public network side should be reported firstly to the network provider. (They will take a dim view of anyone, TSCM "professional" or not, being anywhere near thier equipment). Omission to report may result in someone being pursued for having "endangered the integrity of the network". However, who that someone might be is another question. Certainly the buggist if caught. Possibly the system owner if he sanctioned the device to remain in situ. (reason being that you are engaged by the client and are acting at his direction. So long as you make it clear (in writing) that your advice is to inform the network operator asap, then the courts would have to take the view that you are not acting "in concert" with any other person and therefore have no responsibility for breaking any applicable law).... Clear...? No I thought not. Interestingly, this follows from Vance's point that to leave the "bug" in situ and use it as corroboration then any material gained from it would be inadmissable as evidence since it was obtained from an illegal source. Here in the UK, that approach would really depend on whether the "bug" was deemed to be "illegal" in the first place...... Certainly the unlicensed rx of any signal tx by the device would be illegal. But, would the feeding of "chicken feed" into such a bug and seeing who reacted to it be classed as an illegal transmission...? It might be argued not, since I did not switch the transmitter on and cause it to actually tx (it was the buggist) ("A big boy did it and ran away..!!"). Another might argue that it is illegal, since they might argue that I should, as a TSCM "professional" be aware that the tx from such a device is likely to be illegal and should therefore have taken steps to switch it off..... My defence to that one being that I did not know if the device was legal or not and therefore left it on in an effort to trace it's ownership. It might have belonged to the Security Services for all I knew....... Anyone know any UK caselaw on this? I can't find any right now. In truth, reporting such an incident to the police here would most likely be met with a blank stare and little if no response. The telecomms would certainly respond (mostly by just removing the object from the network). :-) Craig -----Original Message----- From: Ocean Group [mailto:inertia@o...] Sent: 22 January 2003 20:21 To: TSCM Group Subject: [TSCM-L] 2nd sweeper.... I had a chat with a lawyer friend and she informed me that the specialist would not be charged as an accessory because the planting of the bug was not a joint enterprise between the specialist and the 3rd party(the bugger,em shall we say the bug planter.). The specialist would also have no reason to suspect that the client was acting in bad fate(unless he did) etc etc and it does not make the specialist liable by assuming that the client would report it. However interesting enough, she said that should the client keep the bug and "use" it, for any incrimination, the information would be naturally enough inadmissable but the specialist could be very well charged for accessory to the fact. So the moral of the story is, if you find a bug, a- to not give it to the client unless he is totally trustworthy or b- disable etc take reasonable precautions etc..... This is the situation as regards the Irish courts however I'd assume it's a pretty standard issue. All the best, Vance Deran Ocean Group, Technical Security Division, Ireland. ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 6809 From: James M. Atkinson Date: Thu Jan 23, 2003 0:42pm Subject: Re: 2nd sweeper.... Vance, It rather depends on the laws of the area you are in, and you should always seek legal advice from a competent and honest attorney (most are neither). I know that here in the United States if a sweeper finds a bug the only option is to immediately secure the scene, and document as much as he can prior to law enforcement arriving. Failure to do so can lead to the sweeper being charged as being an accessory to the crime, and of obstructing justice. Now if the detective (not a PI, a real cop) feels that it would be prudent to feed it false information and to draw the spy out then that's one thing, but neither the sweeper, or the client should try to do this by themselves. If you find a bug the proper thing to do is to, DOCUMENT, SECURE, NOTIFY, ASSIST. -jma At 8:21 PM +0000 1/22/03, Ocean Group wrote: >I had a chat with a lawyer friend and she informed me that the specialist >would not be charged as an accessory because the planting of the bug was not >a joint enterprise between the specialist and the 3rd party(the bugger,em >shall we say the bug planter.). The specialist would also have no reason to >suspect that the client was acting in bad fate(unless he did) etc etc and it >does not make the specialist liable by assuming that the client would report >it. > >However interesting enough, she said that should the client keep the bug and >"use" it, for any incrimination, the information would be naturally enough >inadmissable but the specialist could be very well charged for accessory to >the fact. So the moral of the story is, if you find a bug, a- to not give it >to the client unless he is totally trustworthy or b- disable etc take >reasonable precautions etc..... > > >This is the situation as regards the Irish courts however I'd assume it's a >pretty standard issue. > >All the best, > >Vance Deran > >Ocean Group, >Technical Security Division, >Ireland. -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- Vocatus atque non vocatus deus aderit -------------------------------------------------------------------------------------------------- 6810 From: James M. Atkinson Date: Thu Jan 23, 2003 3:49pm Subject: THE YEAR'S WORST [ACTUAL] HEADLINES OF 2002 THE YEAR'S WORST [ACTUAL] HEADLINES OF 2002 Something Went Wrong in Jet Crash, Expert Says Police Begin Campaign to Run Down Jaywalkers Iraqi Head Seeks Arms Is There a Ring of Debris around Uranus? Prostitutes Appeal to Pope Panda Mating Fails; Veterinarian Takes Over Teacher Strikes Idle Kids Miners Refuse to Work after Death Juvenile Court to Try Shooting Defendant War Dims Hope for Peace If Strike Isn't Settled Quickly, It May Last Awhile Cold Wave Linked to Temperatures Enfield (London) Couple Slain; Police Suspect Homicide Red Tape Holds Up New Bridges Typhoon Rips Through Cemetery; Hundreds Dead Man Struck By Lightning Faces Battery Charge New Study of Obesity Looks for Larger Test Group Astronaut Takes Blame for Gas in Spacecraft Kids Make Nutritious Snacks Chef Throws His Heart into Helping Feed Needy Local High School Dropouts Cut in Half Hospitals are Sued by 7 Foot Doctors -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- Vocatus atque non vocatus deus aderit -------------------------------------------------------------------------------------------------- 6811 From: James M. Atkinson Date: Thu Jan 23, 2003 4:03pm Subject: SOUTHERNISMS Actually, these are country southernisms. City folk spoke differently, but knew the sayings anyway. SOUTHERNISMS 1.) Only a true Southerner knows the difference between a "hissie fit" and a "conniption", and that you don't "HAVE" them, -- you "PITCH" them. 2.) Only a true Southerner knows how many fish, collard greens, turnip greens, peas, beans, etc. make up "a mess." 3.) Only a true Southerner can show or point out to you the general direction of "yonder." 4.) Only a true Southerner knows exactly how long "directly" is - as in: "Going to town, be back directly." 5.) All true Southerners, even babies, know that "Gimme some sugar" is not a request for the white, granular sweet substance that sits in a pretty little bowl on the middle of the table. 6.) All true Southerners know exactly when "by and by" is. They might not use the term, but they know the concept well. 7.) Only a true Southerner knows instinctively that the best gesture of solace for a neighbor who's got trouble is a plate of hot fried chicken and a big bowl of cold potato salad. (If the neighbor's trouble is a real crisis, they also know to add a large banana puddin'!) 8.) Only true Southerners grow up knowing the difference between "right near" and "a right far piece." They also know that "just down the road" can be 1 mile or 20. 9.) Only a true Southerner both knows and understands the difference between a redneck, a good ol' boy, and po' white trash. 10.) No true Southerner would ever assume that the car with the flashing turn signal is actually going to make a turn. 11.) A true Southerner knows that "fixin'" can be used as a noun, a verb, or an adverb. 12.) Only a true Southerner knows that the term "booger" can be a resident of the nose, a descriptive, as in "that ol' booger," a first name or something that jumps out at you in the dark and scares you senseless. 13.) Only true Southerners make friends while standing in lines. We don't do "queues", we do "lines," and when we're "in line," we talk to everybody! 14.) Put 100 true Southerners in a room and half of them will discover they're related, even if only by marriage. 15.) True Southerners never refer to one person as "y'all." 16.) True Southerners know grits come from corn and how to eat them. 17.) Every true Southerner knows tomatoes with eggs, bacon, grits, and coffee are perfectly wonderful; that redeye gravy is also a breakfast food; and that fried green tomatoes are not a breakfast food. 18.) When you hear someone say, "Well, I caught myself lookin' .. , " you know you are in the presence of a genuine Southerner! 19.) Only true Southerners say "sweet tea" and "sweet milk." Sweet tea indicates the need for sugar and lots of it - we do not like our tea unsweetened. "Sweet milk" means you don't want buttermilk. 20.) And a true Southerner knows you don't scream obscenities at little old ladies who drive 30 MPH on the freeway. You just say, "Bless her heart" and go your own way -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- Vocatus atque non vocatus deus aderit -------------------------------------------------------------------------------------------------- 6812 From: James M. Atkinson Date: Thu Jan 23, 2003 4:18pm Subject: Exciting Historical information you need to know about shipping Manure via Nick Baldwin: Exciting Historical information you need to know about shipping Manure: In the 16th and 17th centuries, everything had to be transported by ship. It was also before commercial fertilizer's invention, so large shipments of manure were common. It was shipped dry, because in dry form it weighed a lot less than when wet, but once water (at sea) hit it, it not only became heavier, but the process of fermentation began again, of which a by-product is methane gas. As the stuff was stored below decks in bundles you can see what could (and did) happen. Methane began to build up below decks and the first time someone came below at night with a lantern, BOOOOM! Several ships were destroyed in this manner before it was determined just what was happening. After that, the bundles of manure were always stamped with the term "Ship High In Transit" on them which meant for the sailors to stow it high enough off the lower decks so that any water that came into the hold would not touch this volatile cargo and start the production of methane. Thus evolved the term "S.H.I.T," which has come down through the centuries and is in use to this very day. You probably did not know the true history of this word. Neither did I. I always thought it was a golf term. -- -------------------------------------------------------------------------------------------------- The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. -------------------------------------------------------------------------------------------------- James M. Atkinson Ph: (978) 546-3803 Granite Island GroupFax: (978) 546-9467 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008mailto:jmatk@t... -------------------------------------------------------------------------------------------------- Vocatus atque non vocatus deus aderit --------------------------------------------------------------------------------------------------