From: James M. Atkinson Date: Thu Nov 15, 2001 6:19pm Subject: DES Final Death Knell? [Horseshit... DES has been useless, and insecure for years -jma] DES Final Death Knell? http://www.informationweek.com/story/IWK20011114S0006 Nov. 14, 2001 It's already on its way out, but last week's CCA hack might be the last straw for the encryption standard. By George V. Hulme Any company still securing its systems with single Data Encryption Standard (DES) encryption may want to rethink its security posture. Last week, Cambridge computing students Michael Bond and Richard Clayton devised a hack that revealed weaknesses in the Common Cryptographic Architecture API, used by an IBM 4758. "Straight DES has been dead for a year," Gartner security analyst John Pescatore says. "Triple DES is the minimum you should be using currently, and now is the time to be moving to" Advanced Encryption Standard. Single DES is a NIST-standard secret cryptography key method that uses a 56-bit key, and is based on an algorithm designed by IBM and the U.S. National Security Agency. Triple DES uses three keys to encrypt data. Advanced Encryption Standard was selected by the U.S. Department of Commerce in October 2000 and is expected to eventually replace triple DES. Unlike DES, which is limited to key lengths of 56 bits, AES can support 128-, 192-, and 256-bit keys. -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4143 From: James M. Atkinson Date: Fri Nov 16, 2001 8:41am Subject: It was the first day of school [PG-13] It was the first day of school and a new student named Suzuki, the son of a Japanese businessman, entered the fourth grade. The teacher said, "Let's begin by reviewing some American history. Who said, "Give me Liberty, or give me Death?" She saw a sea of blank faces, except for Suzuki, who had his hand up." Patrick Henry, 1775." he said." Very good! Who said 'Government of the people, by the people, for the people, shall not perish from the earth'"? Again, no response except from Suzuki:"Abraham Lincoln, 1863." said Suzuki. The teacher snapped at the class," Class, you should be ashamed. Suzuki, who is new to our country, knows more about its history than you do." She heard a loud whisper: "F--k the Japanese." "Who said that?" she demanded. Suzuki put his hand up. "Lee Iacocca, 1982." At that point, a student in the back said, "I'm gonna puke." The teacher glares and asks "All right! Now, who said that?" Again, Suzuki says, "George Bush to the Japanese Prime Minister, 1991." Now furious, another student yells, "Oh yeah? Suck this!" Suzuki jumps out of his chair waving his hand and shouts to the teacher, "Bill Clinton, to Monica Lewinsky, 1997!" In the midst of almost a mob hysteria someone said, "You little shit, if you ever say anything else I'll have you killed." Suzuki frantically yells at the top of his voice, "Gary Condit to Chandra Levy 2001." The teacher fainted... -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4144 From: Marty Kaiser Date: Fri Nov 16, 2001 4:08am Subject: Nostalgia Hi Gang I have just added more material to my NOSTALGIA page. There is a lot more to put on it but what is there now might interest you. Check it out. http://www.martykaiser.com/nostal~1.htm Marty [Non-text portions of this message have been removed] 4145 From: Aimee Farr Date: Fri Nov 16, 2001 10:26am Subject: Digital document control = interception? [There are a number of solutions like this. Interesting. ~Aimee.] http://news.zdnet.co.uk/story/0,,t269-s2099331,00.html Email retraction tool may run into interception hurdle 17:57 Thursday 15th November 2001 Wendy McAuliffe A Lotus Notes email retraction tool could be breaking interception laws, according to the Office of the Information Commissioner A new email tool that allows Lotus Notes and Domino users to retract unread emails from a person's inbox could be breaking surveillance and data protection laws within the UK. The Office of the Information Commissioner has warned that the Demailer tool, announced by IBM/Lotus on Wednesday, could conflict with email interception principles set out in the Regulation of Investigatory Powers Act 2000 (RIPA). The email retraction utility is also in danger of infringing data processing guidelines contained within the Data Protection Act 1998, as the intended recipient will be unaware that an email has been retrieved from their inbox. "If the tool allows an individual to retrieve an email from the server, that is not unreasonable," said David Clancy, assistant commissioner to the information commissioner. "But if it allows someone to retrieve an email from beyond the server, when the email is waiting in the inbox, we would see this as interception, which also has potential data protection issues." The IBM/Lotus Demailer, developed by IT Simple, allows users of Lotus Domino Notes to retract emails within any organisation, across any organisation's domains, within private Domino intranets, and from Domino customers and suppliers through the Internet. The tool is designed for the retrieval of emails sent in error, without the receiver being informed. Email retraction has been a feature of some systems for years, but recent legislation may mean that such a tool is no longer legitimate for business purposes. "The person retrieving the email doesn't need any rights at all," said Samantha Barnes, marketing manager at IT Simple. The creator of Demailer claims that all data protection implications were considered before the launch of the product, and insists that email retraction tools are only illegal in Germany. "There are no legal implications at all -- IBM would not be going for it if that was the case," said Barnes. RIPA grants law enforcement officers the power to intercept emails in cases of national security, or for the purposes of detecting crime and disorder, protecting public health and safety, and collecting tax. It is agreed among the legal and policy-making profession that there is currently a lack of clarity surrounding the circumstances in which emails can be intercepted, but Lord Bassam's "doormat" rule concludes that if an email is sitting in an inbox and has not been read, any interference with that correspondence would be considered interception. The Office of the Information Commissioner is concerned that Demailer capabilities may be encroaching into illegal interception territory, as the utility can be used by any Notes user on a day-to-day basis. "We would need to look at whether this was a lawful interception under RIPA -- if not it would be a RIPA offence, and would classify as unfair processing under the Data Protection," said Clancy 4146 From: Date: Fri Nov 16, 2001 1:58pm Subject: Information Security Magazine interesting article! November 2001 JAMES ATKINSON In the world of corporate espionage, this counter-surveillance specialist is the man to call. BY RICHARD THIEME When you hear the words "bug hunter," you probably think Rain Forest Puppy, Blue Boar, Juan Cuartango, Marc Maiffret or some other Bugtraq regular. That is, you envision someone who discovers and publicizes software vulnerabilities (a.k.a. bugs). James Atkinson also hunts bugs, but not in software. He stalks corporate spies, whose weapons of choice are highly sophisticated electronic surveillance devices. It's not the kind of activity usually associated with information security, but the bad guys are still after your company's most important asset--highly confidential information. While executives readily accept the need for firewalls, IDSes and antivirus software, it doesn't occur to them they might need to hire a bug hunter of Atkinson's breed. Many companies are in denial, Atkinson says. They don't believe their competitors would spy on them. Smaller competitors in industries as diverse as fashion photography and software can steal work that took years to develop, then turn that stolen information into lucrative imitations. "You can make more money doing illicit eavesdropping than selling cocaine," Atkinson says. "It's more profitable, and it's a lot safer." Be Careful Out There Corporate espionage is big business. The cost of spying has increased, and so has the cost of detecting it. The stakes have to be high to justify the expense. That's why Atkinson's Granite Island Group (www.tscm.com) in Gloucester, Mass., a provider of technical surveillance countermeasures (TSCM), works mostly with companies with annual sales in excess of $200 million. Connect to Granite Island's Web site and take a tour of the "dark side." Pulsating signal displays and flashing numerical readouts jump out of blackness. Echoing every spy movie you've seen, the FAQs promise "everything you ever wanted know about TSCM and bug detection." Consider, for example, the rules of engagement for the first meeting with Atkinson: "Contact is made away from suspect facility (at airport pay phone etc.)" and "initial meeting at sterile location away from any suspect facility." Atkinson is often hired when a CEO suspects a problem and asks him to do a sweep. "From almost any street corner in the business section of any major city, I can pick up covert audio or video eavesdropping devices," Atkinson says. " It's astounding how much is out there." Solve the Crime - But Say Nothing Atkinson's clientele hire him for his special skills--and his absolute discretion. One publicly traded company, for example, was receiving daily bomb threats by telephone. Traces led to a pay phone--which wasn't the source of the calls. When the company started to get faxed bomb threats, they evacuated the building. Even though they were only false alarms, the threats had a devastating impact on business. The trail led to a man 4,000 miles away working for a porn Web site. He'd been fired several years before and swore that when he got back on his feet, he would destroy the company. He hadn't hacked into the company's PBX system but slipped in a backdoor into it and rearranged the PBX extensions. He then called the 800 number to leave a bomb threat and went back into the PBX system to erase his tracks. He also e-mailed bomb threats and executed DoS attacks, crippling the company's LAN and WAN. Atkinson tracked him to his office, then his home, then woke up his boss, who happened to be an organized crime figure. The boss didn't want public attention and persuaded his employee to sign a confession. With the confession held as a sword over his head, the culprit ceased his threats and attacks. Another case involved a school attended by members of prominent families. Videotapes of students in the showers were finding their way to a video store. The school found holes in the shower room walls but no cameras. It hired Granite Island. Cameras generate an electric field with a particular signature, and Atkinson knew what he was looking for. Using sophisticated analysis equipment, he tuned the antenna to the appropriate frequency, looked for the signal and found the cameras. Campus police learned that a janitor had been paid to let the culprits in to install the cameras. He also changed the tapes. In neither case did Atkinson's clients press charges. He says that's typical. "I have found bugs in boardrooms that would boggle your mind," he says. "None of them want it known." Confidentiality works both ways. In return for his discretion, Atkinson expects his clients not to reveal that he has worked for them. That makes it tough to get references, but helps him maintain the public anonymity he needs. He even forbade Information Security from showing his face. The Prodigy Atkinson's unorthodox route to the high-tech business of debugging began when he was a child. He would stand in awe at computer room windows of companies he toured with classes. He collected carcasses of old TVs when he was 10 and stripped their components. He built or haggled component testers and tested every part. Later, he joined the Air Force and learned on "two of the most classified, sophisticated computer systems the Air Force had at that time. You needed a top secret clearance just to operate the buffer." Atkinson is solicited frequently by people who think they are being bugged but are wrong--or delusional. "I'll accept maybe one in 25 queries," he says. "It's not uncommon for people who need psychiatric help to call us, thinking the government has an implant in their head for sending microwave messages." While business owners should be legitimately concerned about electronic surveillance, Atkinson warns that there are charlatans in his field. "I know of one guy who carries 40 different kinds of bugs so he can plant one quickly if the client feels he's paying the bill for nothing," he explains. "They're like exterminators bringing in their own roaches." If you do more than $4 million to $5 million annually in sales, be slightly paranoid, says Atkinson. If you do $200 million to $300 million, be very paranoid. Read Machiavelli and Sun Tzu, he suggests. "Business is warfare, and in warfare, you have spies." And, luckily, you also have spy hunters. RICHARD THIEME (rthieme@t...), president of Thiemeworks, is a contributing writer for Information Security. He writes, speaks and consults on the human dimensions of technology and the workplace. HAVE A GREAT DAY !!! ---------- http://navigation.helper.realnames.com/framer/1/113/default.asp?realname=Information+Security+Magazine&url=http%3A%2F%2Fwww%2Einfosecuritymag%2Ecom&frameid=1&providerid=113&uid=17520601 [Non-text portions of this message have been removed] 4147 From: Matthew Paulsen Date: Fri Nov 16, 2001 11:43am Subject: RE: Digital document control = interception? It's unfortunate that IBM decided to create a product that can be viewed as a hack, and endorsed its use to bypass other organizations security controls without their knowledge or ability to block this circumvention. The first part that stands out is "and from Domino customers and suppliers through the Internet." The other part that is more reveiling is " allows users of Lotus Domino Notes to retract emails within any organisation, across any organisation's domains, within private Domino intranets, and from Domino customers and suppliers through the Internet." While most programs have retrieval built in, they normally don't allow a remote system to automatically remove an email from your mailbox if you're remote. If this can do it through the internet, say via SMTP or IMAP that's not a good thing. If it's restricted to Lotus's product, fine. Tough for Lotus users. Should have bought GroupWise or Exchange or Sendmail. IBM has yet to learn that creating closed systems that do funny things to peoples computers is not a good thing. This is not 1960. IBM is not in charge of the world computing environment any longer. True, it's sometimes nice to have a retrieval option, say a new virus comes out, recall all the virus born emails back, or you sent that hot steamy letter to your boss instead of his secretary, but this will only anger privacy groups and create intrusion fears for end users of mail systems. I can just see McAfee now - DAT Version 4999 - Strips out IT Simple requests on Notes Servers and gateway scanners. Sincerely, Matt Paulsen Out of work security systems engineer and enterprise systems architecture expert. Know any good jobs? Let me know. Will relocate. Can also spotlight. mpaulsen6@h... or 503-439-1397. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you believe this method of communication to be compromised or at risk, do not contact me through this medium, instead establish a secondary method of communication with me through secure courier, personal contact, multiple encryption systems, or if not possible please do not respond to the message. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGPfreeware 7.0.3 for non-commercial use mQGiBDuoDQgRBADcOOT+8bdrRTorYkI3/uFhxSCaQkSFXE0tj7oLLr+BMIc409vD n2woHrlPnhGZyYUX8JfNBe2TvFfW8EwD4L/Exd3M7ywff2sRIAoZeuQMZbNI69N5 lYMvsb/Knux7EpCY/lSSOqfT1Lo0mSEq/KmFDA+akUrBq6tXQHo+ak2h3QCg/5Cl Xyyr3zhOCP9oKc4sk2RUQvED/2HpoQt1FIXOLEUDjLVXd/IdwIZbGfxTkeJhq5vW exrjnKhDgDAFMl3kVvhsDvM0JA1AODGOa821oReca2dK+blSBpXS652k4FMzQuGc Q91H174bFjLmsL75PSRYjGo2qZC2JbLMFnAtR6k8Dhdz3EgE3ttrU5G/A05xQ9ux gUZLBADEhVxr7kXYNwYedp+Hv+xWJpBnYwrLOy9dGr1hoM0AhPtT+/L6uyv0yJmd HWYZUbhyeUy5dwWdquilLOBaF+l0BtgRdrmtl5T+20rsI+sc/aVNbtfp7GjwWriy Ygep3BCf24PPvzh8JgY3PlTmVYOE8StDBQm+Z7pBZ80ouIA4brQkTWF0dGhldyBQ YXVsc2VuIDxtcGF1bHNlbjZAaG9tZS5jb20+iQBYBBARAgAYBQI7qA0ICAsDCQgH AgEKAhkBBRsDAAAAAAoJELjYcPfEakW9IRsAoOgv510tXgAot4LI3zdV7iaVr0Io AJ4w9CSCx/t0C4lDBlZM5PgZJ0qABLkCDQQ7qA0IEAgA9kJXtwh/CBdyorrWqULz Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq 01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O 9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6TIL OwACAggAvP1XSJNhkYvPiTVrM41MBBuAAPR21PxJbrMkB5z89+3KaJ7h+gEHeCDy GE8QmVYfSMpz7/sq8W2B9vNDUn2dLnKCI3VPeszMW9oN/JR3QnL2T+sThXvLY8TF 966NIIGrHIVDeb9hFoVOPrzghuWOv8Q0K0V0LquBF4IndgNy3S7s4ZjTExcMi3hn Pu/PgUXzb1gGsmFoyZFy6YYGKqQ5+27UtghHbEeOIL90+bep4xuDAZ0v3Hjh+tnI a+vIFdjVLxsTTwwB4GW3o1P1+F9wj+KfkPqWroDAYBtwV2a3YQ4MfXgTSGYysm2+ mvnyHwrE0ZnO+0KLK7pPJ/tCMagFEYkATAQYEQIADAUCO6gNCAUbDAAAAAAKCRC4 2HD3xGpFvVKWAJ9Uz57//yNxW1pmdfjcJc3rCI/FiwCeKZV8pnywou/rqlRy0Jfy 6oPOPrk= =97B9 -----END PGP PUBLIC KEY BLOCK----- -----Original Message----- From: Aimee Farr [mailto:aimee.farr@p...] Sent: Friday, November 16, 2001 8:27 AM To: TSCM-L Mailing List Subject: [TSCM-L] Digital document control = interception? [There are a number of solutions like this. Interesting. ~Aimee.] http://news.zdnet.co.uk/story/0,,t269-s2099331,00.html Email retraction tool may run into interception hurdle 17:57 Thursday 15th November 2001 Wendy McAuliffe A Lotus Notes email retraction tool could be breaking interception laws, according to the Office of the Information Commissioner A new email tool that allows Lotus Notes and Domino users to retract unread emails from a person's inbox could be breaking surveillance and data protection laws within the UK. The Office of the Information Commissioner has warned that the Demailer tool, announced by IBM/Lotus on Wednesday, could conflict with email interception principles set out in the Regulation of Investigatory Powers Act 2000 (RIPA). The email retraction utility is also in danger of infringing data processing guidelines contained within the Data Protection Act 1998, as the intended recipient will be unaware that an email has been retrieved from their inbox. "If the tool allows an individual to retrieve an email from the server, that is not unreasonable," said David Clancy, assistant commissioner to the information commissioner. "But if it allows someone to retrieve an email from beyond the server, when the email is waiting in the inbox, we would see this as interception, which also has potential data protection issues." The IBM/Lotus Demailer, developed by IT Simple, allows users of Lotus Domino Notes to retract emails within any organisation, across any organisation's domains, within private Domino intranets, and from Domino customers and suppliers through the Internet. The tool is designed for the retrieval of emails sent in error, without the receiver being informed. Email retraction has been a feature of some systems for years, but recent legislation may mean that such a tool is no longer legitimate for business purposes. "The person retrieving the email doesn't need any rights at all," said Samantha Barnes, marketing manager at IT Simple. The creator of Demailer claims that all data protection implications were considered before the launch of the product, and insists that email retraction tools are only illegal in Germany. "There are no legal implications at all -- IBM would not be going for it if that was the case," said Barnes. RIPA grants law enforcement officers the power to intercept emails in cases of national security, or for the purposes of detecting crime and disorder, protecting public health and safety, and collecting tax. It is agreed among the legal and policy-making profession that there is currently a lack of clarity surrounding the circumstances in which emails can be intercepted, but Lord Bassam's "doormat" rule concludes that if an email is sitting in an inbox and has not been read, any interference with that correspondence would be considered interception. The Office of the Information Commissioner is concerned that Demailer capabilities may be encroaching into illegal interception territory, as the utility can be used by any Notes user on a day-to-day basis. "We would need to look at whether this was a lawful interception under RIPA -- if not it would be a RIPA offence, and would classify as unfair processing under the Data Protection," said Clancy ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 4148 From: James M. Atkinson Date: Sat Nov 17, 2001 8:10pm Subject: EMC embroiled in spy case with ex-employee Tuesday 13th November 2001 5:20pm EMC embroiled in spy case with ex-employee http://www.silicon.com/public/door?6004REQEVENT=&REQINT1=49111&REQSTR1=silicon.com EMC says he stole information and lied on his CV. He says his house was broken into and his phone bugged... Storage giant EMC is involved in a full-blown courtroom battle with one of its former executives over allegations of spying and forgery. EMC's lawyers are accusing former employee Kenneth Todd Gresham of taking strategic company secrets with him when he joined small storage start-up Eurologic Systems earlier this year. According to US wires, EMC also claims that Gresham lied in his job application, saying his claims of a college education are false. Gresham's lawyers are denying the accusations. Gresham claimed in his defence that suspicious events took place at Gresham's home this summer, such as break-ins and hoax telephone calls warning his house was bugged. The case continues. -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4149 From: Steve Uhrig Date: Sat Nov 17, 2001 10:31pm Subject: ISA DAR-3 available Hi all, An ISA DAR-3 'Extended Range Wireless Transmitter Detector' has just become available from a retiring TSCMer. This was his primary RF piece, as it is for a number of professional sweepers. Check here for specs: http://www.isa-tscm.com/Products/dar-3&4.htm The DAR-3 is the enhanced version, with full RF coverage of 50 kc through 12 gigs. The unit includes an alarm where you can set the trigger level to just above background and use it for In-Place Monitoring (IPM). You can remote the alarm if necessary. It also has a built in sound source. For nearly a year I had a DAR-1 (the less sophisticated version) sitting on a shelf in my office with a collapsed BNC whip and elbow on it. I set the trigger level fairly high, and a few times a day I would hear airplanes overhead talking to somewhere, and various other assorted transmissions. One time the local power company was working in the area, and I clearly heard them talking to their dispatcher on their 800 meg trunking system. Another time we had a plumber out, and after he did his work, he called into the office from the cell phone in his truck to find out how much to charge us. The DAR picked up his cell transmissions fine, and I heard the amount he was going to charge us. I had a check filled out with that amount when he came back in, and I handed it to him. He nearly choked. I just said I had written the check for what I considered was a fair price and hoped it was OK with him. He handed me a handwritten service ticket with the exact amount of the check on it. Nothing gets by you with one of these. The DAR-3 also will read signals from power lines, too, with the included adapter. So you can check for RF/Carrier Current devices on the power lines as well as signals radiated. This unit is in excellent condition, with a recent battery. The kit includes the handheld antenna and cable, shoulder strap, headphones, battery charger, instruction manual and custom foam fitted hard carrying case with combination lock, made by Platt. When your check clears I will give you the combination to the lock! The case is slightly bigger than a briefcase but not as big as a suitcase. In the past, every DAR I have had has sold within a few days of becoming available. They are rare, expensive, versatile units. Here is a chance to get a -3 version at an excellent price. Price for the unit with accessories as described above is $2250. ========================= As an accessory for the above is a microwave Log Periodic Antenna (LPA), covering 1 to 12 gigs. It is very directional and high gain. The antenna looks like the standard Christmas tree, mounted with vertical polarization on a pistol grip. The pointed edge of the antenna sticking up acts as a handgun sight. A short piece of coax connects the antenna to the DAR via a front panel BNC connector. This antenna is a precision made device, necessary for proper sweeping at extremely high frequencies. I am offering it separately in case someone who already has an antenna needs the DAR and does not want to spend the money on another one. The antenna is not shown on ISA's page, but it looks similar to the MDC-5 in the link below except the antenna is vertical instead of horizontal. http://www.isa-tscm.com/Products/Products.htm The antenna comes in a nice hard plastic case which I believe is an ordinary heavy plastic toolbox which has been fitted with foam. Antenna is $400 and will not be sold separately unless someone else buys only the DAR. I take checks, credit cards, cash, precious metals or anything else equivalent for payment and will ship anywhere in the world. Email if interested. Steve ******************************************************************* Steve Uhrig, SWS Security, Maryland (USA) Mfrs of electronic surveillance equip mailto:Steve@s... website http://www.swssec.com tel +1+410-879-4035, fax +1+410-836-1190 "In God we trust, all others we monitor" ******************************************************************* 4150 From: A Grudko Date: Sun Nov 18, 2001 10:57am Subject: Guard's lapse at Logan Non-TSCM thread - Original Message - From: James M. Atkinson > [The only way that they are going to stop this kind of behavior is to > totally clear out the private firms from the primary screening point, > and move the entire security perimeter into the hands of the federal > government (preferably the military).] I owned a high risk courier company for a year (it was bought out by Brinks in '96). We operated from the aircraft to the customer's premises & vice versa, moving gold bullion, diamonds, jewelery, cellphones and laptops. Our track record was 100% - zero loss in over a year's operation. Our secrets were: * The guys were all screened ex-police or military * Military disciplin was maintained * High morale and teamwork was a priority * They were paid up to double the industry rate * Regular training * Good technical communications * We knew thier families and home circumstances (it was a small company - max. 12 guys) ** And they knew that in SA the danger of facing 20 guys with auto weapons was real, so it really did not pay to slacken off and your team-mates would remind you of that! I think the key is a military attitude but it can be achieved by suitably motivated civilians. We also have a history of military mindedness and used to have a strong undercurrent of disciplin and respect for authority. I have a feeling some of that type of mindset will be on the increase in the US for the forseeable future. Andy Grudko. D.P.M., Grad I.S, (S.A.) - Grudko Associates - www.grudko.com , Est. 1981 International business intelligence and investigation Johannesburg (+27 11) 465 9673 - 465 1487 (Fax), Pretoria (+27 12) 244 0255 - 244 0256 (Fax) SACI, WAD, CALI, SAMLF, UKPIN, AFIO (OS), IWWA, PRETrust, AmChamCom When you need it done right - first time 4151 From: James M. Atkinson Date: Sun Nov 18, 2001 0:46pm Subject: Re: Another interesting signal It sounds like a Micro device phone bug, as the freq. you mention is one of their VHF "house frequencies" (which is actually 139.900 or 139.995), and represents about 5% of their sales. You may actually have some inter-modulation distortion from a local FM or TV station mixing with a local ILS signal (the ILS signals can sound like gurgling water, as can some kind of satellite based fax signals.) Use a tunable shielded loop antenna and preamplifier, and NOT A YAGI to DF the signals. Yagi's tend not to be high enough gain, and the null are not deep enough to be of much help. Also, consider buying or building several dozen bandpass filters (on popular bug channels) to put between the loop and the amplifier. Personally, I use a two threat specific tunable loops (ARA), one for the 139 MHz band, and a second for the 398 MHz spy-bands. Each loop contains a hand built 5 pole 40+ dB band pass filter in the hand held base, and a ten turn tuning slug at the air-gap in the tip of the antenna. I then squirt the signal back to a SHIELDED 32-40 dB preamplifier (with a very high compression point), and then into my SA or search receiver. I can get 40+ dB of isolation in the space domain, 40-60 dB in the filters, then a good 30-40 dB on the amps (for an isolation of well over 120 dB). Just remember that you need TWO bearings with a loop antenna unless you want to fool around with a sense element. -jma At 4:20 PM +0200 11/18/01, A Grudko wrote: >On a sweep yesterday (for a client who was the victim of an xtal controlled >UHF room TX at a different location 3 years ago) my Fairmate HP 100E (whist >scanning known VHF and UHF surveillance transmitter freqs) a signal was >detected on 139.990 Mhz NBFM. The signal was also confirmed on my Yaesu FT90 >car transceiver. It was not detected on the Scanlock or CPM 700. > >Unfortunately there are about 20 VHF/UHF antennas transmitting occasionally >less than 50 metres away. It is also within 4 km of our main airport and >there is a 800 meg cellphone tower about 100 Mtrs away. > > On Narrow Band FM mode the signal sounded just like softly running water, >such as a small fountain or fish tank - and no the is no such water feature >in the immediate area. This audio did not appear to change in response to >sound or light changes in the rooms. No audio was heard when we changed to >Wide Band FM, AM or Sub-carrier. All PCs in the area were switched off and >we powered down the burglar alarm. > > The signal was strongest close (I used a fold up 2 ele.Yagi and 10 db >attenuator) to a small (300x300x600 mm) glass fronted, locked metal network >box that we could not safely switch off. I suspect this to be the source of >the signal. The signal was very weak, being detectable no more than 15 Mtrs >from the building even to the sensitive FT90 with a db gain antenna - I >drove all round sniffing for it (I mentioned in my report that it is >probably a spurious from the network box but that it could be from a >transmitter with a nearly exhausted battery). > > I've recommend we return during the week when the network techie. can >safely power-down for us and we can put time aside for a proper physical >search, and I will record it. > > My question to the group is if anyone has heard a similar sound? Although >it was just like running water say a metre from a mike, there were no other >sounds (traffic/people/aircraft/aircons or anything, and we kept it on for 2 >hours). > > >Andy Grudko. D.P.M., Grad I.S, (S.A.) - Grudko Associates - www.grudko.com , > Est. 1981 >International business intelligence and investigation >Johannesburg (+27 11) 465 9673 - 465 1487 (Fax), Pretoria (+27 12) 244 >0255 - 244 0256 (Fax) >SACI, WAD, CALI, SAMLF, UKPIN, AFIO (OS), IWWA, PRETrust, AmChamCom >When you need it done right - first time -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4152 From: James M. Atkinson Date: Sun Nov 18, 2001 1:24pm Subject: Confirmed Finds Stats below 500 MHz First column is the actual frequency in MHz, the second column is the number of "confirmed finds" in the field; active as a hostile eavesdropping device. Time frame is over the past five years, geographic location of the finds were all on the East Coast of the United States. In each case the find was carefully documented, witnessed by a second party, and reported to the appropriate authorities. List does not include free running oscillator devices, video devices, microwave devices, SS, or devices used for anything other then simple analog voice that could be picked up with a simple scanner. Basically the following list consists of the signals from "statistically significant" eavesdropping devices readily available to the public via either mail order or spyshops. 49.8301 76.6001 77.0001 134.0001 139.9001 139.9403 139.9706 140.0008 144.0001 149.0001 298.9802 299.3201 367.4001 368.0751 398.4601 398.60526 399.0301 399.45528 442.9001 In each case I either personally found the device, or directly knew (and/or trained) the person(s) who found it and can vouch for them (such as someone on a protective detail). Most devices where found in a corporate environment, homes of an executive, or hotel room being used by an executive. The list involves 35 people reporting stats, involving over 45,000 documented man-hours of sweep work over a sixty month period (each person performing an average of just under 21.5 sweep hours per month). To break the number down even further one bug was found for every 518 hours of active sweep time. -jma -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ [Non-text portions of this message have been removed] 4153 From: Date: Sun Nov 18, 2001 0:01pm Subject: Workplace: E-mail raises new hazards at work http://www.newsok.com/cgi-bin/show_article?ID=785438&pic=none&TP=getbusiness The Sunday Oklahoma, 18 November 2001, p. 2-C Workplace: E-mail raises new hazards at work 2001-11-18 By Anick Jesdanun AP Internet Writer NEW YORK -- Borrow a pen from work to write a love letter, and all you might get is a frigid rejection. Borrow the company's e-mail system to compose that same letter, and you could get fired. Getting in trouble is becoming much easier as the workplace stretches beyond the walls of the office. "Everywhere is a workplace today," said Lewis Maltby, president of the National Workrights Institute in Princeton, N.J. "We've always allowed employers to do virtually anything they want, and the harm was limited (to) the office from 9 to 5. Today, employers could monitor you 24 hours a day." Courts will be asked to draw boundaries over the next year or two as telecommuting continues to grow, predicts Washington employment lawyer Frank Morris. About 28 million Americans, or one in five employees, work outside the office for all or part of the workweek, according to the International Telework Association and Council. Countless others check work-related e-mail or Web sites after dinner or on vacation. If past court cases on office conduct offer any guidance, what employees do or say outside the office could come back to haunt them. The Privacy Foundation at the University of Denver estimates that more than a third of the U.S. work force with access to the Internet have their e-mail messages and Web surfing regularly monitored by their employers. "I think employees, anytime they are interfacing with the office or office equipment, should have the operating assumption they do not have privacy rights," said Michael R. Littenberg, a New York attorney. Employees may be interacting without realizing it. They may mistakenly believe that personal e-mail accounts, like Hotmail, stay private when checked from work. But software sniffers can pick up messages as they travel unencrypted through company networks. In a case involving Texas' open-records law, Arlington Councilwoman Julia Burgen was forced to disclose city- related messages on her personal e-mail account because she had listed it on a business card. The city is appealing the ruling by the Texas attorney general's office. 4154 From: Date: Sun Nov 18, 2001 2:22pm Subject: *CIA QUALIFICATIONS-WHAT ARE THEY WILLING TO PAY?? NOTE: The qualifications--then note what the company is willing to pay for that extraordinary person??? And we wonder why there is a problem? For the extraordinary individual who wants more than a job, this is a way of life that will challenge the deepest resources of your intelligence, self-reliance, and responsibility. It demands an adventurous spirit... a forceful personality... superior intellectual ability... toughness of mind... and the highest degree of integrity. It takes special skills and professional discipline to produce results. You will need to deal with fast-moving, ambiguous, and unstructured situations that will test your resourcefulness to the utmost. This is the Clandestine Service, the vital human element of intelligence collection. These people are the cutting edge of American intelligence, an elite corps gathering the vital information needed by our policy makers to make critical foreign policy decisions. Qualifications: Central Intelligence Agency's Clandestine Service Trainee Program is the gateway to a unique overseas experience. To qualify you must have first-rate qualifications: a bachelor's degree with an excellent academic record, strong interpersonal skills, the ability to write clearly and accurately, and a burning interest in international affairs. A graduate degree, foreign travel, foreign language proficiency, previous residency abroad, and military experience are pluses. We are particularly interested in candidates with backgrounds in Central Eurasian, East Asian, and Middle Eastern languages, and those with degrees and experience in international economics and international business as well as in the physical sciences. Entrance salaries range from $37,000 to $57,000, depending on credentials. All applicants must successfully complete a thorough medical and psychological exam, a polygraph interview, and an extensive background investigation. Maximum age for entrance into this program is 35. U.S. citizenship is required for both applicant and spouse. 4155 From: iDEN-Test Mobile-Marcel Date: Sun Nov 18, 2001 8:16pm Subject: Re: *CIA QUALIFICATIONS-WHAT ARE THEY WILLING TO PAY?? The FBI is not much better, why do you think so many Op's go Pvt? sleuthone@a... wrote: > NOTE: The qualifications--then note what the company is willing to pay for > > that extraordinary person??? And we wonder why there is a problem?-- "NEXTEL1 IT'S NOT JUST NEXTEL" Subscribe to Nextel1: http://www.onelist.com/subscribe/NEXTEL1 "NEXTEL2 FOR iDEN SOFTWARE DEVELOPERS" Subscribe to Nextel2: http://www.onelist.com/subscribe/NEXTEL2 4156 From: Aimee Farr Date: Sun Nov 18, 2001 11:49pm Subject: New ideas [Old, but I didn't see it.~Aimee] http://www.washingtonpost.com/ac2/wp-dyn/A53844-2001Oct25?language=printer Pentagon Makes Rush Order For Anti-Terror Technology By Greg Schneider and Robert O'Harrow Jr. Washington Post Staff Writers Friday, October 26, 2001; Page A10 The Pentagon yesterday issued a rush appeal for ideas for fighting terrorism, asking contractors for exotic new surveillance technologies that could be used against faraway enemies, as well as at American airports and shopping malls. In releasing an unusual "broad agency announcement," the Pentagon bypassed its cumbersome bureaucracy and posted a list of 38 sought-after systems or technologies on an Internet site used by contractors. It wants one-page proposals by Dec. 23 for products that could be in place in 12 to 18 months. The requested items include a computer system for tracking anyone who buys material that could be used in making bombs, a portable polygraph machine for questioning airline passengers, and voiceprint software for automatically recognizing people speaking Middle Eastern languages. Experts said the initiative reflects how a military heavy on jets and ships is shifting its investments to fight this new, unexpected type of war. Officials put no price on the effort and said it was an attempt to find a new way of doing business in a time of urgent need. Many of the surveillance technologies are already highly developed in the commercial world. In the wake of the Sept. 11 terrorist attacks, they are being rapidly embraced for law enforcement, intelligence and security purposes. The Pentagon's announcement came on the day the Senate approved a landmark bill that would greatly expand the ability of law enforcement and intelligence agencies to tap phones, monitor Internet traffic and conduct other forms of surveillance in pursuit of terrorists. "This is just the tip of the iceberg," said Joseph Atick, president of Visionics Corp. of Jersey City, which makes facial recognition systems for identifying and tracking people. "We're going from concepts and ideas to programs and appropriations," Atick said. "I'm very impressed how fast they've turned around. It just shows the urgency with which they are operating." A Pentagon spokesman said the unusually broad request is an attempt to get innovative ideas from sources that might not otherwise have direct access to the Pentagon -- small companies, even individuals with imaginative solutions -- and quickly put them in place. "This is an area that needs a little bit of thinking outside the box," said the spokesman, Air Force Maj. Mike Halbig. Among other technologies, defense officials want proposals for facial recognition systems, computer programs that can predict terrorist behavior, and sophisticated scanners for spotting people who have handled weapons of mass destruction. "This is exactly where [the U.S. military] is going to try to spend more money," said John Pike, a military analyst with GlobalSecurity.org, a nonpartisan think tank. "For the most part, these are small gadgets that you don't have to have a Boeing or Lockheed Martin to build or develop." Electronics expert David Rockwell of the Teal Group, an aerospace consulting firm, said many of the systems the Pentagon wants have been in development for years but until now have suffered from a lack of funding and attention. Some of the areas "have potentially ominous overtones," Rockwell added. One item, for instance, calls for a tracking device that allows "monitoring of civilian as well as military targets." "Some of this technology could be used in ways that have not been legal in the past and may become legal in the future," he said. "But I think that's happened during every time of war in the U.S." Many of the technologies the Pentagon proposes are similar to devices that companies are already putting on the market. "It sounds like they've done their homework. Most of these technologies are pretty ripe for these uses," said Richard Norton, executive director of the International Biometric Industry Association, which represents companies that make systems keyed to immutable characteristics such as fingerprints and certain facial characteristics. Member companies expect their revenue to come in at $200 million this year, double last year's. The use of digital fingerprints by law enforcement agencies has become common, and banks, casinos and other businesses now routinely use facial recognition or handprint systems to identify fraud artists or improve building security. Earlier this year, Tampa became the first U.S. city to use facial recognition in a public area to fight crime. Officials at airports in Boston and Oakland, Calif., are planning to install a facial recognition system, and officials at least a dozen other U.S. airports are considering such measures to increase security. Civil liberties specialists said the military's effort would accelerate the development and adoption of biometric systems throughout society. Improved facial and voice recognition systems could dramatically strengthen the ability of authorities to identify and track people, including those who might be innocent of any wrongdoing, said James Dempsey, deputy director at the Center for Democracy and Technology, a civil liberties advocacy group based in the District. While there's little doubt such systems could help the military fight terror, the improved technology will almost surely migrate into civilian law enforcement agencies, Dempsey said. The system used by Tampa police, for instance, was developed by Visionics Corp. with millions of dollars in backing from the Defense and Justice departments. And it is being used by a variety of police agencies for targeted surveillance. "The government is increasingly going to be conducting scans -- facial scans, voice scans, data scans," Dempsey said. "They're going to be tapping into this digital ocean . . . of daily behavior." © 2001 The Washington Post Company 4157 From: Matthew Paulsen Date: Sun Nov 18, 2001 8:17pm Subject: RE: *CIA QUALIFICATIONS-WHAT ARE THEY WILLING TO PAY?? Think that's rediculous? Check out starting wages for fbi agents... It's around 18K if I remember right. -----Original Message----- From: sleuthone@a... [mailto:sleuthone@a...] Sent: Sunday, November 18, 2001 5:22 PM To: undisclosed-recipients: Subject: [TSCM-L] *CIA QUALIFICATIONS-WHAT ARE THEY WILLING TO PAY?? NOTE: The qualifications--then note what the company is willing to pay for that extraordinary person??? And we wonder why there is a problem? For the extraordinary individual who wants more than a job, this is a way of life that will challenge the deepest resources of your intelligence, self-reliance, and responsibility. It demands an adventurous spirit... a forceful personality... superior intellectual ability... toughness of mind... and the highest degree of integrity. It takes special skills and professional discipline to produce results. You will need to deal with fast-moving, ambiguous, and unstructured situations that will test your resourcefulness to the utmost. This is the Clandestine Service, the vital human element of intelligence collection. These people are the cutting edge of American intelligence, an elite corps gathering the vital information needed by our policy makers to make critical foreign policy decisions. Qualifications: Central Intelligence Agency's Clandestine Service Trainee Program is the gateway to a unique overseas experience. To qualify you must have first-rate qualifications: a bachelor's degree with an excellent academic record, strong interpersonal skills, the ability to write clearly and accurately, and a burning interest in international affairs. A graduate degree, foreign travel, foreign language proficiency, previous residency abroad, and military experience are pluses. We are particularly interested in candidates with backgrounds in Central Eurasian, East Asian, and Middle Eastern languages, and those with degrees and experience in international economics and international business as well as in the physical sciences. Entrance salaries range from $37,000 to $57,000, depending on credentials. All applicants must successfully complete a thorough medical and psychological exam, a polygraph interview, and an extensive background investigation. Maximum age for entrance into this program is 35. U.S. citizenship is required for both applicant and spouse. ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 4158 From: Matthew Paulsen Date: Sun Nov 18, 2001 8:18pm Subject: RE: *CIA QUALIFICATIONS-WHAT ARE THEY WILLING TO PAY?? hehe.. You beat me to the punchline by 30 seconds. -----Original Message----- From: iDEN-Test Mobile-Marcel [mailto:Marcelrf@B...] Sent: Sunday, November 18, 2001 6:17 PM To: sleuthone@a...; TSCM-L@yahoogroups.com Subject: Re: [TSCM-L] *CIA QUALIFICATIONS-WHAT ARE THEY WILLING TO PAY?? The FBI is not much better, why do you think so many Op's go Pvt? sleuthone@a... wrote: > NOTE: The qualifications--then note what the company is willing to pay for > > that extraordinary person??? And we wonder why there is a problem?-- "NEXTEL1 IT'S NOT JUST NEXTEL" Subscribe to Nextel1: http://www.onelist.com/subscribe/NEXTEL1 "NEXTEL2 FOR iDEN SOFTWARE DEVELOPERS" Subscribe to Nextel2: http://www.onelist.com/subscribe/NEXTEL2 ======================================================== TSCM-L Technical Security Mailing List "In a multitude of counselors there is strength" To subscribe to the TSCM-L mailing list visit: http://www.yahoogroups.com/community/TSCM-L It is by caffeine alone I set my mind in motion. It is by the juice of Star Bucks that thoughts acquire speed, the hands acquire shaking, the shaking is a warning. It is by caffeine alone I set my mind in motion. =================================================== TSKS Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 4159 From: James M. Atkinson Date: Tue Nov 20, 2001 8:03am Subject: Referral Information Anybody on the list who needs sweep work done should take a look at the referral listing I have posted at the following link... I can personally vouch for everybody listed: http://www.tscm.com/goldlist.html The following will also be of interest, and will give you some realistic idea as to how much a legitimate sweep will cost: http://www.tscm.com/howcost.html (note the coverage maps) If you need some kind of worksheet to estimate how long a PROPER sweep will take; you can find an estimate worksheet here: http://www.tscm.com/estimate.html (Hint: Stay in the center column) Also, You can make a hell of a lot more money on referral fees, then trying to do the job yourself. Plus if you try to do the job yourself, and are lacking in equipment, training, and background you could likely loose your A&O insurance, get sued by the client, or even lose your licence. Do not show up to do a sweep with a fancy blinky-box you bought at some sleazy spy shop... you know, the one that has been hustling you for video gear and surveillance products. +++++ I have a referral program which I personally practice as a professional courtesy. I consider such referral fees to strictly be a professional courtesy, but not any kind of legal obligation. I only pay a referral for projects involving more then 4 hours of sweep work, and pay the referral fees generated by all contact with the client for a period of up to one year. In the case where one contact brings me in early in the year, and then later the same year some other contact has me come in I split the fee between them.The only wrinkle is that in really large companies I may have 3-4 separate channels into the company, and referral fees only apply for those channels developed though external contacts. For example I may have been doing sweep work directly for the CEO for ten years, but a PI may bring me in for a sweep for a lower level executive (in which case the PI gets a referral fee for the sweep for the low level executive, but not for the CEO's work) I do not pay a referral fee to people actually inside the clients firm, and strictly limit referral fee to those obviously outside the company. Since security people often move inside and outside the company (ie: a PI becomes head of security) we have a rather awkward situation. If so requested by a contact inside the company I will reduce the amount of my fee by the amount I would normally pay as a referral. Referral fees are only payable on billable time, and does not include expenses (lodging, airfare, expendable materials, film, and so on). I break my program into three sections, each depends on the amount of involvement of the person who brings me the project. 10% - This is for a basic referral where a contact specifically sends a client to me, and the client confirms the contact as being responsible for the connection. I bill the client directly, and the contact does not involve their own money in getting me paid. The contact may or may not be present during the sweep, and related meetings. This is a typical corporate referral. 15% - This is just like a basic referral; however, I get paid directly by my contact (typically as a subcontractor). I may or may not be operating under my own name, and the contact will be involved in all future contact with the client (for at least one year). The contact will typically assist with the sweep to a limited extent, and will "show their face" so the client sees that they are involved. I write the report to the client. This is a typical PI or security firm referral where I am brought in as a sub. 20% - The contact becomes much more involved in the sweep, pays me out of their own funds, and is present (and helping to a great extent) during every element of the sweep. They will be present from the time the truck arrives, and will shadow and help me during the entire sweep until finished (and all of the equipment is back on the truck). In effect the contact becomes my assistant, helps with the physical search, furniture moving, charting, and so on ... but does not actually operate any of my instruments. They will write the final report to the client on their own letterhead (with my inputs). This is a PI or security firm referral where I am brought in as a sub, but the contact wants to be heavily involved in the actual sweep. For large corporate clients half the estimated fee (plus expenses) is payable in advance, and the balance is due when the final report is presented. All other clients pay the full estimated amount in advance. Once engaged and the sweep is scheduled there is a charge of 25% for cancellation (which is extremely rare). I have special equipment, training, and proprietary resources for detecting RF devices from some rather amazing distances (many times further then you might think); and as such I am periodically asked to supplement other TSCM teams. When I operate as part of such a team I charge a flat hourly rate of $250 to the team organizer (with a six to eight hour minimum) plus expenses. I also charge an additional fee for equipment which varies on what I am actually bringing (ie: $250k in TSCM equipment costs an additional $250 per hour). In such cases a referral fee would not apply, and I often never get to interface with the client. The fee is paid to me half in advance, and the balance when I out-brief, or turn in my report. -jma -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4160 From: James M. Atkinson Date: Tue Nov 20, 2001 11:09am Subject: Why Athletes Shouldn't Be Role Models Why Athletes Shouldn't Be Role Models Chicago Cubs outfielder Andre Dawson on being a role model: "I want all the kids to do what I do, to look up to me. I want all the kids to copulate me." ---------- New Orleans Saint RB George Rogers when asked about the upcoming season: "I want to rush for 1,000 or 1,500 yards, whichever comes first." ---------- And, upon hearing Joe Jacobi of the 'Skins say: "I'd run over my own mother to win the Super Bowl," Matt Millen of the Raiders said: "To win, I'd run over Joe's Mom, too." ---------- Football commentator and former player Joe Theismann 1996: "Nobody in football should be called a genius. A genius is a guy like Norman Einstein." ---------- Senior basketball player at the University of Pittsburgh: "I'm going to graduate on time, no matter how long it takes." ---------- Bill Peterson, a Florida State football coach: "You guys line up alphabetically by height." And "You guys pair up in groups of three, then line up in a circle." ---------- Boxing promoter Dan Duva on Mike Tyson hooking up again with promoter Don King: "Why would anyone expect him to come out smarter? He went to prison for three years, not Princeton." ---------- Stu Grimson, Chicago Blackhawks left wing, explaining why he keeps a color photo of himself above his locker: "That's so when I forget how to spell my name, I can still find my clothes." ---------- Shaquille O'Neal on whether he had visited the Parthenon during his visit to Greece: "I can't really remember the names of the clubs that we went to." ---------- Shaquille O'Neal, on his lack of championships: "I've won at every level, except college and pro." ---------- Lou Duva, veteran boxing trainer, on the Spartan training regime of heavyweight Andrew Golota: "He's a guy who gets up at six o'clock in the morning regardless of what time it is." ---------- Pat Williams, Orlando Magic general manager, on his team's 7-27 record in 1992: "We can't win at home. We can't win on the road. As general manager, I just can't figure out where else to play." ---------- Chuck Nevitt, North Carolina State basketball player, explaining to Coach Jim Valvano why he appeared nervous at practice: "My sister's expecting a baby, and I don't know if I'm going to be an uncle or an aunt." ---------- Jim Finks, New Orleans Saints General Manager, when asked after a loss what he thought of the refs: "I'm not allowed to comment on lousy, no good officiating." ---------- Alan Kulwicki, stock car racer, on racing Saturday nights as opposed to Sunday afternoons: "It's basically the same, just darker." ---------- Lincoln Kennedy, Oakland Raiders tackle, on his decision not to vote: "I was going to write myself in, but I was afraid I'd get shot." ---------- Frank Layden, Utah Jazz president, on a former player: "I told him, 'Son, what is it with you? Is it ignorance or apathy?' He said, 'Coach, I don't know and I don't care." ---------- Torrin Polk, University of Houston receiver, on his coach, John Jenkins: "He treats us like men. He lets us wear earrings." ---------- Shelby Metcalf, basketball coach at Texas A&M, recounting what he told a player who received four F's and one D: "Son, looks to me like you're spending too much time on one subject." ---------- And the Gem: Oiler coach Bum Phillips when asked by Bob Costas why he takes his wife on all road trips, Phillips Responded: "Because she is too damn ugly to kiss good-bye." >> -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4161 From: Date: Tue Nov 20, 2001 1:00pm Subject: This looks spiffy and would be useful for TSCM & Covert Video Click here: Ramsey Electronics Price is tinsel. 4162 From: James M. Atkinson Date: Tue Nov 20, 2001 8:55pm Subject: Re: This looks spiffy and would be useful for TSCM & Covert Video At 7:00 PM -0500 11/20/01, MACCFound@a... wrote: > HREF="http://www.ramseyelectronics.com/cgi-bin/commerce.exe?preadd=action&key= > >LPY2">Click here: Ramsey Electronics > >Price is tinsel. Now if Ramsey could just get their story straight on the product we woul have a real winner. 1) They claim 6 dB of gain... but over what? a dipole, a isotropic, or perhaps a pull top of a beer can? 2) The catalog claims coverage range from 900 MHz to 2 GHz, but at a second spot they say it is 2.5 GHz on the high side. If you call them they claim coverage to 2.6 GHz... why all the inconsistencies? 3) Where is the bloody preamp? 4) Why are they calling it a "Log Periodic Yagi"... Uda-Yagi's are not this broadband. As a favor to the list I will buy several next week, and post a full commentary on it. -jma -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4163 From: Date: Tue Nov 20, 2001 8:13pm Subject: Re: This looks spiffy and would be useful for TSCM & Covert Video In a message dated 11/20/01 7:09:34 PM Pacific Standard Time, jmatk@tscm.com writes: << I will buy several next week, and post a full commentary on it. >> That's why you get the big bucks! 4164 From: James M. Atkinson Date: Wed Nov 21, 2001 8:09am Subject: Happy Thanksgiving I would like to wish all list members a very Happy Thanksgiving. -jma -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4165 From: James M. Atkinson Date: Wed Nov 21, 2001 10:59am Subject: A moment to remember on Thanksgiving Day this year As a nation we have much to be grateful for on Thanksgiving Day this year, and I would personally appreciate it if each list member could take just a moment to visit the following link (it take a little while to load, so be patient): http://www.sweepgear.com/tribute911.html During this holiday season remember those who will not be with us, the fallen heroes, and those who stand in the shadows in defense of what we hold dear. Remember our soldiers who walk the mountains of Afghanistan bringing the evildoers to justice, and those who labor to rid the world of those who have created fear. God Bless America, and Happy Thanksgiving. -jma -- ------------------------------------------------------------------------------------------ The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet. ------------------------------------------------------------------------------------------ James M. AtkinsonPhone: (978) 381-9111 Granite Island GroupFax: 127 Eastern Avenue #291http://www.tscm.com/ Gloucester, MA 01931-8008jmatk@tscm.com ------------------------------------------------------------------------------------------ "Success without honor is an unseasoned dish; it will satisfy your hunger, but it won't taste good." ------------------------------------------------------------------------------------------ 4166 From: Cristian C. Date: Wed Nov 21, 2001 10:24am Subject: Fwd: [EE]: proud announcement >X-Warning: mitvma.mit.edu: Host *unknown claimed to be L30.itim-cj.ro >Date: Wed, 21 Nov 2001 13:18:11 +0200 >Reply-To: pic microcontroller discussion list >Sender: pic microcontroller discussion list >From: Vasile Surducan >Subject: [EE]: proud announcement >Comments: To: jallist@yahoogroups.com >To: PICLIST@M... > >Dear piclisters and jalliens, > >I'm proud to announce you that romanian researchers have won >ALL PRIZES at "The 50th Anniversary World Exhibition of Innovation >Research and New Technology" EUREKA Brussels 2001. > >From 129 romanian participating patents, ALL won gold, silver and bronze >medals, Romania was first on top from about 40 participating countries. > >Do you know where Romania is on the map ? >Is the same country which was rejected to become a member on the European >Union country and NATO because of his small economical performances. >BUT as you see, the inteligence and creativity has nothing to do with >economic performances or with standard of living from a country or >another. >More than that, when you haven't tools and you start your work by building >them your creativity is growing. > >Best wishes from Romania, >Surducan Vasile, design engineer >http://www.geocities.com/vsurducan > >-- >http://www.piclist.com#nomail Going offline? Don't AutoReply us! >email listserv@m... with SET PICList DIGEST in the body 4167 From: Dawn Star Date: Wed Nov 21, 2001 6:40pm Subject: Thanksgiving 'TWAS THE NIGHT OF THANKSGIVING 'TWAS THE NIGHT OF THANKSGIVING, BUT I JUST COULDN'T SLEEP I TRIED COUNTING BACKWARDS, I TRIED COUNTING SHEEP. THE LEFTOVERS BECKONED - THE DARK MEAT AND WHITE BUT I FOUGHT THE TEMPTATION WITH ALL OF MY MIGHT TOSSING AND TURNING WITH ANTICIPATION THE THOUGHT OF A SNACK BECAME INFATUATION. SO, I RACED TO THE KITCHEN, FLUNG OPEN THE DOOR AND GAZED AT THE FRIDGE, FULL OF GOODIES GALORE. GOBBLED UP TURKEY AND BUTTERED POTATOES, PICKLES AND CARROTS, BEANS AND TOMATOES. I FELT MYSELF SWELLING SO PLUMP AND SO ROUND, 'TIL ALL OF A SUDDEN, I ROSE OFF THE GROUND. I CRASHED THROUGH THE CEILING, FLOATING INTO THE SKY WITH A MOUTHFUL OF PUDDING AND A HANDFUL OF PIE. BUT, I MANAGED TO YELL AS I SOARED PAST THE TREES.... HAPPY EATING TO ALL - PASS THE CRANBERRIES, PLEASE. MAY YOUR STUFFING BE TASTY, MAY YOUR TURKEY BE PLUMP. MAY YOUR POTATOES 'N GRAVY HAVE NARY A LUMP, MAY YOUR YAMS BE DELICIOUS MAY YOUR PIES TAKE THE PRIZE, MAY YOUR THANKSGIVING DINNER STAY OFF OF YOUR THIGHS. MAY YOUR THANKSGIVING BE BLESSED!! Happy Turkey day to all, and to all, a good BITE! 4168 From: Aimee Farr Date: Wed Nov 21, 2001 5:46pm Subject: Not-so-proud announcement from Russia. RUSSIA ACCOUNTS FOR 0.3 PERCENT OF WORLD SCIENTIFIC DEVELOPMENT (12 November) Russia accounts for only 0.3 percent of scientific developments on the world market, ITAR-TASS quoted Russian Deputy Prime Minister Ilya Klebanov as saying. Addressing a meeting of the Russian Academy of Sciences, Klebanov said this proportion was "humiliatingly small" and inconsistent with the potential of Russian scientists. This figure is a result of a "strategic mistake" of officials who underestimated the role of science in the recent decade. Nevertheless, according to Klebanov, the situation has been gradually improving. "Eight [to] 10 priorities should be determined in which Russia should invest money in the first place," Klebanov stated. He cited an increase in budget and extra budgetary allocations to research as priority. Extra budgetary funding of science has increased from 5 percent to 50 percent in recent years, and the government expects a more serious investment by businesses. Klebanov described the drain of young cadre from science as one of the country's most acute problems. "If the situation does not change fundamentally in the next five to 10 years, Russia could lose [its] scientific potential," Klebanov said. He added that a presidential decree concerning grants for young scientists is underway. (TSK) ----- I've been following Russian press lately and ...defense consolidation, internal "spymania," foreigner aggression, diplomatic hyperfrenzy, new emerging markets, corruption, transnational criminal networks, ... blah, blah, blachk. Their scientific failings are reaching editorial pages, and it appears to be a matter of some political determination. Looks like exceptionally evil espionage indicators to me, but I don't know how regional instability and their economic situation factor in. My understanding is that before, they didn't have the minds or the markets to complete the circle. Perhaps that is changing. At any rate, budgetary increases could suggest mirror expenditures elsewhere and increased collusion with "private networks." I'm really disappointed with the intelligence provided to the public sector: generic, 20/20, above the water-line public domain, budget-justification. I fail to see how it is helpful in private decision-making, allocation of resources, or tasking. (I am growing quite bitchy about this.) ~Aimee 4169 From: Aimee Farr Date: Wed Nov 21, 2001 5:53pm Subject: RE: Not-so-proud announcement from Russia. I said: > I'm really disappointed with the intelligence provided to the > public sector: I meant private sector, of course. ~Aimee 4170 From: Date: Wed Nov 21, 2001 1:31pm Subject: FBI Develops Eavesdropping Tools FBI Develops Eavesdropping Tools By TED BRIDIS .c The Associated Press WASHINGTON (AP) - The FBI is going to new lengths to eavesdrop, building software to monitor computer use and urging phone companies to help make wiretaps more reliable. The FBI's ``Magic Lantern'' technology would allow investigators, via the Internet, to secretly install powerful software that records every keystroke on a person's computer, according to people familiar with the effort. The software is similar to ``Trojan horse'' programs already used by some hackers and corporate spies. The FBI envisions using Magic Lantern, part of a broad FBI project called ``Cyber Knight,'' to record the secret key a person might use to encrypt messages or computer files. The bureau has been largely frustrated in efforts to break open such messages by trying random combinations, and officials are increasingly concerned about their inability to read encrypted messages in criminal or terrorist investigations. The FBI said in a statement Wednesday that it can not discuss details of its technical surveillance efforts, though it noted that ``encryption can pose potentially insurmountable challenges to law enforcement when used in conjunction with communication or plans for executing serious terrorist and criminal acts.'' The FBI added that its research is ``always mindful of constitutional, privacy and commercial equities,'' and that its use of new technology can be challenged in court and in Congress. The FBI's existing monitoring technology, called the ``Key Logger System,'' has required investigators to sneak into a target's home or business and attach the device to a computer. Magic Lantern could be installed over the Internet by tricking a person into opening an e-mail attachment or by exploiting the same weaknesses in popular software that allow hackers to break into computers. It's unclear whether Magic Lantern would transmit the keystrokes it records back to the FBI over the Internet or store the information to be seized later in a raid. The existence of Magic Lantern was first disclosed by MSNBC. ``If they are using this kind of program, it would be a highly effective way to bypass any encryption problems,'' said James E. Gordon, who heads the information technology practice for Pinkerton Consulting and Investigations Inc. ``Once they have the keys to the kingdom, they have complete access to anything that individual is doing.'' People familiar with the project, who spoke only on condition of anonymity, said the package is being developed at the FBI's electronic tools laboratory, the same outfit that built the bureau's ``Carnivore'' Internet surveillance technology. The former head of the lab, Donald M. Kerr, became head of the CIA's science and technology unit in August. Some experts said Magic Lantern raises important legal questions, such as whether the FBI would need a wiretap order from a judge to use it. The government has previously argued that the FBI can capture a person's computer keystrokes under the authority of a traditional search warrant, which involves less oversight by the courts. ``It's an open question whether the covert installation of something on a computer without a physical entry requires a search warrant,'' said David Sobel, a lawyer with the Washington-based Electronic Privacy Information Center, a civil liberties group. Earlier this month the FBI urged some of the nation's largest telephone companies to change their networks so that investigators can reliably eavesdrop on conversations using new data technology. At a conference Nov. 6 in Tucson, Ariz. - and in a 32-page follow-up letter sent about two weeks ago - the FBI told leading telecommunications officials that increasing use of Internet-style data technology to transmit voice calls is frustrating FBI wiretap efforts. Although Carnivore can be used to capture electronic messages, it can't record voice messages sent over data networks for a variety of technical reasons. The bureau's access to voice calls using traditional technology is guaranteed under the 1994 Communications Assistance to Law Enforcement Act, but it exempted ``information services.'' The FBI said Wednesday it is not seeking to broaden the 1994 law to cover modern data technology; industry officials say the changes being sought by the FBI could take years to make. The FBI told companies that it will need access to voice calls sent over data networks ``within a few hours'' in some emergency situations, and that any interference caused by a wiretap ``should not be perceptible'' to avoid tipping off a person that his calls might be monitored. AP-NY-11-21-01 1833EST 4171 From: e cummings Date: Wed Nov 21, 2001 11:08am Subject: FBI reportedly creating "Magic Lantern" anti-crypto virus some interesting countermeasures mentioned below: >To: politech@p... >From: Declan McCullagh >Subject: FC: FBI reportedly creating "Magic Lantern" anti-crypto virus >Sender: owner-politech@p... >Reply-To: declan@w... >X-URL: Politech is at http://www.politechbot.com/ >X-Author: Declan McCullagh is at http://www.mccullagh.org/ >X-News-Site: Cluebot is at http://www.cluebot.com/ > >[This has been talked about in tech circles for years; it's hardly >suprising that the FBI would finally get around to creating such a >beastie. Perhaps an enterprising netrepreneur will take the next step: >Creating a "Secure PC" that would be proof against such an attack. Perhaps >it would run a better OS than Windows (just about any would do) where >programs have privileges, boot from fixed media like a CDROM that would >require a physical break-in to alter, require a private key embedded in a >keychain plugged in through a USB port to unlock the hard drive partitions >where application data are stored, use a flatscreen monitor and certain >default typefaces to limit TEMPEST emissions, include an Ethernet/serial >port monitor that would try to detect suspicious outgoing packets, compute >checksums every night on all executable and other relevant files, feature >tamper-proof hardware that would leave a physical or virtual mark if >opened by an intruder, be protected by a motion-activated videocam >streaming images of intruders to secure offshore websites, and so on. >Dedicated hardware that could not be accessed remotely could be hooked up >to the SCSI chain and scan key files nightly for the same MD5 checksum as >the night before. Or instead of a keychain, your crypto-key could be kept >in your Palm, which through a serial link also could be used to offload >crypto processing on hardware that's unlikely to be compromised. It's an >interesting dual trend and arms race: Police turning to software to snoop >on alleged miscreants, while counter-techniques are developing apace. My >money's on the defense. --Declan] > >--- > >From: "Geoff Gariepy" >To: >Subject: FBI software cracks encryption wall >Date: Tue, 20 Nov 2001 14:24:21 -0500 > >FBI software cracks encryption wall > >'Magic Lantern' part of new 'Enhanced Carnivore Project' > >By Bob Sullivan >MSNBC > >Nov. 20 - The FBI is developing software capable of inserting a computer >virus onto a suspect's machine and obtaining encryption keys, a source >familiar with the project told MSNBC.com. The software, known as "Magic >Lantern," enables agents to read data that had been scrambled, a tactic >often employed by criminals to hide information and evade law enforcement. > >.... > MAGIC LANTERN installs so-called "keylogging" software on a suspect's >machine that is capable of capturing keystrokes typed on a computer. By >tracking exactly what a suspect types, critical encryption key information >can be gathered, and then transmitted back to the FBI, according to the >source, who requested anonymity. > The virus can be sent to the suspect via e-mail - perhaps sent for >the FBI by a trusted friend or relative. The FBI can also use common >vulnerabilities to break into a suspect's computer and insert Magic Lantern, >the source said. > >http://www.msnbc.com/news/660096.asp?0na=x21017M32 > > > > >------------------------------------------------------------------------- >POLITECH -- Declan McCullagh's politics and technology mailing list >You may redistribute this message freely if you include this notice. >Declan McCullagh's photographs are at http://www.mccullagh.org/ >To subscribe to Politech: http://www.politechbot.com/info/subscribe.html >This message is archived at http://www.politechbot.com/ >-------------------------------------------------------------------------