Bulletin Board #5

#1

Date: Sun, 02 Mar 1997 19:09:07 -0600
From: Trace Carpenter

Subject: Building a Better Mousetrap

Hi Tim,
How's it going? I know you're busy but thought I'd see if you had a few free minutes to give me some help on a project. I'm currently working on a new high security telephone trip switch and am looking for some input. I want to know what gives them away to other TSCM tech's. That'll help me design a better switch. Things like current draw, ohm's readings, voltage drop/differential etc. I'd really value your input if you have the time.

Thanks Sincerely,

Trace Carpenter

Trace Carpenter Investigations - Professional Private Investigations
660 Amberton Tower - Suspicions Confirmed
4144 N. Central Expy. - Problems Solved !
Dallas, Texas 75204 - Free Consultations
214.828.4520
214.828.1917 Facsimile

#2

Date: Fri, 07 Mar 1997 10:55:17 +0200
From: "F. & M. GERON"
Subject: Industrial Sabotage ?

I have been called in on a case of what I believe is industrial sabotage. Meeting with the firms security officer, and after reviewing statements of employees, and inspecting the scene:

Occurrence - Computer (486, no special characteristics, stand alone - no modem connection) hard drive was erased. In addition all floppy discs in same room erased.

Occurred last weekend between Friday at +/- 17:00 to Sunday at +/- 08:30. No electrical storms or similar during weekend. Power overload circuit breaker operational - no apparent tampering.

Room being part of a complex is constructed of concrete block with one door to outside of premises of plate glass +/- 12mm thickness. Has been verified
- no forced entry, and no signs of any tampering in room, nothing stolen.

According to department manager, and company director information of no use to anyone. Only stock codes, and quantities. Stocks checked Sunday after discovery of occurrence - nothing found missing.

How could this have occurred, if deliberate how could this be prevented in the future?

Thank you all for your time and assistance.

Michael Geron

F. & M. GERON (1979) LTD. - Israel
Tel. +972 9 7441810, Fax. +972 9 7440663
Email. m_geron@netvision.net.il
Corporate Profile at: http://www.netvision.net.il/php/m_geron

#3

From: ljsaisa@algonet.se
Subject: ISA Newsletter 1997-03-07
Date: Fri, 7 Mar 1997 15:08:29 +0100

New IE security hole found
By Alex Lash and Nick Wingfield
March 6, 1997, 1:30 p.m. PT

Days after Microsoft patched a security hole in Internet Explorer, a group of students from the University of Maryland say they have discovered another hole in the browser that could allow a hacker to remotely retrieve files or trigger programs on a user's computer and install viruses from a Web site, according to a Web posting by the students. This time, it is unclear whether the glitch affects only Windows NT versions of Explorer 3.0 and not Windows 95 versions.

Microsoft posted a patch for yesterday morning that warns Explorer 3.0 and 3.01 users about this issue before they download Shortcuts.

However, an Israeli security software company today said users are still susceptible to "hostile links" through Microsoft's email and newsgroup readers. EliaShim has found a message on a Usenet group that encourages readers to click on a link and download a demo of Internet Explorer 4.0. The link is instead a shortcut that deletes files on the user's hard drive.

"What we've found is that the same type of security hole exists in Internet mail and news applications."

The Shortcut security glitch stems from small files that are able to bypass Explorer's built-in code checking feature to delete or alter files on a user's hard drive.

INTERNATIONAL SECURITY AGENCY
http://www.algonet.se/~ljsaisa
ljsaisa@algonet.se
Tel: Int+46 (0)8-645 22 82 (09.00am-05.00pm C.E.T.)
Fax/Data: Int+46 (0)8-645 22 82 (24h)
PoBox 167, S-162 12 Stockholm, Sweden

#4

Subject: The SCI Security Newsletter Vol. 2#2 Feb. 97
Date: Thu, 6 Mar 97 09:53:50 -0500
From: Nick Robson
The SCI Security Newsletter Vol. 2#2 Feb. 97

Worrying Catalog:
I recently received a catalog from a Police / Military supplier from whom the public can buy, which contained some worrying devices. Not that these are newly invented pieces of equipment, some of them have been around for a number of years but previously have only been available to government agencies.

Suspect Phones

*1 Hold Invader
The Hold Invader is one of the most unique and unusual telephone surveillance devices to become available in years. We originally developed and manufactured this unit for a U.S. federal investigative agency for their agents' use as an investigative tool. It has proven to have the potential to acquire important information in a timely, unique, and warrantless manner, that might otherwise be unattainable. So what exactly does the Hold Invader do? Quite simply, the other party on your telephone call thinks he's on "hold", but in actuality it's a "phantom hold" and in fact his phone has been effectively turned into a super-sensitive room bug! Investigators can use this unit to achieve devastatingly effective results when they believe the other party is not alone at his location. They will proceed to ask a question or make a provocative statement regarding the desired subject, and then say something like "I've got another call coming in, can you hold for a minute?" It even has a "call waiting" sound simulator built in that you can use first. Then the units "hold" switch is activated. The other party hears the distinctive "dead" sound of being on "hold" and has the nearly universal (but totally unwarranted!) feeling of privacy. They have no idea that the Hold Invader's sophisticated amplification electronics have effectively turned their phone into a super-sensitive room bug! They may be conversing freely there, very likely about the topic you just "planted", having no idea that you are listening to every word said. And you don't need to worry about the other party hearing you while the Hold Invader is activated, since it automatically cuts off your phones microphone while activated. In addition to the wide range of law enforcement and investigative applications of this device, it also has extensive business-related potential capabilities. For example, during price negotiations over the telephone, if the other party has to consult with his associate in the room before he can quote their "best" deal, wouldn't it be interesting to hear what their bottom-line position really is? The key is simply to make sure that you put them on "hold" rather than letting them put you on hold. You will likely be amazed at what people say while they are on hold! (And it's usually about you.)

*2 Answering Machine Intruder
The Answering Machine Intruder was designed to enable the user to access telephone answering machines by defeating their security code systems. It accomplishes this by generating the correct security code, thereby allowing the user access to the answering machine. The user can then listen to any messages left. Depending upon the sophistication of the answering machine, the user could also erase all or some of the messages, record a new outgoing message, or even change the security code. Once access is gained many newer answering machines even play a voice menu which tells you exactly what can be done and provides the codes to do it! The Answering Machine Intruder was originally developed as an investigative tool for drug task force detectives. They were able to utilize this device with great success to obtain pieces of information that, when all pieced together and analyzed, provided a clearer picture of an extensive drug distribution operation. Not to mention a wealth of names and phone numbers of "people of interest". Even criminals seem to have unwarranted assumptions regarding the security of taped phone messages, sometimes even leaving messages detailing the time and place of an upcoming drug transaction, complete with their name and phone number! The Answering Machine Intruder is designed to gain access to any answering machine which uses a one, two, or three digit security code.

*3 The Informer Phone
The Informer Phone is a special telephone that allows you to listen in after the called party has hung up! You can purposely "plant" a desired topic near the end of a conversation and you'll likely hear them discuss their real thoughts on the subject as soon as they hang up The Informer Phone operates as a regular telephone until you want to deploy its special capability When you call to the home or business where the Informer Phone has been installed, after the conversation is completed (or even a sorry wrong number hang up) let them hangup first. You will then have the option of being able to clearly monitor all the audio activity in the room in which The Informer Phone is located, even though they've already hung up the phone! We originally designed this unit for a leading law enforcement agency as a special telephone that they could supply to certain citizens who were at particular risk of being held hostage in their own home or office. In such a case, agents would have the ability to remotely, discreetly, and safely monitor the area to verify status and collect real-time intelligence. The Informer Phone plugs into a standard modular telephone jack. It blends unobtrusively into any room since it looks and functions like a regular telephone.

*4 Fax Line Spy
This device was originally developed to meet a particular federal agency's requirements for audio monitoring capability in certain office environments. It installs in just seconds on the FAX line~a generally ignored and unguarded gateway into many offices. This device enables the user to utilize a working dedicated FAX line as a private audio monitoring line. Every FAX machine owner is familiar with the FAX machine ringing but no FAX coming through (usually due to a wrong number, transmission problem, or sequential dialing junk calls). Little or no attention is paid to this occurance. When a FAX machine is called, it listens for the "handshake tones in order to connect to the calling FAX. It normally tries for about 50 seconds and if a "handshake" doesn't occur it "times out" and hangs up the line. But with the FAX-Line Spy installed on the called line, the line can remain open and the units sensitive microphone enables the user to hear all the audio activity in the area. Installs instantly with its modular connector- just plug into the same telephone jack that the FAX machine is plugged into (use the included T-adapter). It can even be located in a different room than the FAX machine is in, anywhere a jack for that line is located. Adding markings such as "surge protector" on it also adds to its transparency. Beware strange phones that might appear in your office.

SCI ltd
Security * Computers * Communications
P.O. Box 30498 SMB
Grand Cayman, B.W.I.
Ph: 345-949-0004
Fx: 345-945-6591
Email: sci.ltd@candw.ky
WWW : http://www.candw.ky/customer/tscm/