In the 1970s, the Soviets managed to intercept top secret communications in the US embassy in Moscow and nobody could figure out how. While an antenna was eventually found hidden in the embassy's chimney, it took years to determine how what data was being collected for transmission and how. As a last resort, all equipment at the embassy was shipped back to the US for analysis. From IEEE Spectrum:

After tens of thousands of fruitless X-rays, a technician noticed a small coil of wire inside the on/off switch of an IBM Selectric typewriter. (NSA engineer Charles) Gandy believed that this coil was acting as a step-down transformer to supply lower-voltage power to something within the typewriter. Eventually he uncovered a series of modifications that had been concealed so expertly that they had previously defied detection.

A solid aluminum bar, part of the structural support of the typewriter, had been replaced with one that looked identical but was hollow. Inside the cavity was a circuit board and six magnetometers. The magnetometers sensed movements of tiny magnets that had been embedded in the transposers that moved the typing “golf ball” into position for striking a given letter.

Other components of the typewriters, such as springs and screws, had been repurposed to deliver power to the hidden circuits and to act as antennas. Keystroke information was stored and sent in encrypted burst transmissions that hopped across multiple frequencies.

For more on this fascinating story, check out former intelligence officer and technologist Eric Haseltine's new book: "The Spy in Moscow Station"

image: IBM Selectric by Oliver Kurmis (CC BY 2.5 Read the rest

Well, this is weird. Read the rest

Golden Face is back. This time, it's personal. Read the rest

Two then-employees of Twitter used their position to provide the Saudi government with information about its critics on the platform, say prosecutors, who have charged them with espionage. The men rifled through "thousands of private accounts seeking personal information" of use to the kingdom's security forces, reports NPR.

Ahmad Abouammo, a U.S. citizen, was a media partnerships manager at Twitter who was not authorized to access Twitter users' private information. He allegedly did exactly that for which he received payments of up to $300,000 from a Saudi source identified in the complaint only as "Foreign Official-1." Abouammo also received a Hublot watch with a value of about $20,000. Abouammo is charged with acting as a foreign agent and falsifying records to obstruct a federal investigation. ...

Ali Alzabarah, a Saudi citizen worked at Twitter beginning in August 2013 as a "site reliability engineer." Between May 21, 2015, and November 18, 2015, Alzabarah, without authorization, accessed "the Twitter data of over 6,000 Twitter users, including at least 33 usernames for which Saudi Arabian law enforcement had submitted emergency disclosure requests to Twitter," the complaint said. Among the accounts he accessed were those belonging to well-known critics of the Saudi government.

I don't think that I've ever met anyone that actually enjoys using LinkedIn. I mean sure, depending on what you do for a living, it might help you land a new gig. Maybe, it can help you to network with folks within your industry. But it's awful. On the occasions where I need to use it in order to get hold of a PR rep from some hard-to-reach tech firm, I've always found it slow to load and a drag to navigate. That said, the problems that folks like you and I have leveraging the platform for anything useful might not be enough to keep a motivated employer from using the social media platform to track down top-shelf talent.

From the New York Times:

Foreign agents are exploiting social media to try to recruit assets, with LinkedIn as a prime hunting ground, Western counterintelligence officials say. Intelligence agencies in the United States, Britain, Germany and France have issued warnings about foreign agents approaching thousands of users on the site. Chinese spies are the most active, officials say.

“We’ve seen China’s intelligence services doing this on a mass scale,” said William R. Evanina, the director of the National Counterintelligence and Security Center, a government agency that tracks foreign spying and alerts companies to possible infiltration. “Instead of dispatching spies to the U.S. to recruit a single target, it’s more efficient to sit behind a computer in China and send out friend requests to thousands of targets using fake profiles.”

Lazy access to potential intelligence assets? Read the rest

I want XCOM 2 on the Nintendo Switch. I'm waiting for it. Hoping. It has yet to come, be announced or even rumored by its developers. So, of late, I've found myself looking for other ways to get my turn-based combat fix. I completed Wasteland 2 some time ago. Japanese games seldom hold my attention and, even Mario + Rabbids Kingdom Battle has lost its charm. A couple of days ago, despite its mediocre reviews, I downloaded Phantom Doctrine, for $20. It's so close to being pretty much what I'm looking for. Sadly, it's held back by a number of issues.

In the game, you're in charge of a cell of cold-war era spies who bop around the world collecting intelligence, killing members of a shadowy opposing faction and trying not to get captured or liquidated in the process. What are they collecting intel on? It's hard to say. Unlike XCOM, which has a solid story that leads you from one plot point to the next, in Phantom Doctrine, it's hard to keep track of what why you're doing what you're doing. The game's story is paper thin and even when it becomes a little more clear, still isn't all that compelling. Mission briefings inform you that you're supposed to collect an informant or, in some cases, kill someone who recognized one of your agents. You base is always under threat of being exposed. Your spies are always run the risk of having their covers blown. It's run-of-the-mill stuff.

As with XCOM 2, your team members gain experience from every encounter they survive. Read the rest

Deniss Metsavas was a well-known military officer who frequently appeared on TV on behalf of his country's armed forces. He was also, thanks to a event of passion, blackmail and a constant fear of incarceration, a Russian intelligence asset. In this emotional video from The Atlantic, Metsavas talks about the consequences of his being blackmailed into becoming a witting Russian asset and the quick, dark path that led him to betraying his uniform and the country that he served.

Image vis Klickr, courtesy of Thomas Depenbusch (Depi) Read the rest

Yujing Zhang hacked her way into Donald Trump's private Florida club Mar-A-Lago with social engineering skills any self-respecting DEFCON or HOPE attendee would recognize. Read the rest

In Sweden, officers of the Swedish Security Service have arrested a person who worked “in a high-technology sector” and is believed by investigators to be a Russian agent. Read the rest

What a wonderful time to be alive. Read the rest

If you want an example of how big of a problem Chinese espionage is, you needn't look any further than the warnings that Canada and the United States have been throwing at corporations and governmental organizations about the use of gear built by tech companies with ties to the Chinese government.

Apparently, the issue extends beyond the use of smartphones and cellular networking hardware built by Huawei and ZTE: the US Government is thinking about conducting deep background checks on Chinese nationals coming to the United States in pursuit of their education. Spies! They're everywhere!

From IntelNews.Org:

...the Trump administration is reportedly considering the possibility of imposing deeper background checks and additional vetting on all Chinese nationals wishing to study in the US. Citing “a US official and three congressional and university sources”, Reuters said on Thursday that the measures would apply to all Chinese students wishing to register in undergraduate and graduate academic programs in the US. The news agency quoted a “senior US official” as saying that “no Chinese student who’s coming [to the US] is untethered from the state […. They all have] to go through a party and government approval process”. Reuters reported that the proposed plan includes a comprehensive examination of the applicants’ phone records and their presence on social media platforms. The goal would be to verify that the applicants are not connected with Chinese government agencies. As part of the proposed plan, US law enforcement and intelligence agencies would provide counterintelligence training to university officials.

The Organization for the Prohibition of Chemical Weapons (OPCW) has been elbows-deep in the investigation of the Novichok nerve agent attack on Sergei and Yulia Skirpal. As part of their investigation into where the nerve agent may have originated, the OPCW sent samples of the chemical weapon to a number of independent labs.

Using multiple labs provides a fail safe against false positive results and bias – two things you'd want to avoid considering the fact that the results of the tests could trigger a significant international incident. One of the labs that the OPCW may have used (I mean, they're not going to come right out and say that this is where they're sending dangerous shit) was Switzerland's Spiez Laboratory. Since Russia has denied that it had any role in the poisoning of the Skirpals and the other collateral victims of the Novichok attack, it's really really surprising to be surprised by the surprise expulsion of two Russian intelligence agents (surprise!) from The Hague, where OPCW is based. Apparently, they were trying to tinker with Spiez Laboratory's computers.

From NPR:

Swiss and Dutch authorities did not immediately respond to NPR's request for comment. Andreas Bucher, a spokesperson for Spiez Laboratory, also declined to comment on the deportations. However, he confirms the laboratory's computer systems have been probed by unknown hackers in recent months.

"We've had indications that we were in the crosshairs," Bucher says. No data has been stolen from the lab, he adds.

Although Spiez Laboratory has not officially acknowledged receiving a sample, it is widely believed to have done so, according to Jean Pascal Zanders, an independent chemical weapons expert based in France.

Next Thursday, Aston's auctioneers will sell off a private collection of cameras including some fantastic Soviet-era spy cams. According to the auction house's camera specialist, the most curious item is a camera containing a second camera (image below):

At first glance this appears to be a normal Zenith E camera it it's case, but opening it reveals a hidden miniature F-21 AJAX-12 camera. The camera is mounted so the f2.8 28mm lens is pointing out of the side edge of the case. On pressing a small button on the bottom of the case the internal mechanism cleverly raises a hidden internal flap, the camera shutters fires and the flap immediately closes shut. The user simply carries the camera over their shoulder in the normal way, but can take pictures at 90 degrees without raising any suspicion as it looks like the camera is in it's case and not being used. The camera uses 21mm film and has a clockwork drive for multiple shots without detection.

" Read the rest

Spain's got a stiffy for football, or soccer, if you must.

When a football match is on, just about everyone in the country loses their minds. TVs are gathered round, siestas are forgone, and team songs, in any bar you chance, will be full of scarf-swinging loons banging on tables and screaming for every goal. It’s loud, chaotic and lovely. For many Spaniards, catching a game while on the go involves downloading a smartphone app fronted by Spain’s national football league, Liga de Fútbol Profesional. Available for iOS and Android handsets, the La Liga app is not only licensed to stream football games, but also lets users keep track of the stats for their favorite teams and players.

Oh, it also tracks your every move and taps your smartphone's microphone, supposedly in the name of helping to root out unauthorized match broadcasts in bars, restaurants and cafes.

From El Dario, via Google Translate:

The Liga de Fútbol Profesional, the body that runs the most important sports competition in Spain, is using mobile phones of football fans to spy on bars and other public establishments that put matches for their clients. Millions of people in Spain have this application on their phone, which accumulates more than 10 million downloads, according to data from Google and Apple.

All of these people can become undercover informants for La Liga and the owners of football television broadcasting rights. If they give their consent for the app to use the device's microphone (which is common in many applications), they are actually giving permission for La Liga to remotely activate the phone's microphone and try to detect if what it sounds like is a bar or public establishment where a football match is being projected without paying the fee established by the chains that own the broadcasting rights.

Frank A. Gleason may not be a name that you're familiar with. But, given his contributions to the allied war effort during World War II, you should be. During the war, Gleason, now 97-years old, worked for the Overseas Strategic Service (OSS), an intelligence organization that was superseded by the Central Intelligence Agency. It was never his intention to become a spy but, smart as a whip and tough as nails, he was a perfect fit for the gig.

From Task & Purpose:

A native of Marietta, Georgia, Gleason was freshly armed with a chemical engineering degree from Penn State University when he was recruited into the OSS. It was a tight-knit, exclusive group: When the agency was founded, director Gen. William “Wild Bill” Donovan famously said, “We need Ph.Ds that can win a bar fight.”

During the year he and his team operated behind enemy lines in China, they were responsible for disrupting enemy communications and the destruction of railway lines, and blew up over 100 bridges. They generally made life for Japanese troops stationed in the areas where they worked a living hell. The dangerous services that Gleason rendered on behalf of the Allies has gone all but unrecognized over the past 74 years. Unlike soldiers, spies generally don't get parades. According to Military Times, Gleason's time in the shadows has come to an end: Congress has recognized the veteran's service during the war with the award of a Congressional Gold Medal – the highest award that can be given to a civilian in the United States. Read the rest

If you're not already wearing a tinfoil hat, it may be a good time to start: a pair of engineers based out of the University of Michigan have figured out a way to create a light-powered camera sensor that's only a millimeter in size: small enough to be practically invisible to a casual observer.

According to a paper published in IEEE Electron Device Letters by Euisik Yoon and Sung-Yun Park, the new camera has the potential to not only be insanely small, but also, self sustaining, thanks to a solar panel placed directly behind the camera's image sensor, which is thin enough that light, in addition to what's needed to create an image, is able to pass right through it. This could provide the camera with all the power it needs to be able to continue to capture images, indefinitely.  At a maximum of 15 frames per second, the images it captures aren't of the best quality, but they're more than adequate for creeping on an unsuspecting subject.

The good news is that, for the time being, the camera is nothing more than a proof-of-concept. In order for it to be deployed in the real world as a near-invisible surveillance device, someone a lot smarter than me will need to figure out how to store image data and transmit it using hardware that's just as discrete as the camera's image sensor and power source are.