Friday Squid Blogging: Using Squid Proteins for Commercial Camouflage Products

More research.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Posted on March 27, 2015 at 4:03 PM • 99 Comments

Comments

NothingNewHereMarch 27, 2015 4:41 PM

Left Amazon, can't get a job in my field of expertise, what should I do?
-------------------
Amazon Requires Non-Compete Agreements.. For Warehouse Workers

http://news.slashdot.org/story/15/03/27/1825205/amazon-requires-non-compete-agreements-for-warehouse-workers

Here's an excerpt from the agreement:

"During employment and for 18 months after the Separation Date, Employee will not, directly or indirectly, whether on Employee's own behalf or on behalf of any other entity (for example, as an employee, agent, partner, or consultant), engage in or support the development, manufacture, marketing, or sale of any product or service that competes or is intended to compete with any product or service sold, offered, or otherwise provided by Amazon (or intended to be sold, offered, or otherwise provided by Amazon in the future)."
-------------------
While not explicitely not necessarily a security issue, it can cause a departed employe to undertake an area of activity where expertise can be put to use, though not through gainful employment. Where do you supposed unemployed KGB agents went? This exhibits a vein of intimidation and control much like that of the one turned over by the courts, where a number of Silicon Vally companies agreed not to employee each other's current workers (that is, try to get them to change employers; wouldn't such non-compete agreements apply there as well?)

How about that "in the future" aspect? That would seem to render a person as un-employable for far longer than 18 months in their field of expertise.

MrCMarch 27, 2015 5:29 PM

@ NothingNewHere:

At least with respect to warehouse workers, that clause is not enforceable in most states, maybe even not enforceable in any state. Go work for another warehouse. Amazon won't be dumb enough to bring suit, and, if they exceed my expectations for stupidity in that respect, they'll probably lose on an inexpensive pleadings stage motion. I'd take the case for free just for the publicity.

tyrMarch 27, 2015 5:36 PM


Sounds familiar.

http://disinfo.com/2015/03/the-anti-conspiracy-theorist/

Did anyone else notice that the security measures of
Germanwings were turned against the flight ?
It is what makes meaningful security a nightmare since
the procedures can work against any meaningful method
of mitigation. It sounds wonderful to deny access to
the flight controls and think you've solved the problem.

Similarly the net design was intended to allow it to
function after a huge number of nodes had been knocked
off line. This has come back to haunt the world as it
allows everyone access to everything. The only way to
fix the Germanwings problem is to open the cockpit.
The only way to fix the net is to do a complete new
design into compartmented and autonomous gated micro
networks, then the first nuclear event puts everyone
back into the stone age.

There's an alternate proposal which is to stop trying
to micromanage every possibility into non existence
and to accept a reasonable level of risk as part of
any process.

I'm sure emotional kneejerking will come up with a
more drastic method to try to stop humans from losing
their mind but I have doubts about the efficacy.

TheGuildsmanMarch 27, 2015 6:39 PM

@Clive probably since you seem to know so much about everything.

A puzzle:

I'm trying to record for evidence some sounds which someone is broadcasting into the house somehow (how is another mystery).

Music, female voices and male chanting, and also some kind of low rumbling, which can be heard by the ear quite well and loudly but which don't show up on the recording. Very frustrating to say the least.

Any idea how this might be possible and, of course, how to overcome it and make a recording?

DennisMarch 27, 2015 6:53 PM

A while back a UPS pilot told me he was thinking about quitting, because during takeoff and landing they were required to hold their hands in the air to show they weren't touching the controls.

We're probably not ready to put computers totally in control of passenger aircraft. But how about this: Every crew member carries a wireless button. Pilot locks self in cockpit? Two stewards say "yep, he's crashing us into the mountain," hit their buttons, and the plane takes over and lands safely at the nearest airport.

If pilots flip out one time in a million, and the computer would crash the plane one time in a thousand, then this system gives a one in a billion chance of the plane crashing due to crazy pilots.

Works for terrorists too...they have to disable the whole crew at once or face a nice easy ride down to waiting law enforcement.

BenniMarch 27, 2015 7:01 PM

A usual linux box without NSA's selinux extension is nowadays more easy to exploit than an average windows machine. Therefore, selinux is important.

But of course selinux would not come from NSA if it would not ship with its special backdoors so that the witting user can get root more easily:

http://seclists.org/oss-sec/2015/q1/1011

"So. Yes, thats correct: The SELinux system that is only there to protect you,
passes attacker controlled data to sh -c (https://docs.python.org/2/library/commands.html)
inside a daemon running as root. "

"I attached a PoC which uses networkmanager's openvpn plugin to execute
arbitraty commands by triggering an access violation to a pathname
which contains shell commands."


Klaus Landefeld from the world's largest internet node de-cix complains about the full take that BND is taking from his node at the NSA investigation comission.

https://netzpolitik.org/2015/live-blog-aus-dem-geheimdienst-untersuchungsausschuss-klaus-landefeld-de-cix-und-hans-de-with-g-10-kommission/

For example, he says that he had his first government search in 1993. At that time, Landefeld had to sent trucks over to the BND. The german government had ordered him "to print the internet out on paper"....

Today, he complains that BND can order to tap de-cix fibers without many regulations. He asks, what is foreign in a fiber that connects Frankfurt and Berlin. And he says that BND often just makes a full take. Before snowden, He considered some orders from BND to be illegal. He wanted to talk with the parlamentarians that watch over the BND. Soon he was forbidden to talk about this by the office of the chancelor. Here, he says that they did not want to sue the government because it always insisted on dangers from terrorists. But since snowden, de-cix is considering again to file a lawsuit

http://www.heise.de/newsticker/meldung/NSA-Ausschuss-BND-hat-freie-Hand-bei-der-Internetueberwachung-2585620.html

Interesting is what Landefeld says on cyber threads. He does consulting about this. Every shop would be under thousends of attacks daily. But they are mostly searching for known exploits and therefore not serious. He finds it more interesting when the attacks specifically target sysadmins or employees. He knows a case of an engineering company where someone suddenly blocked the company's internet access. Immediately, agents turned up who said they want to fix the problem, and in the process they tried to install a router with listening bugs...

Landefeld says that in the united states, the surveillance is implemented in the software. A checkbox gets activated and the entire traffic goes to NSA. And this is forbidden in germany. However, NSA wanted BND handing over its de-cix data so badly, because NSA can not get all the domestic US data it wants. Therefore, NSA searches partners that sit on the other end of the fibers. Similarly, BND also listens on domestic fibers.

ThothMarch 27, 2015 7:49 PM

@TheGuildsman
That sounds like some paranormal investigation with attempts to record sounds that cannot be usually recorded ?

FigMarch 27, 2015 7:59 PM

So what kind of OS and hardware could someone trust these days? Or at least hope for fewer backdoors?

Maybe AMD platform and some specific Linux distro with FDE?

TedMarch 27, 2015 8:39 PM

Self driving cars are all in the news. It sounds like great technology. It is great technology. But, I can't help but see the dark side.

Why is Google in this? For the betterment of mankind?

Ans: No way. They are looking at ways to monetize the snot out of it.

Also, the military-police lobby must be drooling at the prospect of mass tracking of every single vehicle being driven, not to mention the added bonuses of being able to listen in to conversations 24/7, re-direct vehicles, shut down a vehicle or thousands at the flip of a switch. They must be getting high on the power rush already.

In the latest Ford iteration of automated driving a camera reads speed limit signs and literally slows the car down if the driver is driving too fast. That free will decision is gone. There will be many others.

In short it's all about the corporations developing high tech new ways to fleece the sheep and the government to take away more or our freedoms on a massive basis.

And, let's not even think about the ever increasing monthly fees merely for the privilege of letting them drive us around at their own chosen speed and convenience.

OK, admit it. I wrote this comment with my foil hat on. Two layers. Heavy duty.

DBMarch 27, 2015 8:57 PM

@ Ted

At least you war that tin foil hat proudly... and even more so when half of what you theorized is proven to be true...

One thing is for sure: in general companies do not do things just for the betterment of mankind... and you can just follow the money from there.

BuckMarch 27, 2015 10:29 PM

@tyr

That link lead me down quite an entertaining rabbit hole! :-D

Sociologists, Psychologists, Biologists, Chemists, Physicists, Mathematicians, Linguists, and so on... "Oh, hey, I didn't see you guys all the way over there."

Abdussattar Chhipa, King of HospitalityMarch 27, 2015 10:40 PM

Hey, now that the US government officially classifies software as arms, I can't wait to exercise my Second Amendment Rights to defend myself against illegal government interference with my privacy.

Anybody got Stuxnet source code? My well-regulated militia needs it for something.

TheGuildsmanMarch 27, 2015 10:57 PM

@Thoth

"That sounds like some paranormal investigation with attempts to record sounds that cannot be usually recorded ?"

Yes. I know that's what it sounds like. Or some conspiracy theory kook with noises in his head and black helicopters aiming laser weapons through his window, etc.

But it's not. It's a very normal revenge harassment problem. I know who is behind it and why and I am trying to collect enough evidence to convince LE to take me seriously.

So I assume it's some kind of a technical audio equipment issue or something like that. And unfortunately I don't know much about audio. I've tried using a laptop and a Sony voice recorder as well as my surveillance camera audio. I have played with the recording in Audacity, trying all kinds of filters, to no avail.

What is being done to cause very loud sounds, some of which can shake the floor, to dissolve into garbled nothing on a recording?

AudioJackMarch 28, 2015 1:40 AM

@TheGuildsman

So I assume it's some kind of a technical audio equipment issue or something like that. And unfortunately I don't know much about audio. I've tried using a laptop and a Sony voice recorder as well as my surveillance camera audio. I have played with the recording in Audacity, trying all kinds of filters, to no avail.

Audio technician here.

If your ears can hear it, but your audio equipment can't, then it's a technical problem with your equipment, nothing magical. But you can't just fix the equipment - it might be that your current equipment isn't designed to pick up very high or low-frequency sounds, or is just generally low-quality. You probably need new, better equipment.

Human hearing is typically in the range of 20 Hz (deep, low sounds) to 20,000 Hz (very high-pitch). Some cheap audio equipment, though, can only capture in the 300 Hz - 15,000 Hz range, for example, and these devices will never "hear" certain low or high pitch sounds. Maybe the low-pitch sounds you're describing are too low for your equipment to pick up. For example, the low sound you hear might be around 100Hz, but your recording equipment cant pick up anything lower than 300Hz. This is called frequency response, and is one of many audio issues you could be dealing with.

Your laptop mic, and surveillance camera mics are pretty much guaranteed to be absolute garbage quality. Your Sony voice recorder could be good or bad, I don't know, Sony makes all kinds of gear (but if it hasn't picked up these sounds you're hearing, then it probably isn't great). Studio audio gear can capture a larger chunk of the human-audible spectrum and generally produces vastly better recordings in many ways. The sound quality difference between consumer recording gear and studio gear is enormous.

You can search for microphones and find lots of good ones, I won't go describing everything to look for. There's also the issue of cost, and I don't know how much you're willing to spend on this, if anything. That said, if you were to get something like a Zoom H1 ($100), H2n ($160), or H4n ($200), set it to record at 24-bit, 48,000 Hz, in WAV format, you'd likely have no trouble recording your evidence.

As far as figuring out where the sounds are coming from, you could try shutting off power to your house from the circuit breaker to see whether it's coming from inside your house. Shut off the switches one-by-one to narrow it down to a specific circuit/area. If the sounds continue, this leaves only battery-powered devices (which will run out eventually) and sounds external to your house.

tyrMarch 28, 2015 1:47 AM


@ Buck

I always viewed the Net as an interesting rabbit hole,
some of it a lot better than the rest.

@TheGuildsman

Audio equipment usually has a bandwidth limitation on
what frequencies it will detect and reproduce.If you
have access to an analog scope you might be able to see
what makes the noise. A youthful pair of ears has a
lot better frequency response than most consumer
grade microphones.

You might try pulling a paper tape under a mounted pen
to see what it shows, that will detect low frequencies
that a mike can't get. Basically build your own seismo
device.

Bong-smoking Primitive Monkey-Brained SockpuppetMarch 28, 2015 2:06 AM

Top 10 reasons @RobertT is MIA... No particular order...

  1. The little birdies got fed up whispering in his ears. Turns out they're not so little after all.
  2. He made the right choice, but only too little, too late
  3. He could beat the underwater breath-holding champion. During the hundredth water boarding session, he said: Your enhanced interrogation techniques suck! Pour more water bitch. I'll outlast your weak ass any day of the year... They gave up on him, so...
  4. They sent him on a hunting trip with Mr. Cheney
  5. His smart throne got cracked and leaked water. An NSA proctologist was able to siphon a few drops of water and extract his password from the water drops. They disabled his throne's password shortly after...
  6. They tracked his real identity despite his superb OPSEC process through one of his burner phones with some unadvertised specifications
  7. He got bored and went to the movies. Unfortunately, he misread the title and ended up in the wrong movie...
  8. He almost won a chess game against a TLA, but he forgot they don't play by the rules
  9. He reasoned: If my score is not zero, I might as well join the other side; the George Bin Bush team.
  10. He heard about an advanced OTP class. Sadly it stood for One Time Pupil... He sat too close to the teacher

TheGuildsmanMarch 28, 2015 3:43 AM

@AudioJack

Thank you for your thoughtful, and lengthy, response. It's very kind of you to take the time.

If you don't mind I have some more questions before I head out and buy or rent some equipment.

The recorder is a Sony IC recorder. ICD-UX533 about 80 $us. I was told it was good quality for voice and music. What do you think?

I forgot to mention that there always seems to be some ambient noise from the hvac vents in the house. Not loud enough to disturb normal conversation but it always shows up on the recordings.

I gave up on the laptop because it seemed to be doing a lot of filtering before delivering the sound to audacity so when I played around with noise reduction trying to eliminate the hvac rushing air noise I ended up with a lot of distortion.

Can some sounds, like the air from the vents, or perhaps other sounds that they might broadcast, mask other sounds or is it fair to say if I can hear it with my ears I can record it?

Surprisingly the surveillance camera, which is a DLink, has quite the ability to pick up sounds of all sorts and I assume a wide range of frequencies. When it's sitting in the 2nd floor window it picks up people talking across the street, car doors and trunks closing, jet aircraft flying over, car and truck exhaust notes and the tires running over ice, even street noise from the next block, etc. When I stream the audio into Reaper through the Voxengo SPAN spectrum analysis VST plugin it shows me a range of frequencies from about 20Hz to over 10KHz. That's just using "what you hear" as the sound source since it's coming from the web browser interface to the camera.

So the question is, if I can see that range of frequencies should I be able to hear the mystery sounds as well? And I was thinking about attaching a decent microphone with a long cord that I can move around the house. Would a good mic help with a not so good recorder?

Thanks again. I really appreciate your time and input.

CuriousMarch 28, 2015 4:07 AM

The following are a few observations on recent news articles, with regard to the alleged activity of IMSI-catcher equipement in Oslo norway, late in 2014. Presumably alot of details has been omitted/overlooked here by me, as I have not watched the conference myself:

I guess it falls on me to mention, that the 'police security services' (known as 'PST', and roughly translated by me to English) in norway had a press conference just recently, as a reaction to the IMSI catcher article(s) in 'Aftenposten' newspaper late in 2014, which had pointed out that it was believed to exist fake comms towers in the capital city 'Oslo'.

So PST is now said to have made investigations into *something* (my expletive) that has to do with the claim of there existing fake comms towers in Oslo, and apparently hold the basic opinion that there is no reason to say there were any.

An online article by the national broadcasting corp. (NRK) ended their article about this conference, with a paragraph basicly stating that the PST had a "goal" of making an investigation into whether there was any foreign powers involved in any espionage and similar activities. In the same article by NRK, the PST head/official Benedicte Bjørnland at the conference has been quoted on acknowledging, that PST had indeed been using IMCI-catcher equipment 30 times over the last three years in the city of 'Oslo' area.

In an article by Aftenposten, I am reading that PST is said to have acklowledge that they never tested the equipment that had been used for the investigations by Aftenposten. The PST 'communications director' (my translation) Trond Hugubakken appear to have made a comment that they would of course make 'affirmative action' (my translation) in a possible search for fake comms towers if there were to be indications for that, but also claimed that it is "very difficult" to discover the use of IMSI-catcher equipment. I am also reading in that same article that a couple of people working for Aftenposten claimed that a spokesperson for PST uttered a nonspecific warning/threat, something that PST later said they weren't aware of this having happened.

From the reporting about the PST conference, it seems PST is claiming that the newspaper's investigations into IMSI-catcher activity was basicly, either poor, or something that had other explanations.

In brief, the newspaper Aftenposten seem unfazed by PST attitude and opinions, and take offense to this, claiming that PST having an outdated understanding of technology, and they will continue to report on this, dubbed 'mobile phone surveillance'.

Being a layman, I am guessing that, if there is or were fake comms towers in Oslo, PST wouldn't be allowed to, nor would want to acknowledge the existence of such anyway.

I am now sort of reminded of a previous tax scandal, involving former local police personell, working for the US embassy in Oslo in conducting surveillance on locals. So, if "friendly" foreign powers are involved in IMSI-catcher activities in Oslo on their own or assisted by locals, I believe it is the tradition for the government agencies to slap a "secret" stamp on all such information, with the traditional and "convenient" rational, of treating international relations with the "courtesy" of discretion.

Articles in norwegian:
http://www.nrk.no/norge/pst-sjefen_-ikke-tegn-til-falske-basestasjoner-i-aftenpostens-funn-1.12267764
http://www.aftenposten.no/nyheter/PST-Aftenpostens-funn-har-naturlige-forklaringer-7960553.html
http://www.aftenposten.no/nyheter/Aftenposten-vil-fortsette-a-skrive-om-mobilovervakning-7961064.html

I want here at the end, to take the opportunity to point out that newspapers in norway sometimes mess up quotations and make up stuff from time to time in my experience, so never simply trust any quotation from any newspaper in norway to be correct, or so is my advice, because a quotation might be a mere paraphrase, as what appeared to have been the case with the reporting of Ban Ki-Moon's speech about Syria some time ago. Instead of having translated a particular word in English into the simple eqivalent word in norwegian, they added a whole phrase that alluded to things and the reporter later claimed on email to me that doing so was ok, never ever having acknolwedged that they ended up with a paraphrase, and not a quotation.

uair01March 28, 2015 4:57 AM

On another blog this comment was made (see below). Makes you wonder how to assess that kind of rare risks. I'll be thankful for any pointers to serious literature concerning countermeasures for rare events. What is the real threat and what is a movie plot threat? How can you distinguish the two?

Concerning the German plane disaster:

"Of course, in response to this, all members of the flight crew will be allowed on the deck when the pilot non-flying goes to the can. So any steward can slit the other’s throat and fly into terrain. Lubnitz was an attendant before he got the pilot gig. Expect deaths to increase proportionally. Just as this was caused by the stupid reinforced door idea, each solution should lay the groundwork for the next incident."

Source:
http://marginalrevolution.com/marginalrevolution/2015/03/sentences-to-ponder-88.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+marginalrevolution%2Ffeed+%28Marginal+Revolution%29

Jonathan WilsonMarch 28, 2015 7:04 AM

I haven't seen any mention of this on here
http://defencereport.com/australias-defence-trade-control-act-clamps-down-on-researchers/

I am not a lawyer or an expert on export controls but if my limited reading of these regulations is correct, this could harm not just researchers and scientists but anyone who works with "dual-use technology" (the definition of which is very much open to interpretation by the government and its agencies with no recourse if the government suddenly decides to restrict whatever it is you are doing, potentially even things you previously got an explicit OK to export before)

I have written a number of things that deal in cryptography in the past. I wrote a program to do offline decryption of the AES encrypted backups for the Nokia N900 phone for those people who have an encrypted backup and have the password but don't have a usable N900 to decrypt it with. I wrote a program to decrypt encrypted script files from a particular version of 3d studio max (I had an encrypted script file I needed to decrypt, hence why I reverse engineered that stuff). Under these new laws, what I did in making/releasing these things could now be illegal.

I currently work on a large mod for a PC game title. This mod contains encryption code. I regularly send compiled builds of this mod to others on the team for various reasons. Under these new laws, that could become illegal.

I am also involved in a project that deals with various security and encryption related software items on the Nokia N900 phone including OpenSSL, cryptographic parts of the browser, the stuff that manages the certificate store (which holds all the root certificates the phone uses) and the daemon and libraries that handle various WiFi encryption standards. I communicate with others about this stuff. Under these new laws, this could also become illegal.

And its not just encryption, I have seen suggestions that things involving robots with vision systems/image processing might be restricted under these laws. You can buy various addons for the LEGO Mindstorms robotics kit that involve image processing/vision systems. Does that mean that plans/programs/etc for LEGO Mindstorms robots are now restricted?

GrauhutMarch 28, 2015 10:18 AM

@Benni: Its even worse with Decix security. They already started to check if they are working in a lucid TAO Bells illusion matrix. :)

"Sensburg: viruses, Trojans?

Landefeld: Good question. If switch or OS would be compromised, this would eventually work. But still requires that they have line for drainage. ... Have begun to check meter readings on each port. Core is big black box that has to have the same amount of data in and out. Very difficult, currently in implementation.
...
Some have their own infrastructure. Colt, Level 3, telecom, [Heag?] ASG."


If they dont trust the snmp port usage numbers of their own infrastructure anymore and begin to measure these numbers outside the ports, then this smells like a real fubar os matrix... :D

ww3March 28, 2015 10:38 AM

@ guildsman
your sony voice recorder is exactly that, made for voice, but not full range of human hearing, it cuts the highs and lows off to limit machine noise, background noise etc. that is a feature, not a bug.
human hearing has a much wider range than human voice.

ThothMarch 28, 2015 10:46 AM

I wonder how the US Govt feels when their agencies uses weakly escrowed algorithms and chips in their "high security" products .....

Link: https://threatpost.com/fbi-pleads-for-crypto-subversion-in-congressional-budget-hearing/111860

It would be interesting if NXP, Atmel, Intel, Harris Corp, et. al. were to suddenly flip on their beds and decided to give the Govts a taste of their just desserts.

Just a thought, a lot of "Security Products" are actually "full of holes" and that includes escrows and backdoors and somehow these "Security Products" manages to find their way into Government contracts and get implemented into critical systems. I am currently somewhat aware that certain products I have seen actually may have backdoors, escrows or weakened and somehow manages to slip into a lot of highly critical financial and Governmental sectors (including a possibility of defense sectors of certain probably unsuspecting nations) and touted as a critical product.

Some of the usual culprits are cryptographic chips and Privileged Identity modules that are contributing to lots of holes.

ClavierMarch 28, 2015 10:59 AM

Is NYC’s new gunshot detection system recording private conversations?
http://fusion.net/story/107298/is-nycs-new-gunshot-detection-system-recording-private-conversations/

The exchange, which was used in court, was recorded by ShotSpotter, a gunshot detection system that has been installed in over 90 cities across the country. By placing a series of microphones around high-crime neighborhoods, the system is able to pinpoint the location of where a gunshot took place with surprising accuracy, leading to faster response times from police. This week, 300 of the microphones were activated in Brooklyn and the Bronx as part of a citywide pilot program...

AudioJackMarch 28, 2015 11:47 AM

@TheGuildsman

The recorder is a Sony IC recorder. ICD-UX533 about 80 $us. I was told it was good quality for voice and music. What do you think?

I looked up this recorder and read a review. This is a "voice recorder," a device class which is great for recording memos, meetings, etc. It's not the greatest for music, film sound, or other high-quality uses, but you can still use it for these purposes with the right settings. The ICD-UX533 has some quality limitations: only 16 bit, no 24 bit audio; and only 44,100 Hz recording, but no 48,000 Hz or 96,000 Hz. The other mics I linked to in my last post don't have these limitations. Without having used a ICD-UX533 myself, I have no idea what the quality of the actual hardware microphones is like, which is the most important factor.

That said, you should be able to record something of these mystery sounds you're hearing on the ICD-UX533. Make sure you set it to record in WAV/PCM format (not MP3, WMA, or AAC), this is most important. This mic has a "cardioid" pick-up pattern (sort of an upside-down heart shape), so it's somewhat directional and helps to point it in the right direction if possible.

I forgot to mention that there always seems to be some ambient noise from the hvac vents in the house. Not loud enough to disturb normal conversation but it always shows up on the recordings.

HVAC and refrigerators are a constant problem for anybody doing recording. See if you can turn it off somehow. Also, try to point your mic in the direction of the sound, if at all possible.

I gave up on the laptop because...

Yes, give up on it, laptop mics are always terrible and you're probably also dealing with the sounds of the laptop's own fans.

Can some sounds, like the air from the vents, or perhaps other sounds that they might broadcast, mask other sounds or is it fair to say if I can hear it with my ears I can record it?

Yes, masking does happen. It's possible your HVAC is masking out the sounds completely. This is a volume level issue. If the mystery sounds are quieter than the HVAC, you might not be able to hear them on the recording so easily, especially with only a mono mic.

Surprisingly the surveillance camera, which is a DLink, has quite the ability to pick up sounds of all sorts and I assume a wide range of frequencies. ...it shows me a range of frequencies from about 20Hz to over 10KHz. ... So the question is, if I can see that range of frequencies should I be able to hear the mystery sounds as well?

10 kHz is not very high frequency at all. That system will miss a lot of higher-pitch sounds. The recorders I linked to in my previous post can pick up much higher frequencies, and so can your ICD-UX533 in WAV/PCM mode.

Would a good mic help with a not so good recorder?

Your audio is only as good as the weakest link. Just like with security! If you have the best mic with a low-quality recorder, you'll get low-quality audio output. But if your recorder (I assume you're talking about your ICD-UX533 here) is using a low-quality mic by default anyway, which may or may not be lower quality than the recording hardware, then plugging in a better one will help.

If you still can't get a recording of the sounds, you might need to upgrade to a better recorder. Or locate the source of the sound.

DBMarch 28, 2015 12:38 PM

@TheGuildsman

Ambient noise can absolutely mask sounds in a recording, that human ears can easily pick up. This is often underestimated. You really need to eliminate those other sounds to pick it up with a recorder.

To illustrate what I'm saying, try this: have someone speak softly to you, while some moderately loud music or something else is playing. You can probably hear them fairly well, and understand what they're saying. Now cover one ear. Tightly. So that basically no noise enters one ear. Suddenly, you can't understand what that person is saying....

That's because the brain does an amazing thing with the ears... it calculates highly accurate directionality and distance, and separates sounds quite well based on it, allowing you to ignore one and concentrate on the other. But it needs two ears to do it. Recordings don't do this at all, and things played back from a recording just jumble everything together and spit it all back out at the speakers. Stereo recordings do improve the situation somewhat over mono recordings, but nothing close to what the human ears and brain do to the original. This is why studios concentrate so much on eliminating ambient noise, even with noise-absorbent foam on the walls and everything.

This actually brings up a possible way to deal with the "revenge" noise, if it's keeping you awake at night: sleep on your side and bury one ear in the pillow, or use one earplug. Don't cover both ears, because then what little comes through can still be separated by the brain. Just cover one ear. And have a good night's sleep, finally.

WhoCaresMarch 28, 2015 12:38 PM

There was this news in the Portuguese media regarding a leaked manual of operations belonging to Portuguese secret services SIS

An article can be seen here and here .

Here is a rogue translation for the above article:

(...) Besides procedures for collecting information through open sources such as internet searches, information retrieval can be based in the interception of electronic communications, radars and other electromagnetic signals. This can be seen as ilegal wiretapping (...)

(...) Telecommunications interception is done using "environmental taps" using microphones, devices installed in the cellphones, or by installing programs that permit the extraction of data from emails or a computer. This has been confirmed by sources at SIS (...)

(...) Human research is another procedure described in the manual. The agent should adjust the approach to the target taking into account his profile in order to capture information in greater detail. Human research does not relate only to persons but also to institutions and companies. In all cases the profile, caracter, vulnerabilities and motivation of the target must be considered. Capturing and controlling a human source is vital in the secret services strategy (...)

(...)The manual highlights the importance of human sources managment for collecting information. Monetary motivation should be preferably used so that a longer and efective control can be achieved. This type of procedure should not be considered as a mere knowledge exchange for favours or money (...)

Near the end the article raises several questions:

"(...) Can it be that the constitutional rights of the Portuguese citizens are being violated by SIS procedures.? Does the interception of communications described in the manual qualifies as an illegal way of conducting illegal wiretaps and surveillance taking into account that such procedures must be always authorized by a a court, eaven those executed by Policia Judiciaria? Aren't these procedures only allowed to the criminal police? (...)
And finally
(...) Julio Pereira, secretary general of SIRP refused to comment (...)

Also an interesting fact in the printed version of "Jornal o I" and it goes moreless like this:

(...) Agents using payphones should always dial another number after ending an operational call so that phone number cannot be unmasked by pressing the redial button (...)

This leak seems to happen for a reason. Don't know if you guys have heard about the so called "Super-Espião" regarding Jorge Silva de Carvalho. He was an agent of SIED and is being accused of illegaling
accessing the cellphone records of a journalist. The records have been retrieved by a female employer of Vodafone. The trial is scheduled to start at the 9th of april.

These services have a STASI-like mentality. It reminds me of those employed by PIDE , the political police that existed before the Portuguese revolution, famous of having one of the largest network
of snitches. Nowadays they call it "Human research". Seems like it's extintion really never happened.

It's also known that these intelligence services have closed ties with secret societies.
It is a known fact that Jorge Silva de Carvalho belongs to the so called "Loja Mozart n.º 49 - Maçonaria Portuguesa, da Grande Loja Regular de Portugal"


A Nonny BunnyMarch 28, 2015 1:22 PM

@Ted

In the latest Ford iteration of automated driving a camera reads speed limit signs and literally slows the car down if the driver is driving too fast. That free will decision is gone.

Cool, so all I have to do to cause a traffic jam and/or accident is to put up an obviously-fake-to-anyone-but-an-algorithm speed limit sign?

You can turn the feature off though. (According to http://www.telegraph.co.uk/cars/ford/news/ford-introduces-automatic-speed-limiter.html )

SuckpoppetMarch 28, 2015 2:57 PM

@A Nonny Bunny

Why does it have to be "obviously-fake-to-anyone-but-an-algorithm"? Change 45 to 35 at one location, 45 to 55 at another. Humans en masse will do the rest. Use the actual speed limit signs, just slap/spray on your own home-printed digits....

Teenagers of the future: why egg or TP somebody's house when you can screw up a whole city's road network?

Ah, good times ahead at the intersection of Assymetric Avenue and Delinquent Drive.

albertMarch 28, 2015 3:01 PM

@TheGuildsman, et. al.

The Sony you mentioned is adequate for recording:

50 Hz - 20 kHz @ 44.1 kHz Sample Rate / 16 Bit LPCM
50 Hz - 18 kHz @ 44.1 kHz Sample Rate / 192 kbps MP3
50 Hz - 16 kHz @ 44.1 kHz Sample Rate / 128 kbps MP3
50 Hz - 14 kHz @ 44.1 kHz Sample Rate / 48 kbps MP3
60 Hz - 3.4 kHz @ 44.1 kHz Sample Rate / 8 kbps MP3

You don't need a lower freq. response for 'female voices' and 'chants'. Sensitivity specs usually aren't given on low-end stuff like this. The Zoom products are excellent value.

15-20 Hz is considered good low-end performance for digital recording, BUT below that is gonna be _very expensive_ to record.

I don't know what kind of house you live in. A single-family, detached unit would be easy to investigate. HVAC ducts are an ideal way to feed noise throughout a building. Super-low frequencies can be applied mechanically, or electro-mechanically. Such devices need power.

Do let us know your progress..
...

steve37March 28, 2015 3:28 PM

@TheGuildsman

If you need a low noise recorder for relatively low level audio
I would suggest the Olympus LS-11 or the Sony PCM-M10.
They are not very cheap.
Use always 24 bit linear PCM mode and remember
NOT to use (switch off) the low cut filter.
I have the LS-11 it can definitely record
20 - 44.000Hz in 96 kHz mode.

ConcernedCitizenMarch 28, 2015 3:35 PM

@NothingNewHere

Sorry to be so late to the party. Amazon's non-compete is even worse that most people are pointing out (here and in other places). It doesn't just preclude the worker (even seasonal warehouse workers) from working in a warehouse type operation but for a business that sells any product of service that Amazon sells now or may sell in the future. Essentially, anything. Therefore, Amazon can argue that almost any gainful employment is a potential violation. It is so absurd, I'm not really sure I understand the logic of it's existence.

DBMarch 28, 2015 4:11 PM

@ConcernedCitizen, @NothingNewHere

This is just a classic overzealous legal document trying to strip you down to less legal rights than trees, in order to cover the company butt just in case they feel the need to use it against you for any reason! These kinds of documents are everywhere, every service or software you use has one. It's usually tiny print, very long, and you must scroll to the bottom and click "yes, I agree" or sign your name if it's not an online document.

@MrC is hopefully at least partly right, in that many parts of such overzealous documents are unenforceable. I don't have complete confidence in that though... There's too much injustice in our world.

By the way, with that wording about "in the future"... it's referring to future products/services, not extending the time period of the non-compete to forever. There's still a time limit to it. But yeah, during that time period, it tries to cover virtually everything in existence, or in future existence.

k10March 28, 2015 4:28 PM

@Clavier, someone may already be one step ahead, on technique for gaming the shotspotter conversational audio, or other recorded audio. 3x now I have noticed a pair of people get up close to me, whereupon one starts addressing the other about illegal behavior, while the second stays silent. Maybe it's just coincidence, but if deliberate, would it work?

And @TheGuildsman, is another person, or an animal, able to hear what you're hearing?

ConcernedCitizenMarch 28, 2015 4:28 PM

@DB

The "in the future" point you make in re: a time limit makes sense. Still, taken at face value, it means you effectively can't work anywhere in the world for 18 months. Most courts are going to hold that they need to pay the piper if they wish to call that tune.

TheGuildsmanMarch 28, 2015 4:53 PM

@k10

"And @TheGuildsman, is another person, or an animal, able to hear what you're hearing?"

Thank you. Yes. Actually right now I am out of town and my sister is staying at the house. The sounds are keeping her up at night as well.

@albert

"I don't know what kind of house you live in. A single-family, detached unit would be easy to investigate. HVAC ducts are an ideal way to feed noise throughout a building. Super-low frequencies can be applied mechanically, or electro-mechanically. Such devices need power. "

Thank you. It's the last house in a row of town houses, attached on one side. I do believe the HVAC ducts are being used since the sounds are "in the air" and there doesn't seem to be a single source. I am having a HVAC specialist come in with a camera to examine all the ducts. In the meantime I haven't been able to find any suspicious looking wires. Will try turning off the power as AudioJack suggested to at least pinpoint inside/outside as the source.

Clive RobinsonMarch 28, 2015 5:05 PM

@ The Guilds man,

The first question to ask is "If you can hear it can others?".

That is when you have other people in the building do the sounds stop? or can they hear them as well?

The reason for asking this is it might give you a clue as to if you are also being watched and if so from where.

By the way humans hear with rather more than the holes on the side of their heads, which can make for interesting entertainment.

Infra-sound is generaly considerd to be frequencies to low to hear via the holes in your head, but your guts and bones quite happily pick up on it. It is known that infra-sound can not just give you an uneasy fealing, it can also if the level is high enough interfere with you GI tract and can quite literally "shake the cr4p" out of you.

It can also be used to make you think you are moving when sitting in a chair etc. Some years ago experiments were run to see if film goers could be made to feal more part of the action. It kind of works on similar principles to those fair ground flight simulators that simply tip you forwards and backwards side to side and lift you up and down. Because your body cannot measure the absolute value only changes in value in a limited bandwidth, it can be tricked into thinking that it's moving continuously when it's not. The idea was to use infra-sound instead of moving seats, thus you could feal blast waves earthquakes etc.

The problem with infra-sound is it's wavelength, the speed of sound for most of us is around 330m/S so at 20Hz and below the wavelength would be greater than 17m, which would require large physical structures to generate efficiently with conventional techniques, thus they would usually be fairly visable if you know what to look for. However there are active radiator methods where the waveform can be synthesized but these are still leading edge technology.

Now a thought for you "When is a wave not a wave?" and one of the answers to this is "When it's an interferance pattern".

As I've mentioned before microwave sound can be generated and beamed just like EM microwaves. Thus two 20Mhz ultra-sound signals can be used to point at you, either beam on it's own does little, however if both beams are used at the same time and the response of what they are aimed at is nonlinear then the two signals will produce an interferance pattern at the surface of the nonlinear object. So if the frequencies were marginaly different then a difference frequency would be produced in the nonlinear object.

Human skin and flesh is quite nonlinear as are the joints between bones. You can thus quite literally "feel sound" as touch nerves get stimulated in their pass band. However it has been found that when the difference frequency is similar to that of certain of your brain waves just as wiwh flashing light it can induce fits and seizures, and ultimately death...

More recent experiments have been in the direction of "holo-touch" whereby your nerves can be tricked into making you feel a surface not as smoth metal but textured like cloth etc.

Now obviously if you pick the right ultra-sound frequencies you will have frequency bands where your flesh is effectivly transparent but your bones are not. If the difference frequency is in the audible spectrum then your skull bones vibrating at this frequency will be heard by the inner parts of your ear. As it's highly unlikely to find a microphone with similar transmission and absorbtion spectra it would not pick up the interferance pattern.

This effect has been used in reverse in the past to effectively jam surveillance mics of various kinds including those laser mics. Thus would also jam the "crisp packet / plastic cup" video microphones as well.

Whilst I'm not saying anything like this is being used against you it does give you some idea of what difficulties you might have in detecting a high skill level adversary.

Another thing you need to be aware of is that the human brain has "insulator" problems, it is known that in some people that abstract ideas can have attached sounds or colours. That is for instance even though printed in black and white, a person might see words or numbers as being coloured. The argument is that the brain suffers from "cross talk" or similar, whatever the cause it effects around 1 in 70 people to some extent and chemical substances can make the problem worse.

For instance people with "word blindness" have a higher likelyhood of having this problem which is why people have experimented with coloured glasses to see if it can help overcome the issue. What has been reported is that the likes of CNS pain relief drugs can in even sub clinical doses make the cross talk problem significantly worse. It's often reported as auditary or visual hallucinations and some pain relife drugs such as Tramadol can cause them in around a quater of the population.... There are also other quite common chemicals that you can come across as "flavorings" that can do the same thing, such as spices like mace which is the outer shell of the nutmeg, alcoholic drinks such as tequila and absinthe and even some more traditional cooking herbs such as sage. Oh and then there is the issue of smell, people say it is very evocative and can bring back forgoton thoughts and memories, evidence suggests that smell can have fast and deep effects in the brain, and there is some evidence that hallucinations can result.

So what you may be experiencing might not be what you think, it could be something else in your environment causing minor auditory hallucinations. If it is, getting to the bottom of it might be as difficult as finding which food allergy causes IBS etc.

Bobbox1980March 28, 2015 5:33 PM

@ steve37

Thanks for the article.

I had just posted a message on the qubes-users group about seeing a garbled windows screen when logging into Qubes after a Windows 7 reboot into Qubes.

For a minute I thought I had some kind of gpu rootkit or something.

Thanks.

DBMarch 28, 2015 5:53 PM

@k10, @Clavier re ShotSpotter

Let's ask a question: How on earth does a system record all the voice within the vicinity of a gunshot "two seconds before a gunshot and four seconds after a gunshot" unless it ABSOLUTELY CAN hear and separate ALL VOICE EVERYWHERE to begin with?? They are clearly using Clapper's definition of "collecting" here on their claims, if you just think about this logically.

Of course strictly speaking it only needs a 2 second buffer (since I don't think it includes a time travel device) and it might not permanently store everything, to fulfill that... But then it seems like a simple software and storage upgrade (or bandwidth upgrade to get it to Utah) to actually do recordings of all conversations everywhere. Who's to say NSL's haven't been served to do this already, and the company is forced to lie about it (even under oath just like Clapper) or go to prison?

DonMarch 28, 2015 8:08 PM

Shot detection is simply another mass surveillance and control technique targeting minorities and the poorest inhabitants.

Too bad there aren't parallel techniques for detecting and isolating crooked bankers downtown. Maybe something to measure the screams of target-sheep as they are being fleeced.

Nick PMarch 28, 2015 10:55 PM

@ Clive

Infrasound is indeed very interesting. My first exposure to the info was in my digging on MKULTRA. They considered it for use as a directed energy weapon. They mentioned enough energy in it could crack solid structures. Not sure as I didnt do further research on it.

Im reconsidering now that Ive seen the research you referenced. I saw it a few months ago, esp the ghost perception, and thought "what if they saw those effects and wanted to employ them in manipulations?" Can't find out thanks to one Richard Helms. (Sigh).

Yet, second question came straight out of the ultrasound EMSEC-style attack that one guy came up with: infrasound for leaking secrets. Worth looking into. That we both were thinking on it a bit usually means it's important. Need more research into that and pretty much any other wavelength majority of attackers can afford to use.

While we're at it, what do you think about Terahertz or Millimeter waves that are seeing industry investment? I think someone will consider using them for emanation attacks or remote sabotage.

Live (for the moment) in Silicon ValleyMarch 28, 2015 11:08 PM

@Clive "As I've mentioned before microwave sound can be generated and beamed just like EM microwaves."

Could this technology induce a dissociative feeling like inner ear problems which cause a loss of balance? Could it penetrate a car with the windows up or through the walls of a building? Asking for a friend.

TAILS Linux WARNING v.1.3.1 (re: tails-autotest-remote-shell)March 29, 2015 2:34 AM

In TAILS 1.3.1, The developers have moved the file:

'tails-autotest-remote-shell'

from /usr/local/sbin/ (where 'do_not_ever_run_me' still resides)

to:

/etc/init.d/
/usr/local/lib/

Delete the file or rm && touch && chmod -v 000 it (warning: this isn't a cut and paste command) before connecting TAILS to the net. The same method and warning applies to the file 'do_not_ever_run_me' which, like the remote-shell file, should not exist on a distro let alone a distro like TAILS. The package 'Whisperback' should be removed as well along with the directory: /etc/whisperback

There are only a few tips out of many, imo there are other 'problems' with this distro as well.

You are warned.

Clive RobinsonMarch 29, 2015 3:58 AM

@ Live (for the moment) in Silicon Valley,

Could this technology induce a dissociative feeling like inner ear problems which cause a loss of balance? Could it penetrate a car with the windows up or through the walls of a building?

I don't know about loss of balance, the effects originaly reported was at low levels itching, going up through feelings of having ants running all over exposed areas of skin. Animal tests (pigs) caused other effects through to fits, colapsing and death due to effects on the autonomous nervous system. The beam convergiance effect of two narrow beams allowed individual targeting of animals in groups at considerable range. The idea at the time was to develop a non-leathal crowd control device that enabled "ring leaders" to be incapacitated.

Like many such directed energy weapons the level between leathal and incapacitating is small compared to the variability caused by individuals, ordinary clothing, etc. This is one of the main reasons directed energy weapons for non leathal "crowd control" use tend not to make it off the starting blocks, because it's way to easy to inflict death or permanent injury with them. It's also the failing of other "non leathal" weapons such as "plastic bullets" and tazers etc which have caused death and permanant debilitating injuries.

Sound beams tend not to go through solid objects and retain their coherence so glass and even plastic sheeting will dramaticaly reduce the effectivness of such systems. However the difference frequency effect does not require cohearent beams to work. Thus an alternative use fot the technology was touted to protect high security areas. You could have a "glass walled" room with file cabinates etc in it, anyone entering the room would start to feel the effects on their exposef skin, however a security guard etc could walk around outside and look in without suffering effects. The catch of course is similar to that of crowd control which is "what if a person has no exposed skin?"...

As for getting into or out of enclosed spaces, like all energy devices it depends not just how the enclising material is physically arranged but also on the properties of the enclosing material in terms of transmission, absorbtion and reflection, all of which vary with the frequency of the energy. So what works at one frequency won't at another and vice-versa.

Also few enclosed spaces are actually "fully enclosed" they have gaps around access points, slots etc for ventilation etc.

Whilst I've had no occasion to try it with ultrasound, I do know from EM experiments, you can use one or more microwave signals to get through ventilation slits, and non linear components --such as protection diodes-- will "envelope demodulate" an impressed modulation, and re-radiate the demodulated signal from tracks and traces within the enclosure... So there may be ways that similar effects can be done with ultrasound, but how effective or reliable they might be I can not say.

Clive RobinsonMarch 29, 2015 4:57 AM

@ Nick P,

I'm fairly certain that Richard Helms saw himself as a patriot when authorising experiments and later when --supposadly-- destroying the records. Which does not mean that the experiments or similar have not nor could not happen at another time or place, especially if people believe there is money to be made either in the LE or Entertainment industries. It was after all defunct research into the "death rays" aspect of early radio transmission and later radar etc that eventually gave us RF heating for drying, cooking, welding and diathermy and beauty products for permanent hair removal and other usefull things such as radio navigation systems.

You can make your own infrasound generator using the sort of "base speakers" "car pimpers" favour and long length rigid plastic drain pipes --say twenty foot either side-- as matching stubs. You would need a "bridge" amplifier with the highpass filters removed or modified. There is almost certainly a "maker" or "howto" article on it on the net somewhere to use as a starting point. Just remember to use "rock wool" and multiple layers of lose hung cloth between you and it to act as a sound absorber "just in case". In theory you could use a "pulse jet engine" as an ultrasound generator of very high output power, but they are dangerous toys at the best of times, prone to explosions, flame outs and self destruction due to the vibrations they create shaking them appart.

One thing we do know about ultrasound is the distances it can cover with the likes of volcano explosions being heard/felt thousands of miles away. Importantly it can get down into rock and use it as an efficient transmission medium. Likewise when sufficiently deep in sea water etc it can quite easily travel around the globe (do you remember the explosive device put in pre Appolo space capsules set to explode when at sufficient depth so that it would provide a fix for recovery?).

So if you could modulate an ultra-sound signal with data and couple it into a buildings main structure, then yes it might well travel down through the foundations and out (stranger things have been known). Whilst not ultra-sound old linear powersupply transformers certainly could be felt and seen responding to step changes in load, and this would spread out via the chasis and rigid floor mounts to be seen as ripples on cups of tea / coffee on adjacent desks.

As I've said several times in the past all you need to get information out of a system is a source of energy, a transmission path and a way to impress the information on the energy. As long as the information rate is less than the channel bandwidth the "information will go wherever the energy goes"...

With regards terrahertz systems they can find channels through even the smallest of gaps such as those in wire mesh used for shielding air vents etc. Provided such signals can find a way in and there are susceptible nonlinear components that will respond to them, then modulation impressed on such carriers will "get in the box"...

RobMarch 29, 2015 8:33 AM

Is it time to give whitelisting a fair shot?

I know THEY say it's impossible, but is it really?

I bet the average user has a whitelist of no more than 100 urls they use 95% of the time.

So, if you start out blocking all, then have a simple pop up to whitelist, it seems to me in short order 95% of browsing and surfing would be available.

For those where some data is wanted only temporarily, a site could get a 15 minute whitelist, e.g. the weather report in Topeka.

albertMarch 29, 2015 11:39 AM

@TheGuildsman, et. al.

An example of a LF transducer:
http://www.parts-express.com/aurasound-ast-2b-4-pro-bass-shaker-tactile-transducer--299-028
.
High-power audio freq. amps are small and cheap. Back in the day, they used motor-driven pistons or diaphragms for ELF work :)
.
More fascinating fields of study:
.
* Communication using high-power AF amps with antennas, in the below 50Hz range. Decent quality soundcards with preamps are used as receivers :)
* Providing audible sound using beat frequencies of two ultrasonic sources.
* 'Injecting' sounds directly into 'subjects' (victims?) using microwave/radio transmitters. Imagine speaking directly into someones brain. Gaslight (1944) anyone?
.
...

Nick PMarch 29, 2015 12:51 PM

@ albert

"'Injecting' sounds directly into 'subjects' (victims?) using microwave/radio transmitters. Imagine speaking directly into someones brain. Gaslight (1944) anyone?"

That's not as speculative as you think. It was attempted during the MKULTRA project with microwaves and other techniques. Academics involved usually published data on the less, unsuccessful attempts. The results of a few were classified: possibly success stories they suppressed. The research was inspired by the Frey effect. Other avenues to look into include the controversial Neurophone and bone conduction.

I designed covert communication and manipulation techniques based on the same methods. Didn't get to field test them for ethical reasons. Figured I'd keep them in my back pocket for the event where the developing police state targeted me. Among other things. Their research moved into cults, private sector, and NDA academia after the shakedown. I'd be interested to see what they've come up with by now and how they're using it.

Live (for the moment) in Silicon ValleyMarch 29, 2015 1:18 PM

@Clive Robinson

Thank you very much for answering my questions.

It appears that a dissociation beam (if that is what it is) has been used against me as a zersetzung tactic on about 20 occasions.

The general character of Silicon Valley as best I can understand it is that it is essentially a military base with a civilian overlay maintained as a sort of theme park. There are far more undercover cops than most cities and very sophisticated command and control systems have been deployed.

The physical space of Silicon Valley is integrated with the online space. It appears that the military buzzword of "network based warfare" has been literally put into practice.

The undercovers use psychological conditioning tactics in public spaces using ordinary things as stimuli. For example extra loud vehicle noises are more than likely to be caused by undercover cops than by anyone else. Vehicles are outfitted with special lighting that can be turned on to produce another source of stimuli. They normally travel in packs of several vehicles. They are not friendly and can be sadistic.

My best advice to anyone who lives in Silicon Valley is to be very observant. Look into the background of the scenes you are in. Watch for psychologically important moments, things that are important to you, and see if some other stimulus is being inserted into the background.

Every surface that can contain an impression can be modulated to acheive a purpose given enough money and a motive. Learning the basics of behavioral conditioning is a must for self defense, particularly if you work in high tech.

The main point I want to make is that Stasi zersetzung tactics are being actively used in Silicon Valley without due process. The rule of law under the Constitution only applies to the theme park layer.

MarkHMarch 29, 2015 3:01 PM

UK PRISONER USED ILLICIT SMARTPHONE TO RELEASE HIMSELF FROM JAIL

http://www.bbc.com/news/uk-england-london-32095189

"...he had set up a fake web domain which closely resembled that of the court service's official address.


He then emailed the prison's custody inbox with instructions for his release.

The court heard Moore registered the bogus website in the name of investigating officer Det Insp Chris Soole, giving the address and contact details for the Royal Courts of Justice."

Neil Moore (the prisoner in question) has previously been convicted of fraud. Hmmm.

tyrMarch 29, 2015 3:18 PM


I see from some breathless headline that Hilary
is becoming quite technical. Claims she wiped
her server completely.

@ Clive

One low frequency sound effect is to be able to
tear the brain through exposure. This was found
in industrial workers who were exposed to machines
that generated them. The next time you hear some
idiot with a boom boom car go by this should give
you a new appreciation for the artform.

The shot detector is just buffered and continously
dumps its contents. Given the cheapness of modern
storage it is easy to have it record everything
and send it home. Best part is no one will complain
about being continuously monitored for their own
good. It would work a lot better if it was blanket
since the upper classes need to be safe too.

Johnny ZentMarch 29, 2015 4:32 PM

So with all the government's forensic cyber-ninja skillz, how come the contents of Tamerlan Tsarnaev's computer are inadmissible in court? Even the source of explosives documentation is suppressed.

Rhetorical question. The Boston Marathon cleanup crew is hard at work. When the criminal masterminds shot MIT campus cop Collier, the Officer Tippit of Boston, his buddy Dick Donohue got there right away. Then Dick Donohue got shot. By a lawman. Go figure. That big gunfight, nobody else on the blue team got hit. Another cop, John Moynihan, saved Donohue's life to the usual mawkish acclaim. Career-limiting move. Moynihan just got his brains blown out by a corny desperado.

Let's hope nobody but NSA put malware on Tam's computer. That could get really awkward, You know?

albertMarch 29, 2015 4:56 PM

@MarkH
(LOL)google
Guy should be working at MI5, MI6, or GCHQ :)
.
@tyr
Gunshot detectors were a military development, for locating snipers by analyzing the noise of the rounds as they passed by; very sophisticated ("Sorry you're hit, Joe, but we got his location!"). All military products eventually find their way into local LE.
Microwaves can fry a brain. It's one thing to eff up enemy combatants (though illegal), but quite another to do the same to your own civilian population. Someday, it will be common knowledge that minimum acceptable RF exposure is much, much lower than is imagined today. As with ionizing radiation, it will be too late to help the victims.
.
@Nick P, and Clive, etc.
I'm sorry to say, they probably have sound injection systems in field use by now. Kinda gives new meaning to the 'voices in the head' phenomena which have existed for centuries. "I am the voice of your God; lay down your arms and surrender now! I promise you will not be tortured.".
OK, that was tasteless, but still....
.
ELF communications to submarines has been going on for many years; radio amateurs are communicating thousands of miles, with homebrew hardware. The ultrasonic speakers have been marketed.
.
Do you know if any experiments have been done with RF signals in the AF range? (Don't try this at home). A long time ago, I read about a guy who had success by applying the 1st or 2nd derivative of an audio signal to the scalp, via electrodes. Can't find a whisper today...
.
Best,
albert

AkickINtheTEETHMarch 29, 2015 6:21 PM

Well now, PR or damage control at its best...worst?

NSA: We Mulled Ending Phone Program Before Edward Snowden Leaks

http://yro.slashdot.org/story/15/03/29/1833258/nsa-we-mulled-ending-phone-program-before-edward-snowden-leaks

So why didn't they end the program after it was revealed? Apparently, the phone program is still the cat's meow keeping people uneasy over telephone calls. It is something like scaring people into using other means to communicate (which are actually easier to get useful data from).

TheGuildsmanMarch 29, 2015 9:42 PM

@Thoth, @AudioJack, @tyr, @ww3, @albert, @steve37, @k10, @Clive, @DB

I really appreciate the thoughtful, useful and thought provoking responses from all of you. Thanks so much.

I have been reading here since Crypto-Gram days, probably 14 years so I knew I would receive good quality input.

I have a plan now and perhaps by the next Squid blog I will be able to report back with some answers as to what is really going on. I certainly hope it's not the brain frying microwaves since it's my sister that is in the house right now. And I'll probably need help, after having actually recorded the sounds, to find where they are coming from.

@DB the one ear closed sleeping method worked like a charm last night so my sister thanks you for that.

J Edgar WeaselMarch 29, 2015 11:08 PM

@theguildsman:

Before writing your signal to medium, be sure you can hear it through whatever mic you're using. That is, try to run the mic output either directly to headphones or at least live monitor the recording via headphones.

A few years back I picked up a journalist friend a directional mic on ebay for 149, a fairly good one. I can't remember the brand, but one advantage to such a thing (and I suspect most mics considered 'broadcast quality' would be useful for you) is that it ought to help locate the general direction the sound's coming from.

Do the "in ear" mics - really, mics on booms at mouth level, with attached earpieces as well as output jacks - play back what the mic is hearing to the ear which they're in? If so, PylePro has one of those for about 16 bucks, and it's intended for musicians.

Your post mentioned that the sound is loud enough to feel - in addition to the hvac (and there, I would likely try to blue tape packing foam batts over the ducts to deaden sound produced from inside them) if there's a crawlspace below the house, perhaps a battery-operated speaker under the floor would be audible but hard to pinpoint?

TheGuildsmanMarch 30, 2015 12:00 AM

@J Edgar Weasel

Thanks for your input.

"Before writing your signal to medium, be sure you can hear it through whatever mic you're using. That is, try to run the mic output either directly to headphones or at least live monitor the recording via headphones."

Good point.

"Your post mentioned that the sound is loud enough to feel - in addition to the hvac (and there, I would likely try to blue tape packing foam batts over the ducts to deaden sound produced from inside them) if there's a crawlspace below the house, perhaps a battery-operated speaker under the floor would be audible but hard to pinpoint? "

Yes at times the floors shake. It depends on the playlist for that night of course. Sometimes it's men chanting. Sometimes it's heavy electronic music. Sometimes it's a man and a woman talking. Sometimes it's just the low bass vibration that hurts your ears.

The house has a finished basement where the furnace room is located and of course there are hvac outlets in every room of the 2 upstairs floors. The sound is particularly bad on the main floor and not as much on the 2nd. I'm guessing the source is somewhere in the basement and it uses the vents to deliver the sound. I'm also guessing that there are more than one devices. I have to record it successfully and do the turn off all the power test to see if that is a valid assumption. It may all be coming from outside via microwave or EMR and I will have to build a Faraday cage and wear tinfoil hats.


Clive RobinsonMarch 30, 2015 2:05 AM

@ AkickINtheTEETH,

Apparently, the phone program is still the cat's meow keeping people uneasy over telephone calls. It is something like scaring people into using other means to communicate (which are actually easier to get useful data from).

The question then is "Why are phone calls more difficult?", is it because accessing the content for technical, legal or resource reasons is difficult or because traffic analysis is at best circumstantial evidence.

Knowing the answer to this question, then suggests how the over priced boondoggle can become subject to better financial control and limitation of it's envelope pushing against legislation limitations.

Perhaps some knowledge could be gained in this area by finding out more about the direction their research is pointing, and thus seeing what patents they are seeking can show this.

WaelMarch 30, 2015 2:28 AM

@Nick P,

damn

No worries! I'll take care of this insensitive bastard...

Bong-smoking Primitive Monkey-Brained Sockpuppet -- Obituary:
Born on Dec. 2nd 2014,
Died on March 30th, 2015.
He had a rowdy night with his friends, smoking some heavy duty stuff (Maui-Wawee from a dealer on this blog -- go figure!) They had a "chilling" experience after sobering up with the wrong company... RIP

WaelMarch 30, 2015 3:07 AM

@Bigfishinnet,

I love this reveal / investigation by Brian

Good work. One could say, Brian "Doxed" him :) His original tool may still be utilized for benevolent uses... I haven't played with it yet.

CuriousMarch 30, 2015 3:41 AM

I am reading that an anonymous poster on slashdot, having a recent news item about Europols chief Rob Wainwright: that Rob Wainwright is said (some time back presumably) have made some kind of point that Europol wouldn't investigate NSA hacking into SWIFT (international bank transfer), because of there weren't any formal complaints from any member states.

There weren't any references/sources for this particular claim on slashdot, I wonder if it is true (guessing it probably is). Some of Snowdens documents is said to show NSA having SWIFT and VISA on their target list as I understand it.

Seems terrible imo if that was the case, with there being no investigation at least. It would be convenient for some I guess and subsequently terrible for others, that without any investigation no evidence can be produced. I should point out that I am not sure how a police force or a bureaucracy would want to regard something to be 'evidence' or not.

ChristianMarch 30, 2015 4:52 AM


The Germanwings plaincrash could be considered as security story.

It appears that security build into plains because of 9/11 has made the death of 150 people possible.
Burglary proof security door is a problem if the wrong person is behind it.

HereItIsMarch 30, 2015 5:02 AM

@Curious:

Here is that post...

Europol Chief Warns About Computer Encryption

http://news.slashdot.org/story/15/03/30/0016259/europol-chief-warns-about-computer-encryption
-------------------------------
The law enforcement lobbying campaign against encryption continues. Today it's Europols director Rob Wainwright who is trying to make a case against encryption. "It's become perhaps the biggest problem for the police and the security service authorities in dealing with the threats from terrorism," he explained. "It's changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn't provide that anymore." This is the same man who told the European Parliament that Europol is not going to investigate the alleged NSA hacking of the SWIFT (international bank transfer) system. The excuse he gave was not that Europol didn't know about it, because it did. Very much so. It was that there had been no formal complaint from any member state.
--------------------------------

Clive RobinsonMarch 30, 2015 7:38 AM

With regards Rob Wainwright,

There is a comment over on the BBC News web site,

http://m.bbc.co.uk/news/technology-32087919

That said Mr Wainwright comes across as a great deal less than impartial, and it's just a "lip stick on a pig" rework of the "if you have nothing to hide" argument.

The simple fact is if he gets his way then every dictator will benifit and the long term death toll will be far far worse than the current very minor death toll due to terrorism outside of Shia / Sunni conflict areas.

I guess it begs the question of "politicing" of Europol and which IC is touching them up and what Mr Wainwright personaly hopes to gain by this little nonsense stunt.

WhatAcrockMarch 30, 2015 1:17 PM

More on Ft. Meade...

Attempted Breach of NSA HQ Checkpoint; One Shot Dead

http://yro.slashdot.org/story/15/03/30/168205/attempted-breach-of-nsa-hq-checkpoint-one-shot-dead

From the SlashDot post:

"The FBI said they do not believe the incident is related to terrorism."

I suspect they made this stupid statement because they had no collected intelligence to support any such claim. "They said"...what a crock! Why collect all that data when they can't find anything to indicate attacks such as this? They are apparently playing down any terrorism slant since they failed to have any intelligence about the attack. Of course, if they had any intelligence about the attack, they would have let it happen anyway so they could crow about the success of such data collection.

MrCMarch 30, 2015 5:48 PM

Headline says it all: "Silk Road investigators charged with stealing bitcoin"


www.computerworld.com/article/2903727/silk-road-investigators-charged-with-stealing-bitcoin.html

DBMarch 30, 2015 6:35 PM

@TheGuildsman

the one ear closed sleeping method worked like a charm last night so my sister thanks you for that.

Excellent. Good to hear. er... not hear ;)

Dirk PraetMarch 30, 2015 7:36 PM

@ TheGuildsman

@DB the one ear closed sleeping method worked like a charm last night so my sister thanks you for that.

Your sister? This is not the kind of personal information you want to be sharing on a public forum 8-)

@ WhatAcrock

Re. Attempted Breach of NSA HQ Checkpoint; One Shot Dead

The FBI said they do not believe the incident is related to terrorism.

Unless of course it would have been two muslim cross-dressers...

@ AkickINtheTEETH

NSA: We Mulled Ending Phone Program Before Edward Snowden Leaks

Does anyone actually believe that ?


DBMarch 30, 2015 8:51 PM

Mulled Ending Phone Program Before Edward Snowden Leaks

What does that even mean?? Does it mean that if it weren't for Snowden, the program would have ended long ago? So we can blame him for them being forced to dig in and hang onto it? It's preposterous and childish.

Always read between the lines, don't take things at face value. Ask more "why was this released" than "what does it say"

BuckMarch 30, 2015 9:33 PM

@Clive Robinson

The question then is "Why are phone calls more difficult?", is it because accessing the content for technical, legal or resource reasons is difficult or because traffic analysis is at best circumstantial evidence.
I doubt any organization in existence has the manpower for the amount of analysis we've all come to expect from the TLA's, be it internet or phone traffic... My guess is that it's simply much easier to flip some bits than it is to forge verbal communications.

@Dirk Praet

Does anyone actually believe that ?
I could see it as potentially plausible... Say, for example, the NSA felt that too many people had caught wind of Sec. 215, or some other specific collection program. They might then shift to using another program internally, and when someone else comes asking for data, they can 'truthfully' say they don't do that anymore..?

FigureitoutMarch 30, 2015 11:27 PM

Neat article via hackaday:

I'm of course very biased...I love this stuff! Bootloaders give me the goosebumps, can't do jack w/o them. Software-wise, it's one of the places where you can straight "own the chip" and anything it does (you of course need external intel to influence it's intended application).

I'll just quote a little tidbit (of the small article):

The factory default Arduino Mega 2560 STK500v2 bootloader is only around 4Kbytes in size, but the AVR chip is configured for a 8Kbyte bootloader region. This fact gave me plenty of space to inject code into. Note that a typical bootloader for the Arduino Uno takes up only around 2Kbytes, and the chip would be configured for 2Kbyte bootloader, which would give me no space to inject code.

Have to trust manufacturers (but can test, you think, pretty much...) as far as actual memory sizes. This would be a little harder on an ATtiny lol, but no doubt doable...just some initialization routine that breaks the chip if taken out...(the best kinds of backdoors).

http://eleccelerator.com/atmega2560-sd-card-bootloader-by-backdoor-code-injection/

OT
"Front door" code injection
--W/ new exploits coming out all the time, and test code generated quickly to test your system, would someone be so evil as to fake a major exploit discovery, rev up the media coverage (even give it a nice name, "Destructopacalypse" or some such) and give this chunk of code to run (which everyone would get all riled up and tunnel vision and just run it w/o thinking or even reading it) and maybe infect your computer w/ test code? Just a thought. Of course if you have multiple VM's and PC's you just run whatever and don't care, those are the sacrifical lambs...

FigureitoutMarch 30, 2015 11:37 PM

Clive Robinson
--Not too long ago, you called out a claim of mine of battery-life around 10+ years. Have you ever messed around w/ this company and their batteries? http://www.tadiran.com/

DBMarch 31, 2015 2:03 AM

@Figureitout

Yes, it should be common (but often isn't) to think about what could be done with the "rest of" the space in an embedded system... Ideally if you fill it all up with necessary code, there isn't any room left for a trojan (i.e. so pick the chip that just barely fits your code)... but... you know, people just grab what's on the shelf instead... Or sometimes you can't pick a-la-carte options on the chip, maybe you need all those pins on the ATmega2560 but not all the space, for example.

DaveKMarch 31, 2015 3:58 AM

Interesting development in the Github DDoS attacks:
http://www.netresec.com/?page=Blog&month=2015-03&post=China%27s-Man-on-the-Side-Attack-on-GitHub

Packet logs show clear TTL evidence suggesting that the attack javascript seen coming from Baidu URLs is in fact being injected by some kind of a QUANTUMINSERT attack.

The article assumes that these packets are being injected at the Chinese network border, but there isn't proof of that; they haven't actually triangulated the origin of the packets, and they could be coming from any old global adversary that had insight into huge amounts of backbone traffic.

FerretstankMarch 31, 2015 7:42 AM

Another Brazilian démarche against 5 eyes espionage. Look at McCully bending over backwards to avoid making an admission against interest, which would nail down a case for the ICJ. The US is nervous, too, trying to get Rousseff to relent and come to DC (the invitation is from the VP, to save what's left of presidential face.)

But we hear time and again that NSA espionage is not illegal warfare and duplicitous proceedings like the law says, everybody does it and it's all in good fun...?!? The US government has lost its soft power and they're falling back on flaccid power. They're perps, trying to beat the rap.

ThothMarch 31, 2015 8:57 AM

@Clive Robinson
Do you have any good history lessons on cryptographic escrows and backdoors to secure systems in history ?

vas pupMarch 31, 2015 10:16 AM

Recent development on face recognition:
http://www.emergencymgmt.com/safety/Scientists-Making-Cameras-Recognize-Faces-on-the-Fly.html
“Surveillance in crowds requires identification of large number of faces in real time. To achieve real-time recognition, the intelligence for recognition needs to be embedded in the cameras,” says Gopinath Mahale, a research scholar at IISc.

“Moreover, recognition of a large number of subjects in each video frame requires an enormous amount of computations to be performed. Limitations of general-purpose processors to meet the real-time deadlines ushers in the need for dedicated, customized hardware solutions,” he said.

vas pupMarch 31, 2015 10:20 AM

@all on sound:
Silent Sound (SSSS), Voice to Skull, and RNM - check on youtube!

k11April 3, 2015 3:25 PM

What resources should a public institution with public wifi have, for detecting and acting on possible wifi security issues?

FigureitoutApril 4, 2015 1:31 AM

DB
--Once you go down that road, you begin to question what of everything is necessary...eventually you're left w/ a system only you can navigate as you've been working w/ it and its failures for so long fixing & cutting out the crap and noting trouble spots.

As far as developing, I mean, what would you prefer? I want the big and easy chip for getting a working binary (well, that's where the f*cking attacks will hit you, infecting your binary). If you have either dev board or 1st rev or whatever, you have to redesign around any new chip you decide on as bad breadboard connections are just not worth it (very non-trivial cost that brings all sorts of fun new problems to solve). Also, having some sort of actual RAM or god forbid an EEPROM is nice if you want to actually do some dynamic things, but for strict security "guards" or "filters" whatever the word, pin protected and flashed and basically little to no RAM. Odds are way higher for simple corruption instead of some insane reflash exploit. I mean, tell some programmers to quit being bitches you can't dynamically change variables or use buffers or write and delete data, you're going to get a mean look.

W/ those constraints though, solving problems and getting things to work becomes a real head-scratcher. Meh, maybe it's for the better; I keep searching and searching for a true "core" of computing and a "complete" understanding that I can just go off and implement my own complete chip, code from scratch, etc.. And these problems affect everyone, even the attackers...the newer the attackers the more fluffy "running on top" they become so they won't even be able to diagnose some of these attacks...I'm betting most every "driver" chip isn't nice and compact as far as code space and probably is loaded w/ peripherals, just squealing to get tickled...

BuckApril 4, 2015 10:18 PM

@k11

What resources should a public institution with public wifi have, for detecting and acting on possible wifi security issues?
One or more people with past experiences or the desire to learn about the aircrack-ng suite... Depending on the depth of.your own personal (or corporate) attack-surface, you may also wish to consult a radio expert. In that case, I think @Figureitout could add more than I can on the subject...

FigureitoutApril 5, 2015 3:41 AM

Buck // k11
In that case, I think @Figureitout could add more
--Unfortunately no (nice try Buck, perhaps if you get a little more forthcoming yourself) unless you got a fat check worth more than the info. Here's something simple though...why do you even need to be on it in the first place (and do you want wifi-accessible devices in an unshielded building w/ sidewalk 20ft away?)?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.