Schneier on Security: Tagged theft

Entries Tagged "theft"

Page 7 of 21

Keys to the Crown Jewels Stolen?

At least, that’s the story:

The locks at the Tower of London, home to the Crown Jewels, had to be
changed after a burglar broke in and stole keys.

The intruder scaled gates and took the keys from a sentry post.

Guards spotted him but couldn’t give chase as they are not allowed to leave their posts.

But the story has been removed from the Mirror’s website. This is the only other link I have. Anyone have any idea if this story is true or not?

ETA (11/14): According to this BBC article, keys for a restaurant, conference rooms, and an internal lock to the drawbridges were on the stolen key set, but the Crown Jewels were never at risk.

Posted on November 14, 2012 at 5:57 AM • View Comments

Story of a CIA Burglar

This is a fascinating story of a CIA burglar, who worked for the CIA until he tried to work against the CIA. The fact that he stole code books and keys from foreign embassies makes it extra interesting, and the complete disregard for the Constitution at the end makes it extra scary.

Posted on October 9, 2012 at 6:31 AM • View Comments

Scary Android Malware Story

This story sounds pretty scary:

Developed by Robert Templeman at the Naval Surface Warfare Center in Indiana and a few buddies from Indiana University, PlaceRader hijacks your phone’s camera and takes a series of secret photographs, recording the time, and the phone’s orientation and location with each shot. Using that information, it can reliably build a 3D model of your home or office, and let cyber-intruders comb it for personal information like passwords on sticky notes, bank statements laying out on the coffee table, or anything else you might have lying around that could wind up the target of a raid on a later date.

It’s just a demo, of course. but it’s easy to imagine what this could mean in the hands of criminals.

Yes, I get that this is bad. But it seems to be a mashup of two things. One, the increasing technical capability to stitch together a series of photographs into a three-dimensional model. And two, an Android bug that allows someone to remotely and surreptitiously take pictures and then upload them. The first thing isn’t a problem, and it isn’t going away. The second is bad, irrespective of what else is going on.

EDITED TO ADD (10/1): I mistakenly wrote this up as an iPhone story. It’s about the Android phone. Apologies.

Posted on October 1, 2012 at 6:52 AM • View Comments

Diamond Swallowing as a Ruse

It’s a known theft tactic to swallow what you’re stealing. It works for food at the supermarket, and it also can work for diamonds. Here’s a twist on that tactic:

Police say he could have swallowed the stone in an attempt to distract the diamond’s owner, Suresh de Silva, while his accomplice stole the real gem.

Mr de Silva told the BBC that the Chinese men had visited the stall twice and he believed the diamond theft occurred during the first visit and not the second one, when the man swallowed the stone.

He insisted the man was trying to swap a fake stone for the real one and only swallowed the stone when he panicked after Mr de Silva apprehended him and alerted police.

This reminds me of group pickpocket tactics against tourists: the person who steals the wallet quickly passes it to someone else, so if the victim grabs the attacker, the wallet is long gone.

Posted on September 17, 2012 at 7:03 AM • View Comments

$200 for a Fake Security System

This is pretty funny:

Moving red laser beams scare away potential intruders
Laser beams move along floor and wall 180 degrees
Easy to install, 110v comes on automatically w/timer

Watch the video. This is not an alarm, and it doesn’t do anything other than the laser light show. But, as the product advertisement says, “perception can be an excellent deterrent to crime.” Although this only works if the product isn’t very successful—or widely known.

Posted on August 17, 2012 at 6:39 AM • View Comments

Police Sting Operation Yields No Mobile Phone Thefts

Police in Hastings, in the UK, outfitted mobile phones with tracking devices and left them in bars and restaurants, hoping to catch mobile phone thieves in the act. But no one stole them:

Nine premises were visited in total and officers were delighted that not one of the bait phones was ‘stolen’. In fact, on nearly every occasion good hearted members of the public handed them to bar or security staff.

I’m not sure about the headline: “Operation Mobli deters mobile phone thieves in Hastings.”

There are two things going on here. One, people are generally nice and will return property to its rightful owner. Two, it’s hard for the average person to profit from a stolen cell phone. He already has a cell phone that’s assigned to his phone number. He doesn’t really know if he can sell a random phone, especially one assigned to the number of someone who had her phone stolen. Yes, professional phone thieves know what to do, but what’s the odds that one of those is dining out in Hastings on a particular night?

Posted on July 26, 2012 at 6:55 AM • View Comments

Hacking BMW's Remote Keyless Entry System

It turns out to be surprisingly easy:

The owner, who posted the video at 1addicts.com, suspects the thieves broke the glass to access the BMW’s on-board diagnostics port (OBD) in the footwell of the car, then used a special device to obtain the car’s unique key fob digital ID and reprogram a blank key fob to start the car. It took less than 3 minutes to accomplish the feat. (That said, despite their sophistication, the thieves were, comically, unable to thwart the surveillance cameras, though they tried.)

[…]

Jalopnik reports that BMW thieves are likely exploiting a gap in the car’s internal ultrasonic sensor system to avoid tripping its alarm when they access the car.

But there’s another security flaw in play. The OBD system doesn’t require a password to access it and program a key fob. According to Jalopnik, this is a requirement in Europe so that non-franchised mechanics and garages can read the car’s digital diagnostic data.

More details here.

Posted on July 13, 2012 at 6:51 AM • View Comments

Bar Code Switching

A particularly clever form of retail theft—especially when salesclerks are working fast and don’t know the products—is to switch bar codes. This particular thief stole Lego sets. If you know Lego, you know there’s a vast price difference between the small sets and the large ones. He was caught by in-store surveillance.

EDITED TO ADD (6/12): I posted about a similar story in 2008.

Posted on May 31, 2012 at 6:17 AM • View Comments

Dance Moves As an Identifier

A burglar was identified by his dance moves, captured on security cameras:

“The 16-year-old juvenile suspect is known for his ‘swag,’ or signature dance move,” Heyse said, “and [he] does it in the hallways at school.” Presumably, although the report doesn’t make it clear, a classmate or teacher saw the video, recognized the distinctive swag and notified authorities.

But is swag admissible to identify a defendant? Assuming it really is unique or distinctive—and it looks that way from the clip, but I’m no swag expert—I’d say yes.

Posted on April 19, 2012 at 1:03 PM • View Comments

Stolen Phone Database

This article talks about a database of stolen cell phone IDs that will be used to deny service. While I think this is a good idea, I don’t know how much it would deter cell phone theft. As long as there are countries that don’t implement blocking based on the IDs in the databases—and surely there will always be—there will be a market for stolen cell phones.

Plus, think of the possibilities for a denial-of-service attack. Can I report your cell phone as stolen and have it turned off? Surely no political party will think of doing that to the phones of all the leaders of a rival party the weekend before a major election.

Posted on April 18, 2012 at 6:49 AM • View Comments

←Previous 1 … 5 6 7 8 9 … 21 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.