You need to know how to protect yourself, since your security department or
any consultant may not be truly aware of these threats and therefore not
dependable˳ Since September 11th, a number of businesses entered the security field with little to no knowledge of the trade itself; only of its profit potential˳ Even outfits that have been around for some time and well-established have not been able to stay current with the latest innovations˳
Realistically, viewing your threat level has to be considered since everyone
should expect some sort of impending privacy issue no matter how small˳ Thanks
largely to the Internet you can arm yourself with much of the knowledge and
equipment that the so-called experts use˳ If a respected agent of computer crimes
for the Secret Service in NYC had his T-Mobile Sidekick hacked, who knows what else
happens out there to others in any business˳
We’ll start acoustic ducting evaluation is the inspection of air ducts, baseboard
heaters, coffee rooms, lounges, bathrooms or any way the architecture of a building
can transfer sound˳ A simple example is to put your ear to a wall and listen˳
Basically anything that requires the use of the naked ear is called an acoustic
bug˳ Softer surfaces can help muffle sounds but there are more efficient means out
there˳ So be aware that the way an office site is designed can act as a conduit for
conversations˳ Also, be aware of any changes can have adverse affects˳ Simply
playing music can do wonders for masking conversations˳
Inspection of telephone equipment and wiring is called line analysis˳ This is
trickier than it seems since sometimes a possible weakness has an actual purpose to
the telecommunication system˳ Especially if it requires constant maintenance and
software upgrades˳
All instruments should be opened and inspected˳ Ideally they should be
compared with a known safe phone or device˳ If you’re not sure, just remove that
piece of loose components and wiring and see if the phone still works˳ The wiring
can be modified in a switch within the handset that essentially turns it into a
microphone˳ If you bypass this hook switch, you can listen in from anywhere on the
landline˳ Technical
equipment won’t be able to detect this˳ Time Domain Reflectometry is the sending
of a pulse down a telephone line˳ If there is some sort of disruption; a wall outlet or
wiretap; a portion of the pulse will be
sent back to the device called a Time Domain Reflectometer (TDR)˳ Then the time
difference between the reflection and the continuous run is measured˳ This helps in
determining the distance to the anomaly˳
These devices can perform all sorts of diagnostics including mapping a wire
network˳ That can be useful in locating a hidden phone˳ Hidden phones have several
obvious uses such as making long distance phone calls to being placed in an office
across the street to receive betting requests by bookies; a practice called back
strapping˳ If you open up the modular jacks where you connect your phone, you’ll
usually see four wires˳ In most cases only two wires are connected; commonly
known as ring and tip˳ If you see all four connected, be aware that is not usually
consistent for most wiring situations, especially in homes˳ The other two wires
could be used for a bugging device˳
For instance, the microphone you use in a voice recorder can be cut in half˳
Connect the mike head to one set of unused wires anywhere on the phone wire˳
Then, so long as there are no breaks in the wire, connect the other end to the jack
that connects to your recorder˳ Now place your recorder to be VOX (voice) activated
and now you have an extremely reliable bug˳ By the way, this should be manually
inspected for since using a specialized bug detector may see nothing wrong or
inconsistent˳ A bug such as this that connects to a wire is called a direct tap˳
The other general type is called an inductive tap˳ This is when an instrument is
outside a wire but can still distinguish what’s transacting over a wire˳ They are
harder to detect since they don’t draw power from the line such a standard
telephone would˳ These are referred to as snuffle bugs˳ A simple probe used in
hunting wire signals has a speaker, which can display sounds˳ By
accident one day I was working on an apartment intercom system while using a
probe˳ I could hear conversations throughout the building quite clearly just
through the intercom boxes mounted on walls from the master unit in the
basement˳
If you’re using wireless headsets or cordless phones, the radio signals can be
intercepted˳ A cordless phone acts like a radio, but depending on the frequency and
a few other factors, can make interception extremely difficult˳ With some
manufacturers, you can buy the same model as your neighbors or the office and
have it join their phone system˳ Double check Caller ID boxes to see if they also
record numbers dialed besides obviously those being received˳ If you’re using VOIP
(Voice Over IP), remember that calls can be recorded in a fashion identical to
intercepting data between two computers˳
These packets of data can reassemble an audio file˳ Obviously electronic
devices possess semiconductor components such as diodes, resistors and such˳ The
method to hunt for these components is called Non-Linear Junction Detection
(NLJD)˳ The NLJD unit emits a radio signal while listening for the return signal from
an electronic device˳ This becomes very useful when a bug is embedded in a picture
frame or wall˳ The eavesdropping device doesn’t have to be active for it to be
discovered˳ If a device is active and transmitting wirelessly (or even on a wire), you
can detect it with a Radio Frequency Spectrum Analyzer˳ Depending on the detection
device used, you can determine whether voice, data or video is being sent, and
possibly listen to the data˳ Try to use different size antennas or buy one that
collapses˳ Different frequencies can be detected more efficiently by using various
sizes˳ The use of filters with antennas can also help pinpoint devices on specific
frequencies˳
Electronics such as computers, FAX machines and especially CRT monitors can
radiate electromagnetic signals or pulses that can be received by other equipment˳
This is known TEMPEST˳ One way to complicate the surveillance of this is to use
certain fonts and line walls or equipment with different gauges of copper mesh wire˳
You can further enhance this posture by using special paints, which block radio
transmissions˳
Radio waves will look for a leak or break, so be careful of defensive
applications˳ One-way window tints can help in blocking signals˳ Since an
electronic device could generate some heat they can be detected in another way˳
The use of a thermal imagery device can detect and actually see minute amounts of
heat radiated for your viewing˳ You can hide the heat signatures by using creams or
neoprene˳ Technology exists to collect information from blinking LEDs of modems,
routers, print servers and similar devices˳ You can only see some general blinking
but with the use of properly tuned optics, filters, oscilloscopes and good timing you
can discern much more˳ One of the LEDs on your keyboard can be altered to blink
while you are typing in a fashion similar to Morse Code˳ You can also use a tap in
the keyboard that sends out radio waves again similar to Morse Code and no anti-
virus software will ever be able to find it˳ Even when a CRT computer monitor is
facing a wall the light can be in a sense read by its flickering emanations from some
distance˳ A good defensive measure is to buy new LCD flat panel types˳
Another approach to attacking FAX machines is to simply record the noises it
makes and play it back to another machine˳ I used to do this for a client so they
could keep a record of all the faxes they made and received˳ There are creative and
potentially illegal defenses against wiretappers and Peeping Toms˳ One is to
transmit an extremely high pitch down the wire, thereby rupturing the listener’s
eardrums˳ I knew someone who once sent a powerful electrical spike down his
phone wire thereby destroying his divorced wife’s recorder˳
By the way, this leads to another topic-expect the device to be discovered
someday˳ Don’t leave your fingerprints on it˳ He found it and had it dusted, thereby
producing some prints˳ My friend used this as leverage against the Private
Investigator that planted it˳ Advice to Private Investigators, a word to the wise: if you
do this part-time, hire someone who does this full-time˳ This P˳I˳ lost his license
and almost went to jail˳ The lawyer who recommended him got into a lot of trouble
as well˳ He received some unwanted attention from the Feds because of his
telephone dealings went across state lines and also happened to involve the Post
Office˳
There is another budding field related to this topic called Protective
Intelligence˳ Currently there are only a few experts who do this kind of work˳
A laser or an infrared beam can be used at a considerable distance from a
target building˳ Conversational sounds can vibrate unto solid objects such as
windows˳ The beam’s reflection varies in relation to the movement to the window,
which is received and converted back into something audible˳ To mask the sounds,
you could attach a vibrating device (basically an altered electric razor) to the
window˳
Of course if the window is open, then a laser can target another object instead
of the window˳ A beam of light or laser can be directed to go through a window
onto a solid object thereby nullifying such defensive measures again˳ Generally you
really can’t detect such attacks unless the laser, infrared or light beam is being used
that moment˳ Certain materials can be used to detect IR emissions, as well as the
use of passive night vision gear˳ Certain fabrics or even a curtain may actually show
the spot where a beam of light or laser is being focused˳ Unless the room is dusty or
you have an artificial can smoke, you can follow the beam up to a point and
guesstimate it’s location˳ One type of optical bug is an infrared transmitter˳ When
placed in the area of interest for transmission of the conversation to an infrared
receiver which will then translate the conversation into an audible format˳
Many of these same procedures used can be applied to locating hidden
cameras˳ A relatively new device uses a series of lasers to seek out optics˳ This was
originally intended to locate snipers by bodyguards˳
I have listed the techniques, counter-measures and then the counter to the
counter-measures to prevent any false sense of security˳ Usually constant vigilance
is your best weapon besides knowing what to look for˳ Even if you find a “bug
sweeper” with good credentials, certifications and experience, ask them detailed
questions˳ Not just to test them but also for your own peace-of-mind˳ This makes
our job easier and we appreciate greatly when dealing with knowledgeable
customers˳
Source by https://ezinearticles˳com/?Eavesdropping-and-Counter-Measures:-Technology-and-Techniques&id=64876