NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY
06/09/05
Today's focus: Cell phones for spies
Dear security.world@gmail.com,
In this issue:
* A phone that could be used for industrial espionage
* Links related to Security
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Avaya
Evaluating VoIP in the Enterprise
Got VoIP? More and more companies are answering yes...the
reasons vary from cost savings, network flexibility, and ease of
administration. Yet others are drawn to the promise of advanced
VoIP applications such as unified messaging and collaboration.
Register now and get a free copy of Network World's Got VoIP?
Executive Guide, which outlines the keys to successful VoIP
deployments.
http://www.fattail.com/redir/redirect.asp?CID=106320
_______________________________________________________________
NW'S RESEARCH CENTER ON SPAM
Go to NW's Research Center on spam and find our in-depth review
of 16 anti-spam products, our spam calculator to determine how
much spam is costing your enterprise each year, the latest spam
news, advice on how to fight spam and more. For the latest on
spam click here:
http://www.fattail.com/redir/redirect.asp?CID=106023
_______________________________________________________________
Today's focus: Cell phones for spies
By M. E. Kabay
Anyone can use even an ordinary mobile phone as a microphone by
covertly dialing out; for example, one can call a recording
device at a listening station and then simply place the phone in
a pocket or briefcase before entering a conference room.
However, my friend and colleague Chey Cobb recently pointed out
a device from Nokia that is unabashedly being advertised as a
"Spy Phone" because of additional features that threaten
corporate security.
This $1,800 device works like a normal mobile phone but also
allows the owner to program a special phone number that turns
the device into a transmission device under remote control:
<http://wirelessimports.com/ProductDetail.asp?ProductID=347>
In addition, the phone can be programmed for silent operation:
"By a simple press of a button, a seemingly standard cell phone
device switches into a mode in which it seems to be turned off.
However, in this deceitful mode the phone will automatically
answer incoming calls, without any visual or audio indications
whatsoever... A well placed bug phone can be activated on demand
from any remote location (even out of another country). Such
phones can also prove valuable in business negotiations. The spy
phone owner leaves the meeting room, (claiming a restroom break,
for instance), calls the spy phone and listens to the ongoing
conversation. On return the owners' negotiating positions may
change dramatically."
It makes more sense than ever to ban mobile phones from any
meeting that requires high security.
David Bennahum wrote an interesting article in December 2003
about these questions and pointed out that businesses outside
the U.S. are turning to cell phone jamming devices (illegal in
the U.S.) to block mobile phone communications in a secured
area. Bennahum writes, "According to the FCC, cell phone jammers
should remain illegal. Since commercial enterprises have
purchased the rights to the spectrum, the argument goes, jamming
their signals is a kind of property theft." Seems to me there
would be obvious benefits in allowing movie houses, theaters,
concert halls, museums, places of worship and secured meeting
locations to suppress such traffic as long as the interference
were clearly posted. No one would be forced to enter the
location if they did not agree with the ban, and I'm sure there
would be some institutions catering to those who actually _like_
sitting next to someone talking on a cell phone in the middle of
a quiet passage at a concert.
Bennahum mentioned another option - this one quite legal even in
the U.S.: cell phone detectors such as the Cellular Activity
Analyzer from NetLine:
<http://www.netline.co.il/Netline/CAAdetector.htm>
This handheld computer lets you spot unauthorized mobile phones
in your meeting place so that you act accordingly.
Finally, one can create a Faraday cage that blocks radio waves
by lining the secured facility with appropriate materials such
as copper mesh or, more recently, metal-impregnated wood:
<http://en.wikipedia.org/wiki/Faraday_cage>
A high-security version of such a room is called a SCIF
(Sensitive Compartmented Information Facility) in U.S. military
security jargon.
RELATED EDITORIAL LINKS
Vendors tout vulnerability mgmt. wares
Network World, 06/06/05
http://www.networkworld.com/nlsec2472
Internet security... writ very small
Network World, 06/06/05
http://www.networkworld.com/news/2005/060605widernet.html?rl
_______________________________________________________________
To contact: M. E. Kabay
M. E. Kabay, Ph.D., CISSP, is Associate Professor in the
Division of Business and Management at Norwich University in
Northfield, Vt. Mich can be reached by e-mail
<mailto:mkabay@norwich.edu> and his Web site
<http://www2.norwich.edu/mkabay/index.htm>.
A Master's degree in the management of information assurance in
18 months of study online from a real university - see
<http://www3.norwich.edu/msia>
_______________________________________________________________
This newsletter is sponsored by Avaya
Evaluating VoIP in the Enterprise
Got VoIP? More and more companies are answering yes...the
reasons vary from cost savings, network flexibility, and ease of
administration. Yet others are drawn to the promise of advanced
VoIP applications such as unified messaging and collaboration.
Register now and get a free copy of Network World's Got VoIP?
Executive Guide, which outlines the keys to successful VoIP
deployments.
http://www.fattail.com/redir/redirect.asp?CID=106319
_______________________________________________________________
ARCHIVE LINKS
Archive of the Security newsletter:
http://www.networkworld.com/newsletters/sec/index.html
Security Research Center:
http://www.networkworld.com/topics/security.html
Instant sign-up for Security News Alert:
http://www.networkworld.com/isusecna
Instant sign-up for Virus & Bug Patch Alert:
http://www.networkworld.com/isubug
_______________________________________________________________
FEATURED READER RESOURCE
VoIP SECURITY
For the latest in VoIP security, check out NW's Research Center
on this very topic. Here you will find a collection of the
latest news, reviews, product testing results and more all
related to keeping VoIP networks secure. Click here for more:
<http://www.networkworld.com/topics/voip-security.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To unsubscribe from promotional e-mail go to:
<http://www.nwwsubscribe.com/Preferences.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment