When a picture is deleted off of a phone, it can sometimes be easy to recover. However, there are other cases, where the file may appear to be gone forever. Sometimes it takes special software and equipment to access the mobile device’s internal memory. Older phones (before smartphones) only had a small amount of memory, therefor data recovery can be difficult because the data is constantly overwritten. Smart phones, such as Androids (including Galaxy and iPhones) offer much more storage, therefor, more can be recovered. Any phone can have data recovered, however, there is no guarantee that the data is still in tact nor that there is anything useful to recover. If the device is encrypted, this becomes even more challenging. This service is commonly used by businesses checking on employees, concerned parents, and worried spouses.
At G.E. Investigations, we specialize in getting you the facts and giving you peace of mind. Contact us for any cell phone picture and data recovery services you may need.
Cracks emerge in the cloud: Security weakness of cloud storage services
Science Daily Source: The Agency for Science, Technology and Research (A*STAR) July 19, 2014
As individual computer users increasingly access the Internet from different smartphones, tablets and laptops, many are choosing to use online cloud services to store and synchronize their digital content. Cloud storage allows consumers to retrieve their data from any location using any device and can provide critical backups in the case of hard disk failure. But while people are usually vigilant about enacting security measures on personal computers, they often neglect to consider how safe their files are in the cloud.
Now, findings from a team led by Jianying Zhou of the A*STAR Institute for Infocomm Research in Singapore promise to improve the security of popular online services and better protect users by revealing hidden flaws associated with an important cloud storage feature — the ability to share files with friends, co-workers or the public1.
Sharing content is an attractive way to let far-flung colleagues view and collaborate on projects without using email attachments, which often have strict file size limitations. Data sharing can be: public, with no access controls; private, in which the cloud service provider authenticates sharing through login controls; or ‘secret’ uniform resource locator (URL) sharing where people without an account on the cloud service can access data by following a specific web link.
The A*STAR-led researchers analyzed the security of three well-known cloud service providers — Dropbox, Google Drive and Microsoft SkyDrive — and found that all three had vulnerabilities many users might encounter. They uncovered several risks related to the sharing of secret URLs. Because URLs are saved in various network-based servers, browser histories and Internet bookmarks, frequent opportunities exist for third parties to access private data. Furthermore, the URL recipient may send the link to others without the data owner’s consent.
Another danger lies in the practice of URL shortening — reducing long web addresses to brief alphanumeric sequences for easier sharing on mobile devices. Although the original URL may point to a privately shared file, shortening changes this address into plain text unprotected by encryption. Zhou also notes that because short URLs have very limited lengths, they are susceptible to brute-force attacks that can dig out supposedly secret files.
Zhou explains that the root cause of cloud security problems lies in the need to balance usability with privacy protection. “Users should be careful when they share files in the cloud because no system is perfectly secure. The cloud industry, meanwhile, needs to constantly raise the bar against new attacks while keeping the service as functional as possible.”
Snowden plans to work on anti-surveillance technology
The former NSA contractor, still hidden within Russia, plans to develop anti-surveillance technology following the US government spying scandal.
ZDNet By Charlie Osborne for Zero Day July 21, 2014
The former US National Security Agency (NSA) contractor, who leaked confidential documents detailing the extensive surveillance activities of the NSA and the UK’s GCHQ, called for support at the Hackers On Planet Earth (HOPE) conference via a video link from Moscow, Russia.
Snowden addressed the conference on Saturday, requesting that the hacking community channel its resources into developing anti-surveillance technologies which will make government spying more difficult — and said that he planned to spend much of his future time doing the same.
The former NSA contractor said:
We the people — you the people, you in this room right now — have both the means and the capability to improve the future by encoding our rights into programs and protocols by which we rely every day. [..] and that’s what a lot of my future work is going to be involved in, and I hope you’ll join me in making that a reality.
Speaking at the New York City conference, Snowden also defended his actions in relation to leaking confidential documents from the US intelligence agency to the media. The contractor said that most Americans have little concept of how wide-ranging their government’s surveillance activities are, but “have a right as Americans and as members of the global community to know the broad outlines of government policies that significantly impact on our lives.”
“If we’re going to have a democracy and an enlightened citizenry, if we’re going to provide the consent of the governed, we have to know what is going on, we have to know the broad outlines of a policy and we can’t have the government shut us out from every action that they’re doing,” Snowden commented.
Snowden is currently hidden in Russia after fleeing the United States last year. The former NSA contractor’s Russian visa expires at the end of July, and the former contractor has requested an extension. However, Snowden did not comment on whether his visa has been extended.
In an interview with The Guardian last week, Snowden said he is unlikely to have a fair trial if he returned to the US, being one of few whistleblowers in history to be charged under the Espionage Act.
Veteran Pickpocket Explains How ATM Skimmers Are Ruining His Craft
GIZMODO by Adam Clark Estes July 20, 2014
There’s no better example of a petty criminal than the pickpocket, a fast-moving talent who lifts wallets as if he were picking up pennies off the sidewalk. But a profile of a veteran pickpocket in the New York Times this weekend shows that technology is destroying the art. Credit cards are just more lucrative.
It’s not a surprising revelation, but it’s oddly sad to hear Wilfred Rose, said veteran thief, bemoan the shift. “We’re disappearing,” he told the paper from prison. “In a few years, there won’t be any of us left.” Evidently Rose is just one of 50 pickpockets—”the Nifty Fifty”—that the NYPD still watches out for. ATM skimmers, the Times says, are taking over.
Who wouldn’t blame them? Besides the fact that hackers can make off with millions in a matter of hours by taking the high tech route to stealing cash, ATM skimmers can live in machines for months without detection. And even if they do get discovered, it’s almost impossible to link them back to a thief. Pickpockets were never so lucky. [NYT]
Hackers Have Figured Out How to Steal Millions from ATMs
GIZMODO by Adam Clark Estes April 3, 2014
Federal regulators just alerted banks across the country of a very dangerous new skill ATM hackers have picked up. They can trick ATMs into spitting out unlimited amounts of cash, regardless of the customer’s balance. Not only that, but also schedule the illicit withdrawals for holidays and weekends, when the ATMs are extra flush.
We’ve heard of crazy ATM hackers before, but this really takes the cake. It’s a triple threat, really. The ability to skirt around daily ATM withdrawal limits is bad enough, since the hackers isn’t limited to $500 or whatever the limit is on any single account. But the fact that the hackers can now extract more than what’s in a customers account combined with the scheduling method means that any given ATM theft could now be an all out heist. That’s why the Secret Service is calling this strategy Unlimited Operations.
Heists are exactly what’s happening, too. “A recent Unlimited Operations attack netted over $40 million in fraud using only 12 debit card accounts,” said the Federal Financial Institutions Examination Council in its alert to banks. The regulators believe that the hackers have actually been targeting bank employees with phishing scams in order to get their malware installed on the banks’ computer systems. The Los Angeles Times explains how it’s done:
Criminals use the malware to obtain employee login credentials and to determine how the institution accesses ATM control panels, often based online, that allow changes to be made in the amount of money customers may withdraw, geographic usage limits and how fraud reports are generated.
After hacking the control panel, criminals withdraw funds by using fraudulent cards they create with account information and personal identification numbers stolen through separate attacks, the regulators said. The PINs may be stolen by malicious software or scanning programs at merchant sales terminals or ATMs, or by hacking into computers.
It also doesn’t help that the recent Target breach put millions upon millions of card numbers out in the open, giving hackers even more fraudulent cards to work with.
For those that’ve been hit by one of these attacks, federal insurance will kick in, but it’s a huge pain in the ass for everyone. So in a twisted sort of way, these ATM hackers are inevitably taking your tax dollars. That mobile payments revolution everyone keeps talking about can’t come soon enough, can it? [LAT]