A Growing Problem..

Industrial espionage or corporate espionage is espionage conducted for commercial purposes instead of national security purposes.

The term is distinct from legal and ethical activities such as examining corporate publications, websites, patent filings, and the like to determine the activities of a corporation (this is normally referred to as competitive intelligence). Theoretically the difference between espionage and legal information gathering is clear. In practice, it is quite difficult to sometimes tell the difference between legal and illegal methods. Especially if one starts to consider the ethical side of information gathering, the border becomes even more blurred and elusive of definition.

Industrial espionage describes activities such as theft of trade secrets, bribery, blackmail, and technological surveillance. As well as spying on commercial organizations, governments can also be targets of commercial espionage—for example, to determine the terms of a tender for a government contract so that another tenderer can underbid.

Industrial espionage is most commonly associated with technology-heavy industries, particularly the computer and automobile sectors.

Espionage takes place in many forms. In short, the purpose of espionage is to gather knowledge about (an) organization(s). A spy may be hired, or may work for oneself.

 

 

Compressed web phone calls vulnerable to eavesdropping

Submitted by Mohit Joshi on Fri, 06/13/2008 - 06:41. Technology News United Kingdom

London, June 13 : US experts warn that compressed web phone calls may be easy to bug.

Researchers John Hopkins University in Baltimore, Maryland, point out that many service providers are due to implement a flawed technology to compress Internet (VoIP) phone calls so that they use less bandwidth.

The researchers say that the new compression technique, known as variable bitrate compression, produces different size packets of data for different sounds because the sampling rate is kept high for long complex sounds like "ow", but cut down for simple consonants like "c".

According to them, this variable method saves on bandwidth, while maintaining sound quality.

Even though VoIP streams are encrypted to prevent eavesdropping, say the researchers, simply measuring the size of packets without decoding them can identify whole words and phrases with a high rate of accuracy.

Charles Wright, a member of the John Hopkins team, said that only a few services were currently using the vulnerable compression method.

He, however, pointed out that more networks were planning to use this technique in future.

"We hope we have caught this threat before it becomes too serious," New Scientist quoted him as saying.

Another team member, Fabian Monrose, admitted that the eavesdropping software developed by them could not decode an entire conversation.

Monrose, however, insisted that the software was capable of searching for chosen phrases within the encrypted data, and thus might allow a criminal to find important financial information conveyed in the call.

The researchers say that tests with their software have revealed that it can correctly identify phrases used during a conversation with an average accuracy of about 50 per cent.

"I think the attack is much more of a threat to calls with some sort of professional jargon where you have lots of big words that string together to make long, relatively predictable phrases. Informal conversational speech would be tougher because it's so much more random," Wright says.

A paper on the Johns Hopkins team's work was presented at the 2008 IEEE Symposium on Security and Privacy, in Oakland, California, US, last month. (ANI)

http://www.topnews.in/compressed-web-phone-calls-vulnerable-eavesdropping-247305