University

Student filmed female housemates in the shower with hidden sponge camera

Imagine jumping into your shower at home, not knowing your naked self was being filmed by a hidden camera by someone you trusted. 

University of Wollongong student Rico Auliputra concealed a camera inside a household sponge in his bathroom, hoping to record his three female house mates. 

Today, the Indonesian national narrowly escaped jail time at Wollongong Local Court after pleading guilty to the offence. 

The 26-year-old covered his face with a hoodie and satchel to avoid a waiting media scrum outside, as he ran to a getaway car. 

Auliputra was living in a share-unit in Wollongong’s CBD, when his three female housemates discovered a green flashing light coming from a slit in a yellow sponge on the floor of their shower on October 28 last year. 

On further inspection they found a cord from the set-up to a battery power pack, which was hidden in the vanity. 

Auliputra confessed to the crime after being confronted by the group, who called Wollongong Police. But when officers arrived on scene, the SD card inside the camera had disappeared. 

The defence lawyer today revealed that when the camera was discovered Auliputra threw the card from the seventh floor of his balcony, later returning to recover the card but was unsuccessful. 

The IT student showed some remorse, telling his lawyer, “I regret what I did because I betrayed my friends. It’s hard now to be trusted because of the mistake I did.” 

The Crown argued he should do time behind bars saying, “It is a serious offence and serious breach of trust.” 

However, Magistrate Follent took into consideration his good character and guilty plea, sentencing him to 250 hours of community service. 

In her closing statements to Auliputra she said, “What you did was reprehensible, abusing the significant trust of your friends. It was calculative and exploitative for your own gratification.” 

Auliputra is to remain a student at the University of Wollongong for another year. Management has refused to comment on the incident today.

Source: 9NEWS

Comparison of VoIP and TETRA Regarding Security in a Safety Critical Environment

In this document, University of Applied Sciences FH Technikum Wien (Vienna, Austria) analyze security threats on VoIP (Voice over IP) and TETRA (Terrestrial Trunked Radio) solutions and mitigation techniques.

 

Conclusion

“We recommend Tetra for safety critical environments like vessel and port terminal operations, Airports and government emergency authorities. Any place using Tetra should have a backup plan or plan B in case of unsolved attack or disaster. Backup could be using VOIP app, GSM (Global System for Mobile communications) with push to talk feature and many other applications can be used. VoIP can be used mainly in private communication with taking all security countermeasures into action to mitigate risks on Confidentiality, Integrity and Availability.”

University of Applied Sciences FH Technikum Wien, Vienna, Austria.
doi: 10.17706/jcp.13.3.279-286

Read the full Article

Researchers propose novel solution to better secure voice over internet communication

Researchers at the  University of Alabama at Birmingham have developed a novel method to better protect Crypto Phones from eavesdropping and other forms of man-in-the-middle attacks.

Crypto Phones consist of smartphone apps, mobile devices, personal computer or web-based Voice over Internet Protocol applications that use end-to-end encryption to ensure that only the user and the person they are communicating with can read what is sent. In order to secure what is being communicated, Crypto Phones require users to perform authentication tasks.

“Research has shown that these tasks are prone to human errors, making these VoIP applications and devices highly vulnerable to man-in-the-middle and eavesdropping attacks, said Nitesh Saxena, Ph.D. associate professor in the UAB College of Arts and Sciences Department of Computer Science.  

In a paper published at the Association for Computing Machinery Conference on Computer and Communication Security in November, Saxena and Ph.D. student Maliheh Shirvanian introduce Closed Captioning Crypto Phones to address the issues in currently deployed Crypto Phones.

Nitesh Saxena, Ph.D.

To ensure that a man-in-the-middle attacker does not interfere with the transmission of the message, traditional Crypto Phones rely on the users to verbally communicate and match a key, called a checksum, that is displayed on each user’s device. The users must verify that the voice announcing the checksum is indeed the voice of the other user they wish to communicate with. Closed Captioning Crypto Phones fully automates checksum comparison.

“Closed Captioning Crypto Phones remove the human element from the checksum comparison process by utilizing speech transcription,” Saxena said.

When a user announces the checksum to the other person CCCP automatically transcribes the spoken code and performs a code or checksum comparison for the user. In an online experiment designed to mimic a real-life VoIP call, more than 1100 audio files containing 4-word and 8-word checksums spoken by a variety people CCCP eliminated the chances of the data being intercepted or captured via a man-in-the-middle attack due to human errors or clicking through the task and complete detection of mismatching checksums was made.

“Our work shows that by automating the checksum comparison verification, users are unburdened by only having to perform a single verification task, Saxena said. CCCP not only eliminates the human errors, but also facilitate use of longer checksums, which further strengthen the security. “This may also help increase the awareness of human users in detecting malicious voice imitation attempts by attackers.”

In a study analyzing the security and usability of user-centered code verification tasks, Saxena, Shirvanian and collaborator Jesvin James George, found that most end-to-end encryption code verification methods offer poor security and low user experience ratings. The study was published at the 2017 Annual Computer Security Applications Conference in December.

In a monitored lab setting, 25 participants were asked to perform and report the success or failure of QR, image and numeric code verification while using the internet-based communication applications, Telegram, WhatsApp, Viber and Signal in a close proximity setting and a remote setting. Security and usability security under remote verification settings was found to be significantly lower than in a close proximity code verification setting due to human errors.

Nitesh Saxena is the director of the Security and Privacy In Emerging computing and networking Systems lab.

Source: UAB News

Nurse given 2-year suspended sentence after hiding camera in U of A Hospital gym shower

A nurse who admitted to hiding a camera in a staff gym shower at University of Alberta Hospital received a two-year suspended sentence on Tuesday. He’s also prohibited from having a recording device.

Jason Soundara, 26, pleaded guilty to two counts of voyeurism in June.

A suspended sentence means the defendant will serve a period of probation and have a criminal record, but won’t serve jail time.

The sentence means Soundara must remain in Alberta, attend counselling and cannot go to the University of Alberta Hospital. He’s allowed to own a smartphone but cannot use it to take photos or videos.

The Crown was seeking six months in custody and two years of probation. Crown prosecutor Marisa Anderson argued the act showed a high degree of planning and deliberation and was “predatory” in nature. She said the sentencing should send a strong message in this digital age.

The defence was seeking a two-year probation with no time behind bars. Defence lawyer Dan Nagase said the sentence should take into account this was not a public change room. Nagase argued the act was not thought out, naive and unsophisticated. Nagase said Soudara has sought out counselling and the incident happened during a difficult time in his life when he was struggling with his sexual orientation.

In November 2016, a notice was posted by management of The Pulse Generator at the University of Alberta Hospital Employee Fitness and Recreation Centre, stating a camera was in place from Nov. 27 at 5 p.m. until Nov. 28 at 9 a.m., when it was discovered and removed. In that 16-hour window, seven men were captured on the camera.

In an agreed statement of facts, Soundara admitted to putting the camera in the male locker room shower. In a videotaped interview with police, Soundara said he did it “because he liked one of the males who frequently showers in the facility.”
 
The statement said the camera installed looked like a wall outlet and was stuck to the wall underneath a soap dispenser; it contained a five-day rechargeable battery with an SD card to store video.

The camera was discovered by a man in the shower; it was turned over to hospital security and then Edmonton police.

Soundara was supposed to be sentenced in September but the decision was delayed.

Soundara worked as a nurse at the hospital emergency room at the time. An Alberta Health Services spokesperson said he is no longer an AHS employee.

Pulse Generator operates employee fitness centres at the U of A, Grey Nuns and Misericordia hospitals. Security measures were increased after the incident.

— With files from Global’s Kim Smith, Julia Wong and Karen Bartko

© 2017 Global News, a division of Corus Entertainment Inc.

By Emily Mertz

Web Producer  Global News

Source: Global NEWS