« March 2009 | Main | May 2009 »

April 27, 2009

Click Here to Wiretap!

You might think that it’s illegal to wiretap telephone calls.  But that hasn’t stopped a growing number of companies from offering a full line of wiretapping software for dozens of cell phones.  And while using the software is illegal in most countries, that’s not stopping these companies from selling it. 

To install these programs, which go by names such as FlexiSPY or Mobile-Spy, all you need is access to the targeted cell phone.  Once you install it—a process that takes about five minutes—you can listen to your target’s phone calls and read his or her text messages, call detail (number, time, duration) and any e-mails sent from the phone. 

With a GPS-enabled phone, you can obtain the location where your target made each call.  And switch on “Spycall” mode (FlexiSPY) and you can listen in to any conversation in the vicinity of your target’s phone—not just phone conversations.  In some cell models, you can monitor conversations even if the phone is turned off. 

The software delivers all this data to an online account, where you can view it from any these Internet enabled cell phone or PC.

Manufacturers of these programs claim they’re legal.  For instance, the FlexiSPY Web site states: 

The product is not illegal, but the way in which it is used may break local laws. In general, you may use it on a phone that you own, for protecting your children, for archiving data, for enforcing explicitly stated business use guidelines and so on. We do not support any illegal use of our products, and the term of sale means that you agree to abide by your local laws.

Maybe that’s true in Thailand, where FlexiSPY is based.  But it’s not true in most other countries.   

You’re bugging someone’s phone and listening in on everything said and all data transmitted.  And that’s illegal in the United States, the United Kingdom, and almost everywhere else, unless you obtain a search warrant or other legal authority to do so.

 But meanwhile, sales of what one wag on the Internet calls “spouseware” appear to be booming.  So even if it’s illegal to bug someone’s phone, lots of people are doing it.  And the consequences could obviously be catastrophic if you discuss anything on your cell phone you wouldn’t want published on the front page of The New York Times.

How can you protect yourself?  One strategy is to use a phone that spouseware makers don’t support.  Click here for a list of supported phones for FlexiSPY.  

Second, never let your cell phone out of your possession.  While intelligence agencies can likely download spy software to your cell phone surreptitiously, all the commercial wiretapping software I’ve seen requires the eavesdropper to have physical possession of the target phone to install the application.

Third, use a log-on password for your cell phone.  This won't defeat a government eavesdropper, but it will frustrate efforts by a non-professional to monitor your cell phone data.

Fourth, if you want to make sure that your cell phone isn’t being used as a bug, take the battery out of it.  Obviously, you can’t use it in this situation, but at least it won’t be broadcasting your conversations to persons unknown.

Fifth, be alert to your phone battery being depleted more quickly than normal.  That might indicate a worn-out battery, but it could also be a clue that your phone is transmitting surreptitiously.

Sixth, be alert to how warm your phone is.  It’s normal for it to be warm after an extended conversation.  But if it’s warm and you haven’t used it recently, that raises the possibility it’s transmitting data without your permission. 

Seventh, if you use a GSM phone (common throughout the world except for the United States), walk toward a set of stereo speakers.  Buzzing interference from speakers is common with GSM phones.  If you hear buzzing when you’re not making a call, however, your phone could be bugged.

Copyright © 2009 by Mark Nestmann

Posted at 02:20 PM in Communications Privacy | | Comments (0)

April 22, 2009

Russia, Romania Begin Using Passports as a Weapon

No, these countries haven't developed new passports containing a hidden death ray gun.  But changes in Russia's citizenship laws—and amendments that Romania is now considering—are every bit as potent.  Even gentle Canada is getting in on the act, although in its case, there's no evidence of hostile intent.

Starting in 2000, Russia has granted citizenship to nearly 3 million ethnic Russians living outside its borders, especially in Georgia, Moldova, Estonia and Ukraine.  All of these nations were former satellite states of the Soviet Union.  And the Kremlin's action is a provocative instrument of foreign policy.

For instance, Russia justified its military invasion of Georgia last year by saying it was protecting Russian citizens living abroad.  But this occurred only after the Kremlin handed out hundreds of thousands of passports in the breakaway regions of South Ossetia and Abkhazia.  And with 200,000 Russian citizens now living in Estonia, and another 200,000 or so in the Crimea—the jewel of Ukraine—Russia may have created a justification to intervene in these areas as well.

It's a little like Canada telling U.S. citizens that they're now Canadian, and then justifying an invasion of the United States to protect them.

Oh, wait…Canada has now done this, although (other than in South Park) there are no plans to invade the United States.  Thanks to a new law, Canada has granted citizenship to hundreds of thousands of former citizens and their descendants.  Most of these individuals live in the United States. 

Unlike Russia, Canada's motive appears peaceful.  The amendments to Canada's Citizenship Act restore Canadian nationality to those forced to renounce it when they became citizens of other countries.  It also grants Canadian citizenship to their children.

The same can't be said for political hijinks now playing out in Romania, one of the newest members of the European Union.  Last week, the Romanian government introduced a bill that would grant citizenship to anyone living in Moldova with a Romanian grandparent or great-grandparent.  Previously, only Moldovans with Romanian grandparents could apply.  In addition, Moldovans who qualify under these criteria would no longer need to learn Romanian to obtain a passport. 

Romania took this action after Moldova imposed visa requirements on Romanian passport-holders visiting Moldova.  Should Romania enacts its new citizenship legislation, Moldova may enact its own law banning dual citizenship.  If that happens, more than one million Romanian citizens living in Moldova would have to leave Moldova unless they renounce their Romanian nationality. 

What a mess!  However, these developments create new opportunities for those affected by them to obtain a "better" passport (in terms of travel options available) than they now possess.  For instance, the Canadian passport is one of the world's best travel documents, with visa-free access to more than 150 countries.  The Romanian passport is also an excellent travel document, as it now provides visa-free access to the entire European Union.  (You must, however, first obtain a valid national ID card from Romania).  The downside, of course, is if you live in Moldova and don't want to leave.

And Russia?  Well, Russian passport holders can travel visa-free to only about 80 countries.  But Russia has military and diplomatic clout—something that can't be said for Georgia, Moldova, Estonia and Ukraine. 

One thing is for sure.  Jockeying for military and political advantage through passport diplomacy is bound to continue.  And while the geopolitical impact may be uncertain, the opportunity these developments provide for those newly eligible to receive a passport may be incalculable. 

If you're not eligible for a second passport by way of your ancestry, marriage, or prolonged residence in another country, The Nestmann Group, Ltd. can assist you in obtaining alternative citizenship and tax-advantaged residence. Please contact us for more information at info@nestmann.com.

Copyright © 2009 by Mark Nestmann

Posted at 02:10 PM in Alternative Citizenship and Residence | | Comments (0)

April 20, 2009

Are Precious Metals Stored Offshore "Reportable Financial Accounts?"

Recently, several American Sovereign Society members asked me if they must acknowledge ownership of gold or other metals stored offshore to the U.S. government.

Unfortunately, neither the IRS nor the U.S. Treasury has provided direct guidance on this subject.  As a result, I generally recommend that my clients report such ownership, although there appear to be some exceptions.

First, a little background.  U.S. citizens and residents have an annual obligation to report the existence of all “foreign bank, securities or ‘other’ financial accounts” if the aggregate value of those accounts exceeded US$10,000 at any time during the preceding year.  Those failing to do so face a fine up to US$250,000, imprisonment up to five years, or both.  (In an earlier blog entry, I described how non-U.S. persons have the same obligation if they are "in or doing business" in the United States.) 

The report, which the Treasury Department cleverly calls Form TD F 90-22.1 (link here), is due by June 30 of the following year.  Thus, you must file this form by June 30, 2009, if you had any reportable foreign account relationships anytime in 2008.  

You have a separate obligation to disclose any "reportable" foreign accounts on Schedule B of Form 1040.  Hopefully you already made that acknowledgment when you filed your 2008 tax return.  If not, you should file an amended return and make the required disclosure (check "yes" on line 7a of Schedule B).

The Treasury Department and the IRS construe the term "financial account" very broadly. The definition unquestionably includes bank, securities, and other accounts that hold financial instruments. However, it does not include individual bonds or stock certificates. This is an important distinction.  If you have a foreign brokerage account that contains stock, this is a foreign financial account.  If you hold individual shares of the stock directly, it is not reportable.

By analogy, the same rules would presumably apply to gold or other precious metals held offshore.  If you hold the metals in a safety deposit box or private vault, without opening a bank or other financial account, you don't appear to have any reporting obligation.  (However, at many foreign banks, you must open an account in order to rent a safety deposit box.)  On the other hand, if you purchase the metals through a foreign bank account and the bank stores the metals in its vault as part of your account holdings, the relationship would be reportable.

What if you arrange for a company to purchase gold or other metals on your behalf and that company stores those metals on your behalf in a foreign bank's vault?  While nothing is certain in life, other than death and taxes, a strong case can be made that this is not a "foreign financial account" if the following conditions apply:

  • The company does not itself sell the metals but only brokers purchases and sales
  • The metals are held together in a designated area of the foreign bank's vault
  • Each bar or coin is identified by a unique, certified number. 
  • The bars or coins in the vault are individually packaged and labeled so that it they are readily identifiable as your property. 
  • You can take physical possession of the metals at any time.

Naturally, the IRS might disagree with this analysis.  And if you enter into such an arrangement, I highly recommend confirming my interpretation with your own tax advisor.  

Copyright © 2008 by Mark Nestmann

Posted at 04:21 PM in Financial Privacy, Offshore Investment | | Comments (0)

April 15, 2009

Will Your Insurance Company Survive the Global Financial Collapse? [Part 2]

In my last blog entry, I described the financial stresses under which many U.S. insurance companies are operating—and the very limited "safety nets" to bail out policyholders of insolvent insurers.

How can you evaluate the financial health of the companies you rely upon for insurance?  And what are your alternatives if they don't pass financial muster? 

Here are some practical suggestions:

Start by making a list of every insurance policy you own.  That should include property & casualty insurance (auto, home, and business); life insurance; medical insurance (including long-term care insurance); disability insurance, along with any annuities you own issued by insurance companies. 

Next, obtain a snapshot of each company's financial standing through the free ratings scanner at Thestreet.com.  Click here for the link. Coverage is spotty with this scanner, but for rated companies you'll find a one-page summary of financial health, capitalization, investment safety, profitability, liquidity, and stability. 

Many insurance companies are publicly traded.  If any of your policies are from public companies, look at the trend in share prices using a tool like Yahoo Finance or Thestreet.com.  Even the strongest insurers have been battered by the economic downturn.  Don't panic if you see price declines in line with declines in the overall market (i.e. 30%-50%).  However, many insurance companies have lost 90% or more of their market value in the last 12-18 months.  If you own policies from one or more of these companies, it's safe to assume that major investors have dug into the company's financials and don't like what they see.

While you're looking at share prices, also review news stories about the company.  Most online stock tracking services include news clips about each company you look up.  If the insurance company isn't publicly traded, try to find news about it on a search engine.  Look for news of credit rating downgrades, resignations of top officials, lawsuits, regulatory actions, etc. 

Next, check the company's credit ratings directly from the rating agencies' Web sites:

  • www.standardandpoors.com
  • www.fitchratings.com
  • www.moodys.com

Credit ratings are far from perfect.  Who can forget the hundreds of billions of collateralized debt obligations (CDOs) that went from AAA-rated to junk status in 2007 and 2008, literally overnight?  But, they're a start. 

Next, call each insurance agent or broker you've dealt with for each policy you own.  Ask the agent or broker to review ratings data and other financial information (including media reports, annual reports, press releases, public filings, analyst reports, etc.) to evaluate the company's financial strength.  A broker not tied to any particular company will be in a much better position to provide objective information.  An employee of the company you're trying to evaluate obviously has a vested interest in keeping your business with that company.

If any of the companies are at risk, contact an insurance broker (not a company agent) to ask for recommendations to replace the policy.  This is easiest for property and casualty insurance.  To replace a life, medical, or disability insurance policy, you'll need to be in good health.  Your premiums may rise significantly as well, especially if you're replacing a whole life policy you purchased many years ago.

If it's not practical to replace a life insurance policy from a weak company, you can at least borrow most of the cash value from it.  You'll pay for this privilege—an 8% annual interest rate is typical.  But if the insurer goes under, at least you'll have recovered some of your premium payments. 

Cashing in an annuity policy can trigger big surrender charges along with tax penalties.  To avoid the tax penalties, use a "Section 1035 exchange" with a more financially stable insurer. 

Finally, look into alternatives to commercial insurance.  If you have a successful business with substantial insurance premiums, you may be able to save money by setting up your own "captive" insurance company.  Also consider insurance from more financially stable foreign carriers.  While many foreign insurers won't cover risks outside their own country, some will.  In countries like Switzerland, for instance, insurance companies are much more strictly supervised than in the United States. 

Copyright © 2009 by Mark Nestmann

Posted at 01:44 PM in Asset Protection | | Comments (0)

April 13, 2009

Will Your Insurance Company Survive the Global Financial Collapse? [Part 1]

What would happen if your insurance company became insolvent, and wasn't able to pay its obligations to you?  As the global financial crisis began to unfold, I started asking that question in relation to my own insurance coverage.  Two insurance policies were of particular concern: a professional liability policy issued by a subsidiary of American International Group (AIG) and a cash-value life insurance policy issued by Phoenix Life Insurance (PNX).

AIG, of course, is a poster child for the global financial collapse.  Beginning a decade or so ago, AIG underwrote billions of dollars of credit default swap contracts and other questionable obligations.  You know the rest of the story: since late 2008, the U.S. government has pumped nearly US$200 billion into AIG to keep it solvent.  Even so, it's stock is trading only slightly north of US$1/share, compared to nearly US$50 less than a year ago.

PNX isn't as prominent as AIG.  However, its fall from financial grace has been nearly as spectacular.  Its credit rating is now well into "junk" territory.  Credit analysts say its ability to pay claims could be affected by continuing investment losses.  In the last year, the share price fell from US$14 to US$0.20, although it's now rebounded to nearly US$2. 

Nor are AIG and PNX alone: credit rating agencies have downgraded dozens of insurance companies in recent months.

To deal with these concerns, I've replaced the AIG policy with another one from a company with a much higher credit rating.  In the case of PNX, I've borrowed most of the cash value of my policy and have applied to replace it as well. Unfortunately, I'm 20 years older than when I first purchased the policy, so my premiums will be much higher. 

I've also reviewed the financial status of the companies with which I maintained health insurance and property & casualty insurance coverage.  Fortunately, both are still rated "excellent" with a stable ratings outlook. 

However, it's no time for complacency.  That's particularly true if you own an annuity policy from an insurance policy with a high guaranteed payout.  Regardless of global financial conditions, the insurance company must continue to pay whatever amount is guaranteed. 

I don't own any domestic annuities, but I have a friend who owns one with a 6.5% annual guaranteed payout.  Returns this high aren't easy to come by these days.  Stocks have lost nearly 50% of their value, and government bond yields are at all-time lows.  How will this company—whose debt is now rated "junk" by credit rating agencies—continue to pay my friend his 6.5% guaranteed payout.  That's anyone's guess, but I'm glad I'm not in his shoes.

You might think the equivalent of a Federal Deposit Insurance Corporation guarantee for insurance companies exists, but it doesn't.  One small consolation is that some of your insurance policy may be guaranteed by the state in which you live.  These guarantees vary from state to state. In most states, the guarantees are for US$300,000 in death benefits, US$100,000 in cash values from life insurance policies, US$100,000 in cash withdrawals from annuities.  There's generally a limit of US$300,000 total per person. 

But here's the rub: no state actually has these guaranteed sums readily available.  The money is supposed to come from the insurance companies themselves.  In other words, insurance companies basically guarantee themselves.  If one company goes under, others are supposed to step in and honor its obligations.  If the economy is weak, it's possible that one failure could lead to others, like a chain of dominos. 

Of course, the government could always step in with cash infusions to prevent this result.  But the cost of bailing out the U.S. financial system is already approaching US$15 trillion.  If the economy continues to deteriorate, how much more money can you count on Congress and the Fed to make available if insurance companies start going belly up in droves? 

Fortunately, there are some steps you can take to protect yourself.  In my next blog entry, I'll present some practical suggestions to evaluate the health of the companies you rely upon for insurance—and suggest some alternatives to consider if they don't pass financial muster.

Copyright © 2009 by Mark Nestmann

Posted at 02:55 PM in Asset Protection | | Comments (0)

April 09, 2009

Foreigners "In or Doing Business" in the USA: Get Ready to Bare Your Financial Soul

U.S. citizens and residents have an annual obligation to report the existence of all “foreign bank, securities or ‘other’ financial accounts” if the aggregate value of those accounts exceeded US$10,000 at any time during the preceding year.  Those failing to do so face a fine up to US$250,000, imprisonment up to five years, or both.

Lucky you: if you can demonstrate you didn't "willfully" violate this requirement, the IRS will generally impose a civil fine of "only" US$10,000.

Now, the U.S. Treasury has extended this obligation to any foreign person "in or doing business" in the United States.  If you qualify under this requirement, you have until June 30 to report any "foreign accounts" you had in 2008 by completing complete Form TD F 90-22.1, the foreign bank account reporting form (FBAR).

You don't want to bare your financial soul to the U.S. Treasury?  Well, too bad.  If you're "conducting business within the United States on a regular and continuous basis," you meet the threshold test established by the IRS, and must complete the FBAR.  You must reveal the name, address, account number, and highest value in the preceding year of each non-U.S. account over which you have signature or "other" authority. 

According to recent IRS guidance, a foreign person merely visiting the United States has no filing obligation.  Nor does sporadically doing business in the United States trigger the requirement.  Other foreigners not required to file FBARs include:

  • Persons who occasionally visit the United States to meet customers or business associates
  • Artists, athletes, and entertainers who occasionally come to the United States to participate in exhibits, sporting events, or performances
  • Persons who occasionally visit the United States to manage personal investments, such as rental property, and conduct no other business

Filing a FBAR creates no tax obligation.  Nor does it appear that foreign persons who file FBARs have the additional responsibility of completing boxes 7a and 7b on Schedule B of IRS Form 1040—a U.S. taxpayer's annual tax return.  Thank goodness for small favors!

However, even if you're a foreigner with no U.S. tax obligations, there's a major potential downside to filing the FBAR: the Treasury can share the information on it with just about anyone.  Generally, the IRS can't disclose tax returns or return information outside the U.S. Treasury, except under strict conditions.  However, the FBAR isn't a tax return and may be disclosed on a much wider basis.  According to the FBAR instructions:

"The information collected may be provided to those officers and employees of any constituent unit of the Department of the Treasury who have a need for the records in the performance of their duties. The records may be referred to any other department or agency of the United States upon the request of the head of such department or agency for use in a criminal, tax, or regulatory investigation or proceeding. The information collected may also be provided to appropriate state, local, and foreign law enforcement and regulatory personnel in the performance of their official duties."

In other words, data you disclose on this form might just make it back to your home country, to be used in an investigation against you.  And of course, in many countries, government corruption is rife.  It's possible the FBAR form might also be shared with organized crime syndicates involved in kidnapping or other illegal activities.  These groups might be very interested to learn the details of your foreign accounts, along with the balances you keep in them.

At the very least, the Treasury's new demand for persons "in or doing business in the United States" to file the FBAR annually raises troubling questions as to what it might do with the data it collects.  At most, it might give such persons second thoughts as to whether they wish to continue to be "in or doing business" in the United States.

Copyright © 2009 by Mark Nestmann

Posted at 01:25 PM in Financial Privacy, Offshore Investment | | Comments (0)

April 08, 2009

Hats Off for Surveillance!

You may not have known it, but it may now be your civic duty to remove your hat in the presence of a surveillance camera.  And don't smile, either—it might confuse the face-recognition software. 

If New York City is any indication, this is a coming trend.  Banks and other retailers have started to post signs asking customers to remove hats and any other face-obscuring accessories to "help us reduce crime."  You see, hats and sunglasses make things more difficult for face-recognition software, as does smiling at the camera. 

And it's not just businesses that are racing to identify everyone who walks in the door.  The New York Police Department has proposed extending a CCTV network with 4,200 cameras in Lower Manhattan to cover midtown-Manhattan as well.  The scheme includes license-plate recognition technology to identify all vehicles entering Manhattan.  There's no word yet on whether or not face recognition will be included.  However, I'd be very surprised if it's not part of the plan. 

Will the new network catch many bad guys?  Not unless the city passes an ordinance forbidding anyone entering Manhattan from wearing a hat, sunglasses—or smiling. 

If CCTV is mostly "security theater," then what's it really good for?  A recently released movie, Look, which presents life in a CCTV-surveilled world as a sort of reality show, provides an important clue.  According to Adam Rifkin, who directed Look, in real life CCTV has more to do with titillation than security. 

"We went into a mall security office and the guys were not looking for shoplifters. They were zooming in on girls with big boobs and following them around the stores. Those guards told me if they see something really interesting, they post it on YouTube."

Well, now you know the real purpose of CCTV networks.  If you're out shopping in Manhattan or most other big cities, and you're a hottie, you just might be on YouTube! 

Copyright © 2009 by Mark Nestmann

Posted at 02:56 PM in Film |

April 06, 2009

"Tax Information Exchange Agreements" Quietly Morph Into Tax Treaties

As high-tax nations fulminate against low-tax jurisdictions, it's encouraging to find a wisp of good news in the offshore tax arena.  And such is the case with a recent agreement between France and the island of Jersey, a low-tax jurisdiction off the coast of England.

On March 23, 2009, France and Jersey concluded a tax information exchange agreement (TIEA).  Unlike every other TIEA I've reviewed, this one wasn't merely a one-sided demand for banking and financial information to flow to French tax authorities.  Instead, the France-Jersey TIEA actually provides some benefits for Jersey.  Investment funds and real estate holding structures in Jersey will now qualify for exemption from a 3% tax assessed annually on the fair market value of real property located in France.

This may not sound like much, but it's a revolution given the history of TIEAS.  These agreements first came into effect in the 1980s, when the United States unilaterally canceled regular tax treaties then in effect with numerous low-tax jurisdictions: the Netherlands Antilles, the British Virgin Islands, and many others.  (Like all tax treaties, the ones the U.S. Treasury canceled reduced U.S. withholding taxes, avoided double taxation, and called for tax disputes to be resolved by mutual agreement.) 

After canceling the treaties, the U.S. Treasury then strong-armed low-tax jurisdictions into signing one-sided TIEAs that required them to disclose U.S. interests in bank accounts, mutual funds, IBCs, and asset protection trusts.  The information had to be disclosed even if bank secrecy laws in the low-tax jurisdiction otherwise protected it.  What did Treasury offer in return? Very little: only negligible benefits, such as permitting U.S. corporations to deduct the costs of conventions in these jurisdictions. 

In the last 25 years, the U.S. Treasury has forced dozens of low-tax jurisdictions to sign TIEAs.  Most  meekly complied, although pending legislation in Congress still seeks to penalize these same jurisdictions for the "crime" of having low tax rates.

As time progressed, other high-tax countries got into the act, drawing on a model TIEA published in 2002 by the Organization for Economic Cooperation and Development (OECD).  As before, the model TIEA's intent is clearly to force low-tax jurisdictions to disclose financial data to high-tax jurisdictions.  After the OECD threatened sanctions against low-tax jurisdictions failing to sign TIEAs, dozens have come into effect.

And that's why the France-Jersey TIEA is such a big deal.  To the best of my knowledge, this is the first TIEA that provides any meaningful benefit whatsoever to the low-tax jurisdiction signing it. 

Let's hope this is the beginning of a trend.  If low-tax jurisdictions are to be forced to end bank secrecy and provide authorities in high-tax countries with unfettered access to financial records there, they should receive some benefit in return.  The France-Jersey TIEA is a first step toward this worthwhile goal.

Copyright © 2009 by Mark Nestmann

Posted at 03:58 PM in Offshore Investment | | Comments (0)

April 01, 2009

Spies Can Monitor Your Keystrokes Through the Air—or the Electrical Grid

No, it's not an April Fool's joke.  If only it were…

Imagine you're a lawyer working on an important legal brief for a client at a coffee shop, airport or other public location.  Unknown to you, your legal opponent is sitting on the other side of the room.  Using an oscilloscope and an inexpensive wireless antenna, he sits down at his own laptop, and activates monitoring software.  Thanks to a tiny antenna between your keyboard and the computer processor, your adversary can read everything you're typing into your laptop, with up to 95% accuracy, more than 60 feet away.

Even encrypted wireless keyboards are vulnerable, because each key still gives off a unique electromagnetic signal, which can be picked up with an antenna.

If that's not bad enough, if you're in the line of sight of your adversary—even hundreds of feet away—he can aim a laser microphone at your laptop to read what you've written.  Using the laser's precise rendering of the vibrations your keystrokes leave on the screen, he can monitor what you've typed. 

An attacker can pull off the same exploit, with similar results, on your home or office PC.  It's even easier, in fact, because desktop monitors are larger.  Plus, if you use an older PS/2 keyboard, hackers can pull the same information out of a nearby power socket.

Defense researchers have know for more than 50 years that it's possible to recover data from "leaks" in electronic equipment.  Most of their research—which at one time was code-named "Tempest"—is still classified.  But in the meantime, civilian researchers have discovered numerous ways to recover data using off-the-shelf components.  Indeed, the laptop keyboard sniffer I just described can be constructed for less than US$5,000. 

How can you protect yourself?  The most basic precaution is to not use a PS/2 keyboard.  Beyond that, you can purchase a "Tempest" laptop or PC certified to meet military standards.  They cost considerably more than ordinary PCs, but if you believe someone might target you for this attack, they're worth every penny.  Search the Internet for "Tempest laptop" or "tempest PC" to find suppliers.

Copyright © 2009 by Mark Nestmann

Posted at 03:20 PM in Communications Privacy | | Comments (0)