UNCLASSIFIED

SECURITY BULLETIN SECURITY BULLETIN

Office of the Assistant Secretary of Defense Reserve Affairs Employer Support of the Guard and Reserve (ESGR) 1555 Wilson Blvd., Suite 200 Arlington, VA 22209 (703) 696-1171 x 548 Robert Tizon, Force Protection Officer roberto.tizon@osd.mil

October27,2011

PhotocopyingofMilitaryIdentificationCards

Recent incidents regarding the photocopying of military identificationcardsandcommonaccesscards(CAC),bycommercial establishments to verify military affiliation or provide government ratesforservice,havebeenreported. Personnel are reminded that the photocopying of US Government Identification is a violation of Title 18, US Code Part I, Chapter 33, Section701andpunishablebybothfineand/orimprisonment. Many military members, family members and DoD employees are unawareofthislaw.Pleasepasstothelowestlevelandincludein trainingforforceprotection,informationsecurityandOPSEC. FPO COMMENTS: Criminal elements and terrorist organizations place U.S. government identificationsasahighvaluelogisticalelementwhenplanningactsagainsttheU.S.military. Although commercial establishments are not prohibited from asking for military/government identification, many government personnel and commercial establishments are unaware of the prohibitiononduplicationofgovernmentidentification.Unfortunately,therearenosafeguardsin placetoensureagovernmentidentificationcardwontbecounterfeitedorclonedbasedona photocopybyacommercialestablishment. It is recommended that military/DoD personnel provide a state drivers license or other form of photoidentificationtobephotocopiedifanestablishmentinsistsonaphotocopyofthetravelers identification. *NOTE: This does not apply to medical establishments (i.e. doctors office, hospitals, etc) who areallowedtakeacopyforthepurposeoffilinginsuranceclaims;andothergovernmentagencies intheperformanceofofficialgovernmentbusiness.

UNCLASSIFIED
REMEMBER Should you witness activity that may be criminal or terrorist in nature, contact the Pentagon Force Protection Agency IMMEDIATELY at 703-692-2729

How Much Does Your Smartphone Know About You?

Tuesday, April 26, 2011

UPDATE: Apple Lied: Filed Patent for Mobile Device Tracking: Revelations of the patent application now confirm suspicions that Apple was quite aware of the storage of geolocation tracking data, that it was not merely a database of Wi-Fi locations, and the building of location histories on their customers was not due to a software glitch... * * * News feeds are buzzing this week with articles about smartphone security and privacy issues, and the recent headlines regarding mobile devices have garnered the interest of both consumers and Congress. Of particular note are revelations that a stealth Apple iOS file routinely stores geolocation information derived from triangulating signals from mobile devices running the operating system. News of the data collection has prompted a lawsuit and a motion by plaintiffs who are seeking a court order to bar further collection of the location data, as well as an invitation from Congress for Apple representatives to participate in upcoming hearings to be held by the Judiciary Subcommittee on Privacy, Technology and the Law. The other headline grabber was an article which reported that the Michigan State Police have been using data extraction devices to collect information from the cell phones of motorists detained for minor traffic infractions, though the MSP later issued a statement indicating that the device is only used in conjunction with a search warrant or when officers are given permission to conduct the search. These recent incidents, coupled with numerous reports that show mobile devices are increasingly being targeted by cyber criminals, has many users wondering exactly what information can be gleaned from their smartphone. Alexis Madrigal, a senior editor for The Atlantic, has penned an interesting article that examines just how much information a smartphone can reveal about its user. Madrigal conducted his own little forensics operation using a tool called "Lantern", and the results may be surprising to many: "I plugged my phone into my computer and opened an application called Lantern, a forensics program for investigating iPhones and iPads. Ten minutes later, I'm staring at everything my iPhone knows about me. About 14,000 text messages, 1,350 words in my personal dictionary, 1,450 Facebook contacts, tens of thousands of locations pings, every website I've ever visited, what locations I've mapped, my emails going back a month, my photos with geolocation data attached and how many times I checked my email on March 24 or any day for that matter."

"Want to reconstruct a night? Lantern has a time line that combines all my communications and photos in one neat interface. While most of it is invisible during normal operations, there is a record of every single thing I've done with this phone, which also happens to form a pretty good record of my life." "Figuring that I've got nothing to hide or steal, I'd always privileged convenience over any privacy and security protocols. Not anymore. Immediately after trying out Lantern, I enabled the iPhone's passcode and set it to erase all data on the phone after 10 failed attempts. This thing remembers more about where I've been and what I've said than I do, and I'm damn sure I don't want it falling into anyone's hands." So what would your smartphone reveal about you, and how comfortable are you with having details of your daily activities logged for future reference?
Source: https://www.infosecisland.com/blogview/13334-How-Much-Does-Your-Smartphone-Know-About-You.html