Spy Special Click

Now on BBC News, Click.

This week, international espionage.

Shark fishing in Vegas.

Spooked out in London.

The way you walk can be used against you.

And, I spy in Hong Kong.

conventions have just taken place.

We've seen ATMs conned into spewing out cash and solar panels controlled

from the other side of the world.

And while Black Hat is the conference for the security

professionals, the hobbyist hackers hang out at Def Con,

and they're not all good guys.

There are all night parties and challenges to hack

into visitor's phones or laptops with the victim's details posted up

here, on the notorious Wall of Sheep.

What these big events expose is the vulnerability of anything

that's connected to the internet.

And, of course, we are moving towards a world where everything

will be connected to the internet from the infrastructure,

to your car, to your home appliances, to your clothes.

Yet there's always something new in the world of hacking and this

week we'll show you some of it.

But first, Dan Simmons is off gambling.

When Click was offered a rare opportunity to film how a top casino

has used its own tech to catch the cheats,

we sent him in with a simple brief - get the story and come home safely.

But with Sin City this full of bad guys, it didn't quite go to plan.

I'm on the inside, but who can I trust?

A big company boss was caught cheating at the tables only

last month here.

In the old days, they'd have had agents casually observing suspects

on the gaming floor or even snooping through a ceiling made of glass.

Today, this $20 million security set-up is all about the cameras,

and this casino has some new ones.

Can you see it?

There.

He's got it on his finger.

Watch how he handles the cards, and that's him putting the mark.

It's that subtle.

It's just that little scratch on the back.

There.

I can actually see it.

He put it on pretty heavy, so we can see it here.

That's why they call it a visible mark.

And the idea is, when he sees the card -

a Queen, King, Ace - come up, he's going to bet as much

as he can.

So this is just the perfect example.

Let's see when the cards come over.

There's an Ace and a King.

Of course it's appropriate to bet the most he can when he gets

those good cards.

The biggest thing that's happened is the addition

of the 360 degree cameras.

They take the place of 400 hand-tilt zoom cameras.

I can replace 400 of those with 50 oncam 360 cameras.

I can literally follow the bad guy every step he took in this building.

Look at that, how far that thing goes.

This is two megapixels, the new ones are 12.

So, from this shot here, I would be able to identify that person.

Ted says reliable, automatic facial recognition is just a year

or two away.

The cameras can already analyse and report the general movements

of people, but it's still the skill of the operators in catching a cheat

in the act that's his trump card.

Ted's enthusiasm has led him to hack together some unique

and revealing tech himself.

You can see right here this card, if you're looking at with your naked

eye, you cannot see through it.

But once you put it up to the right light and the right lens,

you can see right through it, like it's...

Look, he's got - nine, nine.

So this is a mark that I had printed on this card,

but I could apply this type of ink on the fly while I'm sitting

on a game.

The thing is, all you need is the right light source

and the right lens.

This device here has nine different lenses in it

which I can cycle through.

I don't know if your camera can catch it, but I can.

This lens is in the glasses or in their contacts.

So they don't need a camera like we have, they can do this

with manual devices, just like my glasses.

So this is just a cheap phone that I had the camera modified.

Let me see if I can find a good one.

You can see through that card with this phone.

Casinos buy cards, they have to be careful not to buy the cheapest card

because this is what you get sometimes.

Our casinos would never have a card like this on the floor.

Our cheat is at it again.

This time he's gambled too much on what turns out to be a poor hand.

That was a great move.

So it looked as if he's tucking the cards and he's actually knocking

the chip back into his hand and therefore he lost less money

than he was going to lose.

This is the most popular way to con the casino,

but the cameras have caught it, and Ted's seen enough.

Excuse me, sir, how are you doing?

I need you to step away from the table and come with us.

Our cheat's a plant.

For legal reasons we can't show you an actual pick-up but,

while we were filming, Ted caught one guy doing exactly

the same cheats we've just shown you.

And that's payday for the good guys.

But you can't catch them all.

Drones can be used as a threat factor against not only stationary

targets, like industrial wireless, but also against moving

targets as well.

My name is Jeff Melrose.

For about 16 years I worked on designing secure systems

for the US Department of defence as well as the US intelligence

community.

Jeff's research, revealed last week in Las Vegas,

shows a drone carrying an electromagnetic disrupter

could create what he calls "a cone of silence" around a moving target.

The drop off co-ordinates are one, three, seven,

four, seven, two, nine.

It locks on automatically without the need for an operator

and is a threat, he believes, many aren't ready for.

The ability to provide persistent degradation and navigation signals

as well as communications is something that would be quite

useful if you wanted to redirect cargo, redirect a ship,

potentially causing an environmental disaster in a port, those

types of things.

As well as killing coms, interfering with the car's

telematics or GPS could cause serious problems, especially if it's

a self-driving vehicle.

Thankfully, Jeff is on my side.

OK, maybe making it blow up is a bit of a stretch!

What happens now, Jeff?

Just follow the drone.

What, all the way to London?

You could have sent a chopper.

Hello, and welcome to the Week in Tech.

This was the week that 1,007 miniature robots danced their way

into the record books.

Google revealed an experiment to try and combat trolling in virtual

reality, by making players look like dogs.

And in honour of International Cat Day, Facebook unveiled research

showing that cat people have fewer friends and are more likely to be

single than dog people.

Happy Cat Day everyone.

Facebook also announced it will begin bypassing ad blockers

used by some people on its network.

The company, which made $17 billion from selling ads last year,

said it will offer users more options to control what sort

of ads they see.

I'm pleased to bring you news that the flying bottom has finally

emerged from its lair.

Also known as the Airlander 10 by its creators, Click visited this

gigantic airship earlier in the year, when it was still

locked up indoors.

Now it's outside and, once tests are complete,

the plan is for it to fly continuously for up to two weeks

at a time.

NASA really treated us this week.

First, they gave us this spectacularly detailed footage

of a rocket burn, captured with their new high dynamic range

camera and then, sticking with the spectacular theme,

they released a smorgasbord of new Mars imagery.

And, finally...

Ah, the joy of cycling, the wind in your hair,

the sun on your back.

Games developer, Aaron Pewsey, is on a mission to bike the length

of Britain, all without leaving his front room.

By hooking up his exercise bike to a pair of virtual reality goggles

and Google's Street View imagery, he's hoping he'll spice

up his exercise routine and cycle 1,500 virtual kilometres

in the process.

If you've reset your Facebook or your Google password recently

or you've made a payment on line, you may have received one of these.

It's a text message to confirm that you're not just some hacker trying

to access the account from somewhere else in the world.

The theory being that most hacking is done by someone thousands

of miles away from you, who doesn't actually know you.

So although they can try and log on as you,

they won't have access to your phone and can't see the text message.

This belts and braces approach, called two factor authentication,

has worked very well at stopping malicious software from just

rinsing your bank accounts.

But it turns out it's not as secure as many think.

In fact, the US government's National Institute of Standards

and Technology has recently advised against services using SMS

confirmation codes in the future.

The UK's National Crime Agency agrees.

I'm about to be shown one of the reasons why,

at Positive Technologies in London.

It's a weakness in the global mobile phone network,

the part called SS7, which allows hackers to intercept

phone messages to a given phone number.

We can intercept phone calls.

We can redirect phone calls.

We can attack a particular subscriber, so that subscriber

will not be available to make phone calls.

We can attack a particular infrastructure.

Yeah, and not only can a hacker disrupt and listen to your calls,

they can also track you to the nearest phone tower, too.

It's been known about for a few years and the means to do it

are available for sale on the dark web for really not that much money.

But arguably the most powerful thing they can do

is redirect your text messages.

To show you how it worked a researcher, somewhere else

in Europe, is about to intercept a text message and use it to gain

access to my Facebook account.

That's my brand new Facebook account, not the real one -

thanks very much.

Shall we mail?

And this is the important bit, I'm going to put in the mobile

number which Facebook can contact me on should I forget my password.

Now it's time to unleash our guy.

Now, we're watching his actions on this screen here.

He's going to tell Facebook he's me and pretend that I have

forgotten my password.

The way Facebook checks that it really is me who's asking is,

of course, by sending a code to my phone and asking me to enter

that onto the website.

Facebook has sent a text to that phone over there.

Apart from, it hasn't...

That text has been redirected to our guy's phone elsewhere

in the world.

In fact, there's the text message on our guy's computer screen.

He now has all he needs to reset my password and wreak havoc

on my account.

OK, let's see what's been done to me.

There I am.

I'm lucky it's just a flower that I've been changed to.

The thing is, this is actually nothing to do with Facebook.

Any service that uses texts is vulnerable.

The way Facebook checks that it really is me who's asking is,

of course, by sending a code to my phone and asking me to enter

that onto the website.

That could be your bank.

I'll say that again - your bank!

That's where your money is, remember.

We asked Facebook whether it should rethink its use of SMS verification.

It said that the technique we witnessed requires significant

technical and financial investment and so it's very low-risk for most

people, although it does offer a more secure log-in feature

called log-in approvals.

We also asked the British intelligence and security

organisation, GCHQ, for advice and we were told that the SS7 system

is old and doesn't have modern security protections built in,

but they assured us they are working on building up its resilience.

But why is the SS7 network so open to abuse?

To find out, I met up with Professor Alan Woodward,

long time security adviser to Europol.

We choose a park bench because, well, it just felt a bit spyie.

A lot of people talk about SS7 having a security flaw in it,

but it was never designed to be secure because at the time

it was designed, which was, you've got to remember,

nearly 40 years ago, the networks inherently

trusted each other.

So they didn't think they had to validate talking to each other,

they just naturally assumed tht they were the only ones talking.

Can they fix it?

They could, but I don't think they will.

It's not within even the law enforcement agencies gift to do

anything about it.

Nobody mandates this standard, it's all by agreement amongst

the telecommunication providers and I don't see them changing it

any time soon because it's very targeted, so somebody has

to want to come after you.

Plus, one of the reasons that some intelligence agencies won't want it

fixed is because SS7 allows you to be tracked.

I, personally, would recommend not using SMS because you have to assume

it could be intercepted and use something like e-mail only

or ideally move to one of the online services

which is encrypted.

You're crazy, old man.

You have no idea.

Get ready.

Now, from hacking to tracking.

We wondered whether it was possible to escape state snooping

when the Intelligence Services are trying to track your every move.

Lara Lewington tracked down an ex-spook to find out how you can

shake off any unwanted attention.

Listen up.

The suspect's name is Special Agent Elizabeth Keen.

She was my partner but, as of today, she's a fugitive wanted...

OK, it may be a glamourised version, but this scene is only too familiar

to former MI5 officer Annie Machon, who went on-the-run after quitting

the secret service to go public on her experiences.

I suppose we were the sort of 1990s version of Edward Snowdon.

Tracking someone's whereabouts may not always look as exciting as this,

but doing so has become easier than ever.

So how simply can we hide?

How easy is it, using modern technology, to find out

where someone is and what can we do to protect ourselves from that?

Now we're looking at programmes, such as Trap Wire, which was one

of the disclosures over Wikileaks a few years ago,

where you get meshing of your GPS, from your phone, facial recognition

technology via Google and also Facebook photo tagging,

which can be fed into the CCTV network around the UK.

So in live-time you can be tracked, you can be photographed,

you can be idnetified and then, the icing on the cake,

which is Trap Wire, they've written algorithmic predictive programmes

and if you're loitering or walking in a suspicion manner,

and you've already been identified, then you might be

about to commit a crime.

You might be about to be a terrorist, so then they can swoop

and get you.

The way you walk can be used against you.

The only way to get around that, as well as disguing yourself,

is to perhaps put a stone in your shoe, so it forces

you to walk differently.

But you said you wanted to know when Mrs Hargrave

contacted your office.

Put her through.

Turn it up.

You're on with Mrs Hargrave.

Annie also provides us with a reminder as to how the spies

can snoop on phone calls and e-mails.

Since 1998 they have been able to do bulk data hacking,

which means they can gather all our information,

be it travel, be it finance, be it health, be it work,

be it social life on Facebook, whatever, and amalgamate it.

So our entire lives are just laid open to whoever wants to look

at that information.

Now as soon as you do something which might trigger an interest,

they will specifically look at you - if you get involved in a political

campaign, or whatever.

So this is very difficult to try and avoid.

There are certain tools you can use, the privacy tools.

In fact, Edward Snowdon has said if you use all of these together,

and you use them effectively, you can protect your privacy.

If someone discovers they are being snooped on,

what should they actually do about it?

Yes, get a Faraday cage wallet and then lock their phone

in the fridge or in a biscuit tin overnight.

The other solution is to go back to the old tech.

You get pre-2008 computers, you get very old burner phones

with pre-paid SIMS, and that gives you a fighting chance.

In terms of the people that we communicate with,

obviously knowing someone's network and connections is actually

quite valuable information.

Hugely valuable.

I mean, it's probably the key information

for any intelligence agency.

We would take weeks, if not months, to try and pull together a full

picture of a target's networks and who they're in relationships

with, what their activities are and where they live,

where they work and where they go, and that was very,

very resource intensive.

It could involve human agents.

It could involve mobile surveillance, teams following them

around a city.

Now, of course, they can just could do it by triangulating

information by hacking all our information on the internet,

and they've got us.

Only recently Edward Snowdon has been involved in designing a phone

case aiming to track when data is being sent or received,

so a user can tell if it's happening unexpectedly.

This may all sound a bit extreme to most of us,

but if you ever do need to go under the radar,

at least now you may know how.

Um...very useful to know.

But then there are those people who've actually put themselves under

surveillance without realising they're on show to everyone.

This is backdoored.io, an exhibition filled with images

from webcams whose passwords haven't been changed from admin.

It's funny what people put security cameras

on, though, isn't it?

Yeah.

That's been one of the really interesting insights.

I mean, here people are watching their laundry,

so you can just imagine, you know - is my laundry dry?

I'll just go and check the security camera.

I've got one of plugs.

Is that plug still plugged in?

You know?

Artist Nye Thompson and curator Kosha Hussain have sifted

through 7,000 images which have been collected by search engines

from unprotected cameras.

Why have you got a whole area dedicated just to one street in Hong

Kong?

So when the images come in, they all come in with geolocation

data, so you can actually pinpoint where they are,

and I noticed there was a disproportionately large number

of images coming in from just this one location.

I think somebody just blanket installed surveillance cameras

in this tower block.

You know, the same person did all of them and they didn't really

know what they were doing.

Many of us use webcams to monitor the things that we're anxious about,

but I wonder how anxious these people would be if they knew

who was really watching?

That's it from Wing Lee Street in Hong Kong.

On behalf of the residents, thank you for watching,

even though I don't think they realise.

And curiously, over the next two weeks, we are going back to China

with another chance to see two of our China programmes

from earlier this year, as we take a well-deserved summer break.

'Made in China' is becoming 'designed in China'.

That's going to cost him at least a minute.

Underneath that helmet, he's going to be absolutely fuming.

So, China, one and two, coming in the next fortnight.

In the meantime, follow us on Twitter, as always, @BBC Click.

Thanks for watching and we'll see you soon.

THEME PLAYS.