Brandon Gregg, CPP
What you see depends on what you're looking for.
-Anonymous
Resume- Linkedin- Freelance Writing
- Quotes and Cases In the News
- Q & A on Quora
- Contact
-
Info
- Global Investigations Manager at SeagateSecurity and Investigations | San Francisco Bay Area, USSummaryBrandon Gregg, CPP is currently the Global Investigations Manager for Seagate Technology, the world’s leading manufacturer of hard disc drives. Upon starting employment with Seagate, he identified the need for an internal solution to assist in the numerous high profile investigations the company conducts. Recognizing the value of having an in-house computer forensic solution, Brandon designed and manages a state of the art computer forensics lab utilizing advanced computer/ networking forensics and digital surveillance to support high-tech investigations and global E-Discovery collections. Having this kind of support for investigations and his business partners, he has saved hundreds of thousands of dollars in costs each year and provides the evidence needed to close out some of the most complex investigations.
Brandon has also worked investigations for numerous other Fortune 500 companies over the last 10 years investigating theft, fraud, organized crime, corporate espionage, and many high profile cases as well as being an educator, published author and featured speaker on surveillance, computer forensics, complex investigations and ethical hacking.
For more information visit: www.BrandonGregg.comSpecialties: Computer Forensics (ACE Certified, Encase, E-Discovery, Online Investigations), I2 Investigations Analysis Software, Surveillance (Static, Stationary), Background Investigations, interview and interrogation (Wicklander, Reid) and custom CCTV design (Covert, DVR, NVR, and Wireless systems). Together with his background in organized crime, computer forensics and intelligence collection, Brandon continues to assist his peers and law enforcement with an array of lectures and publications.Experience- Dec 2010 - PresentChapter Treasurer / ASIS San Francisco Chapter
- Jul 2009 - PresentFreelance Writer / IDGWriter for CSOonline.com and IDG publications (ComputerWorld, CIO, IT Tech, etc.)
- Oct 2006 - PresentGlobal Investigations Manager / Seagate Technology
Education-
2007 - 2008Boston UniversityMasters in Criminology
-
1998 - 2000San Jose State UniversityB.S. in Sociology
Activities: Chi Pi Sigma - Harbor High School
Additional Information-
Websites:
-
Posts
- Apr 30, 12
Corporate investigator Brandon Gregg looks at how bitcoins and Tor make anonymous black markets tick
- Feb 01, 12
Even encryption can give you a false sense of security. Here's a layered approach to truly keep your data private.
- Jun 27, 11
Careful use of online sites can track down hard-to-find information and leads
- Mar 24, 11
Brandon Gregg challenges current thinking about organized shoplifting rings. Forget the hype and get back to basics.
- Aug 18, 10
Free software once used only by the CIA. A pen that will change your life. Brandon Gregg shares these and other inexpensive ways to manage corporate investigations.
- Jul 12, 10
Ready to catch your bad guy in the act? Investigations manager Brandon Gregg on how to put the right surveillance equipment in the right place.
- Apr 26, 10
The care you use in selecting the right camera for a covert investigation can be undercut if you don't also choose the right video recording device
- Apr 01, 10
Is covert surveillance a necessary part of your investigation?Lux levels, nanny cams and other camera considerations
- Feb 08, 10
Visualization can help close an investigation and help communicate the findings. Corporate investigations manager Brandon Gregg explains common tools and formats.
- Jan 06, 10
Concerned about identity theft? Selling or recycling an old computer? Corporate investigations manager Brandon Gregg explains three tools for making sure your data is really deleted.
- Nov 23, 09
Investigations manager Brandon Gregg explains how to collect evidence for network investigations on the cheap without damaging the mission at hand.
- Jul 22, 09
Step-by-step instructions for downloading and using free or inexpensive digital forensics tools.
- Jul 06, 09
Corporate investigator Brandon Gregg explains how online services and tools can help crack a case.
- Jun 17, 09
A corporate investigations manager shares five tools for concealing your identity.
- Jun 01, 09
Investigations manager Brandon Gregg explains how to keep an eye on intellectual property using Monittor, Limewire and other free tools.
-
Posts
- May 19, 12
Whether you're trying to track down a bad driver or someone who keeps leaving their car outside your house, you can often find out who they are and how to contact them from their license plate number and a simple Google search. Security expert Brandon Gregg explains...
- May 19, 12
Antivirus software is somewhat of a necessity if you're a Windows user, but the software you choose really does matter, and one app might not be enough. Security expert Brandon Gregg believes that your best bet is a combination of Microsoft Security Essentials (our pick) and a free or open-sourced product. Here's why.
- May 19, 12
Using full-disk encryption (FDE) is a great first step if you want to protect your data, but sometimes it isn't enough. The U.S. Government can force you to decrypt your data, so if you truly want to stay protected you need to hide your sensitive files elsewhere and use your primary disk as a decoy. Security expert Brandon Gregg explains.
- May 19, 12
Hopefully most of us will go throughout life without being tracked by a GPS bug, but if you're worried that someone may be following your whereabouts with technology there are common places you can look to find the device. Security and investigations expert Brandon Gregg offers up a few suggestions to help you discover these bugs.
- May 19, 12
Western Digital has suffered a major hit as rival Seagate Technology wins an arbitration award worth $525 million, pending confidential arbitration action in Minnesota. Basically, the arbitration award is based upon claims by Seagate against Western Digital and a former Seagate employee. Seagate argues that the said individual allegedly misappropriated confidential information and trade secrets.
- May 19, 12
Quora post profiled in Forbes.
- May 19, 12
It's unlikely that most of us will be followed by a car, but chances are you've had a sneaking suspicion before that you'd like to put to rest. To regain your peace of mind, security and investigations expert Brandon Gregg offers up a few tricks to both detect if you're being followed and what you can do about it.
- May 19, 12
ICE, the Internal Revenue Service Criminal Investigation, the Federal Bureau of Investigation, the U.S. Department of Agriculture - Office of Inspector General and the Oakland Police Department worked together on a nearly two and one-half year investigation looking into the activities of an ORC ring operating in the San Francisco Bay Area with ties throughout the United States and abroad.
- May 19, 12
Teams of criminals linked by cell phones have fanned out across Western Washington to steal all the Visine eye drops, Crest White Strips, Prilosec heartburn medication, Similac infant formula and Excedrin pain relievers they can get.
- May 19, 12
Police say Zoe Johnston, 53, worked as a security guard at Seagate Technologies - a computer peripheral manufactureer near Boulder. She then would take the hard drives home to her son Matthew Tennant, 26, who would sell them on ebay.
- May 19, 12
Electronic espionage has been well proven over the last year, and not just governments and big business are at risk - but all businesses. These spies use tools undetectable by regular means. 7/27/2010 5:34:00 AM By: Bob Violino
- May 19, 12
The Alliance for Gray Market and Counterfeit Abatement (AGMA), a non-profit organization dedicated to addressing the gray marketing (also unauthorized resale and parallel imports of branded goods), counterfeiting and warranty and service abuse of branded goods around the globe, kicked off the new year by holding their annual member meeting on January 20 and 21. The conference, hosted by Hewlett-Packard in Palo Alto, California, provided members with insights into many issues related to these topics, including best practices to mitigate gray market fraud and how to engage and partner with law enforcement agencies.
- May 19, 12
he announcement today by federal and local authorities of the takedown of a nationally organized retail crime ring in San Jose, CA, highlights a significant and growing criminal enterprise in the United States and the need for federal legislation to combat it.
- May 19, 12
ASHLAND When Karen Lightcap was teaching in Lewisburg on March 8, she was mugged in London at least thats what her Facebook page and her e-mail were telling friends.
- May 19, 12
SANTA CRUZ - Jurors on Friday found a Santa Cruz father of three guilty of first-degree murder for killing his wife in their bedroom on a September night nearly two years ago.
- May 19, 12
A federal judge in Minneapolis Wednesday ordered Haas TCM chemical company embezzler Chad Jurgens to return $6.3 million and serve five years in prison.
- May 19, 12
In the case The People v. Amy Marie Garvin, Court of Appeal, Sixth District, California. Feb. 10, 2005 the defense offered expert testimony from Dr. Richard Ofshe who testified that "a poorly done interrogation could produce a false confession. Poorly trained interrogators use false "evidence ploys" in conjunction with inappropriate psychological "motivators" to coerce false confessions without knowing that the confessions are false. These interrogators focus only on producing a confession without thinking about the guilt or innocence of the person interrogated." The jury rejected this testimony and found the defendant guilty.
-
Posts
- May 07, 12
It is not illegal to change your IP address. For better privacy you actually should frequently change your IP address with VPN, proxies or TOR. Even more interesting is a recent ruling by New York Magistrate Judge Gary Brown during a pirated music case that should help IP privacy issues a little.
Judge Brown states “The assumption that the person who pays
for Internet access at a given location is the same individual who allegedly
downloaded a single sexually explicit film is tenuous, and one that has grown
more so over time…An IP address provides only the location at which one of any
number of computer devices may be deployed, much like a telephone number can be used for any number of telephones…Thus, it is no more likely that the
subscriber to an IP address carried out a particular computer function – here
the purported illegal downloading of a single pornographic film – than to say
an individual who pays the telephone bill made a specific telephone call.” He
continues in his briefing stating “While a decade ago, home wireless networks
were nearly non-existent, 61% of US homes now have wireless access. As a
result, a single IP address usually supports multiple computer devices – which
unlike traditional telephones can be operated simultaneously by different
individuals… Different family members, or even visitors, could have performed
the alleged downloads. Unless the wireless router has been appropriately
secured (and in some cases, even if it has been secured), neighbors or
passersby could access the Internet using the IP address assigned to a
particular subscriber and download the plaintiff’s film.”
So not only are IP addresses ok to change, the government and RIAA should not use them as gospel to nail a cyber suspect to his or her computer. At best a real IP address should only be used to narrow down a lead and get probable cause for a warrant to search multiple computers using that IP address. But this wouldn’t apply to you, because you’re using VPN, a proxy or TOR, and no one knows who you are right?
See question on Quora - May 01, 12
The inclusion of an MD5 checksum on software downloads helps confirm you are getting the exact copy of software the vendor or programmer made. If you download a copy, run the hash on the file and it is different than the posted hash the software may have been altered with a virus or other malicious code. Not every site offers this service, but it is more commonly found with open source and security related tools.
See question on Quora - Apr 24, 12
As discussed in my post How can you tell if your car is bugged or tracked with GPS? I described the term for your search as TSCM or Technical Surveillance Counter Measures. Although there are tools that cost tens of thousands of dollars at companies like REI (http://www.research-electronics.com) or consultants that can do the sweep for you for hundreds of dollars, doing your own sweep is rather easy and free at home.
Before you start buying equipment or ripping out light switches looking for bugs, you need to do your own security risk assessment by asking yourself some easy questions with following formula: Likelihood (Means) x Consequence (Does anyone care, What could I lose) × Vulnerability (Am I a sucker) = Risk (Will it happen?)
Likelihood-
Lets start with Likelihood because this may shut down any paranoia you have about being bugged. I prefer to call Likelihood "Means" because if you ask any paranoid person they BELIEVE there is a high likelihood to be bugged. Everyone with a tin hat thinks someone is listening to them... but when you start listing all the equipment, people, laws etc to plant a bug that quickly wakes people up to not being as special as a terrorist. Hell the power and transmission range of older model bugs make it unfeasible in most cases anyways. So what is the likelihood/means in your scenario:
1. Who would even bug your house?
a. Spouse?
b. Enemy?
c. Cops?
2. How?
a. Cheap RF mic from ebay? (Transmits 5 feet)
b. Costly SIM card bug (Like cell phone but made just to listen)
c. Custom install by the feds and similar players
Alright you settled on your ex-gf and you know she's got some cash and a smart PI friend who posts on Quora. Lets make a scale of 1 to 10 on the seriousness of Likelihood and give her 5 points out of 10. (Ex-Gf's can be crazy) Now you are looking for a cell made to listen in your room for $300 and $30 a month...
Consequence-
So your bedroom is bugged. So what? Do you care what she hears? Data leaking out on seriousness level: Ex-Gf gets a 1. Talking about your new gf doesnt hurt you.
Vulnerability-
This is very similar to likelihood. Could she or anyone else break into your house to install a bug in your light switch? She might have an old key, she gets a 10. But installing in a light switch? Common bug location, but for your ex? Ok she brings her electrician friend. Still 10. (I'm giving her way to much credit)
If the police are doing the install they need a Sneak and Peek warrant (very rare and hard to get) so they get a 1 (unless you are a know terrorist).
Risk-
Lets do the math: Ex-Gf: 5 x 1 x 10 = 50 points.
Now lets compare to a terrorist or high profile drug dealer:
Cops Want You 10 x Life in Jail 10 x Sneak and Peek Warrant 10 = 1000 points.
Big difference in Risk of being bugged.
If you haven't calmed down with your low ranking risk assessment post in the comments and I will write a part two to find bugs.
See question on Quora - Apr 14, 12
As Joe Miller pointed out, TOR can be extremely slow due to multiple variables that can get in your way of speed. The main factors are:- Distance between nodes
- Number of nodes traveled
- Bandwidth between each node
- System Bandwidth for each node (Lots of old computers running nodes)
When you add up each variable you get super slow speeds online (but also a layer of protection you can't find anywhere else online).
See question on Quora - Feb 22, 12
James Cook is correct, websites hidden on Tor servers have a wealth of fake IDs, passports and other forged documents ranging from $50 to $5,000. Unfortunately Trishul Patel's post is incorrect. Depending on the price and need you can get "On stage" IDs that do scan for bars, liquor stores etc successfully also for a low price, $150ish.
Using a TOR connection, check out the following links for fake documents to purchase:
cf6qjzygqbu2c4z5.onion All Purpose Identities
g6lfrbqd3krju3ek.onion Onion-ID
4eiruntyxxbgfv7o.onion Terminal Velocity
5onwnspjvuk7cwvk.onion Black Market Reloaded
ianxz6zefk72ulzz.onion Silk Road
See question on Quora - Feb 12, 12
During my counterintelligence training I learned a few great tips to confirm if being followed by a vehicle, here are three easy ones to remember:
1) Climbing Stairs- Make four right or left turns. The probability that another vehicle who just happens to make the same 360 turn as you is slim to none. You might both make one or even two turns, but anything more means you might have a tail.
2) On, Off- While driving on the highway, take an off ramp and then get right back on the highway. Like the above probability, not many people get off the highway and right back on. The tail is assuming you are exiting and exits with you but quickly is burned when they follow you right back on the highway.
Beware this doesn't always work against large teams. A good surveillance team knows this trick too and will actually exit the highway the proper way (turn around later). The first almost burned vehicle (Car A) drops being the lead and radios back for another vehicle (Car B) to continue on the highway (without exiting) to take the eye. A few minutes/seconds later Car A is back on the road, out of sight as secondary eye.
3) To fool the above, skip exiting the highway all together. Stay on the highway and every few miles pull over to the side of the road to "smoke" or "make a cell call". Both the lead tail (Car A) and any secondary surveillance vehicles (Car B, C, D) won't make a stop on the freeway; this is way too obvious and they will be forced to drive by you. At the next exit they could be waiting for you to pass though, so beware.
As for the posted scenario, just call the police. If it's a local police surveillance, dispatch will put the call out and the undercover unit will cancel it and move along for now. If it's feds/state police, they most likely did not tell their brothers in blue about their surveillance and local PD will roll up on the vehicle. Watch them run the plates and then back off. If its a PI or stalker, local PD will light them up, tell them to move along or even let the reporting party know what is going on.
Big picture question -- does it make sense to burn the surveillance team? My personal belief is yes. Think of it like calling their bluff and will make them back off. It really comes down to why you are being tracked. Surveillances, especially mobile surveillances are not common or easy and only used for important investigations. So if you show your skills at counter surveillance during a basic drug surveillance they will arrest you or back off. They aren't going to use resources over and over again just to be burned.
See question on Quora - Feb 02, 12
What good timing, I published an article today regarding this very topic:
www.csoonline.com/article/699180...
Two take away points from the above article:- Install FDE (or turn it on) and encrypt your files,
- create an encrypted hidden volume to prevent any government or person from forcing you to turn over your personal data,
The key to proper encryption is not just the encryption itself, but also protecting the right data. This is why full-disk encryption (FDE) is a popular starting place for many users.
Regarding my favorite, hidden volumes "FDE drives still leave your data and personal information vulnerable in at least two scenarios: 1) You are forced to turn over your password (as in Judge Blackburn's District Court ruling), or 2) Someone has hacked into your live machine and remotely recording your keystrokes/data while you work.
To address these issues, we are also going to put our personal/business files in an encrypted directory—but not using just any encryption scheme. Encryption with hidden volumes is the key to really protecting your information and rights.
Here's a useful analogy for understanding hidden volumes:
Imagine a magic door. If you unlock the door with one key, it opens to a closet full of junk and old boxes. However, if you use a different key, and the door opens to the inside of a bank vault. If you look at the walls surrounding what's behind the door, they look the same size regardless of whether you are opening the closet or the vault . Anyone opening the tiny closet or looking at the structure of the door won't be able to see the giant bank hidden within.
With a correctly implemented hidden volume on your encrypted hard drive, you don't have to worry when someone cracks (or coerces you into giving up) the password. When they use it to open the door, they will only see the closet.
I prefer to use the word "password" for the closet. It's easy to remember and sadly common, and any password-cracking tool will guess it in milliseconds with a simple dictionary attack. Once the closet is open, non-sensitive business files and perhaps a few love letters or copied movies—something that might cause minimum embarrassment—will be revealed. Even to a skilled thief with good forensic tools, the real data, the bank vault, cannot be seen. They have no indication or proof it even exists. For all that person knows, they got your password and opened your encrypted files. In a courtroom setting this is known as "plausible deniability". (Yes, you complied with the court order to give up your password.)
See question on Quora - Jan 26, 12
Although many organizations have varying degrees of different definitions, I use the following:
Investigation: The investigation of a formal allegation of a criminal act, ethics violation or wrong doing.
Probe: A exploratory inquiry into questionable or suspicious activities that may lead to the finding of a criminal act, ethics violation or wrong doing.
See question on Quora - Jan 09, 12
Yes, two primary services are the Great Good Bye at http://www.greatgoodbye.com/ and Death Switch at http://deathswitch.com/ .
Both offer different forms of emails and services from the grave. Between the two, Death Switch appears to have more service oriented tasks and could be used without the help of a friend or lawyer in the manner described in the question. With Death Star, a "Check in" email is sent to you at set frequencies. If you don't respond to the check in, Death Switch assumes you are dead (or kidnapped) and sends out the email(s) you prepared before your departure.
Great Good Bye works well too. According to their site "After your death your friend will type in the activation codes on our site and the system will automatically send out the emails from the grave that you have prepared. Such trusted person will not be able to view, edit or administer any of your prepared messages - he or she will only trigger their sending out by providing the activation codes."
Whether you choose to trust yourself or your friends both sites let you setup your message to be sent to the press, law enforcement, etc if you die or go missing.
See question on Quora - Jan 07, 12
The difference between the two tools is quality. In all honestly both products work great and I believe are the future of network forensics, malware detection and network protection, but Solera added all the features Netwitness left out. From simple exporting to excel, to easy automation of importing public and open source malware feeds Solera is a better tool.
Netwitness had (has) an amazing product too. Easiest way to compare them: A basic model vehicle without power windows to a vehicle with all the bells and whistles like GPS, Bose speakers and seat warmers.
See question on Quora - Dec 23, 11
Install Connectify (http://www.connectify.me/) or Maryfi (http://www.maryfi.com/) for free. Both work great and offer simple setup to share your wireless with others.
See question on Quora - Dec 23, 11
Your choice in virus software is very important. To understand why, you need to look at how most anti- virus software works:
Companies like McAfee and Norton use R&D, advance web crawlers, scientists, intelligence (spying) and other resources to track and identify known and unknown viruses and their frequent mutations. All this data is then turned into a signature based detection system. By indexing and hashing your files on your system and then comparing them to known virus hashes and signatures you can confirm if you have any malware on your system. It's even faster to identify new files, no major scans are needed. So each time your anti-virus program provides you an update, its adding to the list of known viruses to scan for. Sounds simple, but is full of major issues, including these two.
Issue 1: An advance persistent threat (APT) aka China or a talented black hat hacker or the NSA make a 100% custom, never seen before virus (Stuxnut anyone?) and sends it to one system (Iran?) instead of blanketing it on the internet for McAfee to stumble upon. Do you think on one targeted machine McAfee will find it and then send out a signature file for the rest of us? Probably not.
Issue 2: I can confirm McAfee (and others big boy virus companies) white list (ignore) viruses for law enforcement and other intelligence agencies (including private companies). So you could have a keylogger, Remote Access Tool or other malware on your machine that McAfee is allowing!
So now what virus tool do you use?
Open source/Free tools may not have the same R&D budgets that the above companies have, but they do have the power of crowd sourcing and no bureaucracy or agenda other than protecting you. There isn't a goal to update only once a month or with a subscription fee. Instead most open source tools update as soon as a new issue is identified.
Personally I use two forms of virus protection: Microsoft Security Essentials and Malware bytes. Microsoft really impressed people with their free, low resource anti-virus tool just before Windows 7 was released. It keeps a stable anti-virus tool with the resources of big boy Microsoft running on my machine. Malware bytes is my resource to make sure Microsoft is doing its job and not missing any newly identified custom viruses like Stuxnut or caving into law enforcement and white listing some keylogger. Running this once a week seems to work well and not eat my system resources. Sometimes when I'm extra paranoid I throw in Trend Mirco's online scan for good measure.
I will never pay for a service that cares more about subscription fees and helping the government over my protection and privacy.
See question on Quora - Sep 16, 11
Super Circuits has a great selection of wearable hidden cameras that law enforcement and other security professionals use often. http://www.supercircuits.com/Hid...
Personally I suggest making your own covert camera out of a basic pinhole camera for less that $20 and staying away from wearable cameras. As good as some of the cameras are at Super Circuits and other CCTV vendors, they a) charge a ton for a cheap camera because its in a cheesy covert cover and b) fail to advertise the recording and power requirements needed to successfully use their camera like a scene out of a spy movie. Just imagine a camera in your tie. How are you powering it? What is it recording too? How are you powering the recording device? And please don't mention wireless or I will scream.
If you must use a wearable camera, stick to the pen dvr cameras found on ebay. They offer audio (something most legit cctv vendors are scared to sell), they run on batteries in the pen and record to a mirco sd card for easy playback. Best part you can put it on a desk, write with it or wear it on your shirt/purse and no one will be the wiser... http://www.google.com/products/c...
For custom cameras visit www.BMGInvestigations.com
See question on Quora - Sep 13, 11
Alan Cohen and Kim Guldberg offer some good software solutions to monitor internet traffic, however I see one piece missing, how you access the traffic. A standard router won't show you other user's traffic. To actively monitor another machine on your network you need to use a hub or your router needs to be able to output the targeted computer's data via a span or tap port. If buying a hub is out of the question or your router doesn't support tap ports you could always use APR poisoning via the program Cain and Able.
Once you have the proper connection made you can record your traffic via wireshark or some of the tools mentioned in the answers above. I recommend recording with wireshark and reviewing the data with RSA's Netwitness Investigator freeware. If there is specific data you are looking to monitor please post in the comment and I will update my answer.
See question on Quora - Sep 11, 11
The largest publicly known Chinese hack has been the Aurora attack in early 2009. The following companies have stated they were victim: Google, Adobe, Juniper, Rackspace and unofficially (but confirmed by leaked emails in an Anonymous hack) Morgan Stanley and Dupont. The press also indicated Yahoo, Symantec, Northrop Grunman and Dow Chemical were part of the hack. In total at least 20 companies were victim of that one attack by China.
China has also been linked to a recent hack at RSA that lead to three more defense companies to publicly admit to being hacked: Lockheed Martin, L-3 Communications, and Northrop Grumman to be hacked by the Chinese. So Alan Cohen's friends are correct...
Unofficially the press has also labeled China responsible for hacking "The United Nations, the Indian government, the International Olympic Committee, the steel industry, defense firms, computer security companies, the governments of the United States, Taiwan, South Korea, Vietnam, and Canada, the Association of Southeast Asian Nations, and the World Anti-Doping Agency."
See question on Quora - Sep 07, 11
I can't speak for the MacBook Air, however the Seagate's series of FDE drives all encrypt data "as it is being written and decrypts data as it is being read." Once a computer is turned off, the drive "locks" and all the data on the drive remains encrypted until the computer is powered on and a password is entered. Leaving the computer in sleep or hibernation keeps the drive active and unlocked for anyone to wake back up and take your data.
Not only do I suggest using an FDE drive to protect your files, but still use file/directory level encryption to protect your files from hackers that may be remotely on your systems or from live images collected by law enforcement/your company/bad guys. Sounds paranoid but you can never be to safe with your personal data.
See question on Quora - Sep 07, 11
For free use Cybergate... if you want something less risky check out Spectorsoft.com. They have monitoring tools starting at $99. Very impressive software.
See question on Quora - Sep 02, 11
Not all states allow the search of people's license plates. For example, in California after actress Rebecca Schaeffer was killed by a stalker who got her home address from a private investigator who got it from her vehicle and abortion clinic staff were stocked by their license plate information, California passed the Driver's Privacy Protection Act of 1994 (DPPA) to lock down this kind of information. So unless you are law enforcement or have a have a special license to search unrestricted ($50,000 Bond needed) with DMV you are out of luck to covertly get an address and name from a license plate in many states. If you don't mind the owner of the vehicle knowing you are looking for them then use a Request for Record Information (INF 70) form found here:http://dmv.ca.gov/forms/inf/inf7...
In other states, such as Minnesota you can simply go onto the many database sites online and pay a small fee $.25 (Accurint/TLO) to $50 for the shaddy websites to get the information. TLO (www.tlo.com) takes it one step further and shows you pictures of the make/model/color of the vehicle. Nice touch.
Lastly there is Google. You would be surprised that even license plate information can be found online. An old trick I use to use back in the day was searching Government Smog check sites for the plate. Not only would they say if the car passed or not, often the website would list the smog shop that serviced the car or vin # of the car. Then I would search the vin for more details and/or ask the smog shop for the vehicle owners information...
See question on Quora - Aug 17, 11
I have to disagree with Alex K. Chen's statement about Anonymous. The hacking done by the collective group Anonymous and Lulzsec is the greatest example of destructive hacking used for good. Have the targets been controversial and illegal? Yes. Has the damage cost millions? Yes. But their hacks truly have been for the greater good vs self interest.
Instead of using their black hat skills to covertly penetrate systems, steal millions of our credit cards and silently slip back into the night, the two groups are exposing major security holes by publicly outing the company or government they have chosen to attack (most oftentimes also behind a social issue). The constant news about such hacks and leaked information has awaken the IT security world and caused many global businesses and governments to take a more serious view on security and protecting their user's data/privacy. Just think if Anonymous as a white hat group went to Sony with their findings privately. Sony would be grateful no doubt, but how long would it take to fix there security holes? Could other hackers be in the same systems riding the zero day attack? With the publicity from Sony and other attacks, security was increased and should be taken seriously now...
On a personal note: Anonymous cannot be controlled based on its design. However I do agree with a recent panel discussion at Defcon that Anonymous should continue their mission by attacking dictators, child porn sites and other obvious abuses on the internet. Just my two cents.
See question on Quora - Aug 17, 11
As Tom Robinson stated, connect to a VPN whenever on wifi. I prefer Cyberghost. Its free, fast and easy to use for any level of computer user. cyberghostvpn.com.
See question on Quora
