Brandon Gregg, CPP
What you see depends on what you're looking for.
-Anonymous
Resume- Linkedin- Freelance Writing
- Quotes and Cases In the News
- Q & A on Quora
- Contact
Loading,
0
% complete-
Info
- Global Investigations Manager at SeagateSecurity and Investigations | San Francisco Bay Area, USSummary
Brandon Gregg, CPP is currently the Sr Global Investigations Manager for Seagate Technology, the world’s leading manufacturer of hard disc drives. Upon starting employment with Seagate, he identified the need for an internal solution to assist in the numerous high profile investigations the company conducts. Recognizing the value of having an in-house computer forensic solution, Brandon designed and manages a state of the art computer forensics lab utilizing advanced computer/ networking forensics and digital surveillance to support high-tech investigations and global E-Discovery collections. Having this kind of support for investigations and his business partners, he has saved hundreds of thousands of dollars in costs each year and provides the evidence needed to close out some of the most complex investigations.
Brandon has also worked investigations for numerous other Fortune 500 companies over the last 10 years investigating theft, fraud, organized crime, corporate espionage, and many high profile cases as well as being an educator, published author and featured speaker on surveillance, computer forensics, complex investigations and ethical hacking.
For more information visit: www.BrandonGregg.com
Specialties: Computer Forensics (ACE Certified, Encase, E-Discovery, Online Investigations), I2 Investigations Analysis Software, Surveillance (Static, Stationary), Background Investigations, interview and interrogation (Wicklander, Reid) and custom CCTV design (Covert, DVR, NVR, and Wireless systems). Together with his background in organized crime, computer forensics and intelligence collection, Brandon continues to assist his peers and law enforcement with an array of lectures and publications.Experience- Jul 2009 - PresentAuthor / IDG Media
IDG Media: CSO Magazine, PC World.
Featured in: Forbes, Gawker Media: Lifehacker & Gizmodo - Jan 2009 - PresentAdjunct Professor / Kaplan University
Courses: Computer Forensics, Investigating Cybercrime, Protecting Digital Assets and Law Enforcement Information Systems.
- Oct 2006 - PresentSr Global Investigations Manager / Seagate Technology
Education-
2007 - 2008Boston UniversityMasters in Criminology
-
1998 - 2000San Jose State UniversityB.S. in Sociology
Activities: Chi Pi Sigma - Harbor High School
Additional Information-
Websites:
-
Posts
- Jan 08, 13
Can a company legally view data on employee-owned devices? And how?
- Aug 06, 12
Digital forensics software, remote access tools, and other tools to aid corporate investigations
- Apr 30, 12
Corporate investigator Brandon Gregg looks at how bitcoins and Tor make anonymous black markets tick
- Feb 01, 12
Even encryption can give you a false sense of security. Here's a layered approach to truly keep your data private.
- Jun 27, 11
Careful use of online sites can track down hard-to-find information and leads
- Mar 24, 11
Brandon Gregg challenges current thinking about organized shoplifting rings. Forget the hype and get back to basics.
- Aug 18, 10
Free software once used only by the CIA. A pen that will change your life. Brandon Gregg shares these and other inexpensive ways to manage corporate investigations.
- Jul 12, 10
Ready to catch your bad guy in the act? Investigations manager Brandon Gregg on how to put the right surveillance equipment in the right place.
- Apr 26, 10
The care you use in selecting the right camera for a covert investigation can be undercut if you don't also choose the right video recording device
- Apr 01, 10
Is covert surveillance a necessary part of your investigation?Lux levels, nanny cams and other camera considerations
- Feb 08, 10
Visualization can help close an investigation and help communicate the findings. Corporate investigations manager Brandon Gregg explains common tools and formats.
- Jan 06, 10
Concerned about identity theft? Selling or recycling an old computer? Corporate investigations manager Brandon Gregg explains three tools for making sure your data is really deleted.
- Nov 23, 09
Investigations manager Brandon Gregg explains how to collect evidence for network investigations on the cheap without damaging the mission at hand.
- Jul 22, 09
Step-by-step instructions for downloading and using free or inexpensive digital forensics tools.
- Jul 06, 09
Corporate investigator Brandon Gregg explains how online services and tools can help crack a case.
-
Posts
- May 22, 13
Scotts Valley Police Department, investigating a threat to shoot up Scotts Valley High School last week, requested a search warrant from Santa Cruz Superior court Tuesday, April 16, to access Internet protocol addresses and user account information from Facebook.
- May 22, 13
A former Seagate Technology Inc. employee pled guilty in California federal court Monday to taking part in a scheme to leak the hard drive maker's confidential information, including manufacturing processes and pricing targets, to suppliers in exchange for kickbacks.
- May 22, 13
There have been a lot of passcode exploits lately. Like, a whole lot. Should I be worried? How much does protection does my lock screen actually give me?
- May 22, 13
A California federal judge on Monday refused to suppress emails and other evidence gathered by the FBI against Hamid Ghazvini, a former Seagate Technology Inc. executive accused of taking kickbacks for leaking confidential company information, rejecting his arguments that the FBI\'s warrants were unlawfully overbroad.
- May 22, 13
What makes a good password, how do you keep track of all the different ones you're supposed to have, and is there hope for a future free of passwords?
- May 22, 13
The dumpster is a magical place, full of golden trash that can tell you so much about another human being. While you can acquire plenty of useful information digitally, you can learn even more from what people throw away.
- May 22, 13
Everyone and their mother has a password security strategy, some better than others. Choosing the right one means weighing security against convenience so you can stay safe without losing your mind. But what\'s the best balance? Is it the same for everyone? With the help of a security expert, I decided to find out.
- May 22, 13
It's great that coffee shops offer free Wi-Fi to customers, but many are starting to employ time limits to limit how long you spend in their establishments. If you want to hang out longer than allowed, these time limits aren't that hard to circumvent. According to security expert Brandon Gregg, you just need to spoof your MAC address.
- May 22, 13
Whether you're trying to track down a bad driver or someone who keeps leaving their car outside your house, you can often find out who they are and how to contact them from their license plate number and a simple Google search. Security expert Brandon Gregg explains...
- May 22, 13
Antivirus software is somewhat of a necessity if you're a Windows user, but the software you choose really does matter, and one app might not be enough. Security expert Brandon Gregg believes that your best bet is a combination of Microsoft Security Essentials (our pick) and a free or open-sourced product. Here's why.
- May 22, 13
Using full-disk encryption (FDE) is a great first step if you want to protect your data, but sometimes it isn't enough. The U.S. Government can force you to decrypt your data, so if you truly want to stay protected you need to hide your sensitive files elsewhere and use your primary disk as a decoy. Security expert Brandon Gregg explains.
- May 22, 13
Hopefully most of us will go throughout life without being tracked by a GPS bug, but if you're worried that someone may be following your whereabouts with technology there are common places you can look to find the device. Security and investigations expert Brandon Gregg offers up a few suggestions to help you discover these bugs.
- May 22, 13
Western Digital has suffered a major hit as rival Seagate Technology wins an arbitration award worth $525 million, pending confidential arbitration action in Minnesota. Basically, the arbitration award is based upon claims by Seagate against Western Digital and a former Seagate employee. Seagate argues that the said individual allegedly misappropriated confidential information and trade secrets.
- May 22, 13
Quora post profiled in Forbes.
- May 22, 13
It's unlikely that most of us will be followed by a car, but chances are you've had a sneaking suspicion before that you'd like to put to rest. To regain your peace of mind, security and investigations expert Brandon Gregg offers up a few tricks to both detect if you're being followed and what you can do about it.
- May 22, 13
ICE, the Internal Revenue Service Criminal Investigation, the Federal Bureau of Investigation, the U.S. Department of Agriculture - Office of Inspector General and the Oakland Police Department worked together on a nearly two and one-half year investigation looking into the activities of an ORC ring operating in the San Francisco Bay Area with ties throughout the United States and abroad.
- May 22, 13
Teams of criminals linked by cell phones have fanned out across Western Washington to steal all the Visine eye drops, Crest White Strips, Prilosec heartburn medication, Similac infant formula and Excedrin pain relievers they can get.
- May 22, 13
Police say Zoe Johnston, 53, worked as a security guard at Seagate Technologies - a computer peripheral manufactureer near Boulder. She then would take the hard drives home to her son Matthew Tennant, 26, who would sell them on ebay.
- May 22, 13
Electronic espionage has been well proven over the last year, and not just governments and big business are at risk - but all businesses. These spies use tools undetectable by regular means. 7/27/2010 5:34:00 AM By: Bob Violino
- May 22, 13
The Alliance for Gray Market and Counterfeit Abatement (AGMA), a non-profit organization dedicated to addressing the gray marketing (also unauthorized resale and parallel imports of branded goods), counterfeiting and warranty and service abuse of branded goods around the globe, kicked off the new year by holding their annual member meeting on January 20 and 21. The conference, hosted by Hewlett-Packard in Palo Alto, California, provided members with insights into many issues related to these topics, including best practices to mitigate gray market fraud and how to engage and partner with law enforcement agencies.
- May 22, 13
he announcement today by federal and local authorities of the takedown of a nationally organized retail crime ring in San Jose, CA, highlights a significant and growing criminal enterprise in the United States and the need for federal legislation to combat it.
- May 22, 13
ASHLAND When Karen Lightcap was teaching in Lewisburg on March 8, she was mugged in London at least thats what her Facebook page and her e-mail were telling friends.
- May 22, 13
SANTA CRUZ - Jurors on Friday found a Santa Cruz father of three guilty of first-degree murder for killing his wife in their bedroom on a September night nearly two years ago.
- May 22, 13
A federal judge in Minneapolis Wednesday ordered Haas TCM chemical company embezzler Chad Jurgens to return $6.3 million and serve five years in prison.
- May 22, 13
In the case The People v. Amy Marie Garvin, Court of Appeal, Sixth District, California. Feb. 10, 2005 the defense offered expert testimony from Dr. Richard Ofshe who testified that "a poorly done interrogation could produce a false confession. Poorly trained interrogators use false "evidence ploys" in conjunction with inappropriate psychological "motivators" to coerce false confessions without knowing that the confessions are false. These interrogators focus only on producing a confession without thinking about the guilt or innocence of the person interrogated." The jury rejected this testimony and found the defendant guilty.
-
Posts
- Mar 04, 13
Kim Guldberg is partially correct in his answer. The real answer comes down to understanding the threats and who is hacking who.
Microsoft, Google, NY Times are being hacked by warehouses (actually an apartment building now confirmed) full of government/military hackers in China. These targets are picked for their information and attacked by what is now known as APTs (Advance Persistent Threats). The waves of hackers find zero days, create new viruses and can do so with expert precision backed my human intel and lots of money from the government(s).
Banks also get hacked for the above, by the above, but not cash transfers. The bank transfer hacks are mostly hacked by rogue hackers/groups, government of Iran/North Korea and individuals doing hacks Giedrius Majauskas suggested.
When our individual personal bank accounts are hacked it can come from the above and down to script kiddies who sniff our traffic via open wifi, etc...
Let me know if that helps or I can add more details.
See question on Quora - Feb 09, 13
Spoofing a mobile phone is easy to do and requires ZERO technical skills. Simply download any number of Caller ID Spoof Apps or go to websites like http://www.spoofcard.com/ who offer free demos.
Spoofing the victim's own phone # can often times let you listen to the victim's voice-mail too... (ie: You: 555-555-1111 spoof 555-555-5555 and calls the victim's same # 555-555-5555) The phone assumes you are calling yourself and goes into voice-mail mode. If no voice-mail password is needed you are in.
Spoofing can also help people do what is called "Swatting" where the victim's caller ID calls 911 and a hostage situation is played out on the phone resulting in your victim's house being surrounded by police.
Lastly, most of these apps and free sites know people harass and prank people via spoof #s so assume your IP address is tracked. If you are planning on doing anything illegal make sure you are hiding your IP address with proxies, Tor, etc and not using your real phone.
See question on Quora - Jan 19, 13
Cliff Gilley is correct, however there is another scenario that your HAVE to give over your password; entering the country. If the boarder patrol requests your password to view encrypted data you must provide it for entry into the country.
The best way to beat the both scenarios is the use of encrypted hidden volumes. Using True-crypt (or other software) you can create folders/drives full of data with a backdoor to your "secret" data. If you are required to turn over your password (or its brute forced) only some lame data like family photos will be recovered. You keep a second password that opens data hidden in the random characters of data from the first password. There is no way for anyone to prove you have a hidden volume or second password even with forensics. Best part is its free and easy to do.
See question on Quora - Jan 05, 13
Yes. While I'm not 100% informed about IBMs Watson, tools like IBM's I2 Analyst Notebook (i2 Analyst's Notebook) and other statistical tools could be used in the future (if not already) to comb ten of thousands of police records, court records, 911 calls, etc and find patterns that lead to a serial killer.
For example: One police record regarding a killing has a partial plate. A scan of all police tickets during a second killing finds a second partial two blocks away, same model/color. A toll booth near a third killing has a license plate and lastly a fourth killing has a fingerprint. All four killings are thousands a miles apart due to the fact the killer is a traveling salesman and would be impossible for the police to connect, but "Watson" does it easily.
See question on Quora - Dec 26, 12
There are many ways to tell if someone is lying, the simplest to learn and use is called Neuro-Linguistic Programming, or watching the suspect’s eyes.
To really tell if someone is lying you need to have a control to determine when they are telling the truth. In an interrogation, on a first date or dealing with a car salesman the control maybe different, but the principle is the same. You want to see them answer a tough question they won’t lie about. For interrogations the suspect is nervous. He or she knows they are probably in trouble and they also know I am the guy who is going to catch them. An easy control question is asking for a social security #. Typically someone can throw this # out without any issues, but today they are so concerned with the lies they are about to tell the social security # will be difficult to remember and you will see their truth "tell". As they recall their real social their eyes will go left or right as they tell you the number. Now you know which direction is truth. When you ask them if they robbed the bank they will usually look into the direction of the truth, jump to the other side and then look you in the face and tell you with a big lie.
Don’t believe me, try it on your friends or even yourself. Go to a mirror. Ask yourself who the last person you hung up the phone with three months ago before you went to bed. Bam your eyes just jumped left or right. A hard question or an easy question under stress will produce an honest response. Want to see someone lie? Ask your friend or look in the mirror when you ask them something creative. Lies are creative, so your creative side of the mind should work overtime on this one: What would a bumble bee, pig and reindeer look like if it had a baby? Bam your eyes should have moved to the opposite side, just like a liar’s. Even more crazy, up eye movements recall visual things, middle recalls sounds and lower eye movements can be the recalling or creating of feelings.
For more examples and signs of lying check out Wicklander-Zulawski & Associates’ interrogation techniques and seminars. If you have $495 to waste go to one of their two day seminars. They have hundreds of real videos (not actors) being interrogated so you can see all the signs in action. Seriously it is great for any sales person. For more information go toWicklander-Zulawski & Associates, Inc.
See question on Quora - Dec 26, 12
This isn't easy anymore. In the past an actual tap was placed on the analog line physically and TSCM (Technical Suriveillance Counter Measure) tools like the Telephone and Line Analyzer from REI could find the bug due to voltage changes on the line. Although the new TALAN can test VOIP for taps based on IP addresses (An out of place routing of your conversation could equal a tap), this is still impossible to detect on analog lines that are connected to IP networks back at the phone company. The best tool is not communicating important information over the phone line and using strong encryption to send messages.
See question on Quora - Dec 26, 12
There actually is an easy and cheap way you can prevent yourself from being captured on video or CCTV. Most cameras (especially black and white security cameras) will see low levels of infrared light. This helps them video at dusk/dawn and in lower levels of light. The level of light the camera can see is called the LUX level. To test this theory turn on your video camera and point your TV remote control at it. Change a few channels and you will see a pulse of light flash that the naked eye obviously can't see. With that said you can easily make an infrared hat with cheap $1 infrared LEDs stitched into the front of the hat, the more the better... Attach a 9 volt battery to the LEDS and bam you are now a giant LED flash light. People will see nothing out of the ordinary, but CCTV cameras will only see a large flash of infrared light coming from your head, hiding your face.
See question on Quora - Nov 19, 12
Yes.
Actually you are confusing two different things: Search Warrant vs Subpoena.
The police can lawfully get a subpoena for the email provider (Google in this case) and see all the information connected to the email account. From Google they now how multiple IP addresses to confirm. Using a second subpoena, they have the Internet service provider (ISP) to turn over the account holder of the IP address Google had on record. Review of who logs into the account would have shown at least two IP addresses; one for Petraeus and one for Boardwell since they both logged into the same draft folder on one account to secretly share messages. This trick obviously doesnt work, see Computer Security: What are the supposed security benefits of David Petraeus' "dead-drop" email strategy?
At no time was a search warrant needed. If you review your ISP, email provider, Facebook, etc terms they only request a subpoena for document release. Some providers go as far as providing documents to Law Enforcement via a police department request on only police letterhead. Others like Twitter refuse to turn over documents even if they are taken to court. They usually lose...
If you want to see how easy it is to get these records and what data the police can see from your favorite internet sites check out Cryptome. Here are some of the favorites:
http://cryptome.org/isp-spy/face...
http://cryptome.org/isp-spy/comc...
http://cryptome.org/isp-spy/wow-... (Yes even World of Warcraft)
http://cryptome.org/isp-spy/yaho...
See question on Quora - Nov 15, 12
David Petraeus' "Dead drop" gmail trick isn't new and is a poor choice for anonymous communication. As stated in the question, this trick has been done by terrorists, criminals and others for a number of years because the user(s) believe they have less of a chance their communication can intercepted. Unfortunately this is not true.
Saving the message in the draft box of your gmail STILL transmits data from your computer or device to Google servers. Opening the draft box from another location STILL transmits the data from Google servers to the reader's computer. If the NSA, Google, ISP or local network tap is turned on it will capture this data. Game over.
For a better trick, use TOR to setup the email, write/send the email, and read all emails. Tor will hide your real IP address and both the sender/reader won't be tracked as easily.
I constantly catch people by tricking them into reading loaded emails that can track their identity. The senders are smart enough to setup a fake email account, but they a) never setup the email with a proxy/tor or b) read emails with a proxy/tor. As soon as they open my spiked messaged I have them owned.
See question on Quora - Oct 19, 12
"Man is least himself when he talks in his own person. Give him a mask, and he will tell you the truth." -Oscar Wilde
See question on Quora - Sep 18, 12
Here are the step by step ways to successfully do check fraud and why it works:
1. Purchase blank checks from Staples (http://www.staples.com/VersaChec...) or your local office supply store. ($23 for 250)
2. Look up any small credit union check routing number online. This is posted on all banks or you can call them. http://www.gregthatcher.com/Bank... Nothing illegal here.
4. Print Name that matches your ID on checks (You will be asked for ID during use). Prefer you use fake ID you bought for $150 after reading my post here: Where can people get fake IDs?
5. Print Routing Number, Random Check Number and Random Bank account number. Bank account can even be zeros and it still works.
6. Go to Big Box retailer, buy merchandise you want under $200. Enjoy!
7. Do not repeat. Big Boy retailers will track you and arrest you after X amount is stolen. Do once per big store chain. Small businesses may call police on you first use. Some people are nervous about home printed checks and call police even if they are real so beware.
Why this works:
Faisal Khan's answer is close, large banks like BOFA communicate with large chains so your account is checked for funds. If account and funds are confirmed you can spend thousands at the store. However small credit unions don't communicate with retailers. Stores don't want to lose customers, so they actually trust the money is in the credit account. However if the check is too high it may get rejected.
Some stores even have different clearance levels depending on how much fraud happens in that store. Ie: If you go to Target in Oakland your check wont clear for $30, vs $300 in Santa Rosa.
Yes check fraud is that easy. However it's easy to get caught too if you are greedy or sloppy.
See question on Quora - Aug 31, 12
Scenario:
A fake caller ID # pops up on your target’s cell phone from his office main line, he answers and a sexy woman’s voice on the other end of the phone claims to be a coworker at his company, she even mentioned his boss’ secretary’s name. She’s been told he is a wiz at computers and is having a hard time accessing her accounts. Within minutes of the flirty conversation she has learned enough about the target to guess his backup password. With nothing to lose she asks for his current Facebook password, without question provides it over the phone. Target owned, no computer skills needed.
Why This Works: The above scenario sounds fake, if not next to impossible. However surveys have shown “34% of respondents volunteered their password when asked without even needing to be bribed and 79% of people unwittingly gave away information that could be used to steal their identity when questioned.” Need higher chances? Another survey showed “More than 70% of people would reveal their computer password in exchange for a bar of chocolate.” Add some social engineering tricks; intel about your target (boss’s secretary name from linkedin), caller ID spoofing and you will increase your chances to the high 90% range.
How To:
This may look like a non-technical hack, but the social engineering, digital trickery and data mining is done at a high level if you want a 90% success rate. The key to this is making someone think it's ok to give you their password, which most of us are programmed not to do. By providing a wealth of inside information and misdirection your target's password can come out naturally. Even if 10 minutes after the call your target releases their mistake, it's too late, you got into their account and you viewed what you needed.
In each of the hacks there are going to be very specific instructions to make the hack work. In this tactic you need to be creative and witty on your own, so step by step details are suggestive only vs. the rest of the book the tactics are very structured around the use of software and other tools. Feel free to follow the steps listed below, but make sure to shape them to your target's own story.
1) Gather Intel- Learn everything you can about your target. Print out their facebook, linkedin, anything you can find about them online. Search their usernames on Google, search their address, phone number, forwards and backwards. For a few dollars, you www.intellius.com or other data mining tools (Spokeo.com) to get really personal details like addresses, phone numbers, neighbors, etc. Although there is some cost, the $5 you spend can be priceless. Also don't forget to print the information you find out no matter if its Facebook, the county clerk's office or craigslist posts. Later you may need to quickly access an unknown fact and having this data laid across your desk will save you.
2) Build a Story- Looking at what you have, start to build a story around the data. Who is going to ask for your target's password and why? A basic survey call is impersonal and may be rejected quickly. But asking for help, showing a connection to the subject and being friendly will go a long way. Most people like helping others, so the best story is putting yourself in need and allowing the target to be a hero and help you. It offers them a sense of control and can be awarding, lowering their guard.
3) Build Your Story Deeper- I know you have a story in mind, but how deep does your lie go? Can you pretend to be your target's secretary? Do you know her name? The Boss's name? The fact that he is traveling in the Bahamas right now? This data can be collected online and with other social engineering calls. Start by finding this information by calling the target's company and asking for his boss to file a complaint. When the boss answers hang up. You have his name now. Look him up on LinkedIn, Facebook. Learn about him. Now call the boss' secretary. Tell her you are a friend (pick a name from his wall posts) that wants to surprise visit him for lunch, find out his schedule. Don't book anything, say you will get back to her later, be thankful and pleasant. See how you are now collecting intelligence. In two phone calls you just gained some valuable data, but most valuable of all, you were successful. Your success in gaining that information will help you project confidence when you call your target. No secretary? Try the IT department, teacher, neighbor, family member. Your options are unlimited.
4) Write Your Attack- This is not a hack you shoot from the hip with little care. You need to write your script and practice it over and over until it sounds normal. The key of this attack is gut feelings. People will not give out their password if there is no warm and fuzzy. If you are a male, I recommend you use a female friend to help. A woman's voice can let a target's guard down instantly. Give them that normality by being just that, normal. Using employee only language like "By the way, have you got that TPS report done" or "This is Mike, from Starbucks #321, you have a moment" adds a subconscious misdirection to the target. Who really knows what a TPS report or local Starbucks store number is? Only insiders. The more inside hints you give the more realistic the conversation will go and the more likely he or she will give up their password or password hints.
4.5) Practice, Practice- Does this need explaining? If you don't you will fail.
5) Use Your Facts- As suggested in the scenario use what you know to add realism to the attack. Use a caller ID spoof app or http://www.spoofcard.com/ to change your caller ID to your target's school, work, girlfriend, whatever your story needs. It's one thing to answer an unknown phone number and start giving out personal details, it's another to see a trusted phone number pop up. It must be IT calling, its from the University's prefix or 800 #. Even text messages can be spoofed if needed (just remember if they reply to the person you are impersonating you might get burned. Better yet, during the conversation send a spoofed email from your fake personality to the target. Sites like http://emkei.cz/ will send free spoofed emails. That's right, you can pretend to be any email address and send untraced emails. During your conversation send a fake screenshot of the "issue" you are having from IT's email account to add that deep level of realism.
6) Use your Gut Too- So you have a plan together, you are going to be an IT guy calling about a virus spreading on campus from the target's computer. While talking to the target he is listening, working with you, trying to help you, but your gut says he doesn't trust you enough to ask for his password. Then don't. End the call, thank him or her and try again later. You just praised the target for helping save your ass at work, a foundation of trust was just made. Call back in a week with your same story apologizing and reminding them how thankful they were a week ago. Now go in for the kill.
This all sounds difficult but is used every day by law enforcement, intelligence agencies and hackers to get any information they want. For more detailed stories by one of the most famous hackers, check out Kevin Mitnick's The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers. Most of his book isn't even about hacking, but how to gain people's trust to get passwords, access non-public systems, even get free pizza.
Prevent:
Don't sit here reading this and say "I'm not that dumb, I would never give out my password." The odds are 70% of you will. So how can you get into a good habit of stopping an attack like this? Ask questions. No one will know everything about you, your company or who they are impersonating. The old Jedi mind trick of asking "Is your mom feeling better after breaking her ankle?" will force the hacker to answer "She's better" vs the real person saying "When did she break her ankle?" Another simple tactic is asking for a call back number because you are too busy to talk at the moment. It's one thing to spoof a phone number for outgoing calls, but not incoming. Suddenly the number on the caller ID screen is not the number they are offering (and can be identified). In my experience most social engineering hackers hang up at this point defeated.
FYI This is an from a current book I am writing "6 Real Ways to Hack Into Facebook"
See question on Quora - Jun 04, 12
Stuxnet isn't a program, it is a tool. Because it is a tool that has been successful, it will be continued to be used again and again. The public knows the US uses missiles, how should knowing we have cyber-weapons prevent the US from using them? Stuxnet, Flame, Duqu or any type of computer malware weapon/ELINT program should be considered the norm by any nation with the talent and dedication to create these tools.
On a side note they aren't really that impressive. But that's just my two cents. In the future they will be much worse and we will laugh at the level of simplicity of the payloads of yesterday.
See question on Quora - May 29, 12
As Jay Wacker pointed out, you can change your wifi card's fingerprint or MAC address by downloading a tool like Mac Makeup (http://www.softpedia.com/get/Net...)
This will allow you to randomly change your mac address, thus resetting the "timer" on the software for the coffee shops wifi.
A even better trick is use your wifi to sniff (cain and able, InSSIDer, Netstumbler) other laptop's wifi mac addresses already using the paid coffee shop wifi. Once you find a few you can copy their mac address as your own. This will give you free wifi in hotels and other paid wifi locations.
See question on Quora - May 07, 12
It is not illegal to change your IP address. For better privacy you actually should frequently change your IP address with VPN, proxies or TOR. Even more interesting is a recent ruling by New York Magistrate Judge Gary Brown during a pirated music case that should help IP privacy issues a little.
Judge Brown states “The assumption that the person who pays
for Internet access at a given location is the same individual who allegedly
downloaded a single sexually explicit film is tenuous, and one that has grown
more so over time…An IP address provides only the location at which one of any
number of computer devices may be deployed, much like a telephone number can be used for any number of telephones…Thus, it is no more likely that the
subscriber to an IP address carried out a particular computer function – here
the purported illegal downloading of a single pornographic film – than to say
an individual who pays the telephone bill made a specific telephone call.” He
continues in his briefing stating “While a decade ago, home wireless networks
were nearly non-existent, 61% of US homes now have wireless access. As a
result, a single IP address usually supports multiple computer devices – which
unlike traditional telephones can be operated simultaneously by different
individuals… Different family members, or even visitors, could have performed
the alleged downloads. Unless the wireless router has been appropriately
secured (and in some cases, even if it has been secured), neighbors or
passersby could access the Internet using the IP address assigned to a
particular subscriber and download the plaintiff’s film.”
So not only are IP addresses ok to change, the government and RIAA should not use them as gospel to nail a cyber suspect to his or her computer. At best a real IP address should only be used to narrow down a lead and get probable cause for a warrant to search multiple computers using that IP address. But this wouldn’t apply to you, because you’re using VPN, a proxy or TOR, and no one knows who you are right?
See question on Quora - May 01, 12
The inclusion of an MD5 checksum on software downloads helps confirm you are getting the exact copy of software the vendor or programmer made. If you download a copy, run the hash on the file and it is different than the posted hash the software may have been altered with a virus or other malicious code. Not every site offers this service, but it is more commonly found with open source and security related tools.
See question on Quora - Apr 24, 12
As discussed in my post How can you tell if your car is bugged or tracked with GPS? I described the term for your search as TSCM or Technical Surveillance Counter Measures. Although there are tools that cost tens of thousands of dollars at companies like REI (http://www.research-electronics.com) or consultants that can do the sweep for you for hundreds of dollars, doing your own sweep is rather easy and free at home.
Before you start buying equipment or ripping out light switches looking for bugs, you need to do your own security risk assessment by asking yourself some easy questions with following formula: Likelihood (Means) x Consequence (Does anyone care, What could I lose) × Vulnerability (Am I a sucker) = Risk (Will it happen?)
Likelihood-
Lets start with Likelihood because this may shut down any paranoia you have about being bugged. I prefer to call Likelihood "Means" because if you ask any paranoid person they BELIEVE there is a high likelihood to be bugged. Everyone with a tin hat thinks someone is listening to them... but when you start listing all the equipment, people, laws etc to plant a bug that quickly wakes people up to not being as special as a terrorist. Hell the power and transmission range of older model bugs make it unfeasible in most cases anyways. So what is the likelihood/means in your scenario:
1. Who would even bug your house?
a. Spouse?
b. Enemy?
c. Cops?
2. How?
a. Cheap RF mic from ebay? (Transmits 5 feet)
b. Costly SIM card bug (Like cell phone but made just to listen)
c. Custom install by the feds and similar players
Alright you settled on your ex-gf and you know she's got some cash and a smart PI friend who posts on Quora. Lets make a scale of 1 to 10 on the seriousness of Likelihood and give her 5 points out of 10. (Ex-Gf's can be crazy) Now you are looking for a cell made to listen in your room for $300 and $30 a month...
Consequence-
So your bedroom is bugged. So what? Do you care what she hears? Data leaking out on seriousness level: Ex-Gf gets a 1. Talking about your new gf doesnt hurt you.
Vulnerability-
This is very similar to likelihood. Could she or anyone else break into your house to install a bug in your light switch? She might have an old key, she gets a 10. But installing in a light switch? Common bug location, but for your ex? Ok she brings her electrician friend. Still 10. (I'm giving her way to much credit)
If the police are doing the install they need a Sneak and Peek warrant (very rare and hard to get) so they get a 1 (unless you are a know terrorist).
Risk-
Lets do the math: Ex-Gf: 5 x 1 x 10 = 50 points.
Now lets compare to a terrorist or high profile drug dealer:
Cops Want You 10 x Life in Jail 10 x Sneak and Peek Warrant 10 = 1000 points.
Big difference in Risk of being bugged.
If you haven't calmed down with your low ranking risk assessment post in the comments and I will write a part two to find bugs.
See question on Quora - Apr 14, 12
As Joe Miller pointed out, TOR can be extremely slow due to multiple variables that can get in your way of speed. The main factors are:- Distance between nodes
- Number of nodes traveled
- Bandwidth between each node
- System Bandwidth for each node (Lots of old computers running nodes)
When you add up each variable you get super slow speeds online (but also a layer of protection you can't find anywhere else online).
See question on Quora - Feb 22, 12
James Cook is correct, websites hidden on Tor servers have a wealth of fake IDs, passports and other forged documents ranging from $50 to $5,000. Unfortunately Trishul Patel's post is incorrect. Depending on the price and need you can get "On stage" IDs that do scan for bars, liquor stores etc successfully also for a low price, $150ish.
Using a TOR connection, check out the following links for fake documents to purchase:
cf6qjzygqbu2c4z5.onion All Purpose Identities
g6lfrbqd3krju3ek.onion Onion-ID
4eiruntyxxbgfv7o.onion Terminal Velocity
5onwnspjvuk7cwvk.onion Black Market Reloaded
ianxz6zefk72ulzz.onion Silk Road
See question on Quora - Feb 12, 12
During my counterintelligence training I learned a few great tips to confirm if being followed by a vehicle, here are three easy ones to remember:
1) Climbing Stairs- Make four right or left turns. The probability that another vehicle who just happens to make the same 360 turn as you is slim to none. You might both make one or even two turns, but anything more means you might have a tail.
2) On, Off- While driving on the highway, take an off ramp and then get right back on the highway. Like the above probability, not many people get off the highway and right back on. The tail is assuming you are exiting and exits with you but quickly is burned when they follow you right back on the highway.
Beware this doesn't always work against large teams. A good surveillance team knows this trick too and will actually exit the highway the proper way (turn around later). The first almost burned vehicle (Car A) drops being the lead and radios back for another vehicle (Car B) to continue on the highway (without exiting) to take the eye. A few minutes/seconds later Car A is back on the road, out of sight as secondary eye.
3) To fool the above, skip exiting the highway all together. Stay on the highway and every few miles pull over to the side of the road to "smoke" or "make a cell call". Both the lead tail (Car A) and any secondary surveillance vehicles (Car B, C, D) won't make a stop on the freeway; this is way too obvious and they will be forced to drive by you. At the next exit they could be waiting for you to pass though, so beware.
As for the posted scenario, just call the police. If it's a local police surveillance, dispatch will put the call out and the undercover unit will cancel it and move along for now. If it's feds/state police, they most likely did not tell their brothers in blue about their surveillance and local PD will roll up on the vehicle. Watch them run the plates and then back off. If its a PI or stalker, local PD will light them up, tell them to move along or even let the reporting party know what is going on.
Big picture question -- does it make sense to burn the surveillance team? My personal belief is yes. Think of it like calling their bluff and will make them back off. It really comes down to why you are being tracked. Surveillances, especially mobile surveillances are not common or easy and only used for important investigations. So if you show your skills at counter surveillance during a basic drug surveillance they will arrest you or back off. They aren't going to use resources over and over again just to be burned.
See question on Quora - Feb 02, 12
What good timing, I published an article today regarding this very topic:
www.csoonline.com/article/699180/three-steps-to-properly-protect-your-personal-data
Two take away points from the above article:- Install FDE (or turn it on) and encrypt your files,
- create an encrypted hidden volume to prevent any government or person from forcing you to turn over your personal data,
The key to proper encryption is not just the encryption itself, but also protecting the right data. This is why full-disk encryption (FDE) is a popular starting place for many users.
Regarding my favorite, hidden volumes "FDE drives still leave your data and personal information vulnerable in at least two scenarios: 1) You are forced to turn over your password (as in Judge Blackburn's District Court ruling), or 2) Someone has hacked into your live machine and remotely recording your keystrokes/data while you work.
To address these issues, we are also going to put our personal/business files in an encrypted directory—but not using just any encryption scheme. Encryption with hidden volumes is the key to really protecting your information and rights.
Here's a useful analogy for understanding hidden volumes:
Imagine a magic door. If you unlock the door with one key, it opens to a closet full of junk and old boxes. However, if you use a different key, and the door opens to the inside of a bank vault. If you look at the walls surrounding what's behind the door, they look the same size regardless of whether you are opening the closet or the vault . Anyone opening the tiny closet or looking at the structure of the door won't be able to see the giant bank hidden within.
With a correctly implemented hidden volume on your encrypted hard drive, you don't have to worry when someone cracks (or coerces you into giving up) the password. When they use it to open the door, they will only see the closet.
I prefer to use the word "password" for the closet. It's easy to remember and sadly common, and any password-cracking tool will guess it in milliseconds with a simple dictionary attack. Once the closet is open, non-sensitive business files and perhaps a few love letters or copied movies—something that might cause minimum embarrassment—will be revealed. Even to a skilled thief with good forensic tools, the real data, the bank vault, cannot be seen. They have no indication or proof it even exists. For all that person knows, they got your password and opened your encrypted files. In a courtroom setting this is known as "plausible deniability". (Yes, you complied with the court order to give up your password.)
See question on Quora - Jan 26, 12
Although many organizations have varying degrees of different definitions, I use the following:
Investigation: The investigation of a formal allegation of a criminal act, ethics violation or wrong doing.
Probe: A exploratory inquiry into questionable or suspicious activities that may lead to the finding of a criminal act, ethics violation or wrong doing.
See question on Quora - Jan 09, 12
Yes, two primary services are the Great Good Bye at http://www.greatgoodbye.com/ and Death Switch at http://deathswitch.com/ .
Both offer different forms of emails and services from the grave. Between the two, Death Switch appears to have more service oriented tasks and could be used without the help of a friend or lawyer in the manner described in the question. With Death Star, a "Check in" email is sent to you at set frequencies. If you don't respond to the check in, Death Switch assumes you are dead (or kidnapped) and sends out the email(s) you prepared before your departure.
Great Good Bye works well too. According to their site "After your death your friend will type in the activation codes on our site and the system will automatically send out the emails from the grave that you have prepared. Such trusted person will not be able to view, edit or administer any of your prepared messages - he or she will only trigger their sending out by providing the activation codes."
Whether you choose to trust yourself or your friends both sites let you setup your message to be sent to the press, law enforcement, etc if you die or go missing.
See question on Quora - Jan 07, 12
The difference between the two tools is quality. In all honestly both products work great and I believe are the future of network forensics, malware detection and network protection, but Solera added all the features Netwitness left out. From simple exporting to excel, to easy automation of importing public and open source malware feeds, Solera is a better tool. (FYI It has now been a few years since I used newest Netwitness version).
Netwitness had (has) an amazing product too. Easiest way to compare them: A basic model vehicle without power windows to a vehicle with all the bells and whistles like GPS, Bose speakers and seat warmers.
See question on Quora - Dec 23, 11
Install Connectify (http://www.connectify.me/) or Maryfi (http://www.maryfi.com/) for free. Both work great and offer simple setup to share your wireless with others.
See question on Quora - Dec 23, 11
Your choice in virus software is very important. To understand why, you need to look at how most anti- virus software works:
Companies like McAfee and Norton use R&D, advance web crawlers, scientists, intelligence (spying) and other resources to track and identify known and unknown viruses and their frequent mutations. All this data is then turned into a signature based detection system. By indexing and hashing your files on your system and then comparing them to known virus hashes and signatures you can confirm if you have any malware on your system. It's even faster to identify new files, no major scans are needed. So each time your anti-virus program provides you an update, its adding to the list of known viruses to scan for. Sounds simple, but is full of major issues, including these two.
Issue 1: An advance persistent threat (APT) aka China or a talented black hat hacker or the NSA make a 100% custom, never seen before virus (Stuxnut anyone?) and sends it to one system (Iran?) instead of blanketing it on the internet for McAfee to stumble upon. Do you think on one targeted machine McAfee will find it and then send out a signature file for the rest of us? Probably not.
Issue 2: I can confirm McAfee (and others big boy virus companies) white list (ignore) viruses for law enforcement and other intelligence agencies (including private companies). So you could have a keylogger, Remote Access Tool or other malware on your machine that McAfee is allowing!
So now what virus tool do you use?
Open source/Free tools may not have the same R&D budgets that the above companies have, but they do have the power of crowd sourcing and no bureaucracy or agenda other than protecting you. There isn't a goal to update only once a month or with a subscription fee. Instead most open source tools update as soon as a new issue is identified.
Personally I use two forms of virus protection: Microsoft Security Essentials and Malware bytes. Microsoft really impressed people with their free, low resource anti-virus tool just before Windows 7 was released. It keeps a stable anti-virus tool with the resources of big boy Microsoft running on my machine. Malware bytes is my resource to make sure Microsoft is doing its job and not missing any newly identified custom viruses like Stuxnut or caving into law enforcement and white listing some keylogger. Running this once a week seems to work well and not eat my system resources. Sometimes when I'm extra paranoid I throw in Trend Mirco's online scan for good measure.
I will never pay for a service that cares more about subscription fees and helping the government over my protection and privacy.
See question on Quora - Sep 16, 11
Super Circuits has a great selection of wearable hidden cameras that law enforcement and other security professionals use often. http://www.supercircuits.com/Hid...
Personally I suggest making your own covert camera out of a basic pinhole camera for less that $20 and staying away from wearable cameras. As good as some of the cameras are at Super Circuits and other CCTV vendors, they a) charge a ton for a cheap camera because its in a cheesy covert cover and b) fail to advertise the recording and power requirements needed to successfully use their camera like a scene out of a spy movie. Just imagine a camera in your tie. How are you powering it? What is it recording too? How are you powering the recording device? And please don't mention wireless or I will scream.
If you must use a wearable camera, stick to the pen dvr cameras found on ebay. They offer audio (something most legit cctv vendors are scared to sell), they run on batteries in the pen and record to a mirco sd card for easy playback. Best part you can put it on a desk, write with it or wear it on your shirt/purse and no one will be the wiser... http://www.google.com/products/c...
For custom cameras visit www.BMGInvestigations.com
See question on Quora - Sep 13, 11
Alan Cohen and Kim Guldberg offer some good software solutions to monitor internet traffic, however I see one piece missing, how you access the traffic. A standard router won't show you other user's traffic. To actively monitor another machine on your network you need to use a hub or your router needs to be able to output the targeted computer's data via a span or tap port. If buying a hub is out of the question or your router doesn't support tap ports you could always use APR poisoning via the program Cain and Able.
Once you have the proper connection made you can record your traffic via wireshark or some of the tools mentioned in the answers above. I recommend recording with wireshark and reviewing the data with RSA's Netwitness Investigator freeware. If there is specific data you are looking to monitor please post in the comment and I will update my answer.
See question on Quora - Sep 11, 11
The largest publicly known Chinese hack has been the Aurora attack in early 2009. The following companies have stated they were victim: Google, Adobe, Juniper, Rackspace and unofficially (but confirmed by leaked emails in an Anonymous hack) Morgan Stanley and Dupont. The press also indicated Yahoo, Symantec, Northrop Grunman and Dow Chemical were part of the hack. In total at least 20 companies were victim of that one attack by China.
China has also been linked to a recent hack at RSA that lead to three more defense companies to publicly admit to being hacked: Lockheed Martin, L-3 Communications, and Northrop Grumman to be hacked by the Chinese. So Alan Cohen's friends are correct...
Unofficially the press has also labeled China responsible for hacking "The United Nations, the Indian government, the International Olympic Committee, the steel industry, defense firms, computer security companies, the governments of the United States, Taiwan, South Korea, Vietnam, and Canada, the Association of Southeast Asian Nations, and the World Anti-Doping Agency."
See question on Quora - Sep 07, 11
I can't speak for the MacBook Air, however the Seagate's series of FDE drives all encrypt data "as it is being written and decrypts data as it is being read." Once a computer is turned off, the drive "locks" and all the data on the drive remains encrypted until the computer is powered on and a password is entered. Leaving the computer in sleep or hibernation keeps the drive active and unlocked for anyone to wake back up and take your data.
Not only do I suggest using an FDE drive to protect your files, but still use file/directory level encryption to protect your files from hackers that may be remotely on your systems or from live images collected by law enforcement/your company/bad guys. Sounds paranoid but you can never be to safe with your personal data.
See question on Quora - Sep 07, 11
For free use Cybergate... if you want something less risky check out Spectorsoft.com. They have monitoring tools starting at $99. Very impressive software.
See question on Quora - Sep 02, 11
Not all states allow the search of people's license plates. For example, in California after actress Rebecca Schaeffer was killed by a stalker who got her home address from a private investigator who got it from her vehicle and abortion clinic staff were stocked by their license plate information, California passed the Driver's Privacy Protection Act of 1994 (DPPA) to lock down this kind of information. So unless you are law enforcement or have a have a special license to search unrestricted ($50,000 Bond needed) with DMV you are out of luck to covertly get an address and name from a license plate in many states. If you don't mind the owner of the vehicle knowing you are looking for them then use a Request for Record Information (INF 70) form found here:http://dmv.ca.gov/forms/inf/inf7...
In other states, such as Minnesota you can simply go onto the many database sites online and pay a small fee $.25 (Accurint/TLO) to $50 for the shaddy websites to get the information. TLO (www.tlo.com) takes it one step further and shows you pictures of the make/model/color of the vehicle. Nice touch.
Lastly there is Google. You would be surprised that even license plate information can be found online. An old trick I use to use back in the day was searching Government Smog check sites for the plate. Not only would they say if the car passed or not, often the website would list the smog shop that serviced the car or vin # of the car. Then I would search the vin for more details and/or ask the smog shop for the vehicle owners information...
See question on Quora - Aug 17, 11
I have to disagree with Alex K. Chen's statement about Anonymous. The hacking done by the collective group Anonymous and Lulzsec is the greatest example of destructive hacking used for good. Have the targets been controversial and illegal? Yes. Has the damage cost millions? Yes. But their hacks truly have been for the greater good vs self interest.
Instead of using their black hat skills to covertly penetrate systems, steal millions of our credit cards and silently slip back into the night, the two groups are exposing major security holes by publicly outing the company or government they have chosen to attack (most oftentimes also behind a social issue). The constant news about such hacks and leaked information has awaken the IT security world and caused many global businesses and governments to take a more serious view on security and protecting their user's data/privacy. Just think if Anonymous as a white hat group went to Sony with their findings privately. Sony would be grateful no doubt, but how long would it take to fix there security holes? Could other hackers be in the same systems riding the zero day attack? With the publicity from Sony and other attacks, security was increased and should be taken seriously now...
On a personal note: Anonymous cannot be controlled based on its design. However I do agree with a recent panel discussion at Defcon that Anonymous should continue their mission by attacking dictators, child porn sites and other obvious abuses on the internet. Just my two cents.
See question on Quora - Aug 17, 11
As Tom Robinson stated, connect to a VPN whenever on wifi. I prefer Cyberghost. Its free, fast and easy to use for any level of computer user. cyberghostvpn.com.
See question on Quora - Aug 14, 11
Actually this hack would be easy to pull off for even a non-computer nerd.
Step 1) Use a War Dialing program in the school's prefix. I.e: Call all numbers between 904-0000 and 904-9999 looking for unlisted modem connections at the school.
Step 2) Simple password guessing or social engineering. Remember this was the 80's. Not a lot of education on strong passwords or leaving a user name taped to the desk.
Step 3) Change your grades.
Pretty simple if the stars are aligned for you.
See question on Quora - Jul 27, 11
Nothing is more easy then buying a Seagate FDE drive. Computer turns on, type in password, drive unlocked, boot up starts. When computer turns off, drive stays encrypted. The problem comes into play at an enterprise level with key/password management.
Unfortunately people are blind to protecting themselves and the governement isn't going to push encryption (without a backdoor) on the population. Companies like WD and Seagate should sell all drives with FDE at no added cost and make it a standard...
See question on Quora - Jul 27, 11
My experience has shown Jan Mixon's statement about non-chain convenience stores as huge money laundering operations to be true 100%. Plus they are everywhere. Lets just say I could walk into a store front operation (covert camera recording for documentation) and spot if the store was a front in seconds...
The best business front I ever ran into was an African Arts and Antique store. All the items were bulk purchased trinkets from third world corners probably for pennies and confirmed Pier One Import cheesy art, priced 1000% mark up or more and then "sold" on the books to clean the cash...
See question on Quora - Jul 27, 11
Bitcoin might sound like a good tool for laundering money after repeated statements about bitcoins being anonymous, however researchers have just published work "An Analysis of Anonymity in the Bitcoin System"(http://arxiv.org/abs/1107.4524) that proves different. For a quick recap of there findings see: http://anonymity-in-bitcoin.blog...
Long story short the researchers were able to identify the suspect of a recent bitcoin theft by tracking patterns found in the users public transaction keys over time. This effectively shuts down the anonymous argument and may lead to tracking of criminals using Bitcoins for Silk Road or money laundering...
See question on Quora - Jun 24, 11
- Jun 03, 11
The objective is to save lives. Zipping down the highway, often higher than the posted speed limit can come to a deadly end when you approach a construction zone. However having a CHP posted with their lights flashing or flares near/on a construction zone can decrease a driver's speed and remind them to drive safe.
See question on Quora - May 14, 11
While there are four levels of security clearance, Unclassified (Yes, this is a level often over looked), Confidential, Secret and Top Secret. The Top Secret level is not the end all, be all to protecting information. Secret and Top Secret information can be sub-categorized in to Sensitive Compartmented Information (SCI) and/or Special access programs (SAPs) that contain higher levels of security restrictions then standard Secret or Top Secret protocol, including "Need to know."
In regards to "need to know", this term can be more of protocol that limits the scope of the data or operation to participants to prevent leaks. A good example is a terrorist cell where each person or cell might have a need to know part of the operation. One group sells drugs for financing the whole unknown operation. One group photographs national bridges, another builds bombs and a fourth group carries out the attack. Each group is on a need to now basis and only the terrorist leader knows the full scope of the planned attack. If one of the cells gets captured the chance of shutting down the attack is limited.
Here is a great flow chart showing the many different levels:
https://docs.google.com/viewer?u...
See question on Quora - Mar 27, 11
The text message you describe is a lot harder to track then a "random" number texting you. In this case you need to work with the service provider and/or a lawyer or law enforcement to most likely get a subpoena for there records. If you goto this link you can find Verizon's subpoena information:
cryptome.org/isp-spy/verizon-spy.pdf
If the text is a threat I recommend going to Law Enforcement and working it that route, if its related to a divorce or civil matter your attorney can help.
If its your own curiosity or something odd you don't want to share, go down to your court and speak with the clerk in civil court. If you have to, sue a Jon Doe party in small claims court and then subpoena the files "needed" for the case...
See question on Quora - Mar 25, 11
The scale and complexity of the internet and social networks is not something that an investigator should be fearful of. Vast amount of data, even when unsorted or hidden in the deep web is a limitless opportunity to support your investigation. There are multiple methods of using the internet and social networks to support your investigation. Below are three areas to start your search:
Data Mining: Public Information- This is the information that is freely posted/found online. Open Facebook pages, news, blogs, websites, etc. Most of these searches can be conducted with simple tools like Google, Facebook, or digging around. Most people are successful at this level in their own search with finding some information. Popular names like John Smith can be narrowed down by properly searching “John Smith” with City/School/Employer and other key pieces of information you may know about your target. Searching for other known details works well to. John Doe comes up empty, but searching his phone number with and without his area code may find details your first search missed. Don’t over use Google either. Try Bing, Yahoo and even Alta Vista, they often have different ways of collecting data or cliches of old data. The internet is a giant haystack with your data buried in it. You can either give up looking or try multiple different searches to find your needle.
Data Mining: Semi-Private Information- I call this area semi-private because people believe this data is hidden, but it’s actually its rather easy to access. Since this topic is primarily around social networking, closed Facebooks are easy to get around. Using social engineering and a bit of intelligence gathering you can easily add your target’s friends and interests to your own fake Facebook profile. The key is to not look like a spammer, but a real person. Although becoming illegal in some states, create a Facebook page for an exact copy of a plan female you randomly find in another state. Copy her pictures, add some guys to post to (they always accept an invite from a lady) and get yourself a living, breathing, old looking account. Once built up, add some friends of your target (aim at guys) and use some of your “new” profile information to mirror intelligence you already know about your target. Home city, school, employer are always good. Then go for the friend invite. If completely locked out, target friends and family with the same tactics. Once you have a good rep going, you can continue your social engineering tactics to get more detailed information. From passwords to schedules, it’s amazing what a mother will turn over to your when you tell her you are planning a surprise party for her daughter's secret promotion at work.
Data Mining: Private Information- Always start your searches off with free resources like Google, Facebook, Spokeo, etc. Even the sites that pound you with spam can sometimes offer some info you might have not known, i.e. age, old phone #, old address. When all else fails, paid data mining sites like intellius.com offer a cheap and easy resource to confirm current addresses, cell phone numbers, emails, etc. For $1 you can get most of this information and then use that new found information to repeat step 1 and two above. The good sites don’t charge unless they have the information and often times give a hint about their findings before you purchase. For more advanced and costly databases, Lexis Nexus, Accurint and TLO exist.
For more search tricks check out my article, Tools to Identify Anonymous Users Online: http://www.csoonline.com/article...
If large amounts of data are found and need to be collected or understood check out, How to Visualize Investigations: http://www.csoonline.com/article...
See question on Quora - Mar 25, 11
For internet use setup a proxy or tor, for a list of other anonymous tools like caller id spoofing, etc check out my article 5 tools to send anonymous messages:
http://www.csoonline.com/article...
See question on Quora - Mar 24, 11
Using a FDE drive is not a great way to protect your computer. Instead you need to use a hidden volume FDE (See Truecrypt) and still encrypt specific files/directories on your live machine.
U.S. courts have recently ruled that you can be forced to turn over your password to your FDE drive (especially at the border), so if you plan on sitting in jail until you provide the password the best way is to cooperate by giving the feds your front password that opens up "clean" operating system, while still hiding the "real" operating system.
Secondly if your machine is on, malware and other tricks can capture your files. As an added level of security encrypt your files or directories like My Documents when not in use. This will prevent anyone on your live machine from capturing anything worth while.
See question on Quora - Mar 23, 11
This can be easily done and there is even a name for it: 2.4ghz War Driving or Video Scanning. Homemade kits can be built or video scanners can be purchased like the one here: http://www.youtube.com/watch?v=g...
See question on Quora - Mar 23, 11
The term for your search is called TSCM or Technical Surveillance Counter Measures. Although there are tools that cost tens of thousands of dollars at companies like REI (http://www.research-electronics.com) or consultants that can do the sweep for you for hundreds of dollars, doing your own sweep is rather easy and free.
Depending on the jurisdiction, Law Enforcement may or may not need to get a search warrant to place a tracking device on your vehicle. Knowing this information about your state may help figure out where to start looking for a hidden device. If search warrant laws are lax, then a good visual sweep of the underside of the vehicle and trunk can usually find a GPS device for the following reasons:- Law Enforcement may have limited access to your car in the parking lot or while you are shopping, so placement is quick and sloppy and removal needs to be easy.
- How long the device runs (Does it need batteries which last a few days in real time monitoring mode or wired directly to the car battery). See above.
- Metal needed for most devices to stick to magnetically. (Although I have used duck tape and zip ties). Bumpers, car frames are great.
- Near the road surface or direct sky for the GPS radio singles to receive well. (Although cell and wifi gps systems are becoming popular). Edges of the vehicle, bumpers, hoods, truck lids.
- Vehicle Space. As shown in the recent finding of a FBI GPS on a Santa Clara students vehicle, the devices the SJ or SF FBI field office are using are OLD and BIG. Pic:
When you do your search look for anything that might be the size of a pager or . above, often times attached to a brick or tube of batteries. In the maze of moving parts under a car may sound like a needle in a haystack, but trust me, the devices stand out like sore thumbs. LE just assumes no one looks under their car and the device is only used for a few days.
If your car was stolen, impounded or there are strict GPS laws for law enforcement in your state a more details search is needed. In those cases GPSs can be hard wired into the car battery and hidden in a million different places that only TSCM tools might find quickly. Remember GPS units can be small (and useful tools) but they cost money that local PD (and SJ or SF FBI) don't have for low priority cases. So your best beat is to just look under the car for that 1995 brick device and get a lawyer.
If you are talking about a listening bug, its not there. See the above reasons and then multiple it on complexity of installing it and transmitting the recordings from a moving vehicle. Even with sim card bugs on the market they aren't putting that in your dash to listen to your phone calls they can already monitor.
See question on Quora - Mar 23, 11
Sign up for Google Voice online, send the text to your free google voice number. Problem solved.
See question on Quora - Mar 21, 11
- Mar 20, 11
Calm your conspiracy theory self. Google's Street Cars were serving three purposes only. 1) Mapping/Photography streets, 2) Capturing SSID locations for Wifi Triangulation and 3) Traffic Assessments.
As for the collection of data, Google was simply using promiscuous wifi capturing tools that easily collected the known and unknown SSID names, as well as other data. Let's look at reason's this conspiracy doesn't hold true:
1) Speed: About the only exciting bit of information Google will capture during their drive by your house is the SSID name of your router. Yes other data can and was captured, but think about it. How much of your personal internet surfing can be captured as the vehicle drives by at 25 mph? Add the range of your wifi, the doppler effect of the vehicle moving, and all the other conditions that are effecting the transmission of your data and you have very limited information captured.
2) Encryption: Yes a large majority of you are dumb enough to still leave open their wifi or use WEP at home. I mean if you believe in conspiracy theories, why wouldn't you encrypt your wireless. Oh right, the NSA already has a backdoor key to all WEP and WPA2 that they provided Google to decrypt the small bits of information back at Fort Mead. As Google Street cars eat up your traffic a good portion is going to be encrypted and useless.
Counterargument: Now the NSA and Google do have passwords to your routers thanks to the info collected: Cracking Wifi in my own hacking experience can take large amounts of data to collect and then brute force. See above statement about speed. Driving by your house will not provide Google enough data to use to crack your WEP or support an attack on your WPA.
3) Useless Data: Lets really think about the small bits of encrypted or even unencrypted data Google is capturing. First the street cars are driving while you are hopefully at work on a M-F schedule. For the chance you are at home or Google drives by your unencrypted business wifi (real dumb here) and does collect your unencrypted data for a few split seconds, what are they really seeing? Statistically they are probably capturing you on Google or Facebook. But wait, you say you are doing personal surfing on your bank? No problem then, thats encrypted via SSL as well so your information is again safe.
So lets combine all the variables of Google's war driving and in the end you have bits of useless data with the SSID firmly attached and a GPS location entered into a database. Next time you use your iphone for directions you find the location within meters not miles. Mission accomplished, no snooping.
Where you should worry:
After all the drama Google announced they no longer are using Google Street cars to collect SSID/GPS locations for better triangulation. Good news right? Wrong. Google and Apple (and other apps) are now using Crowd Sourcing on your smart phone. Why spend millions on a car driving around collecting SSID locations when every iphone and android user can be a mini collector of raw data. Yes, Google is using your phone right now to collect GPS locations, traffic speeds, SSID names, even some tablets are starting to have sensors for weather detection. With millions of smartphones roaming the world they are offering plenty of sensors and tools to collect a wide range of known and unknown data points for anyone that wants the information.
See question on Quora - Mar 18, 11
Netwitness' Investigator should be able to spot an event like this. Check out the free demo.
See question on Quora - Mar 15, 11
EAS alarms can be very expensive new. A) I would suggest looking on Craiglist and Ebay for used or broken EAS alarms, b) auctions, business close outs (Border Bookstore right now) or C) making your own with PVC piping and chrome paint.
See question on Quora - Mar 12, 11
If there is a mechanical failure (such as the the clicking sound you are hearing of the of the actuator arm) you don't have many options. The best bet is to ship your drive to a drive recovery company like Seagate Recovery Services (http://services.seagate.com/Data...) that will actually dismantle your drive, remove the platters, replace them in a similar drive to get it spinning. Once the drive is up and running they will transfer your files to a disc or new drive. This service is not cheap, but recovering your priceless files is worth every penny.
See question on Quora - Mar 09, 11
Sorry but posting your IP address and email address online are not violations of your privacy... On a possible positive side you could send the website owner (search for his/her info on domain registry sites) a cease and desist letter stating if they don't remove your information you will sue them for libel and slander due to the site's reference to you being a spammer. Inform them that being labeled as a spammer communicates false information that damages your reputation, for which they will be held responsible.
See question on Quora - Mar 08, 11
California Penal Code section 830 - 831 lists many types jobs that are considered “police officers”. They include:
“Police; sheriffs, undersheriffs, and their deputies. (§ 830.1[a])
The California Attorney General and special agents and investigators of the California Department of Justice. (§ 830.1[b])
Members of the California Highway Patrol. (§ 830.2[a])
Members of the University of California Police Department or the California State University Police Department. (§ 830.2 [b]&[c])
Special agents of the California Department of Corrections and Rehabilitation. (§ 830.2[d])
California State Park rangers. (§ 830.2[f])
Certain employees of the California Department of Motor Vehicles. (§ 830.3[c])
The State Fire Marshal and assistant or deputy state fire marshals. (§ 830.3[e])
Fraud investigators of the California Department of Insurance. (§ 830.3[i])
Criminal investigators of the Employment Development Department. (§ 830.3[q])
Members of the San Francisco Bay Area Rapid Transit District Police Department. (§ 830.33 [a])
Welfare fraud investigators employed by the California Department of Social Services and all county welfare departments. (§ 830.35[a])
County coroners and deputy coroners. (§ 830.35[c])
Parole officers and correctional officers of the California Department of Corrections and Rehabilitation. (§ 830.5 [a]&[b])”
Specifically regarding CHP, their own mission statement states “To protect the public, their property, state employees, and the state's infrastructure,” nothing specifically stating highway jurisdiction only. In many counties, CHP officers not only patrol their district's highways, but unincorporated areas as well to support Sheriff and local police departments.
Long story short, the CHP and all of the above technically have the jurisdiction to issue you traffic tickets in California.
See question on Quora - Mar 04, 11
- Mar 04, 11
- Mar 04, 11
Yes, use the iphone app "FakeLocation" or the andrioid app "Fake GPS location" and set your coordinates to "loc: 40.748342, -73.984606". Once setup all your smart phone programs will think you are at this location and you can talk to New Yorkers.
See question on Quora - Mar 03, 11
In 2008 there was 14,169 law enforcement agencies that employed 708,569 full time state, city, university and college, metropolitan and non-metropolitan county, and other law enforcement officers in the United States.
See question on Quora - Feb 24, 11
The Internet can be a very powerful tool for private investigators. Although it is not the primary tool for my research, it is always utilized in every investigation I
conduct. From basic Google searches on suspect names, addresses, email
accounts, etc, to more advance uses of free online (Spokeo.com) and paid data
mining services (accurint.com, lexusnexis.com), there is a wealth of data to be
found. More importantly the internet and sites like Facebook and Twitter can
help collect data and intelligence that can be used to further your
investigation with smoking guns (amazing what people post online), social
engineering tricks (You can get a lot closer to your target if you know what
high school they went to, their favorite color, etc), profiling and more.
See question on Quora - Feb 23, 11
- Jan 22, 11
How many times are you sitting at a red light and you get the feeling that the person in the car next to you is staring right at you? You turn and look and sure enough some person is looking right at you one car over... This isn't magic, but your subconscious doing its job with your real senses.
In the scenario above your peripheral view is very wide, but your mind focuses your vision at the task ahead, waiting for the stop light to change. While sitting there waiting, focusing forward, your peripheral view spots the person staring at you and out of a instinctual defense your subconscious alerts you to the possible danger lurking near by. At this point you get the "sense" that someone is staring at you, you look and it's confirmed. A small adrenaline rush may also occur preparing you for fight or flight if danger is confirmed.
This can also happen with other senses as well. Your TV is playing loudly at night, but the sound of someone at your door seems loud and makes you go and check. Normally your mind might mute out or even be "blind" to all the sounds other than the loud TV, however since you hear a noise near your door, your protection mode kicks in and your subconscious mind lets the sound alert you.
See question on Quora - Jan 16, 11
Next time do a little "footprinting" or google hacking on your website yourself. Check out sites like "http://knowthetrade.com/footprin..." for more examples. This can help prevent leaks of information or simple hacking in the future.
See question on Quora - Jan 16, 11
I would like to see the proof behind the comments above. As a user of both DLP, employee monitoring software, network forensics and E-Discovery/computer forensics I think you are all wrong to believe corporate big brother is at the level TV shows make you believe. Many of the vendor's own software can't track the confidential files (let alone find them to begin with) that they promise you... Now some of the products out there can help investigations, deter theft, etc, but only on a limited scale. The old "if there is a will, there is a way" is very powerful when it comes to getting data in and out of a company. I can counter any employee monitoring method you show me...
To answer the question from what I have used, tested and created:
Monitoring software care really track or log whatever you want captured. The best products actually capture the data from multiple angles vs. one log to prevent information from being missed. For example an affective monitoring tool can and should monitor the following:
Screen Capture: Like a CCTV on your computer screen. Records all activity in a video format. Nothing should be missed via this view (but it can be...)
Key Logger: Record all keystrokes, even deleted/backspaced keystrokes, passwords, etc.
Email Capture: Capture all incoming/outgoing email on corp and personal email systems.
Webpages: All webpages visited
Chat/IM: All chat logs.
Online Searches: Self explanatory
Programs Used: What programs, how long, etc.
File Transfers: Uploads, downloads, new files, renamed, USB, CD, FTP, etc
Network Activity: ALL network traffic in data packet form to review for viruses, suspicious transfers, things missed by the obvious.
Ability to alert for keywords, block websites, etc...
Best part of a tool like this is the amount of data that is collected and can help confirm any leaks of information without missing any part of the story. Should the user log onto hushmail with a non keyboard keypad (to hide from keyloggers and encrypt their email) the screen shot would still capture it. If the file transfer tool errors out during upload, the keylogger and screen shot capture it, etc. Companies that are only using network logs or documents with hidden html links or software to track documents are missing way too much.
If you want to spot these tools check out your windows running services, task manager or run a non-company approved virus scan. Most monitoring tools are made with scripts from common viruses or flagged as viruses. Big companies who use Norton or McAfee will turn off the virus scanner to flag for your monitoring bug, so run a free online scanner or other virus tool and you probably will find a suspicious file like "eBlaster.virus."
See question on Quora - Jan 07, 11
As Andrew Kraut stated, internet security is not a switch that can be turned on or off, rather it is an always changing risk that needs to be tackled on different levels. Although there isn't one answer to this Quora question, there are small things both end-users, developers, ISPs, Gov, etc., can do to limit cyber crime. Standard full disk encryption on all computers, WPA2 encryption minimum on Wi-Fi wireless LANs and SSL (Secure Sockets Layer) or full encryption on all Internet communication are just a start that can be rather easily adapted by the tech community.
See question on Quora - Jan 06, 11
The key to preventing this issue from arising is using encrypted hidden volumes. On one level you encrypt common items: pictures, love letters, porn, etc. Things that are not incriminating or intelligence building in any fashion. On the encrypted hidden volume level you hide your personal or "secret files".
Should your encrypted file fall into the wrong hands a) make sure the encrypted file can be cracked with a dictionary attack, use "password". This will make the cyber police all warm and fuzzy for cracking the lame password. Or b) do one better and turn over the password to show law enforcement your level of cooperation... Just make sure to never mention or give them the uncrackable 32 character hidden volume password that will remain undetectable.
For a how to guide I put this video together a few years ago:
http://www.securitytube.net/Encr...
See question on Quora - Jan 04, 11
There actually are "WiFi walkie talkies" for people in the security industry. Most are connected to security officer patrol verification systems that track officer movements, check ins, status reports, etc. Although a powerful tool for security tracking and communication, due to Wi-Fi's limitations, most are always paired up with a cell phone service plan.
See question on Quora - Dec 29, 10
You won't find any federal law specifically outlining what is known as "authorized criminality," but I can do one better for you. Here is the Bush Administration's FBI Undercover policy on "Participation in otherwise illegal activity by Undercover
Employees." Long story short, if they are going to break laws, approvals
need to be made, committees watching, etc.
"Except when authorized pursuant to these Guidelines, no undercover employee shall engage in any activity that would constitute a violation of Federal, state, or local law if engaged in by a private person acting without authorization. For
purposes of these Guidelines, such activity is referred to as otherwise illegal activity.
(1) Justification: No official shall recommend or approve
participation by an undercover employee in otherwise illegal activity unless the
participation is justified:
(a) to obtain information or evidence necessary for the
success of the
investigation and not reasonably available without
participation in the otherwise illegal activity;
(b) to establish or maintain credibility of a cover
identity; or
(c) to prevent death or serious bodily injury.
(2) Minimization: The FBI shall take reasonable steps to
minimize the participation of an undercover employee in any otherwise illegal activity.
(3) Prohibitions: An undercover employee shall not:
(a) participate in any act of violence except in
self-defense;
(b) initiate or instigate any plan to commit criminal acts
except in accordance
with Section V (concerning avoidance of entrapment) below;
or
(c) participate in conduct which would constitute unlawful
investigative techniques (e.g., illegal wiretapping, illegal mail
openings, breaking and entering,or trespass amounting to an illegal search).
13
(4) Self-Defense: Nothing in these Guidelines prohibits an
undercover employee from taking reasonable measures of self-defense in an emergency to protect his or her own life or the lives of others against wrongful force. Such measures shall be reported to the appropriate Federal prosecutor and FBIHQ, who shall inform the Assistant Attorney General for the Criminal Division as soon as possible.
(5) Authorization:
(a) The SAC must approve all undercover operations and
activities, including those which contemplate participation in otherwise illegal
activity. This approval shall constitute authorization of:
(i) otherwise illegal activity which is a misdemeanor or
similar minor crime under Federal, state, or local law;
(ii) consensual monitoring, even if a crime under local law;
(iii) the purchase of stolen or contraband goods;
(iv) the delivery or sale of stolen property which cannot be
traced to the rightful owner;
(v) the controlled delivery of drugs which will not enter
commerce;
(vi) the payment of bribes which is not included in the
sensitive circumstances;
(vii) the making of false representations to third parties
in concealment of personal identity or the true ownership of a proprietary
(but not any statement under oath or the penalties of perjury, which must
be authorized pursuant to subparagraph (b) below); and
(viii) conducting no more than five money laundering
transactions, not to exceed a maximum aggregate amount of $1 million.
(b) Participation in otherwise illegal activity which is a
felony or its equivalent under Federal, state, orocal law and which is not
otherwise excepted under Section IV.C(2)(g) above, requires additional authorization by the Assistant Director after review by the Undercover Review Committee.
See Section IV.E.
(c) Participation in otherwise illegal activity which
involves a significant risk of violence or physical injury requires authorization by the Director, Deputy Director, or designated Executive Assistant Director after
review by the Undercover Review Committee. See Section IV.E.
14
(d) If an undercover employee believes it to be necessary
and appropriate under the standards set out in paragraph H(1) above, to
participate in otherwise illegal activity that was not foreseen or anticipated, every effort should be made to consult with the SAC, who shall seek emergency interim authority from the designated Assistant Director, and review by the Undercover Review Committee if possible, or, if necessary, may provide emergency authorization under paragraph I below. If consultation is impossible, and the undercover employee concludes that there is an immediate and grave threat to life, physical safety, or property, the undercover employee may participate in the otherwise illegal activity, so long as he does not take part in and makes every effort to prevent any act of violence. A report to the SAC shall be made as soon as possible, who shall submit a written report to FBIHQ, which shall promptly inform the Undercover Review Committee. A decision by an undercover employee to participate in otherwise illegal activity under this subsection may be retroactively authorized if appropriate.
(e) If an undercover operation results in violence in the
course of criminal activity, and an undercover employee, informant, or
cooperating witness has participated in any manner in the criminal activity, the SAC shall immediately inform the appropriate Federal prosecutor and FBIHQ, which shall inform the Assistant Attorney General in charge of the Criminal
Division as soon as possible."
See question on Quora - Dec 28, 10
Sniffing packets is a sure way NOT to see what your employees are doing. From personal gmail using ssl, to proxies, tor and a million other ways to leak information (Lady Gaga CDs-Wikileaks??) a wireshark like solution on an enterprise scale will only tell you a fraction of what your employee's are doing. A better solution (on top of education) is the use of monitoring software designed to capture all forms of internet traffic AND computer usage with keyloggers/rapid screenshot capturing. Tools like Spectorsoft's CNE work on a enterprise scale to see real time web usage, file transfers or anything else that might scroll across your employee's screen and into their pocket. Getting back to the question, many companies use these tools but don't like to publicly admit mostly due to morale concerns, but if you are looking for some specifics check out some of the monitoring vendor's websites, they like to brag.
See question on Quora - Dec 24, 10
Check out http://preyproject.com/ for an open source laptop and smart phone tracking system. Works great and best of all it's free!
See question on Quora - Dec 21, 10
When in doubt, test it out. So I'm sitting at home, poisoning the APR between the router and my android phone, testing firesheep and it looks like a partial success. As long as my android is in WIFI mode only (Mobile turned off) I was able to hijack the sessions and use firesheep. So to answer your question is its possible, but not likely.
See question on Quora - Dec 19, 10
Long story short, Manning could be executed.
According to Title 18, Part 1, Chapter 115, § 2381 (AKA Treason) "Whoever, owing allegiance to the United States, levies war against them or adheres to their enemies, giving them aid and comfort within the United States or elsewhere, is guilty of treason and shall suffer death, or shall be imprisoned not less than five years and fined under this title but not less than $10,000; and shall be incapable of holding any office under the United States."
But rumor (by Wikileaks) is the US will plead out Manning with a lesser crime such as § 798. Disclosure of classified information in exchange for Assange's head.
See question on Quora - Dec 15, 10
If you download the torrent with Gawker's info, Gnosis; the group claiming responsibility for the hack, states a few inside details about collecting the information but not the exact hack.
Ultimately Nick Denton’s password was probably brute forced by the hackers and easily found due to his weak choice of using 24862486 everywhere.
See question on Quora - Dec 12, 10
Competitive Intelligence is the legal and ethical means to gain competitive information vs industrial espionage is the illegal means.
See question on Quora - Dec 12, 10
Because data dredging is a poor science, not many "successful" examples exist. I like to think of this as a process many psychics use to fool people...
See question on Quora - Dec 12, 10
Technically no one knows what is in the file, so how can it be illegal? However if it was confirmed to have classified data in it, then yes that would be illegal to have.
On the danger side of things, the government isn't going to assassinate you over having the file, but there have been press reports stating the government might someday ask if you read the leaked documents and disqualifying you from top secret clearances you may need as an employee someday... Also I have noticed many of the "insurance" torrents aren't from wikileaks and already have viruses attached to them on the torrent sites, so beware.
See question on Quora - Dec 11, 10
Use a PC and put security in your own hands vs trusting a dictator hiding behind high dollar advertising...
See question on Quora - Dec 11, 10
- Dec 10, 10
If you follow Reid or Wicklander-Zulawski's interview and interrogation techniques there are many signs that help identify deceptive people. From gallows laughs and blushing to the defensive postures of arms closed, explanatory denials and overly detailed answers to questions (to buy time and look innocent). Although everyone is different many of the visual clues are easy to study and spot. Check out W-Z.com for more information on interrogation training.
On the flip side, innocent people tend to be more visually upset but still provide clear information, offer alibis and refuse to admit any involvement in the crime. During interrogations innocent people don’t take long pauses to think of lies and answer promptly, nor do they tend to use too many specifics in their answers. Although they too can be visually and physically upset, they want to cooperate to the fullest and don’t tire in proclaiming their innocence.
At this point a good interrogator should realize the subject is possibly innocent and back out of the interview in a professional manner, many times turning the interrogation back into an “interview” and backing off the accusatory questions…
See question on Quora - Dec 10, 10
Germany's Foreign Minister's Chief of Staff Helmut Metzner was fired after wikileaks exposed he was leaking information to the US. Not physical danger but a start...
See question on Quora - Dec 06, 10
There was over 30 companies including Google that would like to remain nameless to protect their corporate image... Maybe the recent wikileaks will have a better list in the weeks to come.
See question on Quora - Dec 06, 10
hackforums.net and hak5.org are good starts with beginner and intermediate hacking discussions, tutorials and information.
See question on Quora - Dec 05, 10
- Dec 05, 10
The time required to get phone records are different for each phone and ISP provider, although many have rush service (for an added cost of course). For some inside information relating to your specific phone company or ISP check out Cryptome.org's leaked list of "instructions" for getting phone, internet and other online records:
http://cryptome.org/isp-spy/onli...
See question on Quora - Dec 05, 10
In San Jose, I often see cops sitting at the carpool lane freeway entrance light just shooting fish in a barrel during the morning commute.
See question on Quora - Dec 05, 10
Pros:- Lower police operating costs
- Less police injuries
- Less police manpower to track/chase criminals
- More successful surveillance
- Easier, cheaper surveillance = more surveillance = more chances for rights violations when conducted improperly.
See question on Quora - Dec 05, 10
We can debate all the pro's and con's of monitoring all day, but it comes down to protecting your business. If you own a company that has information or money to protect, monitoring your systems can and should monitor be done. A great solution is spectorsofts CNE at Spectorsoft.com. The system is cheap, works so well you will get chills and has the added features that lets you set it and forget it until something bad happens at your business.
See question on Quora - Dec 05, 10
Trapster.com or the Trapster app for Android and iphone is much better. Crowd sourcing police traps, traffic, etc and of course for FREE!
See question on Quora - Dec 05, 10
- Check your DHCP list for unfamiliar IP addresses using your router. (Do you even have an issue?)
- Setup WPA2 wifi encryption with strong password (Keep users off anyway)
- Hide your SSID. (So others won't be as tempted to try to hack/connect.)
- Setup second router in DMZ setup and install free software to "sell" your slower, secured wifi. For more info goto: www.hotspotsystem.com or other similar sites that offer turn key solutions to selling your wifi.
See question on Quora - Dec 04, 10
Best way to prevent firesheep from ruining your day is paying for a personal VPN network or creating your own with a home server. Airpcap cards, APR poisoning, and other man in the middle attacks would miss your traffic if you connected to a proper unforged certificate.
See question on Quora - Dec 04, 10
It's not safe at all... MTM attacks can quickly redirect hijacked ssl, check out this how to video:
http://www.youtube.com/watch?v=P...
See question on Quora - Dec 03, 10
Liquid explosives have been a concern for TSA and other security services for sometime. Nitroglycerin or triacetone triperoxide can be carried in small "3-1-1" approved containers, then multiplied by multiple mules passing through TSA screening for small puddle jumping flights (with small no fly lists). Once past security, the small containers can be combined easily back into a large water bottle, pipe, etc in the airport restroom before one lone suicide bomber boards the large cross country flight to detonate his crowd sourced liquid explosive...
See question on Quora - Dec 03, 10
In this day and age private investigators for cheating partners is a dying business. Amid Tiger Wood’s adultery in the news and online services like AshleyMadison.com encouraging married couples to cheat, it’s no wonder DIY private investigation tools have become a booming online industry selling everything from tracking devices and home semen detection kits, to illegal black-op tools like wiretapping cell phones. Better yet, these tools can be discreetly purchased for under $200 and can turn anyone into a successful investigative journalist with the Weekly World News or your own Joey Greco of Cheaters. Below are five sure tools to catch your partner cheating or create your own mini KGB:
1. Computer Monitoring (Ease of Use: ** Chance of Getting Caught: *** Legal: Depends)
Not long ago you had to be a geeky kid in his mom's basement to hack into someone's computer. Even then the most you might find were meaningless logs of information and maybe a personal file or two. Today with specially designed, easy to use software for non-geeks, computer monitoring is literally a click away. Companies like Spectorsoft.com specifically sell software that can remotely capture, view and instantly notify you of your partner or kid’s Internet surfing, instant messages, social network posting and emails. For $99 you can install monitoring software on your own shared computer (legal) or pay an extra $10 to stealthily email your package to your target and remotely install it without their knowledge (not so legal.) Once setup, receive detailed lists and screen shots of all the computer activity, including passwords so you can follow up on your suspicions. Some software vendors even allow you to remotely view your target's webcam and files, covertly of course.
2. GPS (Ease of Use: ** Chance of Getting Caught: *** Legal: Gray Areas)
Once a tool only for the military and law enforcement, GPS tracking devices have not only dropped incredibly in price and size but have become easy to use. Before you select a GPS to keep a watchful eye on your loved one you need to decide how critical knowing your partner's location is. If you need instant monitoring, then a higher priced real time tracking device is what you need. Although these devices are still fairly cheap at $300, they usually incur a monthly user fee of $39 or more and the battery life lasts only a few hours to a couple of days. The latter is a GPS data logger that range from $50 and can last months covertly on the underside of a car. The downside is you have to manually retrieve the device and plug it into your computer to view the locations. In the end both devices will give you a clear idea where your partner is or shouldn't be.
3. Caller ID (Ease of Use: * Chance of Getting Caught: * Legal: Depends)
Does your partner not answer your calls or blocked numbers when they are with their snuggling with their mistress? Maybe if you call them with their best friend or bosses’ phone number they will answer in mid pump letting you question them on the spot. In the last couple of years numerous caller ID spoofing services like spoofcaller.com and prankdial.com have popped up on the web providing you the perfect opportunity to use your social engineering skills. Starting with a convincing caller ID on your target’s screen you can easily convince people to answer calls or provide information. The legality of this changes from state to state and is commonly called “Pretexting” laws but for the low cost of free on the above two sites your morals can be bought.
4. Cell Phone Monitoring (Ease of Use: **** Chance of Getting Caught: ** Legal: Mostly Illegal)
One of the darkest, but most powerful tools on the market right now are the numerous website’s offering complete wiretapping cell phone services. Ninety percent illegal, but hundred percent effective, these tools can be remotely installed on most modern phones to easily listen in on your wife’s phone calls. Your new NSA spook tool doesn’t stop there though, this is 2010 and you finally have technology on your side. Services like flexispy.com, preyproject.com or www.mobilespytool.com also offer the ability to listen in on conversations in the same room as the phone, export contact lists, view text messages and see GPS coordinates (save money by skipping #2) of the phone’s location without anyone knowing in real time. Think it’s too good to be true? Just do a quick search on youtube to see the stalking horror stories.
5. Online searches (Ease of Use: * Chance of Getting Caught: * Legal: Shouldn’t be, but is Legal)
Late night missed calls from an unknown number, an email address in his pocket, or is it time to confirm the address on your GPS tracking device? Cheap but effective online data mining companies specializing in selling you private information are a dime a dozen. Using leading search site Intelius.com you can skip the high priced private investigator and quickly gather the final evidence you need to pin your cheating lover to the wall. For less than $5 on most searches you can get Name, address, phone number, cell phone and email addresses. Best part of using Intelius vs. competitors, if they don’t have the information they won’t charge you for the search.
Just be warned, you sometimes can’t undo what you see and maybe poet Thomas Gray was right when he coined the proverb Ignorance is bliss.
For more articles like this check out my posts on CSOonline.com or brandongregg.com
See question on Quora - Dec 03, 10
In this day and age private investigators for cheating partners is a dying business. Amid Tiger Wood’s adultery in the news and online services like AshleyMadison.com encouraging married couples to cheat, it’s no wonder DIY private investigation tools have become a booming online industry selling everything from tracking devices and home semen detection kits, to illegal black-op tools like wiretapping cell phones. Better yet, these tools can be discreetly purchased for under $200 and can turn anyone into a successful investigative journalist with the Weekly World News or your own Joey Greco of Cheaters. Below are five sure tools to catch your partner cheating or create your own mini KGB:
1. Computer Monitoring (Ease of Use: ** Chance of Getting Caught: *** Legal: Depends)
Not long ago you had to be a geeky kid in his mom's basement to hack into someone's computer. Even then the most you might find were meaningless logs of information and maybe a personal file or two. Today with specially designed, easy to use software for non-geeks, computer monitoring is literally a click away. Companies like Spectorsoft.com specifically sell software that can remotely capture, view and instantly notify you of your partner or kid’s Internet surfing, instant messages, social network posting and emails. For $99 you can install monitoring software on your own shared computer (legal) or pay an extra $10 to stealthily email your package to your target and remotely install it without their knowledge (not so legal.) Once setup, receive detailed lists and screen shots of all the computer activity, including passwords so you can follow up on your suspicions. Some software vendors even allow you to remotely view your target's webcam and files, covertly of course.
2. GPS (Ease of Use: ** Chance of Getting Caught: *** Legal: Gray Areas)
Once a tool only for the military and law enforcement, GPS tracking devices have not only dropped incredibly in price and size but have become easy to use. Before you select a GPS to keep a watchful eye on your loved one you need to decide how critical knowing your partner's location is. If you need instant monitoring, then a higher priced real time tracking device is what you need. Although these devices are still fairly cheap at $300, they usually incur a monthly user fee of $39 or more and the battery life lasts only a few hours to a couple of days. The latter is a GPS data logger that range from $50 and can last months covertly on the underside of a car. The downside is you have to manually retrieve the device and plug it into your computer to view the locations. In the end both devices will give you a clear idea where your partner is or shouldn't be.
3. Caller ID (Ease of Use: * Chance of Getting Caught: * Legal: Depends)
Does your partner not answer your calls or blocked numbers when they are with their snuggling with their mistress? Maybe if you call them with their best friend or bosses’ phone number they will answer in mid pump letting you question them on the spot. In the last couple of years numerous caller ID spoofing services like spoofcaller.com and prankdial.com have popped up on the web providing you the perfect opportunity to use your social engineering skills. Starting with a convincing caller ID on your target’s screen you can easily convince people to answer calls or provide information. The legality of this changes from state to state and is commonly called “Pretexting” laws but for the low cost of free on the above two sites your morals can be bought.
4. Cell Phone Monitoring (Ease of Use: **** Chance of Getting Caught: ** Legal: Mostly Illegal)
One of the darkest, but most powerful tools on the market right now are the numerous website’s offering complete wiretapping cell phone services. Ninety percent illegal, but hundred percent effective, these tools can be remotely installed on most modern phones to easily listen in on your wife’s phone calls. Your new NSA spook tool doesn’t stop there though, this is 2010 and you finally have technology on your side. Services like flexispy.com, preyproject.com or www.mobilespytool.com also offer the ability to listen in on conversations in the same room as the phone, export contact lists, view text messages and see GPS coordinates (save money by skipping #2) of the phone’s location without anyone knowing in real time. Think it’s too good to be true? Just do a quick search on youtube to see the stalking horror stories.
5. Online searches (Ease of Use: * Chance of Getting Caught: * Legal: Shouldn’t be, but is Legal)
Late night missed calls from an unknown number, an email address in his pocket, or is it time to confirm the address on your GPS tracking device? Cheap but effective online data mining companies specializing in selling you private information are a dime a dozen. Using leading search site Intelius.com you can skip the high priced private investigator and quickly gather the final evidence you need to pin your cheating lover to the wall. For less than $5 on most searches you can get Name, address, phone number, cell phone and email addresses. Best part of using Intelius vs. competitors, if they don’t have the information they won’t charge you for the search.
Just be warned, you sometimes can’t undo what you see and maybe poet Thomas Gray was right when he coined the proverb Ignorance is bliss.
For more articles like this check out my posts on CSOonline.com or brandongregg.com
See question on Quora - Dec 03, 10
There is no doubt "security theater" is well in place at airports and we all know "if there is a will, there is a way" when it comes to anything, including bombing airliners. The old TSA agent checking my ID doesn't change the fact that it's fake and my real name is on the FBI's most wanted list. Even a bouncer couldn't detect my name change on a real ID, I'm not lying about my age or physical description, just my no fly name. With that aside lets look at the facts: Crazies vs real live terrorists.
Real live terrorists exist but not on the level the government would like you to believe. Yes they are out there, yes they want to do damage to the US, but the true logistics of blowing up a plane from their hut in Yemen is low on the totem pole on their actual capabilities. Bus stops, subways, malls and other soft targets would be easier to cause repeated damage to, but yet they don't target them (in the US).
On the flip side, crazies are everywhere in the US. You know the fools talking to themselves walking up and down the street, minus the people with blue tooths you can't see. Even the brightest go a little nuts more often than our US based terrorist attacks. With that said, pat downs, x-ray machines and the tools the TSA use before entering a plane PROTECTS us from dumb terrorists and all the crazies in the world talking to the devil.
Bush, Obama and good old Cheney aren't in a secret room watching the fresh out of high school TSA agents groping people's "junk" for their own kicks. This is about "limiting", not preventing, harm to you and your family while people fly. Catching the low hanging fruit. Who would have thought a shoe or pair of underwear could have a bomb? We lucked out (pure luck), gained new intelligence about two threats and responded as best as we could (at this current time).
Until a better technology comes out or world peace replaces terrorism and crazies, accept that removing any security measures may open up a flood of attacks on planes. If you are in disagreement, like many of you are, then PLEASE share some examples of how we can continue flying with added security that doesn't peak, grope, x-ray or strip search our rights vs complaining or stating "No."
See question on Quora - Dec 03, 10
There are many ways documents can be tracked with data leak prevention (DLP) tools from digital watermarks to even invisible serial numbers many color printers include on your documents (http://www.washingtonpost.com/wp...). Personally I use the subtle invisible hyperlinks from www.readnotify.com for my own DLP investigations (Free, works like a charm for low level techies) and the nanny cam of the internet, spectorsoft.com's CNE. (Don't be scared of it's power)
However the real issue about tracing leaks is there are too many ways to steal information that technology hasn't and won't catch up to. From encryption to the most basic camera phone, even a good memory can circumvent any tool the government or your company may put in place. "If there is a will, there is a way."
On a similar note:
I worked a case once where people knew or assumed correctly their communications were being searched for keywords. So as all good engineers do, they decided to send all documents as photographs to prevent any keywords from being exposed. Only after investing in an OCR program, were leaked documents discovered in the millions of emails sent daily. Just think about how long and how many documents were taken from our discovery to DLP tool implementation....
See question on Quora - Nov 29, 10
Security and intelligence are often a pendulum that sways back and forth depending on a company's fears, budget and business scope. ROI is often hard to predict and "out of sight, out of mind" happens often to high level executives that are focused on running a business vs thinking about espionage.
As many of the recent hacker news has shown with Stuxnet and Aurora, all the controls in the world can't stop a well financed, possibly placed insider, from hacking your systems. If there is a will, there is a way. With that said, there are systems like network forensics tools (Netwitness, Einstein) that can help identify breaches and data leaks better than traditional tools. Although they work great for government and Google size systems they could be very costly.
See question on Quora - Nov 29, 10
Not only can interviews provide information, but open job reqs on sites like Monster.com can provide valuable information about the direction a company is heading. Although Apple was very tight lipped on the creation of the original Iphone, many insiders quickly confirmed development just by looking at the positions Apple was hiring for...
See question on Quora
