The first of my 6 articles about maintaining operational security for the security intelligence function in the private sector is now online at Canadian Security Magazine.
Ontario wants to launch the Administrative Monetary Penalty (AMP) system. It’s a cute name for an extortion racket.
AMP will treat Highway Traffic Act (HTA) offences as a tax that you must pay. The accused cannot contest the charge; only discuss the amount of the penalty or perhaps the number of demerit points. This discussion will occur online with an ‘independent arbiter’.
The arbiter isn’t there to provide justice. You’re already guilty—you can only discuss the amount of the penalty. The money goes to the municipality and the municipality employs the so-called ‘independent arbiter’. The independence is a fiction.
The entire thing is an effort to bilk drivers. The government knows we must drive vehicles to exist in Ontario. Economists call this an inelastic demand. In such a demand, the quantity demanded is the same at any price because we must have it, and therefore, it may be taxed at any rate. The provincial government creates this tax by replacing the judicial process with automatic convictions and arbiters with a quota to meet—true government efficiency at last!
In 2011, the Law Society of Upper Canada specifically told the Law Commission of Ontario that AMP was not appropriate for HTA offences. The Ontario Para Legal Association rightly calls this an egregious violation of our legal rights. In rebuttal, the Ontario government imperiously states that there was a six-week public consultation about AMP that ended a couple of months ago, but I never heard of it and I haven’t found anybody else who heard about it either–some public consultation that was.
This will cause a drastic increase in the cost of insurance for residents of rent-seeking municipalities, as they will acquire artificially bad driver’s records. The term rent-seeking isn’t typically applied to government but I don’t see any alternative. Rent-seeking is seeking to increase your share of existing wealth by using the political process while not creating any new wealth. A rent-seeking government uses its discretionary and legislated authority to extract ‘rent’ for its own benefit.
What economists might call ‘rent-seeking’ is a coercive extortion racket, plain and simple. King John would feel a deep kinship with today’s Ontario government, since this type of behaviour brought about the Magna Carta eight hundred years ago.
The Great Google Escape
Google’s products are fast, intuitive and reliable–but they are not free. You pay Google with your identity, behaviour, habit, and preference information. Google then collates and analyses this data and sells it to advertisers and gives it to government and intelligence services. The longer Google does this, the more valuable the data becomes. This raises some very real privacy and security concerns for people who use Google.
There are solutions to this privacy and security issue. The first obvious solution is to avoid putting all your digital eggs in one basket. Use a different email and calendar provider. Use Firefox not Chrome as a browser. Use providers in Europe to take advantage of European Union privacy laws.
Sign in to your Google account and Use Google Takeout to export your data to a downloadable ZIP file from all the Google products. Getting out of Gmail is easy–getting out of Calendar and Contacts not so much. Google sets file standards for their calendar and address-book to make migration awkward. However, migrating to mailbox.org in Germany seems to go ahead without any real difficulty. It even allows you to encrypt your emails and other files before storing them on the server. Best of all they do not scan your data and try to monetize it. However, it costs €1 per month.
If you use the free Google Drive, consider using the Omnicloud from Germany’s Fraunhofer Institute, which allows you to encrypt all data locally before uploading it to the cloud.
Install a tracker blocker such as Ghostery and Self-Destructing Cookies (SDC) in Firefox to guard against browser cookies and use a search engine like Duck Duck Go which does not record your search history.
Are you uncomfortable with how much Google knows about you? Google makes a lot of money mining your search history. A Boston-based privacy company Abine has a solution to this problem.
The Blur Private Search service prevents Google from linking a search query to you. Search results appear normally, except your search, IP address, and the links that you click on can’t be identified or connected to you by the search engine. It is easy to set-up and use—you don’t have to sign-up using Gmail or other service. Create an account using a throw-away email address.
Nothing is perfect. Private Search only works with Firefox because Chrome tells Google about everything you do all by itself. It won’t protect you from other search engines like Bing or Yahoo.
Google now lets you export your web search history. However, you must be signed into you Google account. Just click on the little cog in the top-right of your screen in your Google Account history, and hit “Download.”
This is a lot simpler than the work-arounds that you probably used in the past.
In my last article on this topic, I asked the following questions:
- Should you include a warning about following links in your reports?
- Should you include a warning about visiting URLs in reports?
- Should you remove the links?
My answer is yes to all these questions. The content at the linked sites may not only change–it might plant malicious code on any computers used to visit it. This is more common than most private investigators recognise or admit. My research computers are almost immune to this but most other people do not go to the extremes that I do to avoid malicious code.
I do not like sending Word documents to clients. I much prefer sending PDF files. Unfortunately, much of my work is part of larger projects and the Word file allows a client to incorporate my work into other documents.
Sending Word documents has many risks but doing so is unavoidable in many cases. This leaves the investigator in a tight spot if he does not warn the recipient about the risks associated with visiting the links in the report. In addition to written warnings at the start of all reports, I now remove all links using Ctrl+Shift+F9. After being duly warned, to go to his doom, the reader must do more than just click a link.
I now include the following warning under the heading of Security Warning.
Warning about visiting reported links and URLs
All Universal Resource Locators (URL) or hyperlinks (links) cited in this report only report where we found data. We do not attest to the safety or security of any internet site or URL. Nor do we evaluate the security implications of visiting any URL.
Do not visit any cited URL or link without understanding the security risk of doing so. We only report the content associated with links, URLs, and Internet sites. You may compromise the security of your computer system and network by visiting URLs or links in this report.
If I recognise a site as an attack site or one that includes dubious code, I do report it, however, I have never had a request from a client that we evaluate the security risks of the sites from which I collect data. If I received such a request, I would turn away the job, as I do not have the expert staff to perform such complicated work.
Maintaining privacy during online research is as important as avoiding malicious code. Privacy begins with properly configuring the browser and installing the best oddons (for Firefox) such as HTTPS Everywhere and Self-Destructing Cookies (SDC).
This is a moderately complicated addon that requires the user to understand browser settings and how the browser handles cookies. Reading the addon documentation is required.
Eliminating Hyperlinks in Word
If you create reports that include material obtained from the Internet, then you must hate hyperlinks. If you don’t, then you’re not normal.
Think about it. You create a report in Word and send it to someone. They follow a link to one of the darkest, dankest parts of the Internet and come away with some hideous and unmentionable cyber disease. The disease spreads like wildfire. Everybody blames the outbreak of the hideous and unmentionable plague on you!
Now, think some more. Should you include a warning about following links in your reports? Should you remove the links? Should you include a warning about visiting URL’s in reports? My answer to these questions is, yes. I have first-hand experience. No, you may not ask about the details.
MS Word is obtuse. It hides the most needed features. Why did they make this thing so obtuse?
To copy all that stuff into Word without the hyperlinks is a chore if you use the obvious means of pasting as text only without any formatting. Unfortunately, this usually creates an unreadable mess. There are several different ways to eliminate hyperlinks in text pasted into Word. The scut work of removing hyperlinks individually takes forever, and you are certain to miss some.
Here is my ‘keyboard komando’ solution to this problem. Select the entire document using Ctrl+A. Careful now; this is a good way to erase the document if you press the wrong keys. If that happens use the undo command.
Next, press Ctrl+Shift+F9 and presto chango you are now a ‘keyboard komando’. You have eliminated all the hyperlinks in the document. Now save the document using Ctrl+S.
A far as I can tell, this works in Word 2003 through 2010.
Normally, I don’t use different browser profiles because I might confuse profiles and make a mistake. ProfileSwitcher might change that.
This extension makes it easier to use different profiles in Firefox and Thunderbird. I have installed it successfully in Firefox and Comodo IceDragon, which is based on Firefox.
It adds two items to the File menu to start another profile or the profile manager. From the extension’s preferences, you can choose what to do when you launch another profile. It allows you to choose to close the profile in use or not and if you choose to run the profile manager in safe-mode, the current profile will be always closed. In the options, I set it to display the current profile in the status bar. This allows easier control over the profiles than using the clumsy process offered in Firefox.
On my dedicated research computers, this seems to work quite well. It works in a Virtual Machine (VM) and closing the profile running Hola seems to stop Hola in its tracks.
Many websites confine access permission to specific countries. If you live outside the US, you may get this a lot.
Hola is the easiest method. It comes in the form of a very intrusive browser extension that is free and easily installed. It is available for Chrome and Firefox. Just click the Hola icon in your browser’s toolbar and select a country. It will route your browsing activity through IP addresses in that country.
Remember, I said this thing was intrusive. If you are a professional investigator, you must always keep the rules of evidence (S. 30 & S. 31) in mind. Your computers must be free of malicious code or code that could change the content of the collected evidence. I always run Hola on a clean machine that is separate from other evidence collection. If you use Hola to collect evidence, then you will have to be a very good Internet Eyewitness.
My first objection to Hola for investigators is that it is only available for Windows, Mac OS X, and as an app for Android devices. It is easier and quicker to create a clean machine with Linux.
Secondly, Hola sends your web browsing through other servers. More importantly, it uses your computer’s idle bandwidth for other users. Sharing bandwidth with other users exposes your machine to outside threats other than the websites you visit. I have seen DNS Spoofing when using Hola that does not happen when using other methods. Unfortunately, you have to prepare for this if you want to route your browsing activity through other locations and not pay anything.
Third, you must disable Hola when not using it. Install it in a separate browser. For example, if you use Firefox for most things, then install Hola in Chrome to access geo-blocked content. When you are finished using Hola, close the browser.
Finally, you must really spend some time rehearsing the visual, logical, and reproducible nature of your testimony. If you do not, then you will not be able to reproduce the process of collecting the evidence in court. Explaining how Hola works is not something I want to do in court if the other side is sharp and scrappy.
Even with all my reservations, I still use Hola, particularly for reconnaissance prior to using other collection methods.
You might think the headline was written tongue-in-cheek. You might be right, but you lack relevant data upon which to draw that conclusion.
Nobody pays an investigator to collect data. You earn the big paycheck for interpreting and analysing data.
You must quickly collect data from a variety of sources knowing their content, date-range, and how this data relates to the matter at hand. Next, you must summarise what you find. Then, you must interpret how this data might add to the progress of your investigation. Finally, you must analyse the new data in view of how it either supports or refutes your mandate, objectives, or hypothesis.
If you start with a logical mandate, objective, or hypothesis, and collect relevant data upon which you apply a reasoned analytical process, then, based upon available data, you will never be wrong either.
If you are doing a background investigation, then the subject’s employment history is important data. Here are a few sites where a subject may post a resume.
Of course, the first stop is LinkedIn to start getting a handle on the subject’s employment history. Next, go to indeed.com for the US and ca.indeed.com for Canadians. Use the advanced search and enter the subject’s name in the phrase search. Then do the same for all of the words of his name.
Odesk.com is for hiring freelance professionals. Use the search box with ‘freelancers’ selected and search the subject’s name.
Resumebucket.com is an interesting site. I often get better results using the Google site: command and the person’s name than using the site’s search facility.
Beyond.com requires an account to search or you may use the Google site: command with the subject’s name.
You can also search the relevant local craigslist site and use the search facility to search the subjec’t name in quotations. Sometimes you will find brief resumes for people seeking work.
The monster.com job sites have a lot of resumes but you have to pay to search them. If you do enough searching then this is worth the cost.
A recent study indicates that a two day interruption of key business functions could cost your business $3M. As most businesses are in urban areas, you could face much worse. One of my clients is located in Ferguson, Missouri and they have had weeks of disruption.
If your company is to continue operations during an upheaval, then the people who do the work must have the skills and resources needed to get through each workday. This requires a common-sense approach to urban survival planning for your employees rather than trying to create urban survivalists who grow an acre of food, raise goats, and live in underground bunkers, or worse having an entirely unprepared workforce. As most of your workforce probably lives in an urban setting, this bears serious consideration.
After researching this topic for several years I have come to the conclusion that you can’t train all your employees. You must select key people and train them and then make every reasonable effort to retain them. This may require a change in the corporate culture. It will certainly require looking beyond the next quarterly results.
Unfortunately, most business owners are risk-takers. They will see a major urban upheaval as an unlikely event. They will take the risk that during their tenure the event will not occur. This characteristic also explains many business failures, data breaches and large scale fraud events.
Business leaders need to understand their risk-taking behaviour. Without this risk-taking the business wouldn’t exist. Unfortunately, this same risk-taking may also destroy the business. Does your business have a risk committee of the board and does it consider this risk? Many businesses have an audit committee and compensation committee, why did so many abandon the practice of having a risk committee?
The full board has overall responsibility for risk oversight and this mirrors board responsibility for overseeing strategy. When an audit committee takes responsibility for risk management, the result is usually, in my experience, unfocused and inept. They do not have the skills and knowledge needed to evaluate all the business and operational risks faced by the enterprise. Audit committees often obscure the transparency needed for effective risk management and risk oversight by authorising such things as off-balance sheet transactions.
A separate risk committee of the board is not a one-size fits-all solution, but companies facing rapid changes in the business environment and emerging risks such as new technologies and security threats, should have a risk committee. Deteriorating urban infrastructure, poor city governments, inept policing, IT security, and other factors that affect business operations in our degenerating urban conditions certainly advocates the creation of a proper risk committee with business continuity on its agenda. The committee usually requires independent directors with specialised knowledge and experience with the critical risks facing the enterprise.
When collecting data for a report, I come across data in a multitude of markup formats. A markup language is a format for annotating a document in a way that is distinguishable from the text. Each markup language has its own syntax. The differing syntax between languages creates a problem when I need to extract quotations, create citations, and create appendices. What I need is a program that can understand and convert document text annotated with different markup languages. It must handle footnotes, tables, definition lists, superscript and subscript, strikeout, enhanced ordered lists, and the render the text into a form usable by MS Word. It must also translate math equations into something useful.
If you have been struggling with this too, try a programme called panddoc. This programme will take a while to learn, but once you have experimented a little, you will learn how to solve most of your markup-to-report conversion problems.