Crackstarter

Published on May 21, 2013 in Canada, News and News Media. 0 Comments

If you haven’t heard, the Toronto Mayor, Rob Ford, supposedly appears in a video smoking crack. Gawker wants donations to buy the video for $200,000. Well this seems like a 80/20 situation. 80% of the damage done in 20% of the time that this goes on.

Here are some things to consider about this strange news item:

1. If they don’t get enough money to buy this video, then we don’t know if it really exists, but the damage is done.

2. If they buy it, then they are paying-off criminals. After all they are self-professed crack dealers. They are the gangsters that bring about most of the shootings and murders in Toronto.

3. If they buy it, they need to buy the device that recorded the video or we can’t tell if it was altered.

4. It will take a long time to analyze the video to determine if it is likely unaltered. If it is altered or fake, it doesn’t matter, the damage is done.

5. While the video may be unaltered, we might not ever know if it was a continuous recording or one that was recorded selectively for some desired effect.

6. No matter what happens, the damage is done — damage that goes far beyond one mayor or city. Welcome to the brave new journalism.

Searching for Hacked Accounts

Published on May 17, 2013 in Methods, Private Investigator, Search Strategies and Sources. 0 Comments

I always use the subject’s known email addresses as search terms. I assume that any good Investigator would do the same. However, where you search matters.

Have you ever searched an email address and found that it was compromised? Groups like Anonymous and Lulzsec sometimes post lists of compromised email addresses along with the associated passwords. Do you know where to search for this and how to report it?

“I didn’t post that! My account was hacked!” is a common ‘Weinergate’ inspired excuse. If the Investigator doesn’t make a reasonable effort to search for the possibility of a compromised account, then he may be judged incompetent or negligent.

Without the co-operation of the subject, the Investigator must start an organised search for indications that the email account has been compromised.

Always search for the name of the email service provider and the words ‘hacked’ and ‘compromised’ along with  ‘accounts’ and ‘email’. If you find something, then compare the date of the security breach to the time of your own Weintergate.

Next, search shouldichangemypassword.com, pwnedlist.com, and hacknotifier.com. The first two only tell you if the account might be compromised, while the last one sometimes links the searcher to online information about the security breach.

Of course the Investigator should document the search and explain the sources that were searched.

Cut-outs & Disinformation as a Search Strategy

Published on May 8, 2013 in Canada, Methods and Public Records. 0 Comments

We often use cut-outs to gather information in smaller communities as government clerks occasionally talk too much. Sometimes they deliberately tell the subject, or even local news media, that a search is underway. We never tell our agents why our client needs the information. We frequently request unrelated documents from the same government office to conceal why we are using the agent’s services. This disinformation also proves useful should our agent become too talkative while doing his job.

We often find it prudent to get an agent in another province to requisition federal government documents under the Access to Information Act as we are sometimes seen as adversarial towards government or bureaucratic interests. While we have never had a request denied, we have certainly been delayed because the department involved has guessed for whom we act.

FlickRiver

Published on May 6, 2013 in Search Engines. 0 Comments Tags: , .

flickriver.com is a Flickr viewer and search tool, searchable by user name, tag, group and place.

If you need a good picture of the Earltown NS general store, or all pictures by DeadFred.com, or a picture of the DEW Line radar picket ship, USS Investigator(AGR-9/YAGR-9),  then you can find it through flickriver.com.

What’s on Your Wishlist?

Published on April 26, 2013 in Investigative Internet Research, Methods, News, News Media, Private Investigator, Search Strategies and Sources. 0 Comments

The Boston Marathon incident is somewhat instructive from an Investigative Internet Research (IIR) perspective.

News reporters are skilled at IIR — some to the exclusion of real journalistic skills if the preponderance of churnalism in the popular media is any measure. However, one instance of a reporter finding the terrorist’s Amazon Wish List is interesting. The reporter was drawing conclusions about the terrorist from the contents of the wish list.

The default Amazon Wish List setting is ‘Public’. The other settings are ‘Shared’ and ‘Private’ which seems to defeat the purpose. The default setting is the most common.

Social Search — Pipl.com

Published on April 24, 2013 in Methods, Private Investigator, Search Engines, Search Leakage, Social Sites and Sources. 1 Comment

I bet you know about Pipl.com. I also bet you don’t know my super secret way of using it.

I have just shown you how to search usernames using three good sites. Now in this limited time offer, I will tell you about the best and most secret username search.

Pipl.com for User Names

Go to Pipl.com and put the suspected username in the field normally reserved for a person’s name, and presto, right before your very own eyes, valid results will appear that may include a lot of other vital information about your subject.

Social Search — checkusernames.com

Published on April 22, 2013 in Methods, Private Investigator, Search Engines, Search Leakage and Social Sites. 0 Comments

This searches 160 social network sites for a user name. It is powered by the KnowEm search engine and has the same features of interest to the Investigator as NameChk plus a very interesting feature. It allows you to click on the faded-out links, which indicate that the username is in use, and doing so takes you to the user profile for that username.

Social Search — Namechk.com

Published on April 19, 2013 in Methods, Private Investigator, Search Engines, Search Strategies, Social Sites and Sources. 0 Comments

Knowem is probably the most comprehensive search site for finding user names & screen names.

NameChk is similar, but it doesn’t search as many sites (158). Be warned, this site doesn’t like Firefox, it is better to use Chrome as a browser.

The advantage of this username search is that it tells you which sites have the username available for use. Conversely, the sites that don’t have the username available might have the user that you are seeking. The sites where the name is taken are the ones that you should investigate further.

Google-Free Wednesday — Yahoo! Case Sensitive Search

Published on April 17, 2013 in Google-Free Wednesday, Methods, Search Engines and Sources. 1 Comment

Case Sensitive Search in Yahoo!

Case sensitive searches help when searching a person’s name and certain words such as the month of March, rather than a marching band, or a person from Poland is Polish, not silver polish.

CaseSensitiveSearch.com appeared in April 2013 and provides a case sensitive web search engine based upon the Yahoo! search engine database. However, this search is based on a paid service called BOSS that allows developers to create custom Yahoo! search engines for a fee. In this case, we do not know what pricing plan the developer is on, therefore, we do not know what portion of the Yahoo! index the thing searches.

Google-Free Wednesday — Alerts

Published on April 10, 2013 in Google-Free Wednesday, Search Engines, Search Strategies and Sources. 0 Comments

During the recent apparent demise of Google Alerts, I turned to using Talkwalker and Mention.

I found Talkwalker to be better than the broken-down Google Alerts. Mention seemed interesting, but the Web interface was not confidence inspiring and the need to download an app always makes me suspicious of what security risks that would cause.

Now that Google Alerts is working better, I am finding that it is almost keeping up with Talkwalker and finding new material in each set of results.

With the reawakeing of Google Alerts, I am not going to abandon Talkwalker and Mention — I am just going to add them to toolkit.

Social Search — Delicious.com

Published on March 29, 2013 in Methods, Private Investigator, Search Engines, Search Strategies, Social Sites and Sources. 0 Comments

Delicious is a social bookmarking site. Social bookmarking is storing and sharing the sites that the user finds interesting. This site has over 6 million users. That makes it a huge catalog of what interests the registered users.

By searching for a topic, you will find users interested in that topic. Topics to search could be a protest, scandal, political movement, or a distinct event. Delicious will identify all the users who bookmarked the same site or sites about the topic. You may also find links to related meet-ups and groups interested in the topic.

Once you have matched a Delicious user-name to a real person, you can see all the sites he or she has bookmarked starting with the most recent. The bookmarks are dated. This will tell a lot about the subject’s interests, skills, plans, education, and employment. The URL of the users bookmarks will be http://delicious.com/user-name/.

All of the foregoing allows you to start building a map of the social network surrounding the topic and the associated people.

Social Search — 48ers.com

Published on March 27, 2013 in Methods, Search Engines, Search Strategies, Social Sites and Sources. 0 Comments

This site doesn’t offer anything special, but it works quite well. It doesn’t have a real-time refresh, which I like as it makes examination of the search results less hectic.

The results are dominated by Twitter, but it also searches Facebook, Google Buzz, Digg, and Delicious. I particularly like being able to filter the results by source as this is my starting point for searching Delicious.

Social Search — The Event Horizon

Published on March 25, 2013 in Search Strategies, Social Sites and Twitter. 0 Comments Tags: , .

Events create a lot of social media chatter. Within this chatter or noise, the Investigator must find useful data. If the origin of the investigation is an event at a particular location, then searching for chatter that is related to the location may move the investigation forward.

GeoTagging is the process of adding geographical identification metadata to social media messages and other content such as images. Searching by the location usually entails entering the Latitude and Longitude of the location.

Twitter Geotags

Twitter allows users to include geotags with their tweets. Some third-party developers are using this feature. For example, Twellowhood, Twitter Local, and Twitter Nano.

Twitter Nano

Twitter Nano allows me to improve the signal-to-noise ratio when the starting point is an event or situation that I can identify with Latitude and Longitude. This will allow the Investigator to identify the people who have an interest or involvement in the event under investigation.

Of course, this doesn’t work if the user-of-interest hasn’t enabled geotagging. However, those with geotagging enabled often identify others who don’t have it enabled.

Social Search — Convoflow

Published on March 22, 2013 in Search Strategies and Social Sites. 0 Comments

Convoflow aggregates the traffic on social sites such as Blog Catalog, dailymotion Flickr, Friendfeed, Identi.ca, MetaCafe, Twitter, YouTube, and more. The results are displayed in groups — one group for each source searched.

What I find interesting with this is that doing the same search a few moments apart will yield different results. For example, a search for my surname yielded a group titled, blog search, which is presumably Google Blog Search. A second search less than one minute later returned results without the blog search group.

Social Search — The Starting Point

Published on March 20, 2013 in Search Strategies and Social Sites. 0 Comments

On the Internet, nobody knows you’re a dog.

Investigations often start without knowing the identity of the malefactor. Often it is an event that sparks the investigation. The aim of the investigation is to identify the malefactor.

Events create a lot of social media chatter. There will be a low signal-to-noise ratio in this chatter. The Investigator’s mission is to find the genuine signal. This requires search engines to monitor and sort through the chatter.

My efforts to increase the signal-to-noise ratio begin at Bing Social.

Bing spends a lot of money to gain access to the Twitter “firehose”. It takes money and resources to handle the data flow from Twitter. Enter a search term and you have configured a live stream of data from Twitter and Facebook. This is where I start cataloging user names for further research. Be warned though, searching user names here is hit and miss. It is easier to find the user name in the content rather than content created by the user name you are searching.