Archive for November, 2007

Computer Security Day

Published
by
Richard McEachin
on November 30, 2007
in Security
. Comments

Today is the 9th annual Computer Security Day. The Association for Computer Security Day (ACSD) site has some excellent posters and a useful list of 50 things you can do to improve your security.

OUT-LAW News has 7,000 pages of free legal news and guidance, mostly on IT and e-commerce issues. While it is UK based the site has some very useful content, including these four articles on password security.

We also found this interesting article:

And our article on pass phrases:

A Spy in Your Pocket

Published
by
Richard McEachin
on November 30, 2007
in Communication, Dirty Tricks, Industrial Espionage, Intelligence Services, Privacy, Security and Surveillance
. Comments

An article entitled Stalked by a cell phone: Who’s spying on you? warns of the danger of downloading software to your cell phone, connecting to the Internet from a mobile phone, and the dangers of letting it get out of your sight.

Update: See this at:

http://www.wthr.com/Global/story.asp?S=9346833 and

http://www.youtube.com/watch?v=uCyKcoDaofg

Reckless Personal Information Handling

Published
by
Richard McEachin
on November 29, 2007
in Canada, Fraud, Identity Fraud, Identity Theft, Legislation, Privacy and Security
. Comments

If Bill C-27 (2nd Session, 39th Parliament with first reading on 21 Nov 07) will make it an offence to recklessly make available or sell personal information knowing it will be used to commit fraud.

The wording that concerns me:

Everyone commits an offence who transmits, makes available, distributes, sells or offers for sale another person’s identity information, or has it in their possession for any of those purposes, knowing or believing that or being reckless as to whether the information will be used to commit an indictable offence that includes fraud, deceit or falsehood as an element of the offence

How will the term “reckless” be defined and measured? The people writing this law need to take into consideration what has happened with the requirement to safely store firearms.

In the case of the law requiring the safe storage of firearms, a group of street gang members rappeled down the side of an apartment building and broke into an apartment, and for four days, they continuously used industrial power tools to open a huge money safe and steal some handguns. Without a clear definition in law of what constitutes “safe storage”, the gun owner was charged with unsafe storage of the firearms. This type of malicious misuse will surely follow if Bill-C27 is passed without a clear definition of what constitutes being reckless.

Social Network News

Published
by
Richard McEachin
on November 28, 2007
in Social Sites and Sources
. Comments

I found an interesting aggregation of news about social networking on Newser.

Waterproof Paper

Published
by
Richard McEachin
on November 28, 2007
in Methods and Notebooks
. Comments

My notebook is in a ziplock bag, my small digital camera is in a small Pelican case, I’m soaking wet, but my directions to this place are waterproof.

MicroGlaze is effective for protecting most paper surfaces. Just rub a tiny dab on any paper surface and spread it very thinly over the area to be protected (a small make-up sponge seems to be the best applicator). The area is now water resistant and will resist dirt, stains, spills, and smears. MicroGlaze is unobtrusive and is hard to detect on a paper surface.

Of course I always rub a piece of paraffin wax over the address labels printed on the inkjet printer to prevent them from running if they get wet. I have gotten so used to doing this I now do it on all outgoing mail by habit.

Waterproof notebooks are specialty items that I once needed and today you can even get waterproof copier paper. To write on these waterproof papers, you may find that only the Fisher Space Pen works.

Searching the Social Internet

Published
by
Richard McEachin
on November 27, 2007
in Competitive Intelligence, Social Sites and Sources
. Comments

In past articles, I have described some of the sites mentioned by David Carpe in his excellent article titled How the Social Internet Simplifies Source Identification. This originally appeared in his regular column in Competitive Intelligence Magazine, published by the Society of Competitive Intelligence Professionals.

In the article, he discusses the virtues and flaws of many sites that let you search for information about people gathered from the social network sites and the Internet at large.

Spammers pose as private eyes to spread malware

Published
by
Richard McEachin
on November 25, 2007
in Dirty Tricks, Fraud, Identity Fraud, Identity Theft, Privacy, Private Investigator and Security
. Comments

Commtouch, an Israeli security firm that specializes in protecting e-mail integrity, says that it has detected a new malware outbreak that is spread through e-mails claiming to be from private investigators. According to Commtouch, the e-mails tell recipients that a private investigator has been recording the recipients’ phone calls and that an audio file of one of the calls is attached to the message. When unwitting recipients download the “call” to their hard drives, their computers become infected with malware…

Some common subject headings for the malware e-mails include “I’m monitoring you,” “You’re being watched” and “The tape of your conversation.” Commtouch says that the malware is sent in the form of a password-protected, compressed file that appears to be an MP3 sound file.

The Job’s Not Done Until The Paperwork Is Finished

Published
by
Richard McEachin
on November 24, 2007
in Handwriting, Methods, Notebooks, Private Investigator and Report Writing
. Comments

I once reviewed of an organization’s investigation practices and found a wide range of competence and quality in the investigations, the reporting, and record keeping.

The Investigator’s notes must truly reflect what he did. It is remarkable how quickly the mind loses its ability to recall the details of events. The realisation that unrecorded events become forgotten or distorted with the passage of time was missing in the notes of most of the investigations I examined. The final report often described events that were not in the file notes. From this practice, questions arise about the nature of the sources used and when facts were uncovered.

It is prudent practice to ensure that investigation notes do not contain anything unrelated to the investigation. Nor is it wise to record derogatory data without recording its source. To do otherwise, risks a loss of objectivity that discredits investigation and the Investigator. However, I frequently found the subject referred to by pejorative terms that could not be attributed to any source. Also found in the file notes were grocery lists, telephone numbers of unrelated parties, the office lunch take-out order, and the telephone numbers of massage parlours and prostitutes entirely unrelated to the investigation.

One Investigator stood-out from the rest. When questioned about his practices, he admitted to pruning the deadwood from his files before the release of the final report. He also used 32 page notebooks for all his file notes – you know the type, the ones your kids use at school. This conveniently kept all his notes in an organized fashion. I checked Staples and found a package containing four of these for $0.77. I now use this excellent low-cost solution to “note pollution”.

This “pruning the deadwood” should extend to the electronic files. In the meta data of a final report, I found that a lawyer (at the organization’s law firm) had edited what became an investigation report. The file notes did not support the lawyer’s changes to the report, nor was the lawyer on the distribution list for the report.

In some environments, it is standard practice to use normal word processing applications to produce and then print a document, which is then scanned into PDF to avoid any embarrassing problems with meta data. Once printed and scanned, the original word processing file is deleted and overwritten.

Remember, the job’s not done until the paperwork is finished.

Writing is Hard Work

Published
by
Richard McEachin
on November 20, 2007
in Communication, Report Writing, Sources and Training & Education
. Comment

Anybody who writes reports should have some books at hand to learn from, and for reference.

My first and best recommendation is William Zinsser’s On Writing Well. Then a serious study of The Modern Researcher by Jacques Barzun is a must. Barzun may not be pleasant reading, but he has guided untold graduate students successfully through the theses writing process. If you haven’t noticed, good investigation reporting has a lot in common with academic writing.

The Oxford English Dictionary, in some form, and Fowler’s Modern English Usage are absolutely necessary reference works. Fowler’s sorts out questions of usage. For example, when does one use licence instead of license (the first is a noun, while the second is a verb) or when to use iterate, reiterate, and reiterant.

Three more books make my list of required reading in this area:

  • The Craft of Research by Booth, et al.
  • A Manual for Writers of Research Papers, Theses, and Dissertations by Turabian, et al. (an easier read than Barzun)
  • How to Write a Lot by Paul J. Silvia. An excellent section of how to avoid pompous writing is worth the price of the book alone.

An article titled THE BOSS CAN’T WRITE by Philip Quinn, appearing in the Financial Post on Wednesday, November 14, 2007, illustrates the difficulties faced by employees and businesses due to poor literacy skills.

Botched Background Investigation

Published
by
Richard McEachin
on November 16, 2007
in Intelligence Services
. Comments

An ex-FBI & CIA agent with a brother-in-law linked to Hezbollah pleads guilty to database searches, raising questions about the security of top secret files in the war on terror.

The case raises questions about hiring practices and background checks by two of the nation’s most security-sensitive and secretive agencies… “It’s hard to imagine a greater threat than the situation where a foreign national uses fraud to attain citizenship and then, based on that fraud, insinuates herself into a sensitive position in the U.S. government.”

It seems she got somebody to marry her so she could become a citizen. The background investigation did not uncover this, nor did the polygraph examination that the US government places so much trust in.

Since this news broke it seems she held some very responsible positions and her brother, along with Prouty’s sister and others, was charged in 2006 by the U.S. attorney in Detroit with tax evasion in connection with a scheme to conceal more than $20 million in cash… and to route funds to persons in Lebanon with links to Hezbollah.” The sister is currently serving 18 months in a federal prison.

Tort for Negligent Investigations

Published
by
Richard McEachin
on November 15, 2007
in Canada, Courts, Ethics and Private Investigator
. Comment

The Supreme Court of Canada has recognised the tort for incompetent investigation. This area of law has been receiving more attention over the past decade and I expect we will see a case involving a Private Investigator over the next few years. Continue reading ‘Tort for Negligent Investigations’

The world’s smallest camera

Published
by
Richard McEachin
on November 9, 2007
in Private Investigator and Surveillance
. Comments

Taiwanese electronics corporation Misumi has what it claims is the smallest camera ever, a tiny cylinder measuring only 4.4mm in diameter and 15mm in length, capable of 320×240 pixel QVGA capture. Featuring a 1/18” colour CMOS camera chip (which might be the smallest currently available), Misumi’s MO-R803 is a “snake camera” on a bendable wire. It’s available with two different lenses – one with a 55 degree field of vision, the other a wide-angle boasting 105 degrees.

Its tiny eye being less than half a centimetre in diameter, the MO-R803 will get into a lot of hard-to-reach places, making it a useful medical tool, a very handy pipeline inspection device, and an interesting surveillance device.

Privacy & Stupidity

Published
by
Richard McEachin
on November 8, 2007
in Canada, Courts, Legislation and Privacy
. Comments

The CRA vs. Canadian men
by Karen Selick, National Post Published: Wednesday, November 07, 2007

A wonderful article about the Personal Information Protection and Electronic Documents Act (PIPEDA) and the Privacy Act and the infinite stupidity of the bureaucrats enforcing acts written by inept people who do not understand or care about the consequences of the laws they create.

Power User 109 - What’s Running on Your Computer?

Published
by
Richard McEachin
on November 5, 2007
in Power User Tips and The Investigator's Computer
. Comments

Your computer is running slow. You’ve used system cleaners and virus checkers, spyware and malware removal tools and more. Now you’re in Task Manager looking at what’s running on your computer — what in the world is crss.exe? pmmon.exe? isass.exe? You might as well be looking at ancient hieroglyphics.

Try Process Library. It allows you to search for meaningless process terms and retrieve familiar easy to understand descriptions of each process. Quickly find out if a process is needed or malicious and what to do with it. Complete with search, security rating, description, and recommended action, this is the perfect tool for cleaning up unwanted processes haunting your computer.

(Reproduced with permission from The SurfReport Vol. 96)

Paper Versus Binding & Ink Versus Paper

Published
by
Richard McEachin
on November 5, 2007
in Communication, Handwriting, Notebooks and Report Writing
. Comment


I read an article by Craig Courtice in the National Post entitled The Cult of the Moleskine and it got me a thinkin’. What makes a good notebook? Certainly not stories about famous people using it. A notebook is paper, binding, and a cover. Continue reading ‘Paper Versus Binding & Ink Versus Paper’

« Older Entries