I wrote about the dangers of mobile telephones a while back. Now we have a new term for the abuse of GPS tracking associated with mobile telephones — Geoslavery.
This story links geoslavery to the probable murder of Stacy Peterson.
Monthly Archive for December, 2007
A few weeks ago I wrote about a botched background investigation of a former FBI and CIA Intelligence Analyst who entered into a sham marriage to gain citizenship. It turns out that she had ties to Hezbollah.
Now a US Marine Captain has plead guilty of helping the potential Hezbollah operative gain citizenship in the same way she herself did. Read Hezbollah: Signs of a Sophisticated Intelligence Apparatus to see how an incompetent background investigation can have far-reaching implications.
the cases demonstrate that the FBI, CIA and Marine Corps all failed to detect this web of sham marriages when they conducted background investigations on the women in question, especially since the marriages were within the seven-year investigative window required for Prouty’s FBI clearance and Spinelli’s enlistment in the Marine Corps. A full field background investigation should have been able to determine the nature of the sham marriages, given that the women never lived with their purported husbands.”
The National Post Opinion page has an excellent article about the Ontario Government’s failure to properly archive digital material. This is not a problem unique to Ontario. The article mentions the Ontario Auditor-General’s Report (Ch. 3 pg. 44 & 45) that was critical of the Ontario’s progress with this issue.
This is an important issue as the Auditor-General’s reports states, Ontario is missing 20 years of archived records due the failure to address the technical issues surrounding archiving these records.
I came across an excellent article on the Hybridsem blog about how to craft advanced search engine queries using Google, Yahoo and MSN .
In a letter to Ask.com, EPIC and several other privacy organizations have asked CEO Jim Lazone to change AskEraser, a new search tool that the company says “will offer its searchers unmatched control over their privacy.” After a study of the search product, EPIC found that Ask Eraser (1) requires an opt-out cookie, (2) creates a quasi-unique identifier, and (3) will be disabled without notice. All three attributes create substantial privacy risks for Internet users.
Apart from the cookie issues the following is quite disturbing when you read the ask.com news release describing AskEraser and the following in the EPIC letter:
Ask inserts the exact time that the user enables AskEraser and stores it in the cookie, which makes identifying the computer easier. The letter recommends using a session cookie that expires once the search result is returned.
Ask’s Frequently Asked Questions for the feature notes that there may be circumstances when Ask is required to comply with a court order and if asked to, it will retain the consumer’s search data even if AskEraser appears to be turned on. Ask does not notify searchers when the feature has been disabled and misleads them into believing their searches aren’t being tracked when they actually are, the EPIC letter said.
We wrote about this here in Ten Private Investigators Indicted on 7 Dec 07.
Wired Magazine has posted the Indictment of the accused who allegedly employed false pretenses to gain personal information. A related Wired article compares this type of pretexting to the HP mess.
The accused are from Washington, California, Oregon, Texas and New York:
Emilio Torrella, BNT Investigations, Washington State
Brandy Torella, BNT Investigations, Washington State
Steve Berwick, BNT Investigations, Washington State
Victoria Tade, C.I., Inc., California
Megan Ososke, P.I. and Information Services, Oregon
Robert Grieve, Robert Greive International, Texas
Ziad Sakhleh, Robert Greive International, Texas
Darci Templeton, sole proprietor, Texas
Patrick Bombino, AAA Allstate Investigations, New York
Esau Pinto, AAA Allstate Investigations, New York
The Indictment alleges that BNT supplied the improperly obtained personal information to the PI’s for a fee. BNT was not identified as a private investigation firm in the Indictment, but was identified as a company that sold its pretexting services to PI firms. Some of the PI firms even advertised for sale to other PI’s what they were obtaining from BNT.
Accusations #17 and #21 allege that BNT obtained medical information by pretext, much in the same way as was revealed by he Royal Commission of Inquiry into the Confidentiality of Health Records in Ontario, Canada, by Mr. Justice Horace Krever.
Secret sources always introduce reliability problems into an investigation or research project. For example, is the source lying; does the source even know what he’s talking about; is the information old; and is this a trick of some kind? Is the secret source doing something illegal to obtain the information?
Open sources, on the other hand, can be fact-checked in real-time through multiple sources. Open sources can be properly identified and the collection method can be explained fully.
OAKLAND, Calif., Dec. 10 —Will privacy sell? Ask.com is betting it will. The fourth-largest search engine company will begin a service today called AskEraser,which allows users to make their searches more private. Ask.com and other major search engines like Google, Yahoo and Microsoft typically keep track of search terms typed by users and link them to a computer’s Internet address, and sometimes to the user. However, when AskEraser is turned on, Ask.com discards all that information, the company said.”
To understand what Open Source Intelligence (OSINT) can uncover and how it is, and is not used, I suggest you read the following documents:
South Korea – Concerns have re-emerged over the illegal transfer of high technology abroad, which has been worsening in recent years, in the wake of the latest leak case in which industrial spies handed over key automobile building technology of Hyundai Motor to Chinese firms.
Prosecutors Friday arrested two Hyundai Motor employees, who stole core technology for the automatic transmission of a sports utility vehicle (SUV) that the carmaker has developed with an investment of 300 billion won ($323 million) for two years, to a Chinese carmaker….
Samsung Electronics, for example, has already adopted an advanced security system in its Digital Media Research Center, where each researcher’s location can be traced through satellite-recognized identification cards, in addition to anti-eavesdropping devices.
Rapid7 announced that an attacker with a directional antenna and a laptop can eavesdrop on wireless keyboards manufactured by Microsoft, Logitech, and other vendors, capturing every keystroke from a distance of over 30 feet away. This leaves corporate networks open to illicit intrusion and data theft that will probably look like a data breach originating from within the company.
For a look at the hacker will get, go to this interesting presentation.
Would this be Reckless Personal Information Handling if this vulnerability was exploited at your company?
Our first Google-Free Wednesday was a resounding success. We searched for people and found them. We searched for telephone numbers and addresses without difficulty. Information on companies, both domestic and foreign, was uncovered. The main players in an industry identified. A government programme was examined. All without Google!
Accoona proved to be particularly useful in its EU version. For more information about this search engine read this article.
An excellent article posted at Kent’s Imperative on 30 Nov 07, titled On the origins of competitive intelligence, offers some insight into how long Competitive Intelligence has been with us.
The oldest volume we have yet uncovered is a series of reports first published in 1913 from commercial intelligence officers who advised the British government. The piece was presented to Parliament and was made available for general sale through the Stationary Office…
…a few texts which for too long languished undiscovered in the stacks, and rarely cited in the literature – such as the 1966 volume Business Intelligence and Espionage by Richard Green, as explicitly a competitive intelligence work as any we have seen. The book also cites information from a series of business intelligence conferences, held starting in the 1930’s.
Have you noticed how one falls into a rut? For instance, Google is just so easy to use. It sits there in my browser as a toolbar. I use it all the time, dozens of times a day. But what if it wasn’t there today?
I’ve decided to declare Wednesday as a Google-free day. I will use Ask.com, Canuckster.com, CanFind.ca, Exalead.com, Live.com, Yahoo.com. I will use Graball to compare search engine results side by side. I will use Copernic Agent to search multiple search engines.
This will be an opportunity to learn the features and weaknesses of these search engines. It will be an opportunity to get out of the Google rut.