Monthly Archive for June, 2009

Internet Honeypots

 A honeypot is a trap set to attract (or detect) some manner of interaction with an information system.

FBI posts fake hyperlinks to snare child porn suspects

The FBI has recently adopted a novel investigative technique: posting hyperlinks that purport to be illegal videos of minors having sex, and then raiding the homes of anyone willing to click on them.

Undercover FBI agents used this hyperlink-enticement technique, which directed Internet users to a clandestine government server, to stage armed raids of homes in Pennsylvania, New York, and Nevada last year. The supposed video files actually were gibberish and contained no illegal images…

The implications of the FBI’s hyperlink-enticement technique are sweeping. Using the same logic and legal arguments, federal agents could send unsolicited e-mail messages to millions of Americans advertising illegal narcotics or child pornography–and raid people who click on the links embedded in the spam messages…

Civil libertarians warn that anyone who clicks on a hyperlink advertising something illegal–perhaps found while Web browsing or received through e-mail–could face the same fate.

When asked what would stop the FBI from expanding its hyperlink sting operation, Harvey Silverglate, a longtime criminal defense lawyer in Cambridge, Mass. and author of a forthcoming book on the Justice Department, replied: “Because the courts have been so narrow in their definition of ‘entrapment,’ and so expansive in their definition of ‘probable cause,’ there is nothing to stop the Feds from acting as you posit.”

Iranian HoneyPots

The Iranian authorities are creating a different type of honeypot to catch people who may object to the re-election of Ahmedinejad and his crowd.

Marked for Death by Twitter

But in recent days people believed to be members of the Iranian security apparatus have set up apparent decoy Web sites about the demonstrations to gather IP addresses that will allow them to locate the computer of anyone tricked into clicking on them. Others—again believed to be government agents—have begun what appears to be an active campaign to mis- and dis-inform through Twitter postings.

Web 1.0, 2.0, & 3.0 Expained

How often have you hear the terms Web 2.0, Web 3.0, or semantic web, and realized you don’t even know what Web 1.0 is?  Well, here is the article that explains it all in very few words and some good slide presentations:

Web 3.0 Concepts Explained in Plain English

Je Suis un Flâneur

This falls in the category of:

What They Don’t Teach at Detective School.

Flâneur (feminine, “flâneuse”) translates literally as  a loafer or a person who loiters,  but the poet Charles Baudelaire defined it as a passionate observer.

“There is no English equivalent for the French word flâneur. Cassell’s dictionary defines flâneur as a stroller, saunterer, drifter but none of these terms seems quite accurate. There is no English equivalent for the term, just as there is no Anglo-Saxon counterpart of that essentially Gallic individual, the deliberately aimless pedestrian, unencumbered by any obligation or sense of urgency, who, being French and therefore frugal, wastes nothing, including his time which he spends with the leisurely discrimination of a gourmet, savoring the multiple flavors of his city.” (Cornelia Otis Skinner, Elegant Wits and Grand Horizontals, 1962, Houghton Mifflin, New York)

The essential elements of the flâneur are also the essential elements of being a good investigator, reporter, researcher, and any other job that requires a well-developed ability to observe and report.

Recycling Your PC & Cell Phone

The PC and mobile phone have become centrepieces of our business, but what do you do with them when you replace them? These two article outline what is happening in Canada to address this problem.

Canadian recycling options for your old cell phone and computer

No one truly knows how many old cell phones and computers are currently festering in Canadian homes across the country, but the options for recycling them are finally starting to increase.

The days of a desktop or laptop lasting over five years have pretty much come and gone. A cell phone will probably get two years at the most, but even that’s probably more an exception than the rule. So, naturally, a quicker turnaround in new product has dwindled the lifespan of older models, which means an alarming number could easily end up in landfills. Add up all the chemicals and contaminants inside, and you have a toxic mess.

 Canada’s changing supply chain for recycled electronics

 Electronics made from recycled materials are beginning to hit the market slowly but surely, and with that may come new supply chains that could change the way manufacturers design and make new products destined for consumers and businesses

Jury Vetting Scandal in Ontario

The jury vetting scandal in Ontario illustrates what happens when an act (in this case the Juries Act) assumes that the bureaucracy will act properly and in good faith. Shannon Kari, the reporter, quoted me in the National Post this morning.

No move to set up outside review into secret juror checks

The Ontario government has agreed that the broad background checks, which led to notations on jury lists that included mental heath data and comments such as “dislikes police” went too far…

Richard McEachin, who runs a Toronto-based company that does data research for private clients, said he was not surprised Versadex was used. “The main CPIC criminal record database has a robust audit trail and procedures to prevent abuse,” he said…

He echoed the views of Mr. Stuart, that any criminal record searches should only be on behalf of the court sheriff.

“This would create a visible and dated audit trail,” Mr. McEachin said…

Chickipedia

I recently read a news article that mentioned Chickipedia.  I immediately began searching this site. I found porn stars, actresses, athletes, and many more.  If a local paper can find a drunk driver in this thing, maybe I could find the subject of an investigation. I searched using names, city names, and occupations. Every search returned valid results.  Too bad there are only 9,177 ladies profiled on the site. Too bad I didn’t find the subject of an investigation.

Social Engineering Tactics

Top 10 Social Engineering Tactics

A social engineer is someone who uses deception, persuasion, and influence to get information that would otherwise be unavailable. To social engineers, the fact that “there is a sucker born every minute” gives them the opportunity to circumvent some of the most secure data centers in the world.

Chained Exploits: Advanced Hacking Attacks from Start to Finish

Nowadays, it’s rare for malicious hackers to rely on just one exploit or tool; instead, they use “chained” exploits that integrate multiple forms of attack to achieve their goals. Chained exploits are far more complex and far more difficult to defend. Few security or hacking books cover them well and most don’t cover them at all. Now there’s a book that brings together start-to-finish information about today’s most widespread chained exploits–both how to perform them and how to prevent them.

Versadex

The recent  controversy surrounding the improper investigation of potential jurors in Ontario has exposed some of the information the government has on Canadians and their contact with the police. One such database is known as Versadex.

National Post editorial board: Ontario stonewalls justice, one mistrial at a time

The Versadex database administered by the Canadian Police Information Centre contains information obtained by police on any call to a private address, even if that call did not lead to an arrest, and appears to contain other informal police annotations concerning individuals. Notes on mental health status are included.

The term Versadex, refers to a  family of products from Ottawa-based Versaterm which produces public safety software.  Versaterm produces Computer Aided Dispatch (CAD) software with integrated E911 emergency response, (along with advanced mobile workstations in the patrol vehicles, this puts vital information at police officers’ fingertips) and the Police Records Management System (RMS) for gathering intelligence and disseminating information on involved individuals, businesses, vehicles and locations. The Records Management System (RMS) is the core of the Versadex software suite.  When RMS is fully integrated with both PoliceCAD and the Mobile Workstation they ensure a seamless information flow.

Microsoft Bing

What is Bing?

Bing is now the official MS search engine.  Don’t bother searching Google for information about this evolution of Live Search. Here is the stuff you need to understand and use Bing.

According to Microsoft CEO Steve Ballmer, Bing is a decision engine”

More than just a rebranding of Live Search, Microsoft is repositioning Bing as a “decision engine,” with a goal “to provide customers with intelligent search tools to help them simplify tasks and make more informed decisions,” according to a Microsoft spokesperson.

Bing’s “decision engine” will begin by focusing on four key vertical areas: making a purchase decision, planning a trip, researching a health condition or finding a local business.

Bing includes some advancements to Live Search’s core search, such as entity extraction and expansion, query intent recognition and document summarization technology. It also offers a new user experience model, which changes based on the query to offer more relevant decision-making tools.

Search Language

The search language seems to be the same as Live.com. The Bing Virtual Presskit outlines the features and search syntax quite well.

Feature Comparison

PCWorld has written a good article about the  comparative merits of Google, Yahoo and Bing.

G Vs. B

If you want to compare the results you get with the  same search term in Google and Bing go to Google Versus Bing.

Reviews

The reviews seem to imply Bing is like Bullwinkle saying, “watch me pull a rabbit out of my hat,” while Rocky looks on, having seen this trick fail every time saying, “oh Bullwinkle …” But Bullwinkle insists, “this time for sure!”

Karen Blakeman and Phil Bradley both feel that Bing offers nothing  innovative. However, I like xRank which keeps track of notable people and puts them in order for you. This tends to be US-centric but it seems to help with Canadians and people with a strong web presence.  I suspect that this has improved with the launch of Bing.

The other thing I like about Bing is the video search. I like how the results are presented.

What’s Bing Good For?

As a researcher, I find Bing good for two things. Searching for info about people and for its video search.

I have always liked xRank and it seems to be a bit better for Canadians in Bing, or it could be the strong bias in the results depending on where you are located that makes it work better in Bing. In the Extras>Preferences it allows you to select the location that creates this bias. (I have not been able to maintain the changes I make to the preferences from one session to another. This could be how I have the browser set-up.)

When I search by a person’s name, I change the preferences to indicate the city where the person lives and I get different results than if I leave it set to here Bing thinks I am located. I also shut-off the porn filter. Both of these changes will affect the result you see. In any case, this is the general purpose search engine to use for searching on a person’s name.

The  video search allows you to see a preview of the videos before selecting any, this is a real time saver. This won’t replace blinkx or Samepoint but it is quite functional.

PI Shot During Surveillance

Mistaken for turkey, private investigator shot

By ROCCO LaDUCA, Observer-Dispatch, Posted May 29, 2009 @ 04:29 PM, Last update May 29, 2009 @ 07:27 PM, ANNSVILLE —

Unfortunately, Wehnke never took the time to confirm that what he was shooting at was in fact a turkey, investigators said. Instead, Wehnke shot a 26-year-old private investigator from New Jersey named Matthew Brady.

But this was no ordinary investigator. Brady had been sent to the Mohawk Valley to investigate Wehnke concerning matters of worker’s compensation, investigators said.

Falsely Accused Can’t Censor Court and Police Records

A person falsely accused of a crime in Ontario does not have the right to censor the records lawfully held by the police and by extension, the records held by the courts according to the Ontario Court of Appeal.

This decision is important as it ensures, at least for the time being, that records held by the Ontario criminal courts are available when searching for background information. If this decision went the other way, then many would seek to interpret it  as meaning that copies of the Information and related court documents would in some way be subject to censorship.

Once the Cat’s Out of the Bag

I started with a very interesting article about what you might find in a college newspaper that would be interesting to an investigator.

One thing leads to another and I also found an article about a study of how quickly social sites remove pictures. Some sites take up to 30 days to really get rid of the offending images. This is an important thing to understand if your are looking for derogatory pictures.

Your (journalistic) past can haunt you online

Once the cat is out of the bag, you probably won’t be able to catch her and stuff her back inside…

That (now) embarrassing article you wrote for your college newspaper three years ago? It’s still online. And when people Google you, they find it…

Apparently a lot of student newspapers are receiving requests from former student writers to remove or “hide” (from Google) articles of which they are now ashamed…

…requests by former students who were featured in articles in the student newspaper. Campus police arrests for drunkenness, that sort of thing. They would like those articles to be removed or “hidden.”…

Here’s a related story about someone trying to get an old newspaper story erased from the search engines. Article published in The Seattle Times on Aug. 15, 2008.

Websites keep deleted photos, study shows

Cambridge researchers have shown that photos aren’t always deleted when users ask, causing a major ‘data remanence’ issue for cloud computing.

According to a study of 16 social networking, blogging and photo sharing sites…most of them failed to remove photos after users deleted them…

Mocospace

Mocospace is similar to Myspace, except it is for dating and casual sexual encounters. Some of the profiles are definitely x-rated. It is also a large social network with a claimed 6 million subscribers. It’s real interesting when you find the subject of an investigation in this social network site. If you know the subject’s mobile phone number, then that is the best search term.

Detecting Deception

Judging Honesty by Words, Not Fidgets
by BENEDICT CAREY, Published: May 11, 2009 in The New York Times

In several studies, Dr. Colwell and Dr. Hiscock-Anisman have reported one consistent difference: People telling the truth tend to add 20 to 30 percent more external detail than do those who are lying. “This is how memory works, by association,” Dr. Hiscock-Anisman said. “If you’re telling the truth, this mental reinstatement of contexts triggers more and more external details.”

Not so if you’ve got a concocted story and you’re sticking to it. “It’s the difference between a tree in full flower in the summer and a barren stick in winter,” said Dr. Charles Morgan, a psychiatrist at the National Center for Post-Traumatic Stress Disorder, who has tested it for trauma claims and among special-operations soldiers…

This approach, as promising as it is, has limitations. It applies only to a person talking about what happened during a specific time — not to individual facts, like, “Did you see a red suitcase on the floor?” It may be poorly suited, too, for someone who has been traumatized and is not interested in talking, Dr. Morgan said. And it is not likely to flag the person who changes one small but crucial detail in a story — “Sure, I was there, I threw some punches, but I know nothing about no knife” — or, for that matter, the expert or pathological liar.