Little Snitch

Just to be different, I started using a Mac to do some IIR. One of my quick fixes for security was  Little Snitch, a firewall for OSX. It monitors outgoing network traffic and alerts you if a program you’re running is trying to contact a strange server. This could be a shell or a program that snaps photos using your webcam or one that takes screenshots and sends them to an outside server.

Android Phone Security Risk

Android handsets ‘leak’ personal data

Many applications installed on Android phones interact with Google services by asking for an authentication token …

Sometimes, found the researchers, these tokens are sent in plain text over wireless networks. This makes the tokens easy to spot…

Armed with the token, criminals would be able to pose as a particular user and get at their personal information.

Even worse, found the researchers, tokens are not bound to particular phones or time of use so they can be used to impersonate a handset almost anywhere.

Now what might an unscrupulous person do with this? Might one be able to observe a person using his Android phone, capture the  token, then use it to find-out more about the person?

Only in the U.S. — Pity

The Identity Theft Evidence Trail

In June 2004, the Cantwell/Enzi amendment of a federal bill called FACTA finally permitted ALL identity theft victims access to the credit applications and the transaction records in accounts opened fraudulently in their names. The reality is that once an account has been identified as fraudulent, the credit issuer must provide application and transaction information to you and to the designated police, as long as you send a police report with your request. That law is FCRA section 609(e).”

Criminal Check Delays

Ontario Police Check Backlog Frustrates Many

Previously, the criminal database was only checked for a close match to the surname and date of birth of applicants.

If this doesn’t bring up a hit, the new system now checks for matches to the sex and birthdate of the applicant only.

If there’s a match, finger prints have to be sent to the RCMP.

“The reason behind that is because some provinces don’t link previous criminal records to a name change,” said Marc LaPorte, a spokesperson for RCMP Ontario. “It’s a more rigorous check.”

This helps identify those who have changed their name after being pardoned for a sexual offense when checking the pardoned sex offender portion of the Canadian Police Information Centre (CPIC). The delays due to the new policy are country wide on all Vulnerable Sector Checks.

Effective August 4, 2010, The Minister of Public Safety’s new Ministerial Directive Concerning the Release of Criminal Record Information by the Royal Canadian Mounted Police (RCMP) governs the use and disclosure of criminal record information maintained by the RCMP. This new directive replaces the previous ministerial directive, which was in effect since 1987.

The new policy is located at:


Dyed hair and false beards are childish. Mere physical traits are of little use for identification. Context or ‘atmosphere’ are what matters.

If your subject gets into entirely different surroundings from those in which he was first observed — and this is the important part — really plays up to the new surroundings and behaves as if he had never been out of them, then he would be invisible to even the cleverest Private Investigator.

A fool tries to look different; a clever man looks the same and is, at the same time, different.

The deceiver assumes the new role by actually becoming the person he is impersonating. He is quietly absorbed into his new surroundings. In essence, the person you are seeking may be hiding in plain sight.

In Plain Sight

When he’s out and about near his Denver home, former Broncos quarterback John Elway has come up with a novel way to travel incognito—he wears his own jersey. “I do that all the time here,” the 50-year-old Hall of Famer told me. “I go to the mall that way. They know it’s not me because they say there’s no way Elway would be wearing his own jersey in the mall. So it actually is the safest thing to do.”  (Source:

Mutilated Fingerprints

To avoid ID, more are mutilating fingerprints
Police say scarring can thwart detection

So desperate was one man to conceal his identity that he began biting his fingers and drawing blood while being booked.

Some have used eyedroppers filled with acid or pressed their fingers onto burning metal to blot their fingerprints. Others have spent thousands of dollars to hire shady doctors to surgically alter their fingertips, hoping to scar them beyond recognition.

UK to Axe Identity Card Scheme

National identity card schemes usually end badly for somebody, usually the average citizen. These overpriced schemes usually assist death-by-government programmes or become one point of failure that usually fails through corruption and/or criminal action.

Identity cards scheme will be axed ‘within 100 days’

The National Identity Card scheme will be abolished within 100 days with all cards becoming invalid, Home Secretary Theresa May has said.

Evidence of a Person’s Identity

Question #10 is, “What evidence do you have that this is all true?”

Identity documents and what the person in question tells you are not sound evidence of a person’s identity. A person’s identity is  rooted in their life — where they have lived, worked, gone to school, their relatives and friends.

Countries that have a national identity card system run the risk of the identity card becoming  the single point of failure by making the card the only source of identity information. When this happens, the crook can hide behind the card produced by a compromised system.

If you are in a position that requires you to test claims of identity, then you have to dig deeper for supporting documentation and verification.

The best place to start digging is the persons employment. This may be faked by providing fake companies with phone numbers that are answered by confederates. Check for the  existence of the firms before contacting them. A good place to start is to Google the firm’s phone number to see if appears associated with the firm and nothing else.

For current residence ask for utility bills and home insurance policies. A faker may have a utility bill but they rarely pay for a fake home insurance policy.

When checking references, always ask for the names and contact details of the subject’s friends and family. Of course, you rarely get this, but you may get  useful corroborating data, or you may learn that these people don’t really know the subject if they do not know any of his friends or family.

The Passport

Questions #8 and #9 are, “What is your passport number?” and “Where was it issued?”

Most people regard a passport as the most reliable and secure identity document. However, this is far from the truth of the matter. For example, Citizenship and  Immigration Canada does not accept certain travel documents because they are easily forged or obtained through fraud.

On March 11, 2010, CIC amended the Immigration and Refugee Protection Regulations to clarify the factors used to determine which travel documents can be used to apply for a visa, and to travel to or enter Canada.

Under the new Regulations, the following travel documents are considered unreliable and are not acceptable for entry into Canada:

  • any passport claiming to have been issued by Somalia,
  • non-machine readable passports issued by the Czech Republic,
  • temporary passports issued by the Republic of South Africa, and
  • provisional passports issued by Venezuela.

We have not found any way to link a passport number to the issuing country and the person named in it. Nor, have we found a reliable source of information about how to recognise a forged passport. This makes relying on such a document without expert knowledge and the resources of a government department unwise.

If the current passport was issued through an embassy outside the country of residence, then you may have reason to investigate further. Also, remember, it is easier to make yourself look like the person pictured in the passport than it is to forge the passport. If you have any doubt that the person in the passport is the person before you, then action must be taken.

Phone Numbers and Identity

Question #7 is, “What are your phone numbers?”

I always ask for home, work, fax, and mobile numbers.  I always Google these numbers and search them in D&B and other databases with a telephone number field. It is amazing what turns-up when you do this. For example, dozens of businesses using the same fax number, or prostitution ads using the same number. Things like this have to be investigated.

I recently found a subject’s mobile phone number on eBay where he was selling goods from his former employer who found this very odd, but the police didn’t — they charged him with a series of thefts.

Email addresses should be treated in the same manner but also search for usernames and social sites associated with the subject.

Guide to Names and Naming Practices

Question #1 is, What is your name?

This isn’t a simple question. For example, Russian surnames have masculine and feminine versions. The UK government provides A Guide to Names and Naming Practices to help guide its personnel through the process of understanding names from other cultures. This guide is the best of its kind that I have seen.

What’s Your Address?

Question #6 is, Where do you live?

This isn’t as straightforward as it seems. People often have mailing addresses, contact addresses for service of process, employment addresses, and an address for government contact. You have to sort through all this and determine what each address is used for and then determine where the person actually resides. As a matter of course, you verify that the provided address is a residential address and that he or she does in fact live there. (The best verification is that you find him at home in the evening in the middle of the week.)


Question #5 is, “What is your Social Security Number or Social Insurance Number?”

The SSN in the USA and the Social Insurance Number (SIN) in Canada are national identifiers.

In Canada, it is rare to find somebody with two Social Insurance Numbers (SIN).  Where this happens it may be a case of clerical error or a reference to a former SIN appropriated by an identity thief. Both reasons are  extremely rare. In thirty years I have only encountered this once. The Canadian SIN is used as an identifier less than the SSN is in the USA. In Canada it is primarily used as an identifier between the person and government.

In the USA, the case is somewhat different. When searching through database aggregators such as IRB, it is common to find a subject referenced with two or three Social Security Numbers (SSN). Here are some of the reasons a person may show-up with multiple SSN’s:

  • a wife’s or child’s SSN could end up with father’s name
  • a parent’s SSN could show up with a child
  • the subject bought something with someone else and the SSNs could end up with each other’s name
  • the database producer is relating several SSN’s to one address
  • an error by whoever entered the data

You need to understand these national identifiers and be able to determine if they are valid or not, and determine if the person using the number is the person to whom it was issued.

Place of Birth

Where were you born?

This is Question #4.

This may tell you that the subject immigrated to your country and may not be a citizen. A citizen of another country may  have loyalties that pose a security risk or the country of origin may have a culture with a history of producing criminals. This person may not have a legal right to reside in your country. It is important to understand these things for a variety of reasons. For example, an employer may be at risk of prosecution for employing an illegal immigrant. In a fraud, the proceeds of the crime may be sent to another country.

Starting Over with a Name Change

What was your name at birth and have you ever changed your name?

This is Question #3

If the person now has a different name than at birth, then you have to ask more questions about why the change occurred.  If the person chose to change his or her name, then you need to learn why this occurred, when it occurred, and most importantly, where it was done if you need to confirm the legal name change. You may also have to search for legal name changes in a variety of jurisdictions. It is not uncommon for a person to change his name legally in one jurisdiction while living in another.

In many common-law countries you may, theoretically, change your name without legal intervention if you do so for no improper purpose and the name is yours permanently after seven years. However, the bureaucracies in charge of identifying documents don’t exactly make this easy for obvious reasons.