Escaping Windows–Mac OS X

As you can see, I no longer trust MS Windows to keep my data private.

One alternative is OS X, which is a series of Unix-based graphical interface operating systems (OS) developed by Apple Inc. It is designed to run on Macintosh computers. It has been pre-installed on all Macs since 2002. This is a proven and reliable performer. Unfortunately, the switch to Apple can be expensive as it really does require Apple hardware for optimum performance.

The advantage of OS X is that it runs MS Office and that keeps the natives calm, even if they have to hunt and peck through the GUI to find things. The open source LibreOffice and Open Office are different enough from Word (and Excel) to drive the writers in your organisation, me included, absolutely mad. There really is a steep learning curve for a new word processor and spreadsheet software. Keeping MS Office also allows you to keep your templates intact. However, even on OS X, MS Office creates its own threat surface.

If you must harden MS Office by eliminating all macro’s, portable templates, and most of it’s network and workgroup features, then that is the point where LibreOffice or Open Office becomes a better option.

There is little risk of a serious malware infection of OS X itself, especially if you use Little Snitch.  OS X is easier to configure for online security as most of the work has been done for you. This isn’t the case with most versions of Linux.

Hunchly & Casefile

As I move away from Windows due to privacy and security issues, I have been looking for new software for Investigative Internet Research (IIR). Taking Casefile from one OS to another has not created any problems.

I have been watching the development of Hunchly and have tried it on Windows, Mac, and the recent Linux release with success and it works well with Casefile. Browser-based tool Hunchly  creates local copies of every page visited during a session, and organises them into a searchable database for future reference. Hunchly is a Google Chrome extension. I have some privacy and security concerns about using Chrome, but the IIR world isn’t a perfect place.

Hunchly permits the use of “selectors,” such as a name or phone number that save you from manually searching each page for the terms. In my opinion, this feature alone is worth the purchase price. The other useful features include:

  • being able to add notes to what you find
  • you can download notes as a Word document
  • all collected data is stored, tracked and accessed on your local machine–no security or privacy concerns about cloud use
  • you can export Hunchly data to a Casefile or Maltego graph.

Hunchly isn’t a replacement for Maltego, but it is a good tool for smaller IIR tasks that might later require the use of Maltego. The ability to export to Casefile or Maltego can help with further research and reporting the linkages within the collected data.

JonDo

For anonymous web surfing, at a minimum, two components are required: a proxy and a browser that doesn’t identify you. At the office, I have both and much more to protect my privacy and provide anonymity. If I have to use a Windows computer at a client’s offices, then temporary measures have to be undertaken.

The simplest solution for this, without using an anonymous VPN, is the JonDo Proxy program that will hide your IP address (Java application) and JonDoFox, a Firefox profile optimized for anonymous and secure web surfing. Using the USB doesn’t leave any traces on the computer for some snoop at the client’s office to uncover. This need Windows as the OS.

For more privacy and anonymity, you can use JonDo/Tor-Secure-Live-DVD, a secure, pre-configured environment for anonymous surfing and more. This has its own OS based on the Debian GNU/Linux OS. The live system contains proxy clients for JonDonym, Tor Onion Router and Mixmaster remailer and much more.

The advantage of the live system is that it is on a DVD, which prevents any other system from writing something dangerous to the DVD.

Using these do not make it impossible to uncover individual users, as there is no such thing as a 100% security, but for most users, this will be adequate for most situations. If you are concerned about this, I suggest you read the surveillance reports on the law enforcement page.

Privacy Settings for Firefox–History

By default, Firefox remembers your browsing history to make it easier to return to a visited site.

Select Options and then Privacy in the left hand navigation panel. Under History, open the drop-down menu labeled “Firefox will:”and tell the browser to never remember your history or use custom settings.

Selecting “Always use private browsing mode,” is for hardcore privacy, but you need to understand the implications of private browsing mode. See the Mozilla’s support pages for more information on this.

Here are the History settings that I suggest.

Uncheck the box for remembering your browsing and download history, un-check remembering search and form history, and leave the box checked for “Accept cookies from sites.” Then under “Accept third-party cookies” set it as Never, but change “Keep until:” I close Firefox. Finally check the box that says “Clear history when Firefox closes.”

This combination of settings allows Firefox to behave normally, but erases most of your activity upon closing the browser. These settings provide some measure of privacy without sacrificing functionality.

Privacy Settings for Firefox–Tracking

Firefox is the best browser for protecting your data. However, Firefox does require several setting adjustments to avoid intrusive tactics like ad tracking.

Select Options and then Privacy in the left hand navigation panel.

By default, Firefox does not enable the do-not-track feature. Turn it on by selecting “Request that sites not track you.” Also select “Use Tracking Protection in Private Windows”, which enables tracking protection that blocks ads and other online trackers when you’re in private browsing mode. However, few sites honor this request.

To enforce your do-not-track intentions, you need to use an add-on such as Ghostery, Disconnect, or the Electronic Frontier Foundation’s Privacy Badger. We have found that some sites do not to allow access to content with add-ons like these enabled.

De-Constructing Myths

Myths, rumors, urban legends, disinformation, and propaganda get amplified by the all-pervasive Internet and its trolls. Sometimes, this deluge of twaddle causes people who should know better to waste time, energy, and resources needlessly. Sometimes, it inspires a popular TV show like the MythBusters.

Urban legends and the related types of false information can cause problems in even the most well managed security operation. All it takes is one senior executive or official to believe something nonsensical and lend his authority to it. This may lead to money wasted on useless equipment and programs.

Fake Bomb-Detector

My first-hand experience with this problem includes a fake bomb detecting device that I later encountered as a detector of hidden ivory. This ludicrous device started as a fraudulant detector of lost golf balls. This scam lasted for years and made millions from sales across several continents.

I was suspicious of its use at a security checkpoint and managed to examine a unit and then do some research. Apparently, nobody else thought to do the same, even though lives were at stake.

Human Trafficking

An enduring myth exists that legions of prostitutes from all over the world descend on major events. This pernicious myth usually focuses on sporting events and it usually tries to link any masculine pursuit with human trafficking.

A version of this surfaced in 1998 when Jim Brown, the parliamentary assistant to Ontario Solicitor-General, Bob Runciman and one of Ontario`s Crime Commissioners, was forced to resign after he said Toronto’s Santa Claus parade gave fathers a chance to slip away and visit prostitutes. Senior police officers jeered at this idiocy.

More recently, this was supposed to occur at the World Cup, Vancouver Winter Olympics and at the US Football Super Bowl in February 2016.

The current trend is to equate the commercial sex trade with human trafficking. There are differences between women trafficked into prostitution, local sex workers, and those who migrate to other countries for work. However, irrational activists argue that large groups of men at sporting events result in increased demand for commercial sex that only trafficked women can meet.

On closer examination, every study I read revealed a large discrepancy between claims made before large sporting events and the actual number of resulting trafficking cases. I found no evidence that large sporting events cause an increase in trafficking for prostitution. Reputable anti-trafficking organisations, sex workers rights organisations, and  many neutral researchers and observers also refute this claim.

Yet despite the lack of evidence, this urban legend persists. It persists due to the large number of militant reformers, politicians, and journalists who profit from it. This urban legend provides inexpensive fundraising and publicity for agendas that include misandry, prostitution abolition, halting immigration, and exaggerating foreign threats.

This sensationalism breeds a waste of limited resources. For example, the airports at San Francisco, Oakland, and San Jose and underwent training to spot victims of trafficking in advance of the Super Bowl. Would you like to guess how many trafficked women they found?

Twitter Yearly Search

Have you ever needed to get all the Tweets from a subject during a specified time like everything in 2014?

When doing this type of search, first find the user’s first Tweet. You may do this by going to the Discover your first Tweet page and enter the users name and you will get the first Tweet and its date.

To search a full year’s Tweets isn’t difficult. Just go to the Twitter search box and enter the following:

from:user name w/0 @ since:2014-01-01 until:2014-12-31

The date format must be yyyy-mm-dd. Of course, you may enter any data range. You may also use the Twitter Advanced Search.

Verbatim

In Google, Verbatim is not a command. If Google misbehaves by including strange terms that have nothing to do with your search statement, or if the search results entirely ignore some of your seach terms, then apply Verbatim to the search results by selecting ‘Search tools’, then ‘All results’  and  finally ‘Verbatim’.  Doing this will force Google to search on all of your terms without dropping any or looking for variations and synonyms.

Phone Numbers on the Web

The Phone Archive  says it searches USA based phone numbers usages and context snippets on webpages and documents found on the Web. This is operated by the same folks that run The Email Archive that I found less that useful earlier this week. This site is much more useful.

While they advertise this as searching US based phone numbers I found it useful for finding references to any phone number in the NA numbering plan. I found numbers in Canadian, Panama, and Caribbean islands.

I haven’t compared results to the large search engines, but this is a useful resource.

Finding E-mail Addresses

Finding email addresses and connecting them to a specific person has become a fundemental research task. However, to make connections between a specific person and other things of interest, you first must have an email address.

A new source for this data has appeared and it is called The Email Archive.  It advertises that it searches email address usages and context snippets on webpages/documents. However, when I search my name I get nothing. When I search an email address that is all over our sites, I get nothing. I noticed that this seems to only focus on USA related data.

Web Proxies & User Agents

A web proxy provides an easy way to change your IP address while surfing the Internet. They don’t require software or modification to your networking settings.  You just enter a website address and the sites you visit through the proxy see an IP address belonging to the proxy rather than your IP address.

I am very cautious about using web proxies as you never know who actually operates it and what data they might collect as you use it. You also don’t know  to whom they might give that data. On the other hand, I have found one that has a useful feature.

nroxy offers all the usual web proxy features plus something interesting–it offers the ability to change the user agent.  For example, some web sites cannot be viewed properly using Firefox. Sometimes it is an old site that requires MS Internet Explorer (IE) or it may be a site designed for mobile devices. This proxy offers user agents typical of 5 mobile devices and a long list of browsers.

To get the information I need I am finding it necessary to switch user agents more often. Usually, I use the User Agent Switcher extension that adds a menu and a toolbar button to switch the user agent of a browser. It allows you to chose from three versions of IE or an iPhone. Selecting the iPhone user agent often reveals additional  functionality on the site. The extension is available for Firefox and will run on any platform that this browser supports including Windows, OS X and Linux.

Now I have another option when I need to change the user agent and I get the additional proxy features as well.

Darknet Proxy

Normally,  you must connect to the underground network known as the darknet by using the Tor browser to view pages hosted there. I recently found a new way to view pages without the need for the TOR browser. It’s a free service called Tor2Web.

As an example, the DuckDuckGo page on the TOR network is https://3g2upl4pq6kufc4m.onion/. If you try this in your noraml browser, you won’t get anything as this requires use of the Tor browser to connect to the server. If you go to Tor2Web and insert the above link you will connect through the Tor2Web proxy. This is is a pure proxy that forwards requests to the hidden service. Alternatively, you can just add .to to the address of the hidden service as in https://3g2upl4pq6kufc4m.onion.to/.

The Tor2Web site warns that it cannot offer any anonymity for the visitor., saying “both onion.to and the hidden service itself can see the visitor’s IP address, and use browser fingerprinting to track users across different sessions.” However, Tor isn’t as anymous as you might think even when you use the Tor browser.

For something that doesn’t require anonymity this is a quick and simple solution.