Archive for the 'Power User Tips' Category

FireFox V.10

Published on February 2, 2012 in Methods, Power User Tips, Search Leakage, The Investigator's Computer and Web Worker. 0 Comments Tags: , .

The biggest change in V.10 that most Firefox users will see is the smaller number of add-ons marked as incompatible. About 80 percent of all add-ons should now be compatible. Previously, most add-ons would break when Firefox released a major update.

V.10 seems to work much better than any V.9 iteration. No more crashing and the add-ons and extensions work properly. I guess I will be able to stay with Firefox for a while yet.

Extended Support Release

Mozilla also released the enterprise version of Firefox, called ESR (Extended Support Release), which will release updates on a slower cycle (once per year) so that businesses don’t have to worry about their internal tools and security protocols failing. This should help make Firefox more popular in the corporate world.

 

The Clean Machine

Published on January 27, 2012 in Methods, Power User Tips, Private Investigator, Security and The Investigator's Computer. 0 Comments Tags: , .

When doing IIR, the computers must be free of malicious code (S. 31 Canada Evidence Act). We often set aside a computer for this purpose after doing some Spring-Cleaning. But how we prepare the machine for the installation of the clean version of the OS and application software is important.

We use Darik’s Boot and Nuke (“DBAN“) which is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which also makes it an appropriate utility for bulk or emergency data destruction. DBAN is a means of ensuring due diligence in computer prepartation for IIR. It is also a good way to periodically clean a Microsoft Windows installation of viruses and spyware.

 

Securing Firefox – Configuration Settings

Published on January 23, 2012 in How to Become a Professional Private Investigator, Methods, Power User Tips, Privacy, Private Investigator, Search Leakage, Security, The Investigator's Computer, Training & Education and Web Worker. 0 Comments Tags: , .

This is about stopping the dreaded disease, Data Diarrhea. The websites you visit can leave behind a trail of data on your computer and in their server logs. All of this Data Diarrhea can identify the Investigator and this can complicate the problem he is trying to solve. Lax privacy & configuration settings may also leave the Investigator’s computer vulnerable to attack by hackers.

This article describes more advanced methods of customizing Mozilla applications, by editing the configuration files.

about:config entries

about:config is a feature of Mozilla applications which lists application settings (known as preferences) that are read from the profile files prefs.js and user.js, and from application defaults. Many of these preferences are not present in the Options or Preferences dialog. Using about:config is one of several methods of modifying preferences and adding other “hidden” ones.

Editing the user.js and prefs.js files are an alternative method of modifying preferences and recommended for very advanced users only. Unless you need a prefs.js and/or user.js file modified for a specific purpose, you should use about:config instead.

This article refers to the Firefox V. 9 edition of the browser. These entries may have adverse effects on Thunderbird and Mozilla Suite/SeaMonkey and older versions of Firefox. These settings will affect all profiles of the browser.

In Firefox, type about:config in the Location Bar (address bar) and press Enter to display the list of preferences. You may get a warning page next, just click OK and move on.

about:config > browser.display.use_document_fonts > change value to 0

0: Never use document’s fonts
1: Allow documents to specify fonts to use
2: Always use document’s fonts (deprecated)

Don’t let the site access to the fonts on your computer. That grants too much access that can be abused.

about:config > browser.sessionhistory.max_entries > change value to 2

The maximum number of pages in the browser’s session history, i.e. the maximum number of URLs you can traverse purely through the Back/Forward buttons. Default value is 50.  Set it to 2 so that the site you visit can’t see where you have been during your Investigative Internet Research (IIR) assignment.

about:config > dom.storage.enabled > double click to false

dom.storage.enabled is a mechanism allowing web pages to store information with a web browser (similar to cookies) called “client-side session and persistent storage.” Although use of session storage is subject to a user’s cookie preferences, this preference allows it to be disabled entirely.

about:config > geo.enabled > double click to false

True is location aware browsing enabled. Default is true. You want to disable this. See http://www.mozilla.com/en-US/firefox/geolocation/ for details of geolocation in Firefox.

 

The Cost of Investigative Internet Research

Published on January 16, 2012 in Courts, How to Become a Professional Private Investigator, Methods, Power User Tips, Private Investigator, Report Writing, The Investigator's Computer and Training & Education. 1 Comment Tags: , .

Why does it cost so much just to look on the Internet?”

I get this question a lot, and too often from “professionals” who should know better. I will list a few of the reasons here.

To begin with, I never know how the research results will be used in the future. That means that the results must be properly documented so that it would be reproducible if someone else with similar skill did the searches at the same time as I did.

If at some future date what I find becomes important evidence, then how it was found, where it was found, when it was found, and what it actually looked like becomes very important. My report and the supporting material may be the only proof of the existence of the material being entered into evidence.

The computers must be free of malicious code (S. 31 Canada Evidence Act). We often set aside a computer for this purpose after doing some Spring-Cleaning.

The logic of the research process must be clear and easy to explain to anyone. This logic must be explained in the report. Search statements must be recorded. The project directory and file naming and structures must be logical and properly documented. The evidence must have a clear and documented chain of custody.

Providing this evidence requires skill, training, experience, software, computers, office space, support staff, and time.  Finally, did you know it takes at least twice as long to do the report as it does to do the research?

 

Security & Privacy Add-ons for Firefox

Published on January 13, 2012 in Methods, Power User Tips, Privacy, Private Investigator, Search Leakage, Search Strategies and Security. 2 Comments Tags: , .

Firefox is the online researcher’s best friend. No other browser gives so much control to the user as Firefox. It is more customizable than either Google Chrome or Internet Explorer.

Like any browser, you must be aware of what data you are releasing when you visit a Web site. The following add-ons help eliminate two serious security threats that occur when doing Investigative Internet Research (IIR).

BetterPrivacy—This add-on is pretty basic, but a must have. BetterPrivacy deletes flash cookies (LSOs/SuperCookies).

KeyScrambler—Check out Alex Long’s post from Null Byte for information about what KeyScrambler is and how it works.

I have already written about:

  • NoScript— NoScript allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, and guards the “trust boundaries” against cross-site scripting attacks (XSS). Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!). This is a must-have for IIR.
  • HTTPS Everywhere—This is a must-have add-on provided by the Electronic Frontier Foundation. HTTPS Everywhere enables a secure connection on pages that have SSLCertificates.  For example, when you use Google search most people use the unencrypted version. This add-on will force Google to deploy its SSL certificate. The DuckDuckGo (DDG) search engine also uses a version of this.

 

 

The Next Browser

Published on December 16, 2011 in Methods, Power User Tips, Search Engines and Search Strategies. 2 Comments Tags: , , , .

I’m a digital troglodyte that doesn’t like change, but sometimes there is no avoiding it.

Recently, Google stopped paying Mozilla for the little Google search window at the top right of the Firefox browser.  Google has paid Mozilla about $1 per copy to have that window. Last year, that Google search window accounted for 84% of Mozilla’s $123 million of revenue, or about $100 million. However, Google’s Chrome browser has made remarkable strides against Firefox and the rest of the the browser field.

The loss of funding to support FireFox, and Chrome’s association with the largest search engine, may herald the end of FireFox.  No other browser gives so much control to the user like Firefox does. Most users don’t understand that Firefox is more customizable than either Google Chrome or Internet Explorer.  If Mozilla doesn’t find a way to replace the lost revenue, then expert searchers may loose their most fundamental and productive tool.  That will lead to a forced change for this digital troglodyte expert searcher.

 

Programme Cheatsheets

Published on December 12, 2011 in Methods and Power User Tips. 0 Comments Tags: , .

MakeUseOf Cheat Sheets  list shortcuts for common programmes that you use daily. These will make you more productive.

 

Power-Searcher Add-ons for FireFox

Published on November 30, 2011 in Methods, Power User Tips, Privacy, Private Investigator and Search Leakage. 0 Comments

WorldIP

This displays the IP address of the page you are visiting and the IP data that you are revealing about yourself. The IP data seems more up-to-date than a whois search.

Ghostery

Ghostery  lets you see who’s tracking your web browsing when you visit a webpage. It looks for third party page elements (3pes) on the web pages you visit. These can be things like social network plugins, advertisements, invisible pixels used for tracking and analytics, etc. Ghostery notifies you that these things are present, and which companies operate them. You can learn more about these companies, and if you wish, choose to block the 3pes they operate.

LongURLPlease

This replaces short urls with the originals, so you can see where links will send you.

 

Searching & Tabs

Published on November 18, 2011 in Power User Tips. 0 Comments Tags: , .

searchOnTab

This extension allows users to select where are loaded the results of the search bar:

  • In the current page/tab
  • In a new tab.

The choice can be done easily from the Firefox search bar drop-down menu, by checking or unchecking the “Open in new tab” option.

 

How to Get a More Productive FireFox Search Bar

Published on November 16, 2011 in Power User Tips and Search Strategies. 0 Comments

A colleague visited may office while I was conducting some searches.  He noticed that I was using the search bar in FireFox and search engines he had never seen before.  He then realised that the search bar would never allow him to add these search engines to his search bar.

Pedantic old me went to work on him.  I just couldn’t resist.

The FireFox Search Bar allows you to enter simple search terms into a fixed list of search engines.  This violates the first rule of being a Power User, which is “do more with less effort”.  Read the Power User Tips category of this blog — you’ll get the idea.

Add to Search Bar 2.0

The above FireFox AddOn makes any pages’ search functionality available in the FireFox Search Bar.

To use it, open a new tab, then enter a search term and hit enter.  Open another tab and change the search engine, and then click on the little magnifying glass. Open another tab, select another search engine… you get the idea.

Update

A few sites don’t work with Add to Search Bar (most notably Google Maps) and there is nothing I can do about it. I just  discovered that Sysoon.com, the dead people search engine, doesn’t work with Add to Search Bar.

 

Disabling Geolocation

Published on April 11, 2011 in Methods, Power User Tips, Privacy, Private Investigator and Search Leakage. 0 Comments Tags: , , , .

In a recent article about the DuckDuckGo search engine, I wrote about search leakage.  Many programs leak your location. Internet Explorer does not have a geolocation feature yet, but Firefox and its associated email program do.  Here is how to disable this annoying feature that may reveal that you are investigating a person or  company by your visits to their websites.  It doesn’t take a genius to figure-out that if he defrauded somebody in Toronto that web site visits from someone in Toronto might mean he is being investigated.

To test your browser, first go to this site, then make the changes below and revisit it to see the difference.

Firefox

• Type ‘about:config’ in the address bar without the ‘ ’
• Discard the warning by hitting ‘yes
•Scroll down until you reach ‘geo.enabled’ or you can simply search for ‘geo.enabled
• Doubleclick the item and it will change from its default value ‘True’ to ‘False
• Scroll down until you reach ‘geo.wifi.uri’or you can simply search for ‘geo.wifi.uri
• Rightclick the Value of ‘geo.wifi.uri’ and click ‘Modify
• Type in ‘localhost’ and hit ‘OK’

Thunderbird

• Goto ‘Tools
• Goto ‘Options
• Goto ‘Advanced
• Hit ‘Config Editor’ on the General tab
• Discard the warning by hitting ‘yes
• Scroll down until you reach ‘geo.enabled’ or you can simply search for ‘geo.enabled
• Doubleclick the item and it will change from its default value ‘true’ to ‘false

Search Engine Results

Doing a test search in Bing and Google revealed that turning off the geolocation feature changes the results rather dramatically.  All the search results in my test search went from Canada-centric before turning off the geolocation to U.S.-centric after it was turned off.

Choosing Passwords

Published on November 24, 2010 in Odds & Sods, Power User Tips, Security, Sources, The Investigator's Computer and Web Worker. 0 Comments Tags: .

Here are a list of articles about password security that resulted from some recent research I was conducting.

Google Docs & the Private Investigator

Published on November 5, 2010 in Power User Tips, Private Investigator and Web Worker. 0 Comments Tags: , , , .

The Cloud & Security

Cloud computing makes knowledge work easier. In large organisations, employees  are using nothing more than dumb terminals with a browser interface and corporate e-mail is webmail, corporate documents are all on GoogleDocs, and specialized applications have a web interface, it’s easier to allow employees, partners, suppliers, and customers to access the company’s data.

The Cloud & The PI

Security is always a trade-off, and security decisions are often made for non-security reasons. In this case, the decision is usually to sacrifice security for convenience and flexibility. Corporations want their employees to be able to work from anywhere, and they loosen controls to get that. However, in Canada, a Private Investigator must consider how PIPEDA and the courts will look upon any breach at Google. The PI is not a member of some favoured elite.  If a data breach happens at Google, the Canadian PI will almost certainly be held liable for using Google Docs.

Data Breech Liability & PIPEDA

The Canadian PI has several practical reasons to be cautious when using services like Google Docs. Continue reading ‘Google Docs & the Private Investigator’

MailBrowser

Published on September 24, 2010 in Power User Tips and Web Worker. 0 Comments Tags: , , .

The MailBrowser add-in puts a sidebar to the right of your Gmail screen in Internet Explorer or Firefox, showing information about the sender of an open e-mail or any contact you search for. You can see a list of unread e-mails from the person, e-mail threads and a chart of e-mail activity.

It also lets you search through attachments and shows  thumbnails to make it easier to find what you’re looking for.  It works on Windows and Mac, Internet Explorer, Firefox and Chrome.

Gmail as a Hard Drive

Published on September 22, 2010 in Power User Tips and Web Worker. 0 Comments Tags: , , .

Gmail Drive works with IE 5 or better to turn your Gmail storage space into a virtual hard drive where you can keep any sort of file.  Just like a local hard drive, you can move a file there by dragging and dropping and open it by double-clicking. When you save a file to Gmail Drive, it shows up as an e-mail with attachment in your inbox. If this could mean it gets sent to your smartphone, then this could be either a nuisance.

GSpace – an add-in for Firefox on Windows, Mac and Linux – adds interfaces for pictures and music. GSpace lets you manipulate files much as Gmail Drive does, but viewer to let you flip through photos, and a music mode that will play your tunes direct from Gmail.  As with Gmail Drive, your files show up as attachments to e-mails in your inbox.