JonDo

For anonymous web surfing, at a minimum, two components are required: a proxy and a browser that doesn’t identify you. At the office, I have both and much more to protect my privacy and provide anonymity. If I have to use a Windows computer at a client’s offices, then temporary measures have to be undertaken.

The simplest solution for this, without using an anonymous VPN, is the JonDo Proxy program that will hide your IP address (Java application) and JonDoFox, a Firefox profile optimized for anonymous and secure web surfing. Using the USB doesn’t leave any traces on the computer for some snoop at the client’s office to uncover. This need Windows as the OS.

For more privacy and anonymity, you can use JonDo/Tor-Secure-Live-DVD, a secure, pre-configured environment for anonymous surfing and more. This has its own OS based on the Debian GNU/Linux OS. The live system contains proxy clients for JonDonym, Tor Onion Router and Mixmaster remailer and much more.

The advantage of the live system is that it is on a DVD, which prevents any other system from writing something dangerous to the DVD.

Using these do not make it impossible to uncover individual users, as there is no such thing as a 100% security, but for most users, this will be adequate for most situations. If you are concerned about this, I suggest you read the surveillance reports on the law enforcement page.

Web Proxies & User Agents

A web proxy provides an easy way to change your IP address while surfing the Internet. They don’t require software or modification to your networking settings.  You just enter a website address and the sites you visit through the proxy see an IP address belonging to the proxy rather than your IP address.

I am very cautious about using web proxies as you never know who actually operates it and what data they might collect as you use it. You also don’t know  to whom they might give that data. On the other hand, I have found one that has a useful feature.

nroxy offers all the usual web proxy features plus something interesting–it offers the ability to change the user agent.  For example, some web sites cannot be viewed properly using Firefox. Sometimes it is an old site that requires MS Internet Explorer (IE) or it may be a site designed for mobile devices. This proxy offers user agents typical of 5 mobile devices and a long list of browsers.

To get the information I need I am finding it necessary to switch user agents more often. Usually, I use the User Agent Switcher extension that adds a menu and a toolbar button to switch the user agent of a browser. It allows you to chose from three versions of IE or an iPhone. Selecting the iPhone user agent often reveals additional  functionality on the site. The extension is available for Firefox and will run on any platform that this browser supports including Windows, OS X and Linux.

Now I have another option when I need to change the user agent and I get the additional proxy features as well.

National Missing and Unidentified Persons System

If you are looking for someone in the USA and cannot find anything, you might want to look at NamUS.

According to the site, “the National Institute of Justice’s National Missing and Unidentified Persons System (NamUs) is a national centralized repository and resource center for missing persons and unidentified decedent records. NamUs is a free online system that can be searched by medical examiners, coroners, law enforcement officials and the general public from all over the country in hopes of resolving these cases.”

Unreliability of Eye Witnesses

Some jurisdictions allow expert testimony about the unreliable nature of eye witness testimony.  One example is Commonwealth of Pennsylvania v. Benjamin Walker, No. 28 EAP 2011-Supreme Court of Pennsylvania.

I recommend that anyone interested in this subject read The Invisible Gorilla: How Our Intuitions Deceive Us which is about attention, perception, memory, reasoning, and how they can cause problems in eye witness testimony.

Another book to read is Picking Cotton: Our Memoir of Injustice and Redemption which is about a man falsely accused of rape by a woman who said that she memorized certain characteristics about her attacker so she “wouldn’t forget”.

When things get complex

Advangle helps you build complex web-search queries in Google and Bing.

You can quickly build a query with multiple parameters (such as the ‘domain’, ‘language’ or ‘date published’) and immediately see the result of this query in Google or Bing search engines. Any condition in a query can be temporarily disabled without removing it to allow you to try several combinations of different conditions and choose the one that works best.

Turn Your PC into an iPhone

Some web sites cannot be viewed properly using Firefox. Sometimes it is an old site that requires MS Internet Explorer (IE) or it may be a site designed for mobile devices.

The User Agent Switcher extension adds a menu and a toolbar button to switch the user agent of a browser. It allows you to chose from three versions of IE or an iPhone. Selecting the iPhone user agent often reveals additional  functionality on the site. The extension is available for Firefox and will run on any platform that this browser supports including Windows, OS X and Linux.

The Internet Profile & Identity

In the industrialized countries, a person’s Internet profile is given far too much credence. If you become involved in Investigative Internet Research, then you must combine the Internet profile you develop with authoritative public records and content from a variety of database aggregators.

This is of critical importance as more than one person often uses the same screen name or a screen name may be used maliciously. The more data you collect, the more likely that you will attribute some data to the wrong person.

Mapping a person’s identity is nothing more than comparing gender, race, location, religion, friends, family, car, pictures, etc. to what you know about the subject and what you find in a variety of sources. This ensures that all the data is consistent and relates to only one person. It will also identify inconsistencies in the collected data, which you may choose to investigate. The identifiers are the subject’s name, along with age, gender, race, employer, location, religion, friends, family, car, pictures, etc..

Finding a Secure Workspace

Recently, when working at a client sites, I’ve taken to occasionally using Windows to Go. This is Microsoft’s little-used secure workspace feature for Windows. It allows you to boot into a secure workspace located entirely on a USB key. This enables you to use Windows without relying on the operating system, applications, or storage on the host device. It creates a secure workspace on any machine that can boot from a USB drive without trusting the host machine. I have even devised a way to use a Virtual Machine (VM) in this workspace. Because the workspace doesn’t rely on the host operating system, the workspace on the USB drive isn’t at risk of compromise from a host machine and the VM protects the USB workspace. This saves me from constant use of my ‘Safe Mode on steroids’ or reinstalling Windows from a drive image on a client’s machine. However, it is too slow and requires too much effort to maintain. A similar live Linux USB seems to offer faster performance and it is easier to maintain the VM.

Defence Against the Dark Arts

I wander through the nether regions of the Internet and Dark Net looking for data to support my clients’ causes. This exposes me to severe risks from the nasty creativity of Beelzebub’s demonic gangsters and hackers.

It seems that a Windows system only lasts about 1/2 hour before getting infected without some form of anti-virus (AV). I regularly boot a clean live Linux USB, and then scan for viruses. This is like Safe Mode on steroids. In most instances, I find something malicious missed by the typical AV programs. However, this is only a temporary measure.

I am migrating to Linux for Investigative Internet Research because very little Linux malware exists in the wild. I only need AV on the Linux file server (or an email server if I had one). I do this because an infected Windows computer may upload infected files or an uninfected one might access infected files on the Linux machine, which then allows it to infect other Windows systems. AV on the file server isn’t protecting the Linux system–it’s protecting the Windows computers from themselves. I recommend the paid version of ESET Antivirus and Security Software as it doesn’t try to upsell you on other services.

The Old YouTube Scrape Trick

The Old YouTube Scrape Trick

Don’t be fooled by the old YouTube scrape trick. A scrape is an old video downloaded from YouTube which is then presented as a new and original eyewitness account of a different event.

Defeating The Old YouTube Scrape Trick

Amnesty International provides a handy tool called YouTube DataViewer.  Enter the video’s URL and it will extract the clip’s upload time and all associated thumbnail images. This data isn’t readily accessible via YouTube, however, this two-pronged approach allows you to identify the earliest upload, which is probably the original version.  Conducting a reverse search on the thumbnails often uncovers web pages containing the original version of the video along with other uses of it.

Disk Encryption

TrueCrypt, the ultimate encryption freeware, abruptly announced that the software is no longer secure after Microsoft ended support for Windows XP. It was the most popular application of its type and it was widely to communicate securely and encrypt sensitive files or folders. Currently, the TrueCrypt home page advocates moving to Microsoft BitLocker.

Unfortunately, in the Windows 10 Home edition, the full-disk BitLocker encryption must use a Microsoft account and the recovery key needed to decrypt your drive resides on Microsoft’s servers. With this arrangement, theoretically, a third party could decrypt your drives remotely. However, Windows 10 Pro doesn’t have this restriction: you can use BitLocker with a local account and keep your key out of the cloud.

Under such circumstances, users should stay away from both TrueCrypt and BitLocker and shift to some other free file encryption software.

Veracrypt entered market within months after Truecrypt died and seems to be the best of the alternatives. There are other free TrueCrypt alternatives like AESCrypt, FreeOTFE, and DiskCryptor. Here are the download sites for the alternatives:

Finding Free, Forgotten, and Orphaned Sites

I often go looking for simple sites created by the subject of an investigation. These simple or forgotten sites often appear at universities, at ISPs that offer free web space, and on free web space servers.

Did you know that Google Drive has always offered to host basic web sites for free. This will continue until August 31st, 2016. Google Sites will continue, but these sites cost a bit of money to operate.

Others, like GitHub, offer a very similar service. Amazon’s S3 cloud storage service offers static web pages for free. Occasionally, I find sites that use Dropbox to host files used or accessed by a free web site. Sometimes I find a domain that forwards to files hosted on Dropbox. Dropbox isn’t the only service that can be used to offer a static web page.

To understand how this is done read How I moved my blog to Dropbox and How I moved my websites to Dropbox and GitHub.

Ashley Madison Hack

The Ashley Madison hack has a lot of people running around like a bunch of headless chickens. The simple fact is, you cannot trust this data. Let me explain why this data must be treated with extreme caution.

Registration was free but you needed to buy credits to contact other members. Stolen credit card numbers appear in the data. Nobody has verified the number of real and active accounts. The website would allow new accounts to be set up without confirming the email, therefore, anyone could open an account using someone else’s name and email address as a prank or out of malice, and of course, the hackers could add names to the list before publishing it. This type of malicious prank is truly viscious in the 79 countries where homosexuality is illegal. For example, in Afghanistan, Iran, Mauritania, Nigeria, Qatar, Saudi Arabia and the United Arab Emirates, the punishment for homosexuality is death.

Here are my favorite headless chicken searches: