FindThatFile
Previously, I wrote about file searches using OSUN.ORG.
findthatfile.com provides a file search encompassing Web, FTP, Usenet, Metalink and P2P resources (ed2k/emule) including 47 file types and 554+ file extensions including over 167 file upload services. It also offers an alert service sent to your email.
However, not all information in the search database has every property you might be searching for, therefore, you have to explore the different ways to search for the file in the advanced search screen.
In my experience, this is not a good search engine to use to search by a person’s name or a company name. The files are not well indexed in this fashion. One must also be careful to select the “All Files” button in the “Adult Filter” to be sure all the files found appear in the search results.
I usually search by a file name for other versions of a file that I already know about. In some cases, findthatfile.com will give me an understanding of how widely circulated a file may be, or turn-up different versions of the same file.
… Facebook is a good source for data mining.
But one problem is that information gathered is not verified independently.
“These are not facts, just hearsay,” the former Criminal Investigation Department trainer said. “For digital photos, you can’t prove they are original as photos can be manipulated and put on the Web. You can’t authenticate them unless you get the original files from the photographer.”
He added: “This way of getting information is more trendy…but the information should be verified by conducting a proper investigation.”
Only when it is backed up will it be admissible as court evidence, he said.
… [it is] not inconceivable for someone to falsify their whereabouts on such sites.
“There really is no way of proving who was at the computer, which is the problem with any Internet-based investigation,” he said. “Today, one can update Facebook status or tweet Twitter from any device at any location.”
This is an excellent article on the value of searching social sites.
James Ruotolo at FraudPro found Knowem to be a good way to find what social sites have a particular user name. I’m going to add this to my list of ways for Finding Usernames.
Google Alerts
We all know know and love Google, but how many people use its best investigative features? Investigations aren’t done in one day so why search Google on only one day?
Google Alert service is free and it allows you to create custom RSS feeds using Google search results, or you can receive the alerts by email. Thus, if you create focused searches using phrases, site qualifiers, etc. in Google, you now can have those results as a RSS Feed.
Login to you Google account, then use the advanced query options to construct your search. Select the Feed setting in the “Deliver to” column to activate your RSS feed. It’s that simple; there is no need to program a Google API. Alternatively, select email to have the results sent to you by email.
Your search can be set-up to notify you as the new data appears if you select email notification. You may select as-it-happens, daily, or weekly. Simply make the selection in the “How often” column. Of course the RSS feed option doesn’t need to be told when to send you the results, it captures new data as it appears and publishes it in the feed.
To receive the feed you will have to wait until it is populated with some results. Once there are results in the feed, you may then click on the feed link for the Alert and copy the URL into your newsreader. This takes about one day to occur in my experience.
Internet Tracking
Mantracker hunts people by following their spoor for a popular TV show.
On the Internet, Investigators have to do the same thing. However, the digital spoor may be on a computer in Singapore while your prey is in Corner Brook Newfoundland.
For this series of articles, the terms tracking, monitoring, and alerts all mean the same thing. These terms are applied to methods of collecting new information as it appears in a variety of searches of many sources throughout the Internet. This is a systematic way of locating information about a subject as it becomes available. These are sources and methods that monitor news reports, social media, blogs, or other open sources of information relevant to your investigation. I will illustrate how to construct the search statement and get the results in your hands on an ongoing basis.
I will start with the large search engines and move onto the lesser know sources and methods.
Collecta
Collecta claims to provide results in real-time from the Web. Your search results will appear in a constantly-reloading stream — everything from Twitter updates to news and blog articles, and even Flickr photos.
However, Twitter usually deluges the results. The “Search Options” to the left of the results allows you to select the type of updates you want to see. Leaving the Twitter updates unchecked makes it easier to see the other real-time search results.
Limitations
Like all Meta search engines, it is hard to create a search statement because you’re searching 140-character Tweets, full-text news, and Blog entries. I don’t use this as a starting point. However, it searches a wide variety of places, which makes it good for tracking breaking news.
Wikipedia’s just announced plans to restrict the editing of some of its articles. Under the new system, any changes made to pages of still-living people will have to be approved by an “experienced volunteer” before going online.
The 15 biggest Wikipedia blunders is a must read for anybody interested in reputation management.
Tracking down the origin of email messages has become a staple of many Private Investigators. Without getting into mind-numbing technical details, here are the steps I take to find the origin of anonymous email missives.
- Search the sender’s email address using Google, Bing, and other search engines to see if it appears. Next search using Intelius’ reverse email lookup. If the email appears registered to a name, you can pay a fee of $4.95.
- Even when a misleading email address is the origin, read the IP addresses in the header from bottom to top. The IP address in square brackets is the origin IP. Or, use IP tool to track the IP address. Copy the headers into the box and select your email system.
- Go to What Is My IP Address and enter the IP address to see where it originates.
- Search the email address using Spokeo.
- Try ReadNotify.com and email the anonymous correspondent. If he opens your message, then it will notify you and send back the reader’s IP address, the date and time the message was opened, location of recipient, map of location, apparent email address of opening (if available), referrer details (ie; if accessed via web mail etc), URL clicks, how long the email was read for, how many times your email was opened and if your email was forwarded, or opened on a different computer. If he opens your message in his office, then you will know where he works. However, this seems to only work with HTML enabled email programs. Remember, the header data from the original message will probably tell you what email program sent the message.
The CIA announced that their World Factbook Web site had been redesigned. I’m not the only person who constantly relies on this — over 3 million visitors access the online Factbook monthly. That’s not surprising as the World Factbook provides information about the background, geography, people, government, economy, communications, transportation, military, and transnational issues for 266 countries and other entities.
I really like the new features of reporting world rankings for data like life expectancy. Another new feature is the “Field Listing” icon that gives you an alphabetical listing of countries for that field so that you can do your own comparison of data that can’t be ranked.
This is a timely resource — it is updated every two weeks and the updates are logged on a special page. Though I wish either the country entries or data fields indicated the last update, but that might be asking too much.
If you want to avoid all the Flash content use the text-only version. I’m not a big fan of Flash, but this is a very well executed use of it that makes the World Factbook more useful.
How often have you hear the terms Web 2.0, Web 3.0, or semantic web, and realized you don’t even know what Web 1.0 is? Well, here is the article that explains it all in very few words and some good slide presentations:
I recently read a news article that mentioned Chickipedia. I immediately began searching this site. I found porn stars, actresses, athletes, and many more. If a local paper can find a drunk driver in this thing, maybe I could find the subject of an investigation. I searched using names, city names, and occupations. Every search returned valid results. Too bad there are only 9,177 ladies profiled on the site. Too bad I didn’t find the subject of an investigation.
I started with a very interesting article about what you might find in a college newspaper that would be interesting to an investigator.
One thing leads to another and I also found an article about a study of how quickly social sites remove pictures. Some sites take up to 30 days to really get rid of the offending images. This is an important thing to understand if your are looking for derogatory pictures.
Once the cat is out of the bag, you probably won’t be able to catch her and stuff her back inside…
That (now) embarrassing article you wrote for your college newspaper three years ago? It’s still online. And when people Google you, they find it…
Apparently a lot of student newspapers are receiving requests from former student writers to remove or “hide” (from Google) articles of which they are now ashamed…
…requests by former students who were featured in articles in the student newspaper. Campus police arrests for drunkenness, that sort of thing. They would like those articles to be removed or “hidden.”…
Here’s a related story about someone trying to get an old newspaper story erased from the search engines. Article published in The Seattle Times on Aug. 15, 2008.
Cambridge researchers have shown that photos aren’t always deleted when users ask, causing a major ‘data remanence’ issue for cloud computing.
According to a study of 16 social networking, blogging and photo sharing sites…most of them failed to remove photos after users deleted them…
If you are having trouble connecting to something on the Internet, it would be nice to know if anybody else can get to the site you are trying to get to.
Down for everyone or just me? answers this question for you.
Researching Canadian charities is a difficult and frustrating undertaking. Here is the short course in starting an investigation of a Canadian charity.
To determine if a charity is registered by the Canada Revenue Agency (CRA), go to the Charities Listings page. The most useful filing of a charity is the T3010 form. This is the annual information filing that must be completed each year.
I wish that a quick read of a charity’s financial statements or its T3010 annual return or a calculation of its disbursement quota would tell one about the real administration and fund-raising costs and the real effectiveness and importance of a charity’s work. Usually, some research is in order – read the charity’s annual report, review its website, review its T3010 and search on director, donor, and recipient names, it may be enlightening to see the relationships exposed by this type of search. Then, if you have any concerns, call the charity and see what they have to say.
The Globe and Mail each week provides a short profile of a major donor and the charity that received the donation as well as discusses the donor’s motivation in making the donation. This makes searching the charity name in the Globe and Mail worthwhile. Searching The Toronto Star is also a good idea as their reporter, Kevin Donovan, writes about the worst examples of misdeeds by charities in Canada.
Wikipedia
Wikipedia has become a source of information for millions, but it is not without its problems. Vandalism occurs, and many authors think they know much more about a topic than they truly do. Many authors have political or commercial agendas that they build into Wikipedia articles. As most of the authors are anonymous or pseudonymous, it is difficult to evaluate the content of an individual article.
How Wikipedia Works
If you use Wikipedia, may I suggest that you refer to How Wikipedia Works. Chapter 4 is titled, Understanding and Evaluating an Article. This is the most useful chapter for professional researchers. If you haven’t used Wikipedia much, may I also suggest reading Chapter 3, entitled Finding Wikipedia’s Content, which is about searching.
Article History
Go to the top of the article and click on the tab marked history for a list of the people who have changed the article. You can compare the changes to see what changed in each version of the article by using the radio buttons. You will often notice that certain “contributors” are really vandals and knaves.
Look at the History and Discussion tabs for the article on the Danish Muhammad cartoon controversy to see how these can be really important. You can quickly tell who not to trust from reading the discussion pages and looking at the history tab content on many articles. For example, look at the contributor RanEagle in the history tab and click on talk.
Sockpuppetry
Mark Schaver writes on the Depth Reporting blog about a site, WikiScanner, that reveals organizations where employees have made anonymous edits of Wikipedia articles.