I have written previously on taking notes using audio, images, and handwritten notes. Quite a while back I wrote about video notes using a simple camcorder called the FlipUltra.
Now the Kodak Zi8 seems like a better pocket-sized point-and-shoot video camera. The digital image stabilization provides better video than the Flip. It has some hardware and software advantages over the Flip. It needs SD or SDHC memory cards which I see as an advantage even if it makes the Zi8 cost more.
I have written previously on taking notes using audio, images, and handwritten notes. Now I am contemplating taking video notes using a simple camcorder called the FlipUltra. This seems like a briefcase-friendly device for this purpose. The problem with the alternatives is the size and weight of the device. This simple plug-and-play device is good for conducting interviews, taking street scenes, and other recordings that use-up less than 60 minutes of recording time. Using the FlipUltra should be a lot easier and give better results than using my point-and-shoot Lumix camera and of course, longer recording time.
Delivery of large reports and file material is becoming a problem for many organisations. Electronic file delivery poses risks to the integrity and security of the data, and delivery of printed copies is too slow and expensive. Email delivery is not possible in many cases as the files may be too large, even when zipped.
You can resort to establishing an FTP site of your own, or create a secure delivery site using something like OWL, or use a third party service.
A usable third party solution to this problem is YouSendIt. This lets you send and receive files up to 2GB in size. A zipped 2GB file represents a large volume of data. Passwords control access to files you are sending and receiving, but YouSendIt does not encrypted files on their servers.
Regardless of the solution selected, the person transmitting the data must assume responsibility for the encryption. Never, ever, let somebody else take responsibility for the encryption — do it yourself on your own computer.
Texter saves you countless keystrokes by replacing abbreviations with commonly used phrases that you define. It runs in the Windows system tray and works with applications you’re typing in. It can also set return-to markers for your cursor and insert clipboard contents into your replacement text, in addition to more advanced keyboard macros.
How did I ever live without this?
For some time we have been trying to integrate email, calendar, and contacts with our work-flow system using Outlook with Business Contact Management.
Vampire in the machine - don’t let Microsoft Outlook bleed you dry seems to summarize our experience with Outlook.
Secret Squirrel would be jealous of all the facilities available to the Virtual Investigator. These things let the Virtual Investigator ask questions and communicate without revealing his secret identity.
Setting-up your computer for TOR use, or XeroBank’s anonymous proxy server network, then getting an email address from www.hushmail.com or www.mail.com begins your transformation into a Virtual Investigator. Continue reading ‘The Virtual Investigator’
Thousands of people around the world use Onion Routing or TOR to do things on the Internet. Private Investigators should use it to maintain anonymity during investigations. Continue reading ‘The Anonymous Investigator’
The Pen Communicator from the Man from U.N.C.L.E. TV series would connect agents Napoleon Solo and Illya Kuryakin with U.N.C.L.E. headquarters in New York City if they said the phrase “Open Channel D”. It also included amnesia inducer and electronic scanner functions.
Now we have the Pulse smartpen that records conversations and indexes them to what you write using special notebook paper. It doesn’t take much imagination to think of ways one might use this during investigations.
The Web browser has become one of the Investigator’s or Researcher’s most basic tools. Add-ons make this tool more complete, easier, and faster to use.
ErrorZilla: The standard “server not found” page is useless if you’re looking for a Web site that’s gone AWOL. ErrorZilla adds a series of buttons to the bottom of the standard “Firefox can’t find the server” message, providing instant access to the Wayback machine, Google Cache, Whois lookup, Ping and Trace
A similar add-on, Resurrect Pages, allows you to see dead pages, broken links by searching through five big page cache/mirrors: CoralCDN, Google Cache, Yahoo! Cache, The Internet Archive, and the MSN Cache. Unlike ErrorZilla, this doesn’t offer Whois lookup, Ping and Trace.
PDF Download manages the download of large PDF files. This remains necessary to handle PDF files in Firefox V.3.
Download Statusbar allows you to view and manage downloads from a tidy statusbar - without the download window getting in the way of your web browsing.
Morning Coffee allows you to bring up a whole menu of websites with a single click. MorningCoffee is particularly useful for routinely monitoring several sites simultaneously.
Ubiquity promises to become the most advanced tool for Firefox. It is in early beta now but getting better. It requires Firefox 3. Check out the video below.
Beware that this can be abused. It will allow you to alter the content of a web page then email it as part of a mash-up. In the current version, there are well-documented ways that a command author could smuggle malicious code into your machine.
With Windows XP, to clear the page file on shutdown go to Control Panel->Administrative Tools-> Local Security Policy->Local Policies->Security Options->Shutdown: Clear Virtual Memory Pagefile … enable it. It is wise to enable this setting on every computer you use.
We tell people to travel with a “clean” laptop. However, Windows creates a lot of temporary files. The most damaging can be the Page file. Everything that went into virtual memory is there in a file on the hard drive. Of course you should also use a good file erasure programme before shutting off the laptop.
Evidence Eliminator and similar software can kill out files and perform other tasks. But their use can raise red flags in a legal dispute.
But the wiper programs don’t ensure a clean getaway. They leave behind a kind of digital calling card.
“Not only do these programs leave a trace that they were used, they each have a distinctive fingerprint,” Kessler said. “Evidence Eliminator leaves one that’s different from Window Washer, and so on.”
I recommend the use of file erasure tools, especially when crossing international borders with computers. If you use such a programme regularly you have plausible deniability if you’re accused of erasing data to keep it from the police or the courts. If you always use it, then its “fingerprint” will always be there. If the install date matches the computer’s purchase date, then they can’t say you did this to eliminate the evidence the courts or police were seeking. Also, get a receipt for the wiper programme to show when it was purchased for the same reason.
File erasure programmes are part of prudent security practices and should not be viewed as something suspicious.
I don’t know how I ever lived without it — I really don’t. BIG monitors are great. Size does matter! Two big monitors are even better. I used to do real manly work, but I swear, having those two big monitors is better that driving a 200 ton dump truck or blowing-up a bridge.
When I produce a report, two monitors makes it much easier to arrange the source material, cut and paste, create citations and foot notes. This is more than a convenience. This allows me to produce a better product with less effort and to do it quicker.
To use two monitors you require a true video card. A video card built into the motherboard will not work. You will need a DVI cable for the main monitor and an analog cable for the second monitor. When you first connect the monitors it is not likely that the second monitor will work until you go into Display Properties >Settings and check “Use this device as the primary monitor” for the DVI monitor and then select the second monitor’s icon and select “Extend my Windows desktop onto this monitor”.
Microsoft Has Developed Windows Forensic Analysis Tool for Police
The COFEE, which stands for Computer Online Forensic Evidence Extractor, is a USB “thumb drive” that was quietly distributed to a handful of law-enforcement agencies last June. Microsoft General Counsel Brad Smith described its use to the 350 law-enforcement experts attending a company conference Monday.
The device contains 150 commands that can dramatically cut the time it takes to gather digital evidence, which is becoming more important in real-world crime, as well as cybercrime. It can decrypt passwords and analyze a computer’s Internet activity, as well as data stored in the computer.
It also eliminates the need to seize a computer itself, which typically involves disconnecting from a network, turning off the power and potentially losing data. Instead, the investigator can scan for evidence on site.
Microsoft did not develop the tools:
COFEE, according to forensic folk who have used it, is simply a suite of 150 bundled off-the-shelf forensic tools that run from a script. None of the tools are new or were created by Microsoft. Microsoft simply combined existing programs into a portable tool that can be used in the field before agents bring a computer back to their forensic lab.Microsoft wouldn’t disclose which tools are in the suite other than that they’re all publicly available, but a forensic expert told me that when he tested the product last year it included standard forensic products like Windows Forensic Toolchest (WFT) and RootkitRevealer.
With COFEE, a forensic agent can select, through the interface, which of the 150 investigative tools he wants to run on a targeted machine. COFEE creates a script and copies it to the USB device which is then plugged into the targeted machine. The advantage is that instead of having to run each tool separately, a forensic investigator can run them all through the script much more quickly and can also grab information (such as data temporarily stored in RAM or network connection information) that might otherwise be lost if he had to disconnect a machine and drag it to a forensics lab before he could examine it.
But given that a U.S. Federal court has ruled that U.S. border guards can search laptop computers without cause, this tool might see wider use than Microsoft anticipated.
How often do you clean-out your computer? Do you give it a good spring-cleaning?
I must confess to being a Power User. I go everywhere on the Internet. I run applications until I run out of memory. Multiple screens don’t give me enough desktop for all the stuff I have running. This creates a problem if I have a problem with my computer. If something goes wrong, it is almost impossible to find the source of such difficulties if it is anything but a hardware breakdown.
Periodically, I format my hard drives. I then do a fresh install of my OS and applications from an Ghost image. After that is done, I install the latest service packs and upgrades if they exist. When everything is working properly, I create a new image. Of course, this ritual might be a nightmare for somebody who frequently adds and deletes programmes, or has a lot of updates to install that are not on CD.
Normally, this is is a spring cleaning ritual, just like cleaning-out the dust bunnies with a leaf blower and checking the fans inside the box. Getting the built-up dust out of the power supply is important to reliable operation of the PC.
The spring-cleaning ritual allows me to start with a clean slate. It provides the best defragmentation. It gets rid of all the garbage that accumulates on the hard drive that sometimes causes problems and slows the PC.