You don’t need to hack into a computer to learn about someone. Today, most people that I investigate leave a revealing online profile — I just have to connect the dots or the publicly available dox (documents).
Online malefactors try to do their misdeeds anonymously through an alias. Usually, they tend to reuse their aliases. It only takes one obscure use connected to the miscreant’s real name. Now I have the real name to run through the usual searches which will reveal other aliases, Facebook pages, and Twitter accounts, all of which yield titbits of useful information.
Companies operating in the U.S. often file ‘Intent-To-Use’ applications for trademarks and thereby disclose the names and descriptions of forthcoming products and services six months before the product launch. Extensions of up to two years are sometimes granted if the launch process becomes bogged down.
Searching the Trademark Electronic Search System (TESS) of the U.S. Patent & Trademark Office will find the ‘Intent-To-Use’ applications.
Did you know that you can improve your Google results by changing the order of the words in your search statement? Try searches for “civil society” or “society civil”, with and without double quotes. Do you notice any difference in the search results?
Did you know that you can make your Google search results more relevant by changing the reading level? If your search statement is complex or the topic is complex then selecting the advanced reading level may yield more relevant sites. To make this selection, click on Search tools then All Results and click on Reading level. The results will then be annotated with reading levels as well as a percentage breakdown of results by reading level. To filter by a reading level, click on the desired reading level. To go back to all results, click on View results for all.
Marjan Farahbaksh’s blog identifies some excellent places to search for Theses and Dissertations.
I use clustering search engines to build the most specific search statement possible for use in the large search engines. Carrot Search is a clustering search engine that I have added to my stable of tools. It uses Lingo3G — the third generation document clustering engine that features multilingual and hierarchical clustering, synonyms, and advanced tuning capabilities. This produces good results that are properly clustered with tabs to cluster results from different search engines, except Google.
Managers sometimes tie themselves into knots worrying about the risk or threat rather than analysing the impact of interrupted business processes. My advice is to stop fretting about the cause and concentrate on alleviating the impact of the interrupted business processes.
To do this, defeat the problem in detail as follows:
- Decide which processes are critical and which are not.
- Determine how long any particular process can be interrupted before it’s loss become detrimental to operations, profitability, and customer satisfaction.
- Design a plan of action to determine if the disruption will continue beyond the tolerable time limit.
- Have a plan to replace each missing process.
- Plan for the concurrent loss of several critical processes.
The key to a successful business continuity plan is concentrating on the critical day-to-day operations.
How does this relate to investigtion and research? The answer is quite simple:
- Have you ever done a security survey?
- Have you ever done a competitor SWOT analysis?
- Have you ever done due diligence on a critial supplier?
I recently conducted a series of interviews that were quite sensitive in nature. This used to be a common occurrence for me. Today, it is less so. The prevalence of small electronic recording devices has curtailed my willingness to conduct such interviews. My concern is that you never know where the recording will go, nor do you know how it will be used or edited. You have no knowledge of the motives, ethics, or interests of the people who may at some point possess the recording.
Libel happens when you publish or make public a statement that is untrue about someone. Any investigator may inquire about things that prove to be untrue during an interview. Ask yourself what might happen if a snippet of the interview is published and it contains questions about something that was later proven untrue. The concept of the libelous question is well established in law. Investigators may have a certain privilege to ask questions but, this won’t stop someone from suing you. The public disclosure of private facts that might be part of an interview also causes concern. What if the interview reveals information that is not of public concern, and the release of which would offends someone? Unlike libel, truth is not a defense for what may be seen as an invasion of privacy.
You can never be certain that a recording device is not present. As a private investigator, I cannot search people and confiscate their electronic devices. Private investigators do not have any control over the people they interview, nor do they usually have control over the physical surroundings in which the interview occurs. This alters the nature of the questions asked and how they are put to the interview subject.
An extreme example from the U.S.A is one where a defense lawyer sat down with a prospective client in San Juan, Puerto Rico and asked about the GPS bracelet required by as a condition of bail. The prospective client told the lawyer that, “They speak to me through that thing”. He filed a motion at the Puerto Rico State Superior Court to have the device removed before he interviewed prospective client. During that motion, he learned that it could be used to eavesdrop on their conversation without the lawyer or prospective client knowing. (http://www.thecrimereport.org/news/inside-criminal-justice/2013-10-caution-your-gps-ankle-bracelet-is-listening) A recording knowingly made by the interview subject is not the only thing investigators need to consider.
This does not mean that every question will result in a libel action or that every room is bugged. It does mean that being dragged into an expensive libel action or media circus is something to consider before you start asking questions – especially ones that are sensitive.
A few months later and another practice disaster is under way. These practice sessions are supposed to take the emergency out of emergency management.
The building’s automated locking system is working properly now. The new security guard provider is more responsive and the guards are performing their jobs in a more professional manner this time around. The performance of the maintenance staff has improved and the ground floor windows are completely boarded-up. Ten hours into the exercise and the generators are running flawlessly. Everything inside the building is working properly, people included. After breakfast, I decided to look for something that is screwed-up.
A Vapour on the Wind
It’s a nice Sunday morning — cool but slightly overcast as the sun rose. I decide to take a walk around the neighbourhood. Not much is moving about this early.
The additional soundproofing surrounding the generators eliminates their sound entirely when standing at street level, even at dawn on a Sunday.
I start to crave another coffee but nothing is open this early so I take another walk around the building. Somebody is up early, that bacon smells better than the oatmeal I had for breakfast.
Now I realise how I screwed-up this time.
Nine Meals From Anarchy
Nine meals from anarchy is an expression coined by Lord Cameron of Dillington who headed the Countryside Agency to describe the precarious nature of Britain’s food supply. If some catastrophe occurs and the supermarket shelves are not restocked, he estimated that they had three full days without food on supermarket shelves before law and order started to break down and British streets descended into chaos. This isn’t far-fetched – it happened in New Orleans in the aftermath of Hurricane Katrina.
The smell of cooking bacon would be very enticing to somebody who hasn’t eaten for three days. If this occurred during a protracted cataclysm, then it would add some emergency back into emergency management. Hungry people, especially normally over-fed but now hungry people, will do almost anything to get food.
Practice doesn’t make perfect – it shows you how many ways you can screw-up. I’m a big believer in practice.
I was working on a project to improve a company’s emergency preparedness that began with a risk assessment which then led to many interesting adventures. One adventure was a little bit of practice to test how they could operate during an extended power outage.
The extra guards didn’t show-up on time. The maintenance staff didn’t want to play the game unless they got time and a half. Someone had pilfered about half of the plywood with an intumescent coating intended for window coverings. The fancy locking system left all the doors open on one side of the building. So far, so good!
Wandering around outside, I was marvelling at how quiet the generators were – those mufflers were really good. Things were going just fine and I was enjoying the nice spring day and then the generators started to make strange sounds, then they belched black smoke. Then they died an ignoble death. Oh well, we got through four and one half hours and the imaginary blackout became permanent.
Now it was time to earn my keep. I had to quantify the screw-ups. The worst was the generator failures. All the generators died as if on cue. We traced this to a single diesel fuel source for all the generators. A single point of failure is never good.
I learned that the new low sulfur diesel creates a storage problem. While the reduced sulfur is good for the environment, it eventually mixes with water that condenses in the fuel tank to form black sediment or emulsified water that can damage the engines. No system was in place to deal with this problem. Some research revealed the type of filtering system needed to maintain the usability of the fuel.
No good deed goes unpunished. I became the point man for the efforts to correct this situation. Product sourcing, procurement, and construction – who knew I could do all that stuff?
Google and other search engines are wonderful things for gathering information, we all know that, but what if people with evil intent are gathering information about you?
Getting out of Street View
Google Street View provides a great deal of data that can be used to plan an attack on a facility, a person, or to conduct a kidnapping. Google offers an easy, free, and effective way to restrict access to this data.
At a client’s home, I found that his car licence plate was legible. This usually occurs when the car is parked inside a garage or car port. At the client’s workplace, several security measures were clearly visible as were other features of the facility that raised concerns.
Google’s solution is to place an opaque digital wall around your house or facility. To get out of Google Street View, first search for the street address. Once the property is visible, you will find a small box at the bottom right of the image that says “Report a problem”. Click on this to select a reason for blurring the image of the property. I usually select Other: This image presents security concerns. Add some discriptive data to help Google identify the property and complete the CAPTCHA (an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”) thing that takes me several tries to get right. In 2 or 3 days a blurred wall should appear around the property.
Far too often, security relies on brawn alone — uniformed guards, guns, alarms, locks, armoured vehicles, blast and ballistic resisent engineering. Unfortunately, force can be defeated by guile and superior force.
An example of brawn’s failure is that of Alfred Herrhausen, the Deutsche Bank Chief who was murdered by the Red Army Faction in 1989.
He knew that he was a target. He had a thirty-man security detail and armored vehicles. His murderers had work clothes, a city works vehicle, and explosives. Posing as city workers, his murderers engaged in their own construction project to mine the road that their victim frequently used.
Brawn thrice failed. The first failure was to notice the initial surveillance that led to the terrorists identifing the attack site. Second, brawn failed to recognize and regularly inspect an obivous attack location. Finally, the terrorists were engaged in their construction project for about one month and the security detail didn’t call the city to confirm that the construction activity was legitimate.
The brain would have had a surveillance detection detail. The brain would conduct a route survey to identify likely attack locations. The brain would assign the surveillance detection detail to observe possible attack locations to look for unusual activity. The brain would have called the city about the construction activity.
The brain’s greatest enemy is the budget wala. Brawn is tangible, surveillance detection isn’t. Surveillance detection is like insurance — an expense for something you probably won’t use. Budget walas want proof that surveillance detection is worth the cost because when they spend money on brawn they get something tangible.
A recent analysis published in the Criminal Justice Ethics academic journal suggests when technicians perform forensic analysis of blood and other evidence for cases such as drunk driving, the results can be influenced by built-in financial incentives to produce a conviction. If false conviction rates are very low, a 3 percent error rate could put 33,000 innocent individuals behind bars (in the U.S.) every year.
The primary problem, according to the paper, is that fourteen states reward crime labs with a bonus for each conviction they generate. When there is a reward for a guilty result, a lab technician will not double-check test results that are in the guilty range, though he would be more likely to double-check results that show innocence.
For example, in 2009, a crime lab in Colorado Springs, Colorado was caught certifying at least 82 DUI blood tests with falsely high readings. A whistleblower in Washington, DC revealed in 2010 that the city had been using faulty breathalyzer machines for more than a decade.
View the full text at http://www.tandfonline.com/doi/full/10.1080/0731129X.2013.817070
A working group for Internet regulators at ICANN wants to close all Whois databases. They what to force anybody needing this data to grovel before them before granting access. They are trying to centralize global control over a key component of the Internet. WHOIS allows you to find out who owns a domain name. Without this data, fraud and other crimes will become easier to commit and harder to solve.