Critical Thinking

Growing up, my mother always told me not to believe everything I read. This was good advice, but it doesn’t go far enough.

Critical thinking is an ancient concept but the actual term began to appear in the mid-20th century. In the information age, developing this skill is essential. It is an intellectually disciplined process of actively analyzing and evaluating information. It transcends all subjects, sources, or problems. Critical thinking protects us from biased, distorted, partial, uninformed, or prejudiced content and ideas. It insulates us from improper assumptions and implications. It prevents undesirable consequences.

Critical thinking is not the application of logic for selfish purposes. Selfishness often appears under the guise of critical thought to skilfully manipulate ideas to promote a vested interest. Fortunately, this usually becomes apparent upon close examination because selfishness typically accompanies lies and an intellectually flawed argument. Examining the issue fair-mindedly, and with true intellectual integrity, the selfish analysis falls apart. Of course, the selfish minded individuals will call the product of true critical thinking idealism, using that term in a pejorative sense, thus further identifying their selfish motives.

Anonymize Your Email

Guerrilla Mail is a temporary, disposable email service. It lets you to easily set-up random email addresses. If accessed through Tor, it ensures that no one can connect your IP address with a Guerrilla Mail address.

Encrypting messages for webmail is awkward. You must copy and paste messages into text windows and use PGP to scramble and unscramble them. To avoid this, you can use a privacy-focused email host like Riseup.net and Mozilla Thunderbird with the encryption plugin, Enigmail, along with another plugin called TorBirdy that routes email through Tor.

Confidential File Transfers

Google Drive and Dropbox don’t provide privacy. Onionshare is an open-source program that lets you send big files via Tor. When you use it to share a file, it creates a Tor Hidden Service, which is a temporary and anonymous website hosted on your computer. Give the recipient of the file the .onion address for that site, and they can securely and anonymously download it using their Tor Browser. The person who is receiving the file doesn’t need OnionShare. All they need is to open the URL you send them in Tor Browser to be able to download the file.

For now it only runs as a bare-bones command-line tool on the Tor-based operating system Tails, which can be launched on Windows or Mac machines.

If you’re trying to send a secret file then it’s important to send this URL secretly. I recommend you use Off-the-Record encrypted chat to send the URL. This provides an end-to-end encrypted conversation over services like Google Talk and Facebook chat that prevents Google or Facebook from having access to the contents of your conversation.

Microsoft’s Ban on Guns & the Investigator

Since 2009 Microsoft’s Code of Conduct has been applied to more and more of their online services. Under this Code of Conduct, users are prohibited from using it in  “any way that promotes or facilitates the sale of ammunition and firearms” (See bullet point #13). You have to trust that Microsoft’s definition of “promotes or facilitates the sale of ammunition and firearms” is the same as yours and that one of their robots doesn’t delete all your data. Not recognising this risk could mean the loss of all your investigation reports and data. A lot of my investigations have included large volumes of data on firearms and ammunition. Imagine the damage to your reputation, if at a crucial juncture in the investigation, some Microsoft employee or robot decides my data and reports are “promoting guns” and deletes everything.

Most of Microsoft’s online services are covered by their “Code of Conduct”. This includes Windows Live, Office 365, Microsoft Sharepoint, Bing.com, Outlook.com, Windows OneDrive, Exchange Online, MSN and more.

Searching for firearms and ammunition data on Bing may already produce censored results as a result of the Code of Conduct.

Only Skype, Microsoft Azure and XBox Live are now exempt. I expect Skype will be the next to come under the Code of Conduct.

Windows OneDrive, formally Microsoft SkyDrive, is part of Windows 7, Windows 8, Windows 8 for Phones and Windows 8 for Tablets. If you handle information about firearms you should avoid these products. You could find your account terminated and all your emails, contacts, calendar, and everything else deleted.

Windows Live powers a number of Microsoft services including Microsoft’s cloud email and cloud Office suite. Windows Live, Outlook.com and Exchange Online power many large institutions. If you work in such an institution be very careful, especially if you have signed documents agreeing to abide by Microsofts Terms of Use.

If you use Microsoft Office and the Office 365 service to share files about guns, then you will eventually find everything has gone down the memory hole.

Microsoft’s Code of Conduct can affect everything an investigator does. Searching, email, voice calls, storing data, and preparing reports are all potentially at risk if you use these services in relation to firearms and ammunition related topics. Now ask yourself how Microsoft knows the content of your data and think about the confidentiality and security of your data.

You must have a due diligence process in place before starting to even look for online and cloud services. You have to read and understand the implications of all the stuff hidden in the fine print.

How to Take Veracious Surveillance Video

I don’t like going to court, who does, but sometimes it’s a necessary evil.

I once conducted a surveillance as part of a complex investigation. Of all the surveillance operatives, I was the only one subpoenaed regarding the primary subject. During a break in the proceedings I asked the barrister, why only me?

His answer was simple and direct. He said, “you started or finished each video segment by panning up and out to wide angle to clearly show where the video was taken. The visible landmark buildings and the surroundings make your video more credible.”

None of my evidence was questioned until they got around to a segment of my “camera in a cardboard box” video taken on a city street. Those questions ended when pictures of me with my box on the street were entered into evidence. These were taken by facing a reflective shop window–there I was in my Dickie work clothes holding the cardboard box that concealed the the camera.  The other side didn’t like the fact that I captured the licence plates on both the subject’s car and that of his mistress parked on the same side street by walking down the street with my cardboard box. They were later connected through the licence plate and surveillance, which in turn, led us to an apartment on the same side street that was purchased with embezzled funds.

I don’t know if questioning the truthfulness of all surveillance video based upon the location of the person recording it will become standard practice or if this was just a bit of aggressive lawyering, but these courtroom tactics can be defeated by proper technique, documentation, and reporting.

Saving Bozo Eruptions for Posterity

During research projects I sometimes come across astounding levels of stupidity posted for all to see. Sometimes this occurs in obscure corners of the interweb, sometimes it’s done on Twitter.

If I think an instance of stupidity might become important in the future, I manually archive the web page or Tweet by submitting it to the Wayback Machine using the Save Page Now option.

This doesn’t work with all sites, but when it works, the “Bozo Eruption” will be available on an authoritative site in the future. There won’t be any question that the eruption occurred if someone has second thoughts and removes it from the site.

Alberta Court Stikes Down Trespass to Premises Act

An Alberta Court struck down the provincial Trespass to Premises Act (TPA) as “unconstitutional” as it relates to public property in R v S.A. This decision prevents Transit Authorities across Alberta from using the Trespass to Premises Act to ban individuals from using their facilities.

R v S.A was about a young woman who was banned from all Edmonton LRT stations due to her involvement in an altercation at a single station. This eliminated her ability use public transit in Edmonton.

This is a long and thoughtful decision addresses the Liberty interest found in S.7 of the Charter. On reading the decision, I believe this decision will, over time, extend to all public places where the Trespass to Premises Act might be used by any public authority in Alberta.

Since 1976, Canadian courts have been whittling away at the right of private property owners to keep out trespassers under provincial trespass legislation. The reasoning presented in this decision may become the norm throughout Canada and it may have unforeseen implications for private landowners.

Security and facility management should begin reviewing trespass policies, operating practices, and training in the light of the direction and standards outlined in this case. It seems that the prudent course is to ensure trespass bans are objectively defensible and proportionate to the inappropriate behaviour. Implementing an appeal process for a trespass ban also seems judicious.

Please note that this decision is currently under appeal. It is also from a Provincial Court and not binding. However, understand that landowners rarely get expanded rights from the courts; it usually goes in the other direction.

Searching Google Anonymously While Signed In

I know you still want to use Google without giving away all your personal data. To accomplish this while using Firefox, use the Searchonymous extension. With this, you can stay signed into your Google account while searching and Google won’t know it’s you doing the search. It also gets rid of most of the annoying ads.

If you use Chrome or a browser like Comodo Dragon that is based on Chrome, then you might try Search Disconnect which purports to do the same thing.

Surviving a Calamity

I sometimes hear someone argue that specialization has weakened society as individuals now have fewer skills with which to survive a calamity. This argument presupposes a sudden reversion to a rude state of society and that such a change would become permanent. This seems unreasonable to me as it assumes that we would not work to restore what we lost.

Of course, any person with skills suitable for employment in a more primitive society would be more comfortable until we attain our former level of development. Once this happens, this person’s skills again become irrelevant.

The question of how much time and other resources we devote to acquiring the skills needed to survive and thrive during a calamity remains unanswerable.

Smartphone Security

Losing your smart phone can be more that inconvenience if your are an active private investigator. Over at PInow, Kelly Cory’s article titled How to Keep Your Smartphone Secure offers some sound advice.

Normalcy Versus Risk

Feral Dogs

In the past I have written about the risks associated with feral dogs. Currently, the town of Kenora Ontario is experiencing some difficulties with feral dogs. Having a pack of feral dogs circling your house is not something to take lightly.

When Knives Attack

The recent Calgary mass murder illustrates how people assess risk wrongly. Statistics Canada reports (in 2008) that one-third of homicides and attempted murders involved edged weapons. That is more than any other type of weapon. StatsCan also reported that edged weapons were used against six per cent of victims of violent crime while firearms were used against two per cent of victims. Yet most people and organisations dither over plans for mass shootings.

Knives are easy to obtain, easy to conceal, they don’t run out of ammunition, and they cut in any direction. No training is required and if you can move your hand with the knife in your grasp, then you can kill with it.

This type of crime occurs quite often. Here is a recent sampling:

  • four people were stabbed in a Regina shopping mall
  • student was stabbed at a Brampton, Ontario, high school
  • four coworkers stabbed at a Toronto office by a man who was being fired
  • two people killed and four wounded in a Loblaw’s warehouse stabbing attack

Of course the knee-jerk reaction will be to ban assault knives. Of course all prohibitions fail miserably and probably make the situation worse as happened with the ‘war on drugs’ and ‘gun control’. Some foolish individuals will no doubt say that the StatsCan figures prove that ‘gun control’ works and we now need ‘knife control’, no doubt a knife registry will follow.

In the Calgary case, the accused probably took the knife from the kitchen and then started his rampage. I’m sure registering their kitchen knives after getting a licence to buy them would have stopped this attack.

Risk Assessment

Whether it’s feral dogs or knife attacks, you have to measure the relative probability of the event occurring against the consequences of the event. We are hard wired to believe that we live in a safe world–if we weren’t, then we would never have ventured out of our caves to create the world we now live in. This is called the normalcy bias.

Normalcy Bias Vs. Risk

I am paid to respond to situations where the normalcy bias got the better of someone or to plan for situations that nobody wants to contemplate. Decades of experience has taught me that nobody wants to contemplate the low probability, high consequence events.   Legislation and hand wringing won’t change this–planning, preparation, and training might. Unfortunately, the interest in preparation and training wanes quickly as memory of the event that spawned this dissipates, and thereby allowing the normalcy bias to reassert itself.

Black Suits & Dark Glasses

I went to a meeting with a client to help solve a problem one of his customers was having. Sitting in the reception area, I witnessed a wondrous spectacle. In struts a guy in a black suit wearing dark glasses and earwig. He looks around ominously and then talks into his sleeve. Next, the great man enters surrounded by a phalanx of black suits, dark glasses, and earwigs. This is Canada. Private bodyguards don’t exist here. They are just for show-offs who like to look important or for those tricked into hiring some feckless cannon fodder.

It turned out that this was the guy with the problem. My client realised that he was ineptly handling the symptoms rather than treating the disease. He had received threats. He had suffered vandalism to his home and car. He couldn’t in any way identify his persecutor. However, he was a senior executive of a company in an industry that sometimes attracts threats and acts of violence.

When the great man was asked how he had received the threat, he said that he received it on his unlisted cell phone, so it must be a serious threat perpetrated by dangerous people. I Googled the cell phone number. Lo and behold, there it was in a Kijiji ad for some stuff he was selling. The picture of the stuff included the front of his house and enough of his car to identify its make, model, and colour.

His name appeared on the title for his house along with that of his wife. Searching his name in social media sites, I was able to identify his children and wife. I found that his son went to hockey practice at the arena where his car was vandalised.

In half an hour I learned where he lived, his cell phone number, identified his family, where his children went to school, and learned his son’s hockey schedule. More importantly, the social media content related to his family members also identified him. This led me to conclude that it was possible that he was not the target. Of course, the wife and kids didn’t have bodyguards.

Each of his bodyguards was questioned regarding their training and experience. It wasn’t surprising to me that they were repurposed security guards with no training. The agency providing the bodyguards did not conduct any investigation nor did the client’s employer.

Without any idea who in the family was being targeted, new security arrangements were made. The house and office got uniformed security guards. The client and his wife got reliable security drivers. We put in place new security arrangements for the children. All social media content was expunged. I ensured that the police and telephone company became involved.

Further investigation produced a list of suspects. The police tied one of these to the vandalism of the client’s car. Police interrogation led to a confession. The offender turned out to be the teenage daughter’s jilted suitor who was also a player on a rival hockey team.

How to Use Boolean to Improve Social Media Monitoring

Twitter and Boolean Searching

Twitter has a robust search facility  that includes Boolean search operators. Twitter Support provides the following table of search operators.

Twitter defaults to the AND operator when you include search terms to the search statement. Don’t forget to use the -sign for NOT to eliminate search terms and OR to broaden the search. To get the results that you really want, you can filter the search results using the selections on the left side of the results page or you can start your search on the Advanced search page. Always search for variations of hashtags, spellings, and sentiment words in order to capture the largest number of tweets possible.

Unearthing a GeoSocial Footprint

I try to learn something every day. Today, I learned about GeoSocial Footprints. A geosocial footprint is the combined bits of location information that a user divulges through social media. Now I had to learn an easy way to unearth someone’s geosocial footprint.

First, I had to find an easy way to uncover which social media (SM) a person uses. To do that, I found an add-on for Firefox called Identify. This extension used to help you explore an individual’s web identity across SM sites. However, it is not compatible with V. 26 or later. It was also not compatible with Comodo IceDragon.

That left me with trying Hoverme. This is an add-on for Chrome that provides a SM profile when you mouse a name on SM sites. You will supposedly be able to view the social web profile of the subject by mousing over the profile picture in Facebook, etc.. It should provide links to the person’s profiles on sites such as Facebook, LinkedIn, Delicious, etc..

I tried installing it in Comodo Dragon, which is built on the open source Chrome browser and doesn’t phone home to Google like Chrome. Unfortunately, Hoverme needs the Kynetx browser extension that many apps require. It’s like Greasemonkey for Firefox, but to install this you need to set-up an account or use Facebook or Google to sign-in. This means I might be giving away too much information. This also means that to collect evidence safely, I will have to install it on a sandbox machine or in a VM and then do my main collection on another machine. I would do this because I don’t know what Kynetx might be doing to the machine that is collecting the evidence and I don’t know what information this might be giving away to unknown parties.

I guess it’s back to good old-fashioned Investigative Internet Research to uncover which SM sites someone uses. From there, I will have to figure-out how to collect, collate, validate, and explain all this geosocial footprint stuff.

Veracity of Online Images & Video

My mother advised me not to believe everything I read remains true today as it was 50 years ago. Today, this advice extends to online video and images.

Hoax imagery and video abounds online. A fake video of an eagle trying to fly off with an infant in a Montreal park is only one example. Students at the National Animation and Design Centre created this ‘Golden Eagle Snatches Kid’ video. Their skill was impressive. It took a frame-by-frame analysis to uncover the fake. Frames that lacked the eagle’s shadow revealed it to be a hoax.

Free editing software like VLC Media Player or Avidemux Video Editor can help split video into frames, but locating and investigating the person who posted the video proves more productive in most cases. The following is a short outline of how I approach this problem.

First, start listing the places you find the item and user names that posted it. Look for the first instance of the item by filtering by date. Try to find the first instance as this may be the original and the original poster of the item. Compare video thumbnails to find the earliest and largest as that may be the original. Search the thumbnails in Google Image Search, TinEye, and Bing. However, searching TinEye, et al, will require an image with high contrast and distinctive colour combinations.

Next, try to identify the person who first posted it. Sometimes, discovering the creator of the item is easy because it was posted on a Facebook page or on YouTube, but usually it was just duplicated there and originates elsewhere. Search all text associated with the item—tags, descriptions, user names. Use everything as search terms. Search all the user names to identify the people. Use sites to LinkedIn, Facebook, etc., to get a feel for the background of the people you may later contact.

Once you have found the likely source of the item, examine and question the source to establish his reliability. You need to engage this person to establish that he created the video or image and that it isn’t a hoax or an altered version of something he still possesses.