Operational Security Part 5: Online Personas

In this 6 part series of articles for Canadian Security Magazine, part 1 explained the nature of security intelligence (SI) and its OPSEC challenges. Part 2 explained the OPSEC challenges facing security intelligence in an iconic commercial enterprise or location. Part 3 explained the important aspects of document control. Part 4 explained the best way to protect the computer network used for security intelligence.

This, the 5th part, explains that privacy and anonymity are different things entirely and how to manage the use of online personas to gather intelligence.

Indexing PDFs

ORPALIS PDF OCR Free is a Windows tool which converts PDF files into fully searchable documents. It scans a PDF file and recognises all its text–even within images–and then exports a new PDF file that now has all its text searchable. This is useful with scanned documents, as it allows you to use the regular Search tool, rather than reading every page of the document.

ORPALIS offers a lot of useful tools for managing your documents. For example, the professional version converts over 90 document formats whereas the free edition supports only PDF as input. It also recognizes over 60 languages and uses multithreading to process multiple documents at the same time.

Document Scanning with Smart Phones

It is now common practice to take pictures of computer screens, record books, and documents during our research expeditions. I am certain that you want to do the same. Here is a list of scanning applications that may help with your quest for the ideal scanning app:

  • Genius Scan for ios. This app turns phone/tablet into PDF scanner w/Dropbox/GDrive integration.
  • CamScanner for Android, iPhone, iPad, Windows Phone 8
  • Tiny Scanner allows you to create PDF documents with multiple scans. Scans are saved to your phone as images or PDFs. For Android, iPhone and both free and pro versions exist.
  • Scannable from Evernote. Requires iOS 8.0 or later and compatible with iPhone, iPad, and iPod touch. Beware, scans are only saved to your device for 30 days unless you disable this in the “Advanced” settings.

All of the above will create a PDF of the scanned content. The next post will offer a solution to indexing the PDF files to make them searchable.

Privacy Settings for Firefox–History

By default, Firefox remembers your browsing history to make it easier to return to a visited site.

Select Options and then Privacy in the left hand navigation panel. Under History, open the drop-down menu labeled “Firefox will:”and tell the browser to never remember your history or use custom settings.

Selecting “Always use private browsing mode,” is for hardcore privacy, but you need to understand the implications of private browsing mode. See the Mozilla’s support pages for more information on this.

Here are the History settings that I suggest.

Uncheck the box for remembering your browsing and download history, un-check remembering search and form history, and leave the box checked for “Accept cookies from sites.” Then under “Accept third-party cookies” set it as Never, but change “Keep until:” I close Firefox. Finally check the box that says “Clear history when Firefox closes.”

This combination of settings allows Firefox to behave normally, but erases most of your activity upon closing the browser. These settings provide some measure of privacy without sacrificing functionality.

Privacy Settings for Firefox–Tracking

Firefox is the best browser for protecting your data. However, Firefox does require several setting adjustments to avoid intrusive tactics like ad tracking.

Select Options and then Privacy in the left hand navigation panel.

By default, Firefox does not enable the do-not-track feature. Turn it on by selecting “Request that sites not track you.” Also select “Use Tracking Protection in Private Windows”, which enables tracking protection that blocks ads and other online trackers when you’re in private browsing mode. However, few sites honor this request.

To enforce your do-not-track intentions, you need to use an add-on such as Ghostery, Disconnect, or the Electronic Frontier Foundation’s Privacy Badger. We have found that some sites do not to allow access to content with add-ons like these enabled.

Little Snitch

Just to be different, I started using a Mac to do some IIR. One of my quick fixes for security was  Little Snitch, a firewall for OSX. It monitors outgoing network traffic and alerts you if a program you’re running is trying to contact a strange server. This could be a shell or a program that snaps photos using your webcam or one that takes screenshots and sends them to an outside server.

When the Security Guard’s Job Stops

AttackThe fifth annual Horizon Scan Report published by the Business Continuity Institute, in association with BSI illustrates that physical security and related issues are growing concerns amongst business leaders. This renewed interest appears in studies and surveys throughout the industrialized world.

My own recent experience in Canada includes many executives asking questions about what they can do to prevent and manage active shooters, gang violence in their facilities, and terrorist attacks. Of course, they demand secrecy to surround their queries and the answers they receive. If I were to summarise the questions, they would display a surprising lack of knowledge about violence and Canadian law. I know the answers surprise the enquirer due to his reaction upon learning how helpless he is in the face of such low-probability but high-consequence threats. What follows should help to explain the most fundamental causes of, and reasons for, our inability to deal with these threats.

The recent awards for bravery related to the October 2014 attack on parliament hill should highlight our society’s irrational approach to managing armed attacks in public and private work places.

The outcome of this attack informs us that we cannot stop attackers at the front door due to our irrational aversion to armed security guards. That is apparent from the utterly inept response to the attack on parliament hill.

Most Canadian security operations stop short of actually managing an armed attack. Once something violent or dangerous starts, the normal response entails calling on somebody else to do the heavy lifting. In this organisational culture, when an attack starts, the security guard’s job stops. However, calling the police is not an emergency response procedure; it is an act of desperation and an admission of incompetence.

With this entrenched mindset, it does not matter how many resources have been devoted to the security operation, when an armed attack begins, security guards, employees, or guests will suffer serious injury or death.

Sign-in procedures, searches, and metal detectors have limited utility when violent intruders come calling. Intruders like this will not calmly line-up and politely follow orders.

The notion that technology and security theatre can supplant incompetence is common in the chancelleries that extoll the virtues of their most recent purchasing decision, but those worthies never face armed terrorists, gangsters, or homicidal lunatics themselves. On the other hand, unarmed guards exposed to armed intruders have a limited number of responses: run, hide, attempt moving people away from the attacker, die in place, or confront the attacker. As illustrated by the attack on parliament hill, unarmed guards are utterly ineffective in the last response option.

Most Canadians do not understand that self-defence is not so much a right as it is a defence in law used to enrich lawyers through endless prosecution and litigation. As a result, the government has embraced the union-shop mentality that sees the preservation of life and self-defence as something only government bureaucrats may do under the supposed ‘social contract’ and nobody has the money, power, and the perseverance needed to change this mindset. Demonstrating this needless and restrictive attitude is the fact that security guards may not get a pistol permit to defend life and limb; they may only get one to protect money. This promotes the perverse belief that the private sector is more interested in money than lives. Even worse, it demonstrates that our government does not believe that any class of private citizen should actually have the right to defend themselves.

Explaining to a public official or company manager that this aversion to armed security guards is irrational does not change his viewpoint but rather creates an enemy. Decades of propaganda and indoctrination against firearms ownership and the right to self-defence has produced an ignorance and unreasoning terror of weapons, which also manifests itself in the firm belief that only government bureaucrats have some magical ability to use weapons. Explaining,  if that were the case, then management of the parliament hill attack would have been quite different does not make any friends either.

In the 2014 Ottawa attack, the police did not sit on their hands outside as they did at the École Polytechnique shooting in 1989. Instead, they advanced to contact rather than waiting outside for specialized response units. This is termed Immediate Action Rapid Deployment (IARD), which is a fancy acronym for common sense.

The IARD protocol is to swiftly locate and close in on the attacker(s) to neutralize the menace at the earliest opportunity, thereby preventing further mayhem. However, this protocol has one critical flaw—the time between recognising the problem and having someone come by to resolve it. This delay causes further casualties. Would it not be more effective to stop or disrupt the attackers plan at the door? Should the attackers make it past the front door, would it not be more effective if on-site security personnel immediately employed the IRAD protocol rather than wait for police to arrive?

The federal government is slowly addressing these issues on parliament hill but do not expect any provisions for the private sector to address the very same threats.

De-Constructing Myths

Myths, rumors, urban legends, disinformation, and propaganda get amplified by the all-pervasive Internet and its trolls. Sometimes, this deluge of twaddle causes people who should know better to waste time, energy, and resources needlessly. Sometimes, it inspires a popular TV show like the MythBusters.

Urban legends and the related types of false information can cause problems in even the most well managed security operation. All it takes is one senior executive or official to believe something nonsensical and lend his authority to it. This may lead to money wasted on useless equipment and programs.

Fake Bomb-Detector

My first-hand experience with this problem includes a fake bomb detecting device that I later encountered as a detector of hidden ivory. This ludicrous device started as a fraudulant detector of lost golf balls. This scam lasted for years and made millions from sales across several continents.

I was suspicious of its use at a security checkpoint and managed to examine a unit and then do some research. Apparently, nobody else thought to do the same, even though lives were at stake.

Human Trafficking

An enduring myth exists that legions of prostitutes from all over the world descend on major events. This pernicious myth usually focuses on sporting events and it usually tries to link any masculine pursuit with human trafficking.

A version of this surfaced in 1998 when Jim Brown, the parliamentary assistant to Ontario Solicitor-General, Bob Runciman and one of Ontario`s Crime Commissioners, was forced to resign after he said Toronto’s Santa Claus parade gave fathers a chance to slip away and visit prostitutes. Senior police officers jeered at this idiocy.

More recently, this was supposed to occur at the World Cup, Vancouver Winter Olympics and at the US Football Super Bowl in February 2016.

The current trend is to equate the commercial sex trade with human trafficking. There are differences between women trafficked into prostitution, local sex workers, and those who migrate to other countries for work. However, irrational activists argue that large groups of men at sporting events result in increased demand for commercial sex that only trafficked women can meet.

On closer examination, every study I read revealed a large discrepancy between claims made before large sporting events and the actual number of resulting trafficking cases. I found no evidence that large sporting events cause an increase in trafficking for prostitution. Reputable anti-trafficking organisations, sex workers rights organisations, and  many neutral researchers and observers also refute this claim.

Yet despite the lack of evidence, this urban legend persists. It persists due to the large number of militant reformers, politicians, and journalists who profit from it. This urban legend provides inexpensive fundraising and publicity for agendas that include misandry, prostitution abolition, halting immigration, and exaggerating foreign threats.

This sensationalism breeds a waste of limited resources. For example, the airports at San Francisco, Oakland, and San Jose and underwent training to spot victims of trafficking in advance of the Super Bowl. Would you like to guess how many trafficked women they found?

Twitter Yearly Search

Have you ever needed to get all the Tweets from a subject during a specified time like everything in 2014?

When doing this type of search, first find the user’s first Tweet. You may do this by going to the Discover your first Tweet page and enter the users name and you will get the first Tweet and its date.

To search a full year’s Tweets isn’t difficult. Just go to the Twitter search box and enter the following:

from:user name w/0 @ since:2014-01-01 until:2014-12-31

The date format must be yyyy-mm-dd. Of course, you may enter any data range. You may also use the Twitter Advanced Search.

CPIC only reports indictable and hybrid offences

Canadian Police Information Centre

In Canada, a criminal record is a documented guilty conviction with registration of the offenders name in CPIC (Canadian Police Information Centre).

CPIC Content

“Canada’s repository of criminal records relates to individuals that have been charged with indictable and/or hybrid offences. Since the Identification of Criminals Act only allows the taking of fingerprints in relation to indictable or hybrid offences, and the RCMP National Repository of Criminal Records is fingerprint-based, the National Repository only contains information relating to these two categories of offences. Summary conviction offences are only included in the National Repository if submitted as part of an occurrence involving an indictable or hybrid offence.” [source: rcmp-grc.gc.ca/en/dissemination-criminal-record-information-policy  (20 Jan 16)]

Hybrid Offences

Hybrid Offences or Dual-Procedure Offences may proceed as either summary conviction offences or indictable offences. The Crown chooses the mode of prosecution but usually prosecutes the less serious of these as summary conviction offences. The crown may proceed on the hybrid offences as more serious indictable offences when the  circumstances make the crime more serious.

Verbatim

In Google, Verbatim is not a command. If Google misbehaves by including strange terms that have nothing to do with your search statement, or if the search results entirely ignore some of your seach terms, then apply Verbatim to the search results by selecting ‘Search tools’, then ‘All results’  and  finally ‘Verbatim’.  Doing this will force Google to search on all of your terms without dropping any or looking for variations and synonyms.