Forcing Firefox to Open Links in a New Tab

During a training class I watched everybody trudge around looking for lost search results. They tried reloading results pages, only to get distored results. They kept losing the search engine results page and were getting lost in a sea of tabs. They wanted to know how to get “google search results” to open in a new tab.

Here is my solution for getting tabs to open where I want them to. In Firefox, go to ‘about:config’ in the address bar. In the config window search for these settings and change them as follows:

  • browser.search.openintab – if true, will open a search from the searchbar in a new tab if you use the return key to trigger the search
  • browser.tabs.loadBookmarksInBackground – if true, bookmarks that open in a new tab will not steal focus
  • browser.tabs.loadDivertedInBackground – Load the new tab in the background, leaving focus on the current tab if true
  • browser.tabs.loadInBackground – Do not focus new tabs opened from links (load in background) if true
  • browser.tabs.opentabfor.middleclick – if true, links can be forced to open a new tab if middle-clicked.

This is the type of ‘boring stuff’  that you must master if you want to do Investigative Internet Research and make any money at it. Clients won’t pay for wasted time. You may know where to hunt for data, but you need to also know how to get it into the larder before it goes bad.

The PI & OSINT

Finding and verifying social media content is becoming a greater concern for private investigators (PIs) and their clients. Unfortunately, most PIs do not possess the skills and resources to do this beyond the most rudimentary level.

Some investigation companies will try to build an in-house operation. They will buy technology, or spend money on subscriptions to tools that claim to do the work with a click of a button. This usually proves to be a costly expedition into the unknown that ends in failure. The purchased tools do not live up to their claims or clients usually want something the purchased tools and subscriptions don’t deliver.

Some investigation companies will send staff to courses to learn about sources. These are billed as Open Source Intelligence (OSINT) courses. Unfortunately, the OSINT concept usually misses the “intelligence” part, and it is more about gathering raw information than producing usable investigative reporting.

The ‘intelligence’ part is the expensive part. It involves time to conduct the analysis and many hours of learning to present the analysis along with the sources and methods reporting.

Producing a report that goes beyond the OSINT concept is not a secretarial task. Once you go beyond the popular OSINT concept, you start doing Investigative Internet Research (IIR).

Why You Can’t Dictate an IIR Report

Proper IIR reporting does not rely on haphazard Internet searches and does not dump a disorganised load of raw data from the Internet into a client’s inbox. Reports summarize then analyse the collected data and then explain the sources and methods used to collect data.

The researcher must understand how to use Word and other software because he cannot dictate IIR reports. A dicta-typist cannot produce an IIR report for the following four reasons:

  1. The person transcribing the dictation will not place images, graphs, and video clips properly yet, a picture, screenshot or video is worth a thousand words.
  2. There is no efficiency at all in dictating a URL and plenty of mistakes would result.
  3. Some Web site names are hard to pronounce and would lead to misspelling (although you might spell them out, there is still a risk).
  4. Whoever writes the report must have all the collected material at hand in order to create footnotes and appendices.

Now you know why the person doing the IIR must also prepare the report.

In the next few articles I will describe the tools and techniques that actually work, but there is no magic button that does the analysis for you.

Who’s Watching & Listening

You never know who is watching. Please note that if you are Investigating someone inside your own company, and using the company network to search the Internet, at least use the encrypted search sites.  However, it is becoming more common for large companies to insert an inline HTTPS proxy in the network to  read and analyze this traffic by creating a man-in-the-middle. You can’t be sure that your investigation won’t be compromised because someone sees what you are searching and then tells the wrong person.

 

Google — Search, Plus Your World

If you are  a Google+ user, then you now have a new search tool (the encrypted site is https://www.google.com/insidesearch/plus.html). When you are signed into your Google+ account your search engine results will be sorted for relevance in different fashion. Your search results will be sorted by what your Google+ friends say about the search term. This process assumes what your friends say is more important than other content.

This personalised search relevance is a boon for advertisers that want your attention. Google isn’t the first to do this. In 2010 Bing began ranking sites in search results based upon how many of your Facebook friends “like” the site.

The search engines and advertisers have decided that people want to search for other people and their opinions over other content. How convenient for the search engines and advertisers!

If you want a full explanation of the impact this will have for the Investigator, then read Phil Bradley’s article titled Why Google Search Plus is a disaster for search. Google is no longer my first choice, I start with Bing, then DuckDuckGo, and last but not least, I search Blekko.

Copernic Agent & Google

I have used Copernic for years, and just accepted its lack of a Google search.  I just got used to it, and never sought a way to add Google.

At a recent conference, Kevin Ripa told me that a registry entry would solve the problem after I mentioned that it didn’t search Google.  If you’re going to feel like an idiot, its good to shown-up by a really smart guy like Kevin.

Go to the registry key:

[HKEY_CURRENT_USER\Software\Copernic\Agent\System]

and insert the following string:

EngineUpdateAddress=

with value, http://updates.copernic.com/k2upd/agentex

 

Division of Powers — Property Rights

The provinces have been granted power over “property and civil rights in the province” in Section 92(13) of  The Constitution Act, 1867.

This division of power forced the Trudeau government to remove the right to private property from the Charter of Rights when the provinces protested its inclusion. The provinces saw this as limiting their ability to tax, expropriate, and exercise control over property ownership. Neither the federal nor provincial governments are under any constitutional obligation to pay fair (or any) compensation for expropriated property. The Constitution Act 1867 and the Charter of Rights do not address this issue. Legislatures are also free to legislate away your ability to use any property for any purpose. Ontario and Quebec will probably try this route to control firearms ownership once the Long Arm Registry is eliminated by the federal government.

This is starting to backfire. Landowner associations and grass-roots movements are starting to form in Ontario and Alberta.  These groups and movements to include property rights into the Charter of Rights will become a prominent feature of the political landscape in years to come.

Best Documentary Evidence

In Omychund v Barker (1745) 1 Atk, 21, 49; 26 ER 15, 33, Lord Harwicke stated that no evidence was admissible unless it was `the best that the nature of the case will allow’. The general rule is that secondary evidence, such as a copy . . . , will be not admissible if an original document exists, and is not unavailable due to destruction or other circumstances indicating unavailability.

The rationale for the . . . rule can be understood from the context in which it arose: in the eighteenth century a copy was usually made by hand by a clerk (or even a litigant). The best evidence rule was predicated on the assumption that, if the original was not produced, there was a significant chance of error or fraud in relying on such a copy.

Today this still applies to a large degree — that is why we normally get certified copies of public records that might be used in the future and notarize copies of documents obtained throughout the course of an investigation.

Ontario PI Licence Guarantor

Ontario PI & Security Guard Licence Guarantor Requirement

The Royal Canadian Mounted Police (RCMP) recently added a new requirement to its policy related to criminal record checks. This requirement applies to all agencies across Canada that access the Canadian Police Information Centre (CPIC) to perform a criminal record check. CPIC is administered by RCMP. All agencies that access CPIC, including the Private Security and Investigative Services Branch (Branch) are required to comply with the RCMP CPIC Policy.

Effective March 21, 2011, all applicants for licences must have a guarantor confirm their identity by verifying the identification documentation (ID) that accompanies their application. Applications cannot be processed without this confirmation by a guarantor. This requirement applies to both individual licensees as well as agency personnel that are named in the application for an agency license. Typically these are officers, directors or partners of the company who, as part of the agency application process, are also required to have a criminal record check.

Anton Pillar Orders

Anton Piller Orders, named after the famous 1976 English case, Anton Piller KG v. Manufacturing Process Ltd. [1976] Ch 55 1 ALL E.R. 779, which defined the process of civil search and seizure under common law.

An Anton Piller order is obtained ex parte, and allows the moving party to access the premises of the other party to gather evidence that the court fears may be destroyed if the search is not conducted immediately. To many people this resembles a private search warrant but it is not.  The contempt power is used to enforce them rather than the normal criminal process where physical force may be used to execute the Order.  Nor does the Order authorize entry.  Rather, it commands the defendant to permit entry.  The defendant may deny entry, and thereafter face contempt proceedings.  The plaintiff’s agents may not use force to effect entry in the face of the defendant’s denial of permission.  The defendant may move to have the access limited after the search. Therefore, the order doesn’t necessarily give the moving party immediate access to the evidence, rather it preserves it, so that access can be determined at a later time.

With a search warrant, those strangers are police officers, who may use reasonable force to execute their search.  With an Anton Piller order, the strangers are not police officers (although they will usually include one peace officer from the Sheriff’s office or a Bailiff in Quebec).  They may not use force to gain entry, but rather the threat of jail or other punishment.

The premise of these orders is that (a) the defendant is likely to act to frustrate the order if given notice of it in advance; and (b) there is a strong prima facie case that the defendant has already acted very badly.  As Anton Piller orders play an increasingly important role in protecting businesses from disgruntled or departing employees (as in Ridgewood cited below), it is important for Investigators to fully understand their obligation to properly execute these orders.

A number of judgments have condemned the improper execution of these orders. An Ontario case,  Ridgewood Electric (1990) v. Robbie, contains an  excellent background of the Anton Pillar Order in Para [23] and demonstrates how not to execute the order. In Harris Scientific Products v. Araujo (2005), 54 Alta. L.R. (4th) 195, the Alberta Court of Queen’s Bench ordered damages of $35,000 for trespass and punitive damages of $10,000. Furthermore, the Alberta Court of Appeal in Catalyst Partners Inc. v. Meridian Packaging Ltd. established that there had to be strong evidence showing a real possibility that the defendant would destroy documents, not merely an inference or suspicion in order to issue an Anton Pillar Order.  In Celanese Canada Inc. v. Murray Demolition Corp., 2006 SCC 36 the SCC ruled that Celanese had the onus of demonstrating that no prejudice would result from their solicitors carrying on in the file. As a result of the execution of an Order, the Celanese solicitors had come into the possession of confidential information attributable to a solicitor-client relationship, and the court said that the solicitors “bear the onus of showing there is no real risk such confidences will be used to the prejudice of the defendant.” This contentious case led the SCC to better define the  requirements for successful preparation and execution of an Anton Pillar Order. The following guidance is distilled from Celanese Canada Inc. v. Murray Demolition Corp.

  • An independent solicitor should act as a neutral officer of the Court to supervise the execution of the Order. This person should explain the Order to the Defendant and provide a objective report to the Court.
  • Limit the scope to only necessary material and no material should be removed from the site unless pursuant to the terms of the Order.  This is not a fishing expedition. However, allocate enough time and be methodical in your execution of the Order while documenting every step in the process.
  • The moving party should provide an undertaking and/or security for damages if the Order is unwarranted or improperly executed. The court does not want to deal with imposing fines etc. as in Harris Scientific mentioned above.
  • Include a procedure for dealing with solicitor-client privilege or other confidential materials. The court does not want a repeat of this problem as seen in Celanese above.
  • Return seized material as soon as practicable.
  • Commence the search during normal business hours when the counsel for the Defendant is available for consultation. Again, this was a problem faced by the Defendant in Celanese.
  • The premises should not be searched, or items removed, without the presence of the defendant or his responsible employee.
  • Persons conducting the search should be listed by name rather than just the number of people permitted.
  • A detailed list of all evidence seized should be made and verified by the Defendant before leaving the site.

The Olde Ways

I was summoned to a meeting with a client. The client firm is over a century old. This successful firm has learned a thing or two about security.

I was asked to surrender my electronic gadgets. Being of the old school, I had none. This pleased the gatekeeper. I was led to a room furnished with only a curious table and four old wooden bankers chairs. No telephone, no electrical outlets, one florescent light fixture above the table.  The gatekeeper had to unlock the room. She then waited at the open door until my contact arrived.

My contact enters and places pieces of chalk and a chalkboard eraser on the the table. Most of the table top is painted with chalkboard paint.

We eventually compose a handwritten Memorandum of Agreement regarding the engagement, sign it, and off we go.

These people understand the rules, especially Rule #1 — If you don’t want it overheard, don’t say it. But I must admit, I have never seen a “Magic Slate” table before.

Erase Data with a Hammer

Flash-based solid-state drives nearly impossible to erase

Researchers from the University of California at San Diego delivered a paper at the FAST-11 Conference in San Jose, Calif., last week that shows it’s almost impossible to reliably erase data from a solid state drive.

The report, Reliably Erasing Data from Flash-Based Solid State Drives (PDF), goes through all of the known techniques for erasing data and they found the best method was a big hammer.

27 Mohammeds

Identity

In conducting Internet research we encounter the problem of persona isolation. In national security circles this is called the “27 Mohammeds problem”.  Essentially, how do we know that the John Smith mentioned in a blog is the specific John Smith we are researching?

Reputation Evaluation

This leads to a another difficulty.  An Internet reputation may not reflect reality.  The Internet reputation may be fabricated out of malice.  We must evaluate a conviction in the august Internet Court and determine if we believe it enough to not take a risk on the subject firm or person.

Related Articles

The following related articles may help you deal with this problem:

Toronto Sun Surprised by Private Investigator

Private Investigators, Adjusters, and insurance companies get a lot of bad press due to bias, ignorance, and a desire to sensationalize the news.

In today’s Toronto Sun an article titled, How Facebook can screw you by Alan SHANOFF, the author states,

I wouldn’t be surprised to see insurance company adjusters and investigators trying to become a claimant’s “friend” to obtain inner circle access. Instead of a private investigator hiding in a van on your street or behind a bush, he might very well be tracking your movements in cyberspace.”

It’s obvious that SHANOFF would be surprised to learn that Private Investigators and Adjusters in Canada wouldn’t do this to a represented claimant.  I have written on this subject twice, and all the PI’s and Adjusters I have spoken to about this know that they may not “friend” the subject of an investigation if he or she is represented.  Simple fact checking would have corrected this.

Surveillance Tradecraft

Early in my career I was part of a surveillance crew. Every day I would go out and follow people. Sometimes I worked alone, sometimes in a car or cab with two other guys, sometimes as part of a multi-vehicle team.

It takes a long time to integrate a new guy into a surveillance crew. If he is experienced, it will take about 6 months. I have not seen any really good training schools for this in North America. I think the reason that such schools don’t exist here is that it takes too long to teach the fundamentals and this would cost a lot of money for lodging, cars, and instruction. In Canada, learning to conduct surveillance is definitely on-the-job training.

Let’s start with some definitions.

Read more