• The Crack House Principle in Online Investigations

    The Crack House Principle in Online Investigations

    It should go without saying that, in every situation where a crime is taking place, it is most desirable to catch the perpetrator. Doing anything else, including merely disrupting their operation, is simply a consolation. With this in mind, I find that best practices are not always laid out properly so that professionals going into this situation know how to meet the desired end. Even though I specialize in online investigations, I come from the old school and believe that those skills are sometimes a lost art in the new world of online investigations. We will always be investigating people, not their tools. If I hear another firm tell me they are “investigating a website” I’ll pull my hair out. Continue reading

  • Hogwarts Should Conduct Background Checks

    Hogwarts Should Conduct Background Checks

    Background Checks – Who are the Slytherin anyway?  And why is Hogwarts teaching them the ancient and forbidden magic arts?  My wife is going through the process of re-watching all of the Harry Potter films.  She’s read all of the books ahead of the films, watched the films in the theater and now she has decided to see them all again.  Perhaps this is in preparation of the grand opening of The Wizarding World of Harry Potter next year at Universal Studios Hollywood.  Besides the first one that had Gary Oldman in it, I always encouraged Wifey to take a niece or nephew to see these movies.  Mission accomplished.  Somehow, though, I have a feeling I’m not going to be able to weasel out of attending the theme park.  To quote a great song of the 1970s “The Things We Do for Love”.  10cc had it right.   Continue reading

  • The Haystack Principle of Counterintelligence

    The Haystack Principle of Counterintelligence

    The Haystack Principle of Counterintelligence – Anyone who knows me or follows me online knows that I’m a pretty open person. I share almost everything I’m up to.  Anyone I know (or any stranger for that matter) can experience with me my lunch, thoughts on a number of odd topics, and even what I’m doing with my dog, Chauncey. In fact, right now you can click any link on the right of this page and learn a plethora of details about my exploits, both past and present.  You may say that this is bad for someone in the investigative profession. You are not alone. Overwhelmingly, security professionals of a certain level preach this concept as gospel. I’m here to tell you that, in the 21st century, “security by obscurity” is the most ludicrous method of keeping secrets. Continue reading

  • The Dark Web Ain’t As Dark As You Think

    The Dark Web Ain’t As Dark As You Think

    I have recently been asked several times by clients and colleagues about the dark web.  When I began writing this article I was still debating whether I should use capitals when addressing the dark web.  After a few thoughts, I decided that it does not warrant its own title.  The dark web is as much a proper place as a dark alley.  Before I discuss my reasoning here, I should give you all a quick synopsis of what the dark web actually is, and it isn’t what you may think.  The Internet, as we know it, is a network of millions of servers that connect to one another and, as a result, catalog one anothers’ contents.  This enables search engines like Google and Bing to index the information for free and resell it to their consumers for a profit, financed by advertisers. Continue reading

  • Rob’s Jobs Series: “The Seaver Method”

    The Seaver MethodTom Seaver was voted into the Baseball Hall of Fame in 1992 with a 98.8% vote on the first ballot. Even 21 years afterward, this is the highest consensus of all time. I know you’re asking, “Why does Rob Holmes, a private eye, care about a pitcher from the 70s in regard to being a private eye?” He was voted by his critics to be more qualified than anyone that came before, or after him, to be in the Hall of Fame.  Back in the 1970s, when he was at his peak performance, a reporter asked him when he decided to change pitches. His response was, “I throw the same pitch until it doesn’t work no more.”  This is the best business advice I have ever received.  Still, after many years in business:

    1. I develop an arsenal of weapons.
    2. I decide which one is the best, then prioritize.
    3. I strike the first bastard out.
    4. I keep throwing the same pitch until it doesn’t work no more.
    5. I throw another great pitch until it doesn’t work no more either.
    6. Repeat until the opponent is defeated.

    In investigations, or even business, this is always the case. I’ve read books written by great businessmen like Trump, Welch, Collins and the like.  But the only thing that resonates with me is the “Seaver Method” that says sticking with what works is always the best thing to do.  No matter what the theory is… what works is all you know.  Keep at it until it don’t work no more.  Then move on to the next idea.  And so forth.

    Here endeth the lesson.

  • Replica Handbags and Black Hat SEO

    Google Gives Update on How It’s Combating PiracyAs I do in a normal day, I was patrolling the mean streets of the web looking for websites selling fakes.  On this particular day, one site came to my attention.  How does a church website with no e-commerce component show up as a top search engine result for replica handbags?  When I examined the website’s source code, I observed that there was a javascript injection placing links into their website unbeknownst to them.

    Below is an example of what I observed:

         
         elementId = Math.floor(Math.random() * 10001);
         document.writeln('
    ‘); document.getElementById(‘block’ + elementId) .style.display=’none’; <a href=”http://xxxxxx.com/db-gestion/pmd/styles/default/images/ icons/brandname/brand-name-products.php”>brand name products</a>

    Search engines rank websites based on inbound links from legitimate websites.  A javascript injection like this created invisible links to the bad guys’ website the search engines can see but the viewer cannot.  The way this is done is by finding an open doorway into a legitimate website that does not have the latest security updates.  This is an example of a black hat technique that helps increase search engine results for their illegal site.  The lesson to be learned (besides keeping your software updated) is that there are many hidden efforts behind marketing contraband products and, in turn, many clues left behind if you know where to find them.

    Now I’m going to finish my coffee.

  • Branch Offices for Counterfeit Luxury Goods

    During one of my strolls through the dark alleys of the web I came across another interesting black hat search engine optimization technique: branch offices for counterfeit luxury goods installed within legitimate sites.  At first observation, the website I saw selling counterfeits looked like any other.  But, after a closer look, the URL appeared to be much longer than the typical domain-based URL like fakestuffseller.com.  Instead it looked like this: http://legitimatesite.com/includes/ice/ _vti_cnf/lib/ brand/boots/brand-boots.php.  I noticed an extra directory ‘/includes/‘ that looked out of place and perhaps would not be in the normal structure of this particular legitimate website.  My next step was to test my theory and delete the extra crap (/includes/ice/ _vti_cnf/lib/brand/boots/brand-boots.php) from the URL, leaving it to be simply legitimatesite.com.  As I has suspected this led me to a perfectly legitimate university website.

    The two questions you are asking right now are “how?” and “why?”.  Allow me to enlighten you.  The “how” is similar to what I explained in another recent article I wrote regarding black hat search engine optimization techniques where hackers find weaknesses (like unlocked doors) in websites whose security software is not up to date.  Once that vulnerability is detected, the hacker can install thousands of his own websites within your website without your knowledge and, perhaps, for years before you even notice anything is strange.  The reason they do it is so that they can create tens of thousands of websites selling counterfeits.  Since this is done on a mass scale, the criminal is only minimally affected when your lawyer takes down poor old legitimatesite.com.  He has an unlimited supply.  Now I’m going to finish my coffee.

  • Brand Protection and Social Media

    In the era of telecommuting and coffee shop branch offices, Facebook has replaced the watercooler, LinkedIn is the new resume and Skype is the new boardroom. Let’s face it. Your online ‘brand’ has become your most public persona. Along with the vast benefits that social media bring a new world has opened up for fraud, misinformation and brand abuse. Holmes is not only a top brand protection investigator. He is also the one-man marketing department for his firm. Combining his two passions of trademark investigations and social media, he will take you on his journey from creating his first blog, designing his firm’s website, and planning a social media strategy and then arm you with brand protection tactics that he employs for his clients.  Rob gave this talk, entitled Brand Protection and Social Media in June 2012 in Dallas, Texas.

  • How the Megaupload Case Has Hurt Brand Protection

    How the Megaupload Case Has Hurt Brand ProtectionThe reason the case against Megaupload founder Kim DotCom has hurt brand protection is because it has nothing to do with trademark enforcement and no one knows it.  With all of the news this case is getting, the public-at-large does not know the difference between counterfeiting and piracy.  There are many different kinds of Intellectual Property but only trademark was set up to protect the consumers before the content owner.  The purpose of a trademark is to identify the origin of a good or service.  The way this works is that, if you see my name or logo on my product, you can trust that it was made by me.  Trademarks are set up as a seal of trust and quality between a manufacturer and a consumer.  People who slap your favorite company’s logo on an inferior product deserve to be made to stop.  By placing a company’s logo on a commercial work without permission helps dilute the brand.  Even if your use is apparently harmless, they must enforce all unauthorized uses in order to be allowed to enforce the baddies.  It’s the basic rule that your school teacher had when you were a child, “If I make an exception for you, I’d have to do it for all the other kids.”  Copyright protection is quite different.  It protects the creator or the owner.  While that is still a noble cause, the difference needs to be made clearer to the public.  The Copyright Act of 1790 granted an author up to 28 years of exclusive rights to his work as long as he was alive.  In 1948 the United Nations passed The Universal Declaration of Human Rights which states ‘Everyone has the right to the protection of the moral and material interests resulting from any scientific, literary or artistic production of which he is the author.’  I am citing this to make it clear that I vehemently support the protection of content.  I do not, however, support the combining of these interests.  Our founding fathers were careful to place copyright in the hands of the legislature (Library of Congress) and trademarks in the hands of the Executive Branch (US Patent and Trademark Office).  This was no mistake.

    In 1946 the United States passed the Lanham Act which prohibited trademark infringement, trademark dilution and false advertising.  In 1984 the Trademark Counterfeiting Act established specific criminal penalties for the commercial use of a counterfeit trademark.  Later, in 1999, the AntiCybersquatting Act was passed to prohibit the unauthorized commercial use of a trademark in a domain name.  President George W. Bush made trademarks a priority when he appointed the first-ever Intellectual Property Czar, which was an undersecretary position within the Commerce Department.  Of course trademark protection should be important.  Our brands are exported all over the world and we rely on the reputation of those brands for more than a third of our economy.  When President Obama was elected, he promoted the IPEC (Intellectual Property Enforcement Coordinator) position from undersecretary to full cabinet status.  Somewhere between then and now this person with executive power has been dubbed the Copyright Czar.  If the Executive Branch is granted to be in charge of trademarks and patents, why are they in the copyright business?  Perhaps American corporations and our own government have been blurring the distinction between the two to make sloppy cases less noticeable.  Or perhaps this is happening so that the specificity of Intellectual Property Rights becomes so unrecognizable that anyone can be prosecuted for almost anything.  Or perhaps this is all just a completely innocent mix-up.  Once we start to see copyright enforcement activity at the USPTO, we will know that our constitution is being ignored.  Protection of all property needs to be respected, but the trademark community needs to stand alone in this fight if we want to bring trust back to the consumer.

    Now I’m going to finish my coffee.

  • Even Some Prisoners are Chinese Knockoffs

    Throughout the years in the anti-counterfeiting business there have been a few times where we, and our clients, have lauded our victories when a raid was accomplished on a factory making Chinese knockoffs.  Once, I remember, back in 2006 our client’s attorney actually saw thirteen people in handcuffs.  Chinese nationals, in China.  In cuffs for making fakes.  Not bad for a case that started with some handbags sold by a Purse Queen in Missouri!  Every time I tell that story, I finish it with the punchline that “I’m sure the cuffs came right off when my client boarded the plane.”  I’m not faulting China and that really isn’t my point here.  But the disconnect between cultures is.  There is obviously a totally different meaning of ‘authenticity’ when you cross oceans.  You may recall the incident during the opening ceremony of the 2008 Beijing Summer Olympic Games when the seven year-old vocalist who was commissioned to sing ‘Ode to the Motherland’ was replaced by a prettier lip synching faker.  A recent Slate article reports on a whole new kind of counterfeiting: fake prisoners.  No kidding, guys.  People who are facing jail time in China can hire a less-fortunate guy to confess, or just replace him in the can.  This brings me to a whole new thought on the counterfeit enforcement business.  While diplomacy with China is important in the fight against counterfeit goods, raiding their factories and jailing their owners is probably not effective.

    The  most important facet of my solution is to curtail the demand in the United States and other countries with a massive consumer base.  The way to do that is to enforce against all sellers of this product in those countries.  Contrary to the spirit voice in Field of Dreams, wise businessmen will tell you that supply does not dictate demand.  Stop promising your client you’re gonna get the “big factory” and focus on stopping the mid-level distributors here.  I promise your performance numbers will increase and, most important, you will help restore value and dignity to the client’s brand.  I know from great experience that many people who became huge sellers of counterfeit goods here in the United States would have stopped if they had just worn a pair of handcuffs early on.  One night in jail works wonders on the soul.  Enforcing the smaller crimes is part of the plan that makes many of our inner cities safer.  Curtailing vandalism in your neighborhood leads to less violence down the line.  In tough economic times it is easy to cut costs and focus on the biggest problems.  The problem with the latter is that no big problem started that way.  My suggestion to my readers is to simply place most of your efforts on the cities and countries with the highest retail sales of genuine product.  I’m not talking about the people selling fakes at swap meets or in the bad neighborhoods.  I’m speaking of the mid-level distributors who are getting their product directly from China and supplying those folks.

    Now I’m going to finish my coffee.

Sincerely, neruaelle

A Guilt-Free Lifestyle

Hi-Tech P.I.

Helping people see the forest for the trees, online.

Holmes, P.I.™

Can you dig it?