All Hackers Are Phonies (Sort of)
Posted: October 29, 2019 Filed under: Investigations | Tags: Hacking Comments Off on All Hackers Are Phonies (Sort of)
Fixed fortifications are monuments to the stupidity of man. If mountain ranges and oceans can be overcome, then anything built by man can be overcome. ~ George S. Patton
Let’s face it. Unless you are trying to fix a busted drainpipe or something similar, your adversary is a living, breathing being. You can hunt deer, fish, a wolf, a serial killer, or even a hacker. And conflict can be easily boiled down to living beings and their tools versus other humans and their tools. Read the rest of this entry »
Reputation Management Lessons From Roseanne
Posted: May 31, 2018 Filed under: Investigations | Tags: baseball Comments Off on Reputation Management Lessons From Roseanne
There are very few things more important to a company than reputation management and Roseanne Barr has inadvertently helped rewrite the handbook. I was in my early adulthood when Roseanne’s ground-breaking television show was in its prime. In its original nine year run, “Roseanne” led the charge in advocating homosexuality. Not only was “Roseanne” the first show to feature prominent homosexual characters, but she backed it up by stating that her two real-life siblings are gay. As ground-breaking and inclusive as the show was, I never cared for it. Read the rest of this entry »
Warner Bros Cast Jim Carrey as Mark Zuckerberg and Didn’t Even Know It
Posted: April 13, 2018 Filed under: Investigations | Tags: facebook, google, Los Angeles, social media Comments Off on Warner Bros Cast Jim Carrey as Mark Zuckerberg and Didn’t Even Know It
With all of the news stories being published in recent days about social media data and privacy, I cannot help but be reminded of a not-so-great, yet brilliantly prophetic, film of the 1990’s. Let me first set the table. I was twenty-four years old and had just moved to Los Angeles to become a stand-up comedian. Months earlier, when I was a busboy at a Jersey Shore bar, I was constantly barraged by drunks shouting “Fire Marshall Bill!” This was due to my uncanny resemblance to Jim Carrey, referencing his recurring character in the critically-acclaimed sketch comedy show of the time “In Living Color“. My resemblance to him was not the only connection. Ever since I saw Carrey impersonate the entire cast of “My Three Sons” on Johnny Carson in 1983, I was hooked. I wanted to be him. Read the rest of this entry »
Steve McQueen’s Advice About Online Threats and Leaks
Posted: January 9, 2018 Filed under: Investigations | Tags: Hacking, Security Comments Off on Steve McQueen’s Advice About Online Threats and Leaks
I saw the classic Hollywood disaster film The Towering Inferno in my twenties, two decades after it was released. I watched it after I read Steve McQueen: Portrait of an American Rebel
The Crack House Principle in Online Investigations
Posted: November 23, 2015 Filed under: Investigations | Tags: IACC Comments Off on The Crack House Principle in Online Investigations
It should go without saying that, in every situation where a crime is taking place, it is most desirable to catch the perpetrator. Doing anything else, including merely disrupting their operation, is simply a consolation. With this in mind, I find that best practices are not always laid out properly so that professionals going into this situation know how to meet the desired end. Even though I specialize in online investigations, I come from the old school and believe that those skills are sometimes a lost art in the new world of online investigations. We will always be investigating people, not their tools. If I hear another firm tell me they are “investigating a website” I’ll pull my hair out. Read the rest of this entry »
Hogwarts Should Conduct Background Checks
Posted: August 25, 2015 Filed under: Investigations | Tags: Hacking Comments Off on Hogwarts Should Conduct Background Checks
Background Checks – Who are the Slytherin anyway? And why is Hogwarts teaching them the ancient and forbidden magic arts? My wife is going through the process of re-watching all of the Harry Potter films. She’s read all of the books ahead of the films, watched the films in the theater and now she has decided to see them all again. Perhaps this is in preparation of the grand opening of The Wizarding World of Harry Potter next year at Universal Studios Hollywood. Besides the first one that had Gary Oldman in it, I always encouraged Wifey to take a niece or nephew to see these movies. Mission accomplished. Somehow, though, I have a feeling I’m not going to be able to weasel out of attending the theme park. To quote a great song of the 1970s “The Things We Do for Love”. 10cc had it right. Read the rest of this entry »
The Haystack Principle of Counterintelligence
Posted: May 15, 2015 Filed under: Investigations | Tags: Security Comments Off on The Haystack Principle of Counterintelligence
The Haystack Principle of Counterintelligence – Anyone who knows me or follows me online knows that I’m a pretty open person. I share almost everything I’m up to. Anyone I know (or any stranger for that matter) can experience with me my lunch, thoughts on a number of odd topics, and even what I’m doing with my dog, Chauncey. In fact, right now you can click any link on the right of this page and learn a plethora of details about my exploits, both past and present. You may say that this is bad for someone in the investigative profession. You are not alone. Overwhelmingly, security professionals of a certain level preach this concept as gospel. I’m here to tell you that, in the 21st century, “security by obscurity” is the most ludicrous method of keeping secrets. Read the rest of this entry »
The Dark Web Ain’t As Dark As You Think
Posted: April 21, 2015 Filed under: Investigations Comments Off on The Dark Web Ain’t As Dark As You Think
I have recently been asked several times by clients and colleagues about the dark web. When I began writing this article I was still debating whether I should use capitals when addressing the dark web. After a few thoughts, I decided that it does not warrant its own title. The dark web is as much a proper place as a dark alley. Before I discuss my reasoning here, I should give you all a quick synopsis of what the dark web actually is, and it isn’t what you may think. The Internet, as we know it, is a network of millions of servers that connect to one another and, as a result, catalog one anothers’ contents. This enables search engines like Google and Bing to index the information for free and resell it to their consumers for a profit, financed by advertisers. Read the rest of this entry »
Replica Handbags and Black Hat SEO
Posted: September 11, 2012 Filed under: Investigations | Tags: black hat seo Comments Off on Replica Handbags and Black Hat SEO
As I do in a normal day, I was patrolling the mean streets of the web looking for websites selling fakes. On this particular day, one site came to my attention. How does a church website with no e-commerce component show up as a top search engine result for replica handbags? When I examined the website’s source code, I observed that there was a javascript injection placing links into their website unbeknownst to them.
Below is an example of what I observed:
elementId = Math.floor(Math.random() * 10001);
document.writeln('
Search engines rank websites based on inbound links from legitimate websites. A javascript injection like this created invisible links to the bad guys’ website the search engines can see but the viewer cannot. The way this is done is by finding an open doorway into a legitimate website that does not have the latest security updates. This is an example of a black hat technique that helps increase search engine results for their illegal site. The lesson to be learned (besides keeping your software updated) is that there are many hidden efforts behind marketing contraband products and, in turn, many clues left behind if you know where to find them.
Now I’m going to finish my coffee.
Branch Offices for Counterfeit Luxury Goods
Posted: August 30, 2012 Filed under: Investigations | Tags: black hat seo, Hacking, knockoffs, luxury goods Comments Off on Branch Offices for Counterfeit Luxury GoodsDuring one of my strolls through the dark alleys of the web I came across another interesting black hat search engine optimization technique: branch offices for counterfeit luxury goods installed within legitimate sites. At first observation, the website I saw selling counterfeits looked like any other. But, after a closer look, the URL appeared to be much longer than the typical domain-based URL like fakestuffseller.com. Instead it looked like this: http://legitimatesite.com/includes/ice/ _vti_cnf/lib/ brand/boots/brand-boots.php. I noticed an extra directory ‘/includes/‘ that looked out of place and perhaps would not be in the normal structure of this particular legitimate website. My next step was to test my theory and delete the extra crap (/includes/ice/ _vti_cnf/lib/brand/boots/brand-boots.php) from the URL, leaving it to be simply legitimatesite.com. As I has suspected this led me to a perfectly legitimate university website.
The two questions you are asking right now are “how?” and “why?”. Allow me to enlighten you. The “how” is similar to what I explained in another recent article I wrote regarding black hat search engine optimization techniques where hackers find weaknesses (like unlocked doors) in websites whose security software is not up to date. Once that vulnerability is detected, the hacker can install thousands of his own websites within your website without your knowledge and, perhaps, for years before you even notice anything is strange. The reason they do it is so that they can create tens of thousands of websites selling counterfeits. Since this is done on a mass scale, the criminal is only minimally affected when your lawyer takes down poor old legitimatesite.com. He has an unlimited supply. Now I’m going to finish my coffee.
