The Problem With Hyde

The Problem With Hyde

One of the greatest reads in my entire life was Robert Louis Stevenson’s 19th century novella “Strange Case of Dr Jekyll and Mr Hyde“.  In this, Stevenson tells the story of an attorney who is investigating the evil acts of a man who calls himself Edward Hyde.  The investigation leads him to find that Hyde is actually an alternate personality of his old friend, Dr. Henry Jekyll.  Since the publishing of this story, the Jekyll/Hyde concept is one of the most celebrated and imitated in all of literature.  This is because it is, in my opinion, the most relevant piece of fiction in all of sociology, psychology and criminology.  Ever. Without exception. Continue reading

Steve McQueen’s Advice About Online Threats and Leaks

Steve McQueen’s Advice About Online Threats and Leaks

I saw the classic Hollywood disaster film The Towering Inferno in my twenties, two decades after it was released.  I watched it after I read Steve McQueen: Portrait of an American Rebel by author Marshall Terrill.  In fact, after reading TerriIl’s book, I watched just about every Steve McQueen film that I had not yet seen.  One tidbit from the book that I found interesting was that McQueen and Paul Newman were such fierce competitors that it led to McQueen counting the lines in the script and demanding to one-up his rival in order to flex his new-found star power by having one more line than Newman.  Egos aside, I’m glad he did.  This led to the final and, in my opinion, most poignant line in the entire film.  Newman plays the architect who designed the amazing spectacle of a building which, turns out, had some flaws due to corporate fat cats cutting corners.  Steve McQueen portrays the fire chief who saves the day.

The exchange is chilling:

McQueen: You know, we were lucky tonight. Body count’s less than two hundred. You know, one of these days, you’re gonna kill ten thousand in one of these firetraps, and I’m gonna keep eating smoke and bringing out bodies until somebody asks us how to build them.

Newman: Okay. I’m asking.

McQueen: You know where to reach me, architect.

This exact scenario proposes itself to me week after week.  Those who construct and develop companies and infrastructures do not always look at what it takes to keep it safe.  I know what you’re thinking.  This should be a given.  It isn’t.  As I’ve said over and over, security and convenience are natural enemies.  In other words, the more convenient it is to use a product, the less secure it is.  There is no exception.  So, when individuals, investors and the like are building a company, security (no mater what they admit) is an afterthought.  This is why you’ve seen so many data breaches including Equifax, Sony, and Neiman Marcus.  Did you know Neiman didn’t even have a CISO (Chief Information Security Officer) until months after the breach?!  Overlooking security in lieu of growth is an epidemic in this ‘race-to-a-billion-dollar-market-cap’ culture.  “So how can I prevent the next big hack?” you ask.  I’m glad you posed the question.

We work for many major corporations with a lot of assets to protect, and not a single one of those who trusted us have had a leak that led to negative publicity.  Nor has one of these companies had significant physical threat to a VIP.  “Impossible! How is that?” you say.  The answer is simple, but requires discipline and commitment:  You need to put out ever single small fire that comes along.  Every.  Single.  One.  Don’t wait for the big fires.  That’s it.  It’s that simple.

  • First, determine what is valuable within your organization.  This includes human capital (executives) as well as intellectual property (content).
  • Second, investigate every single threat no matter how insignificant it seems.
  • Third, follow up with every lead in succession based on priority determined by the results of the investigation.

If you follow these principles, with our guidance, you will never experience a towering inferno.

Living by Accident: The Philosophy

Living by Accident: The Philosophy

Have you ever wondered where your next meal was coming from? Or where you’ll be sleeping next month? If you haven’t, you may not be a member of the contingent who can understand this blog. If you can’t relate, please do us both a favor and tune out now.  If you are still here, and can think as deeply as required, let me fill you in on why I believe what I do.

I was born in South Jersey in 1970 and my mother committed suicide right after my eleventh birthday. I spent more than two decades trying to make sense of it until my father does the same. I guess to follow her down. I don’t know. But all I know is that, back in 2004, I was a man in his early thirties with major issues.  Again, no pity.  Just journey. Continue reading

The Crack House Principle in Online Investigations

The Crack House Principle in Online Investigations

It should go without saying that, in every situation where a crime is taking place, it is most desirable to catch the perpetrator. Doing anything else, including merely disrupting their operation, is simply a consolation. With this in mind, I find that best practices are not always laid out properly so that professionals going into this situation know how to meet the desired end. Even though I specialize in online investigations, I come from the old school and believe that those skills are sometimes a lost art in the new world of online investigations. We will always be investigating people, not their tools. If I hear another firm tell me they are “investigating a website” I’ll pull my hair out. Continue reading

Hogwarts Should Conduct Background Checks

Hogwarts Should Conduct Background Checks

Background Checks – Who are the Slytherin anyway?  And why is Hogwarts teaching them the ancient and forbidden magic arts?  My wife is going through the process of re-watching all of the Harry Potter films.  She’s read all of the books ahead of the films, watched the films in the theater and now she has decided to see them all again.  Perhaps this is in preparation of the grand opening of The Wizarding World of Harry Potter next year at Universal Studios Hollywood.  Besides the first one that had Gary Oldman in it, I always encouraged Wifey to take a niece or nephew to see these movies.  Mission accomplished.  Somehow, though, I have a feeling I’m not going to be able to weasel out of attending the theme park.  To quote a great song of the 1970s “The Things We Do for Love”.  10cc had it right.  But this new homespun film festival has gotten me thinking.

Why would the world’s foremost school in witchcraft and wizardry accept students prone to evil?  It’s not like Harvard, where some of their alumni somehow end up managing hedge funds and bilk the poor.  Hogwarts actually has a major in Evil.  No kidding!  It’s called Slytherin.  The folks who major in this topic learn cunning, ambition and — no I’m not kidding — blood purity.  Yes, blood purity.  Voldemort, the Devil figure of the Harry Potter series, attended Hogwarts years prior and majored in Slytherin.  Throughout the entire series, Voldemart is the Grand Dragon of the purists and demands for “muggles” (non-wizards and mixed-breeds) to be eliminated.  You’d think that, after Voldemort became a problem, the (apparently) prestigious Hogwarts school would phase the Slytherin track out of its curriculum.  But no, they do not.  They continue to teach the most evil of their applicants the secrets of their power and actually sponsor games where they watch them all battle it out.  Did I forget to tell you this is a school for children?  Yeesh yiminy!  This makes me think that the ‘Lord of the Flies’ version of the New Jersey public schools in which I grew up was child’s play.

Let’s turn this around to non-fiction.  I remember reading many years ago after 9/11 that it was revealed that a number of the folks involved had originally met at a martial arts studio in Brooklyn.  This includes one of the alleged ringleaders, Mohamed Atta.  The hijackers, dubbed in intelligence training the ‘Hamburg Cell’, also attended flight schools here in the United States.  After a book was written making these connections, a number of martial arts and flight schools began conducting background checks on their students.  Nothing is absolute, but it does make sense to be sure you’ve done your due diligence to make sure your students do not have an apparent propensity for evil already dripping from their pores.

Now let’s elevate this thought to a more modern and hi-tech level.  Anyone with a credit card and a couple thousand dollars can attend classes to teach them how to hack innocent individuals.  Yes, the classes are presented with the disclaimer that all students must only use their new-found powers for the forces of good.  But it is ludicrous to believe that is the case.  I’ve attended numerous hacking courses, from online to real-life.  There is a general consensus that bad folks need not apply.  But this isn’t enforced.  Some of the best hackers on the planet I know personally.  And (for the most part) they are great folks with impeccable values that want nothing more than to find security flaws in their clients’ infrastructure and report directly to them with a plan to remedy said flaws.  I’m not saying this because they can all hack me right now.  I really mean it.  Seriously.  But it still needs to be noted that creeps and felons attend these courses.  Currently there is no good/evil benchmark for the hacking community.  But perhaps soon there will be.  Whether it’s magic, hacking or karate-chopping, it’s nice to know your student.

Now, I’m going to finish my coffee.

Stain on blog from Rob's coffee cup

The Haystack Principle of Counterintelligence

The Haystack Principle of Counterintelligence

The Haystack Principle of Counterintelligence – Anyone who knows me or follows me online knows that I’m a pretty open person. I share almost everything I’m up to.  Anyone I know (or any stranger for that matter) can experience with me my lunch, thoughts on a number of odd topics, and even what I’m doing with my dog, Chauncey. In fact, right now you can click any link on the right of this page and learn a plethora of details about my exploits, both past and present.  You may say that this is bad for someone in the investigative profession. You are not alone. Overwhelmingly, security professionals of a certain level preach this concept as gospel. I’m here to tell you that, in the 21st century, “security by obscurity” is the most ludicrous method of keeping secrets. Continue reading

The Dark Web Ain’t As Dark As You Think

The Dark Web Ain’t As Dark As You Think

I have recently been asked several times by clients and colleagues about the dark web.  When I began writing this article I was still debating whether I should use capitals when addressing the dark web.  After a few thoughts, I decided that it does not warrant its own title.  The dark web is as much a proper place as a dark alley.  Before I discuss my reasoning here, I should give you all a quick synopsis of what the dark web actually is, and it isn’t what you may think.  The Internet, as we know it, is a network of millions of servers that connect to one another and, as a result, catalog one anothers’ contents.  This enables search engines like Google and Bing to index the information for free and resell it to their consumers for a profit, financed by advertisers. Continue reading

Rob’s Jobs Series: “The Seaver Method”

The Seaver MethodTom Seaver was voted into the Baseball Hall of Fame in 1992 with a 98.8% vote on the first ballot. Even 21 years afterward, this is the highest consensus of all time. I know you’re asking, “Why does Rob Holmes, a private eye, care about a pitcher from the 70s in regard to being a private eye?” He was voted by his critics to be more qualified than anyone that came before, or after him, to be in the Hall of Fame.  Back in the 1970s, when he was at his peak performance, a reporter asked him when he decided to change pitches. His response was, “I throw the same pitch until it doesn’t work no more.”  This is the best business advice I have ever received.  Still, after many years in business:

1. I develop an arsenal of weapons.
2. I decide which one is the best, then prioritize.
3. I strike the first bastard out.
4. I keep throwing the same pitch until it doesn’t work no more.
5. I throw another great pitch until it doesn’t work no more either.
6. Repeat until the opponent is defeated.

In investigations, or even business, this is always the case. I’ve read books written by great businessmen like Trump, Welch, Collins and the like.  But the only thing that resonates with me is the “Seaver Method” that says sticking with what works is always the best thing to do.  No matter what the theory is… what works is all you know.  Keep at it until it don’t work no more.  Then move on to the next idea.  And so forth.

Here endeth the lesson.

Hi-Tech P.I.

Helping people see the forest for the trees, online.

Holmes, P.I.™

Can you dig it?