• Categories

  • Pages

  • Archives

Is Your WebCam a Peeping Tom? How Your PC’s Camera Can Be Hacked To Spy On You.

webcam spy

Virtually every computer sold today comes with a dirty little secret.

It can spy on you.

What’s more, if hackers can infect your computer with malware they can hijack your webcam and secretly watch you too – regardless of whether they’re based down the street or on the other side of the world.

In some cases, if they’re really sneaky, hackers can even spy on you without the LED on your webcam lighting up.

If you have a webcam – and almost undoubtedly you do if you have a cell phone, pc, laptop, tablet or home (or commercial) camera security system with an Internet connection – then you are at risk of being hacked via your camera’s IP address.

All a hacker needs to do is figure out where your camera is located, and then a stalker can watch your every move.

Luckily, however, there are ways to protect yourself from unsavory or unwanted people spying on you in your own home or business.  We will teach you how to easily protect yourself from being covertly observed without your consent.  But first, let’s explore how a webcam hack can occur. (The more you know, the less vulnerable you are.) For the purpose of this instructional, we will refer to a pc but this information also applies to all of your other electronic devices with cameras.

How Can A Stalker Hack Your Webcam:

To get on your computer, hackers use a remote access tool, or a RAT. If you’ve ever had a tech support rep access on your computer remotely to change settings or try to fix a problem, they used a RAT.

Fortunately, RATs require your permission to let someone on to your computer remotely; the person can’t just take control. That means a hacker has to trick you into letting them on to your computer, and there are several preventable ways they do that.

How Do Hackers Trick You Into Accessing Your PC:

To get a RAT on your computer, hackers have a number of tricks: fake email attachments or malicious links , Trojan viruses, phony tech-support calls, and so forth. Once you’ve been tricked into running a file, clicking a link or otherwise  inviting them on to your system, they will take control and spy on you at will.

Think you are too tech savvy to fall for scam email? Click anywhere on the below indented paragraph to take this quick quiz from our friend, tech goddess Kim Komando, to see if you, like 80% of those surveyed, will fail to distinguish between real email and phishing scams.

Back in December, CBS News joined forces with Intel Security to create a quiz where readers can test their knowledge on phishing emails. The quiz consisted of 10 different emails in which readers simply need to decide: legitimate email or phishing email?

Surprisingly, out of nearly 20,000 people quizzed, 80% fell for at least one of the phishing attempts. Only 3% got a perfect score.

What about you? Take the quiz and see how you do. 

How Can You Spot a RAT?

(Our first line of advice is to avoid unsolicited email attachments and links, run up-to-date security software and thoroughly vet anyone who contacts you claiming to be tech support for a major, known company. Also, you may not know that Windows has a RAT built in. Almost all Windows OS versions contain a RAT for ease of access for real tech support.)

Firewall and Antivirus Software

Firewall software blocks incoming and outgoing port connections, so they are your number one defense against RATs. Firewalls combined with antivirus software catches most threats.

View Processes Running

Right-click your Windows toolbar and select “Task Manager.” Click the “Processes” tab in Task Manager. This window gives you a list of programs running on your machine. Review them for any strange names or names that you don’t recognize as typical programs. If you don’t recognize the name, type it into Google. Several sites tell you if a process is malicious, so you know if you have a RAT on your system.

Odd Startup Programs

In some cases, the hacker might want another program to start when you boot your computer. If you notice any strange programs that start up when you boot your computer, you might have a RAT. These secondary programs are usually malicious software also, so you’ll need to remove them when you remove the RAT.

View the List of Installed Programs

Open Windows Control Panel and view the list of programs installed on your computer. If you notice any odd programs, then it could be malicious. In fact, the popular software TeamViewer used to collaborate remotely with people is often used as a RAT. If you didn’t install it on your computer, you should remove it. This application gives remote access to authorized and unauthorized people.

Slow Internet Connection

If you normally have fast speeds but lately your Internet connection is extremely slow, you should first check the router and wireless connection. However, if the hacker is downloading information from your computer, he uses the bandwidth and creates noticeable lag on the network. If you suspect that someone is remotely accessing your computer, the fastest way to stop it is to disconnect from the Internet.

A security recommendation, protect any and all access to your electronic devices with a really strong password.  This first line of defense has a very high success rate in keeping out most hackers.

BNI Operatives: Situationally aware.

As always, stay safe.




Married? Age? Kids? Can You Ask These Questions of Employment Candidates?

Image result for employee interview asking questions

Can you ask a prospective employee her age?  Is the candidate married?  What about a phone number for an emergency contact?

With employment regulations one of the fastest changing sectors of human resources and company personnel management today, we compiled an employment interview Can/Can’t Ask questions list for you today from hiring information from the U.S. Department of Labor and the Small Business Administration.

Address/ Housing/Length of Residence


• Place and length of current and previous address

• For applicant’s phone number or how s/he can be reached


• Specific inquiry into foreign addresses that would indicate national origin

• Names or relationship of persons with whom applicant resides

• Whether applicant rents or owns home



• If a minor, require proof of age in the form of a work permit or a certificate of age

• If age is a legal requirement, can ask “If hired, can you furnish proof of age?” or a statement that hire is subject to verification of age

• Whether or not an applicant is younger than the employer’s regular retirement age


• Require proof of age by birth certificate


• About the age or age group or date of birth of the applicant

• Birth certificate or baptismal record before hiring

• Questions that would tend to identify persons between 40 and 60 years of age.

Ancestry/ Birthplace/ National Origin


• “After employment, can you submit a birth certificate or other proof of U.S. citizenship or other proof of the right to remain in or work in the U.S.?”

• About foreign language skills (reading, speaking, and/or writing) if relevant to the job


• If an applicant is native-born or naturalized

• The birthplace of applicant

• Questions which identify customs or denomination

• About birthplace of his/her parents, grandparents and/or spouse or other relatives

• Require applicant submit a birth certificate or naturalization or baptismal record before employment

• About any other inquiry into national origin (for applicant or his or her spouse or parents; maiden name of wife or mother)

• First language

• Date of arrival in U.S.

• Port of entry Citizenship CAN ASK:

• Whether a U.S. citizen

• If no, whether intends to become one

• If you are not a U.S. citizen, do you have the legal right to remain permanently in the U.S.?

• If not a citizen, are you prevented from lawfully becoming employed because of visa or immigration status?

• If spouse is a citizen

• Statement that, if hired, applicant may be required to submit proof of citizenship.


• Require proof of citizenship


• “Of what country are you a citizen?”

• If native born or naturalized (for applicant or his or her parents or spouse)

• Proof of citizenship before hiring

• Whether parents and/or spouse is native born or naturalized

• Date of citizenship (for applicant or his or her parents or spouse)

Credit Rating NO questions may be asked regarding credit. 

Criminal Record (Arrests and Convictions)


• About actual convictions other than misdemeanors that relate reasonable to fitness to perform a particular job

• About convictions or imprisonment if crimes relate to job duties and conviction or release from imprisonment occurred within the last ten years


• To inquire about arrests without convictions

• Check into a person’s arrest, court, or conviction record if not substantially related to functions and responsibilities of the particular job in question.

• About any involvement in demonstrations



• Whether or not applicant is able to carry out all necessary job assignments/functions and perform them in a safe manner “How would you perform this particular task?”

• Applicant to indicate how and to what extent they are disabled. Employer must indicate to applicants that (1) compliance with the invitation is voluntary; (2) information is being sought only to remedy discrimination or provide opportunities for the disabled; (3) information will be kept confidential; and (4) refusing to provide information will not result in adverse treatment. accommodation(s) he or she may need until after the interviewer has established that the applicant is qualified for the job and is considering that person for employment. An employer must be prepared to prove that any physical and mental requirements for a job are due to “business” necessity” and the safe performance of the job. Except in cases where undue hardship can be proven, employer must make “reasonable accommodations” for the physical and mental limitations of an employee or applicant.


• How or when disability occurred



• What academic, professional or vocational schools attended

• About language skills such as reading and writing foreign languages

• Office skills


• Specifically ask the nationality, racial or religious affiliation of schools attended

• To ask how foreign language ability was acquired



• Applicant’s work experience, including names and addresses of previous employers, dates of employment, reasons for leaving, and salary history

• Other countries visited



• If the spouse is employed at the company/firm

• Names of applicant’s relatives already employed by company

• Names and addresses of parents or guardian of minor applicants


• To ask name, relationship and address of person to be notified in case of emergency


• Name of a spouse

• Whether or not a spouse is employed

• How much a spouse earns

• Whether or not a spouse is subject to transfer

• Questions about any relative of a candidate

• Names of relatives not working for the institution

• Name or address of any relative of adult applicant, other than those employed by company/firm

Gender/Sex Inquiry


• Can ask about gender for affirmative action plan statistics


• Sex of applicant

• Anything which would indicate gender unless job related.

Health/Physical Condition


“Do you have any physical, mental or sensory handicaps which might affect work performance or which should be considered in job placement?”

May NOT ask

• “Do you have any handicaps?” or questions that divulge handicaps which do not relate to the job.

• Any questions regarding having received worker’s compensation.

Marital/ Parental Status  


• Whether applicant can meet specified work schedules or has activities, commitments, or responsibilities that may hinder the meeting of work attendance requirements. If such questions are asked, they must be asked of both sexes.


• About marital status before hiring (married, single, divorced, engaged, etc.)

• About the number and age of children


• Married or single status for insurance and tax purposes Number and ages of dependents and age of spouse for insurance and tax purposes

• Information on child-care arrangements

• About pregnancy and if applicant plans to have (more) children

• Any question that directly or indirectly results in limitation of job opportunity in any way

Military Service


• Inquiry into service in U.S. armed forces

• Branch of service and rank attained

• Any education or job related experience as it relates to a particular job

• Require military discharge certificate after hiring


• Military records

• Military service of any country other than the U.S

• Type of discharge



• An applicant about normal hours and days of work required by the job to avoid possible conflict with religions or other personal convictions


• Applicant’s religions denomination or affiliation, church, parish, pastor, or religious holidays observed

• Applicants may not be told that any particular religious groups are required to work on their religious holidays.

• About applicant’s religion or religious customs and/or holidays

• Recommendations from church officials

As with anything else in the workplace, when hiring, exercise common sense, compassion and restraint in asking for unnecessary personal information.  Stick to the task at hand – hiring skilled, competent and willing workers.

BNI Operatives: Situationally aware.

As always, stay safe.

Top Five Spy and GPS Gadgets for 2015-2016

We are augmenting our weekly Beacon Bulletin with this awesome list of spy gadgets from our friends at Brickhouse Security and Cheaters – from the TV show of the same name and KJB Security Products.  We highly recommend, however, that before even considering any surveillance, know your state’s laws on hidden recordings:  Reporter’s Committee for Freedom of the Press and  the legal use of GPS tracking: lawyers.com.

Wall Adapter Spy CameraThe wall adapter fits in any room & the specialized camera can easily capture video of everything happening in front of it.  CHTRS.


Electrical Outlet Hidden CameraThis high-quality hidden camera is battery operated & would be appropriate for use in any scenario.  CHTRS.


Tracking Key Pro GPS LoggerLow-Cost Car Tracker Show You Everywhere The Car Went Records GPS location data every second Put on a vehicle, let it drive, and use a computer to see everywhere it was.  Precise accuracy within 2.5 meter of device.   Very small, portable design.   Powerful built-in magnet to place underneath a vehicle.   Runs on 2xAA batteries.  No monthly service charges.  BRICK.


iTrail GPS LoggerThis tiny GPS data logger is ideal as a covert personal GPS tracker. Hide it in a bag or car and retrieve it later for a full travel history.  Captures Location, Speed & Time.  Just Retrieve and Connect Device to Any Computer.  No Monthly GPS Monitoring Fees.  BRICK.


KJB Security Products Recover It USB Stick (Forensic Data Recovery)Search your smartphone or PC for over 25 types of files. See deleted emails, videos or pictures.  Save, view or delete chat logs.  Find hidden images by searching Internet cache files and deleted pictures.  Shred selected file/extension types permanently.  Search for chat logs or image files. KJB.

(The above gadgets are meant for personal use and are easy, user-friendly for the novice but capable enough for the professional.)

BNI Operatives: Situationally aware.

As always, stay safe.


Really Want To Go Private? Top Tools To Prevent Digital Tracking.

Now that we’ve all been online for a considerable number of years, concern about our digital footprints has surfaced and certainly, about being tracked – from our location, shopping patterns to email and cell chats, etc.

Below are several tools we recommend (and use) in an effort to minimize being digitally tracked:

Web browser: Tor Browser (and Mozilla’s Firefox is the best major browser on privacy)

Internet Service Provider (ISP)Sonic (the preferred browser of Silicon Valley geeks)

Wireless provider: Cricket

Encrypt an email account you already have: Thunderbird with Enigmail; Mac Mail with GPGTools; Outlook with GPG4Win

Private email clients: UnspyableCountermail, or Shazzle

Search engines: Ixquick and DuckDuckGo

Mobile calls: RedPhone, Silent Circle

Mobile photos: ObscuraCam

Text messaging: TextSecure

Web-based chatting: Adium with OTR, Cryptocat

Mobile chatting: ChatSecure (iOS)

Hard drive encryption: BitLocker

Mobile browser: Onion Browser (iOS), Orweb (Android)

From our friends at indepdentlivingnews.com:

6 Things You Can Do Today To Bolster Your Online Privacy

Absolute Internet privacy is impossible.  There are, however, these basic precautions that can help you and your loved ones achieve a lower profile than most people:

  1. Decentralize Your Internet Services
    Don’t log into Google unless you have to. Google records your online activity whenever you’re logged into your account, even from services that seem separate, like YouTube, maps, and anything you search for. Try to break up these services. Consider using another webmail provider, like Yahoo, Zoho.com, Hushmail.com, or one of the many dozens of others available online.
  2. Install the AdBlock Plus Extension
    Adblock Plus doesn’t just block pop-up advertising on the Internet, it also protects you from sites infested with malware, and from some third-party tracking ‘cookies.’ Most websites allow AdBlock Plus, but you may encounter a site that won’t allow you to visit without also viewing their ads. Don’t worry! Just right-click the red stop sign in the browser’s toolbar to disable the program temporarily. You can download AdBlock Plus by visiting www.adblockplus.org.
  3. Use Extensions to Stop Data Collectors and Advertisement Tracking
    Third-party tracking ‘cookies’ can be located and blocked with an extension called Disconnect. A similar extension called Ghostery works just as well, but it hasn’t been updated in awhile. Disconnect also works to shield you from social networks like Twitter, Facebook, and Google, which all use your browsing activity even while you’re away from their site to collect data about you. Get Disconnect or Ghostery for your web browser by visiting either www.disconnect.me, or www.ghostery.com/download.
  4. Browse the Web Securely with SSL
    Any computer between you and the website you’re visiting can see your activity and all of the information that is transmitted. Simply using https:// (also known as SSL) instead of the standard http:// will encrypt the information transmitted on your machine and ensure that no one is spying on your connection. Many online retailers use SSL for transactions, but using it for casual browsing certainly can’t hurt, and it might even prevent your identity from being stolen. There’s even an extension to automatically browse securely via SSL. You can download that extension by visiting www.eff.org/https-everywhere.
  5. Always Read the Privacy Policy
    Consult the website or company’s Privacy Policy, and see what information they’re gathering on you and how they plan to use it. Note whether or not they sell the information they collect, and whether third parties have access to it. See whether they claim to keep your information secure, and how they do it. Consider how your information could be misused, and lastly, weigh the benefits of the product with the dangers of giving up your privacy.
  6. Make your IP Address Anonymous with the Tor Project
    Using Tor to browse the web anonymously can help prevent special types of IP analytics and statistics programs from analyzing your activity. This can work in conjunction with the Disconnect extension because each time you load a web page, your IP, which is your Internet Address, switches to the IP of a different Tor server. Imagine the privacy advantages of your identity changing each time you visit a store. You can download Tor here: www.torproject.org/download/download-easy.html.en.

For more in-depth and detailed guides, we suggest the Electronic Frontier Foundation’s Surveillance Self Defense site and PRISM Break.

Head’s Up: Don’t want it viewed? Don’t post it.

BNI Operatives: Situationally aware.

As always, stay safe.

Divorce, 2015 and Dating Strangers.

divorce rate global 2014

(Check out the global divorce stats on the above map.)

The divorce rate for the U.S. holds at 53% but, at least in this category, we are not No. 1.   And, while the divorce rate is still high in the U.S., it is surpassed by Spain, Portugal, Luxembourg, the Czech Republic, and Hungary, all ranking higher than 60%.

The dubious honor of the highest divorce rate in the world goes to Belgium with married couples divorcing at a staggering 70%!  The lowest official rate is in Chile with 3%.

Returning to a domestic focus, marriages in the Untied States are actually stronger today than they have been in decades.  The divorce rate spiked in the 1970s and early 1980s and has been declining for the past three decades since.

According to the recent New York Times article in its The Upshot section, The Divorce Surge Is Over, but the Myth Lives On

About 70 percent of marriages that began in the 1990s reached their 15th anniversary (excluding those in which a spouse died), up from about 65 percent of those that began in the 1970s and 1980s. Those who married in the 2000s are so far divorcing at even lower rates. If current trends continue, nearly two-thirds of marriages will never involve a divorce, according to data from Justin Wolfers, a University of Michigan economist (who also contributes to The Upshot).

So it appears that marriages are going the distance in larger numbers as people have adjusted to the myriad of societal shifts, two-income households, the feminist movement (two-thirds of divorces are initiated by women as women have become increasingly economically empowered), technology, etc.,  that contributed to divorce in the past.

We’re now curious to see how the current trend of meeting prospective spouses online will ultimately impact on the divorce rate.  We already know technology’s effect on marriage. From USA Today:

Findings, published in the journal Proceedings of the National Academy of Sciences, put the percentage of married couples that now meet online at almost 35% — which gives what may be the first broad look at the overall percentage of new marriages that result from meeting online. About 45% of couples met on dating sites; the rest met on online social networks, chat rooms, instant messaging or other online forums.

We have seen the impact of social technology in our field as more and more single people looking for partners have retained our services in conducting background searches.  In traditional partnering, people have relied on meeting family and friends of their date to vouch for them.  That safety barrier has been turned on its head now as meeting family and friends is now usually one of the very last steps in online dating.

If you are considering or already involved in online dating, before you arrive at the stage where having a background check performed on your potential serious dating partner is prudent, we suggest that you up (rather than relax) your guard as, really, you are meeting pure strangers.   To that end:

  1. Meet in public places that are in your date’s area of residence and that s/he frequents often.  This may allow you to potentially meet people who know your date and provide an insight to your date’s character.
  2. Maintain the contact with “normal” hours of communication.  Because we can now communicate at all hours doesn’t mean we should.   When we are tired or distracted (work, child care, etc.), we miss many cues from others that may be helpful in identifying your online friend’s true personality.   And certainly don’t get into the habit of talking at midnight.  In real life, would you be chatting it up with people at that time?  Probably not unless it’s an emergency. Keep it real.
  3. Arrive to your date destination in separate cars – and leave that way, even if you are going to a mutually agreed upon after-date venue.  Remember,  you do not know the person sitting across from you at the dining table.  You should always have the option to leave of your own volition.
  4. Have a friend of family member on stand-by, regularly checking in with you.  You know why. Usually, we advise otherwise for privacy reasons but when dating people from online, TURN ON YOUR CELL PHONE’S LOCATION FUNCTION!
  5. Trust your instincts.  If your date is making you nervous or uncomfortable – for any reason – leave.  Remember, that is your choice.  You are with a stranger.  Remaining safe trumps being polite.

All in all, online dating is here to stay and will increase to the point of being the majority method for meeting potential spouses.  Social online interactions also already influence the divorce rate, so it will be interesting to monitor the nascent dating revolution.  We’ll keep you posted in future articles upon researching the newly developing data.

BNI Operatives: Situationally aware.

As always, stay safe.

Your Online Pics Are Broadcasting Your Location; GeoTags.


When you post your pics online, you could be sharing more than you know.  Most pics taken via our cell phones contain embedded location info that is easily readable by would-be criminals who can then use that data to track you.

How Do Your Pics Get GeoTagged?

When you take a picture with your smartphone or digital camera, it’s typically saved as a JPEG to your device. That image file gets embedded with Exchangeable Image File Format (EXIF) data, which includes the time, date, and GPS location where your photo was taken. That photo’s GPS location is called a geotag.

The Dangers of GeoTagging

Once a geotagged photo in uploaded online, or attached to an email, the geotag becomes available to anyone with access to your online pics or email messages.

How can this place you in danger from a stalker or other would-be criminal? Envision the below scenarios:

1. You are selling an item online.

You want to sell your TV so you take a picture with your iPhone 6 and upload it to your Craigslist posting.  A potential buyer contacts you and in the email exchange, in an effort to show more of the item, perhaps you even send along additional pics. If your pics were geotagged, the interested buyer can now identify the location from which you took the photo – usually your home.   The “buyer” may ask if you have additional home appliances, electronic devices, etc. to sell.  He could be digitally casing your home – with your active cooperation.

2. You are dating online.

1 out of every 4 marriages now originates from online dating sites such as Match, Our Time, Christian Singles, JDate, etc.   In your initial posts, to err on the side of safety, you hide your full name, contact information, and where you live. But all of these sites request a personal pic.  You take a selfie and post away.  Now, whether you like it or not, you have given a potential stalker your exact location.

Young Blonde Woman Takes Selfie On Vacation

3. You’re traveling.

It’s almost impossible to not upload and post those envy-evoking beautiful vacay pics of the Bahamas.   While you are Instagramming away your gorgeous sunset shots, bear in mind that you have just alerted one of your wacky followers that you are thousands of miles from home.

4.  Your valuables.

It’s natural to want to post pics of your new car, shiny Rolex and other bling.  Why not post a complete itemized list of your valuables since the criminal already have the address from your geo-tagged brag pics? Trolling social media for just such pics is the new work-from-home gig for today’s thieves.

Although Facebook strips geotags from your uploaded photos, it does show a map of photos you tag. (Just look under “Places” on your profile.)  Even the dumbest criminal can figure out that the 35 pics of your bling are probably taken from the same location and, you may even inadvertently let them know where you stash your family jewels.

5. You have a stalker.

If your online profiles are public, any stranger can figure out your routine. We are creatures of habit – a definite advantage for the online stalker who can track when and where you post, whether you are at work, where you live, where you hang out, and when you’re not home.  Imagine a stalker (or sex offender)  tracking your family pics of your kids in your backyard, at school, at a nearby park, etc.

How To Remove Geotags From New Photos

Now that you realize the very real danger of allowing geotags to remain in your pics, here’s how you remove the geotags before you take the photos:

For an iPhone 5 or 6:

  1. From your iPhone’s home screen, tap the “Settings” icon.
  2. Scroll down until you see the “Privacy” tab, and tap “Location Services.”
  3. Look for the “Camera” tab. Open it, and you’ll see ALLOW LOCATION ACCESS. Click “Never.”

For an iPhone 4:

  1. Hit the “Settings” icon from the home screen.
  2. Find the “Privacy” tab, and tap “Location Services.”
  3. After tapping the “Camera” setting, switch the tab from “ON” to “OFF.”

For an Android:

  1. Find the camera app.
  2. Tap the “Settings” icon on in the app.
  3. Find the Location or GPS tag, and turn it off.

How To Remove Geotags From Photos You’ve Already Taken

If you’ve never disabled location services on your phone’s camera, you have photos in your library that are still geotagged.

To remove geotags from stored pics: use these apps:  deGeo or ViewExif for an iPhone or iPad, Exif Eraser for an Android, or Pixelgarde for an Android or Apple device. Pixelgarde allows you to strip geotagged photos in bulk.


Do Social Sites Allow GeoTags?

Fortunately, no. Instagram, Facebook, Twitter,  Pinterest, eBay and IMgur automatically remove geotag data from your photos when you upload them.   Of the online dating sites, Match.com, PlentyofFish, and OKCupid also strip your pics’ location data.

However,  Tumblr, Picasa, Photobucket, Dropbox, and Google+ do not remove geotags from uploaded images. Flickr gives you the option to do it.

Craigslist doesn’t provide a definitive answer on its website. Neither does Tinder.

Do Texts And Emails Show Geotags?

Yes. When you attach a photo to an email, that photo’s EXIF data is also included. SMS messages don’t typically retain this data, but iMessages can.

How can access your geotag info?

There are several ways, and some of them are more useful and prettier than others. It all depends on the computer you’re using. Just remember that a determined stalker will take all of the time in the world to break obtain and breakdown the geotag data in his desired target’s pics. But for the rest of us, here are a few ways to get the GPS information from your photos.

On a Mac

If you’re using a Mac, you can access your GPS information by simply right clicking on the photo file you want to view and then picking “get info.”

This will bring up a box showing all of the EXIF data attached to that particular image file.

On a PC

It’s a little different on a PC, but it’s pretty much the same thing. Right click on your image, and then pick “properties.” From there, a similar window should pop up showing all the EXIF data, including the location of the picture you just took.

Bottom line: Pay attention to what you are posting and don’t leave your security – and that of your family-  in the hands of a third party.

BNI Operatives: Situationally aware.

As always, stay safe.

Peeple: The App That Lets People Rate Others, Coming November 2015.


Peeple is being touted as the Yelp for people, the app that lets you review other people without their consent.

How it works:

(from Mashable)

The app, founded by Julia Cordray and Nicole McCullough, will be available only on iOS devices in November. It’s already had thousands sign up to be beta testers, according to a post on the Peeple Facebook page (link deactivated).

In order to post a review, users have to be 21 or older with an active Facebook account. Reviews must be made under a person’s own name, and a user must indicate how they know the person they will review in one of three categories: Personal, professional or romantic.

Anyone who has access to someone’s cellphone number can start a new profile for them on the site. The person will receive a text informing them who started their profile and “that they should check out what you said about them on our app.” The FAQ’s make no mention of how the site will check on the validity of the number provided.

Once someone is added, anyone on Peeple can weigh in on his or her merits as a person.

“People do so much research when they buy a car or make those kinds of decisions,” said Cordray told the Washington Post. “Why not do the same kind of research on other aspects of your life?”

Why it shouldn’t work.


Why not treat people as you would a used car, Ms. Cordray?  Glad you asked (although I’m surprised that anyone above majority age requires that clarification).  To an experienced investigator, one thing is absolutely certain and that is that the assessment of  human beings is always subjective.  We’re not products such as vehicles or homes or services provided by telecoms or restaurants with defined market values and traceable and trackable basic maintenance/service records.

I find the Peeple app kinda creepy based solely on this comparison to wholly inanimate objects or unique human interactions.  It sounds basically like a mean girls club in the formative phase.

But then we come to the actual purpose of the app – to dish about other people and rate them.  To the first, Ms. Cordray claims to have “integrity features” such as disallowing:  shaming and bullying, profanity, listing of private health issues and sexist comments.  (As to the last item, are the two female founders anticipating an overwhelming amount of bitchy verbal clawing among women?  Why single out that -ism?  Perhaps this really is  Yelp for and by Mean Girls.)   That aside, unless the task of discerning intent and meaning in language is relegated to English profs, the average “internet content assessor” is a woefully inadequate arbiter of phraseology.  E.g.,:  “In this age of overwhelming grooming options, I find Mark Jones’ raw appreciation for an au naturel existence incredibly eye-opening!”  Translation:  “This guy stinks to high hell and makes my eyes bleed!”  See? Seriously, ladies, as an English Second Languag’er even I can scoot past your language police.   As to the latter, rating people/assigning them numbers, Ugh.   Humanity doesn’t need a rating system; softer filters, perhaps.

What is wrong with this app.

  1. Personal safety.  Every prosecution involving this app will begin with, “Was the assault foreseeable?”  Yes.
  2. Legal.  Consent, bias, accuracy??
  3. Raison d’etre.  Not a one.  How can this not hurt thousands, if not millions, of people who are simply living their imperfect, human lives? Heck, I’ve already p.o.’s the two app founders and they haven’t even met me. Yet.

Safety first, Peeple people.

BNI Operatives: Situationally aware.

As always, be safe.

Drivers Licenses From Four States Soon Useless In Airports For Domestic Flights

real id

Real ID Card (Note the identifying star in the top right corner.)

Over the years we’ve reported on the Real ID Act that was passed by Congress in 2005.  As of the date of this Beacon Bulletin, four states are not in compliance with this legislation: Louisiana, Minnesota, New Hampshire, New York, thereby prohibiting domestic flight travel without the presentation of a federal form of identification (passport, visa, etc.) Compliance to the federal ID law is required by all states by January 1, 2016.  . Basically, Real ID is the first major step towards a federal ID card, but this is the official definition:

From Wikipedia (not a usual source but the .gov explanation rivals the ACA legislation in terms of length):

The REAL ID Act of 2005, Pub.L. 109–13, 119 Stat. 302, enacted May 11, 2005, was an Act of Congress that modified U.S. federal law pertaining to security, authentication, and issuance procedures standards for the state driver’s licenses and identification (ID) cards, as well as various immigration issues pertaining to terrorism.

The law sets forth requirements for state driver’s licenses and ID cards to be accepted by the federal government for “official purposes”, as defined by the Secretary of Homeland Security. The Secretary of Homeland Security has currently defined “official purposes” as presenting state driver’s licenses and identification cards for boarding commercially operated airline flights and entering federal buildings and nuclear power plants, although the law gives the Secretary the unlimited authority to require a “federal identification” for any other purposes that the Secretary shall determine.


In the news:

New ID rule is a problem for driver licenses

N.Y. minimum to fall short of enhanced U.S. standard

By Michael Gormley
on September 8, 2015 – 9:49 PM

ALBANY – New Yorkers looking to board a domestic flight or take a cruise next year could find themselves grounded unless they have driver’s licenses containing additional security data that is soon to be required by the federal government.

That’s because the state has failed to comply with the minimum standards of the federal Real ID system by not mandating these so-called enhanced licenses, according to the U.S. Department of Homeland Security. The state contends that it has complied because it makes enhanced licenses available to those who want them.

At an undetermined date next year, the federal government is expected to require that state driver’s licenses meet minimum security standards to board even domestic flights and cruises under the Real ID Act passed by Congress in 2005 based on a recommendation by the 9/11 Commission.

New Yorkers will then have to hold an “enhanced driver’s license” embedded with passport-type data. Without an enhanced license or enhanced nondriver’s ID, travelers will need a passport, passport card, permanent residency card, birth certificate or one of a few other acceptable pieces of identification, in addition to their standard driver’s license, to fly, go on a cruise or to enter most federal buildings. A passport card is a wallet-size card that can be used to enter the United States from Canada, Mexico and the Caribbean by land or sea, but not by air.

We carry our passports regardless, given our history of unexpected international travel, but with NYS’s non-compliance with the Real ID, it just makes sense.

BNI Operatives: Situationally aware.

As always, stay safe.


8 Ways That You Can Be Legally Tracked

 fb sub

“But don’t they have to have probable cause to search my email or get my Facebook records?”  I can’t tell you how many phone calls we’ve received with that question  – and as we tell each caller, “We are not attorneys, judges or the court or the police department. But, uh, what happened?” (Who doesn’t want to hear a good story??)

(Anyhow, for the purpose of this article,  “they” means law enforcement.)

Here are the situations and the applicable laws:

1. Phone Records: Calls you have made and received

How they get it

Wiretapping is illegal without a judge’s warrant, however, police only require a subpoena from a court to obtain your phone scrolls (outgoing and incoming calls).

A warrant requires showing probable cause, a subpoena needs only to be relevant to an investigation, a much lesser standard of evidence.

Applicable law: 

Smith v. Maryland, a Supreme Court ruling in 1979, which found that the Constitution’s Fourth Amendment protection against unreasonable search and seizure doesn’t apply to a list of phone numbers.

2.  Location: Your phone is a tracking device

How they get it

Cell towers.

Applicable Law: 

The federal Electronic Communications Privacy Act (EPCA) cited by the police for these records dictates that the data must contain “specific and articulable facts” related to an investigation – again, that lesser standard of evidence.

3.  IP Addresses: Which computers you use

How they get it

Email providers such as Google, Yahoo, MS, etc.  amass tremendous amounts of data about our digital journeys. A warrant is needed to access some emails (see below), but not for the IP addresses of the computers used to log into your mail account or surf the Web. According to the ACLU, those records are kept for at least a year.

Applicable law:

U.S. v. Forrester, is a case involving two men trying to set up a drug lab in California.  Prosecutors successfully argued that tracking IP addresses was no different than installing a tracking device to a phone to track each number dialed by a given phone (which is legal).   Police only need a court to sign off on a subpoena certifying that the data they’re after is relevant to an investigation — the same standard as required for cell phone records.

4. Emails

How they get it

Prior to Sen, Leahy’s bill introduced earlier this year, only recent email required a warrant; email aged over 180 days required only a court subpoena related to an investigation.

Applicable Law

Once again, the ECPA comes into play.  The Leahy bill would require a warrant to get all emails regardless of age.

5. Email drafts: drafts are different

How they get it

Communicating through draft emails, à la David Petreaus and Paula Broadwell, seems sneaky. But drafts are actually easier for investigators to get than recently sent emails because the law treats them differently.

Applicable Law:

The ECPA distinguishes between communications — emails, texts, etc. — and stored electronic data. Draft emails fall into the latter, which get less protection under the law. Authorities needs only a subpoena for them. The Leahy bill would change that by requiring a warrant to obtain them.

6. Text messages: As with emails, so with texts

How they get it

Investigators need only a subpoena, not a warrant, to get text messages more than 180 days old from a cell provider — the same standard as emails.

Applicable Law: 

Currently being challenged in several states otherwise, the ECPA applies.

7. Cloud data: documents, photos, and other stuff stored online

How they get it

Authorities typically need only a subpoena to get data from Google Drive, Dropbox, SkyDrive, and other services that allow users to store data on their servers (aka, cloud storage).  EXCEPT: If that data is shared. (see below).

Applicable Law:

The ECPA defines cloud data the same way it does draft emails – as storage – making a warrant unnecessary. However, shared files, such as a collaboration through Google Docs is considered “communication” so a warrant is required.

8. Social media: Too new to tell

How they get it

Read your social network’s Terms of Service and Privacy Policy. (Stop laughing.) When it comes to sites like Facebook, Twitter and LinkedIn, the social networks’ privacy policies outline how cooperative they are in handing over users’ data to law enforcement. Facebook states it requires a judge’s warrant to disclose a user’s “messages, photos, videos, wall posts, and location information.” But it will supply basic information, such as a user’s email address or the user’s IP addresses under a subpoena.

Applicable Law:

Too soon to tell but we’re know that a Manhattan Criminal Court judge upheld a prosecutor’s subpoena for information from Twitter regarding an Occupy Wall Street arrest on the Brooklyn Bridge in 2011, marking the first time a judge allowed prosecutors to use a subpoena rather than a warrant to get the information.

Bottom Line: Assume that everything you write can and will, if necessary, be read by law enforcement so don’t do whatever it is that you haven’t done.

BNI Operatives: Situationally aware.

As always, stay safe and stop typing your life online.

Anatomy of an IP Conversion and Investigation.



Stealing is stealing.  The reason we react so strongly to someone arrogantly and without permission replicating our actions, thoughts, bodies of work, etc. is because of the way we are hard wired to respond to personal theft – the fight or flight instinct kicks in.  For the purpose of self-preservation alone this reaction occurs.  The innate biophysical response to theft is the same whether the item(s) stolen are tangible hard items or concepts.  


“Someone stole my wallet.”  It is your wallet. You own it and its contents.  From an investigator’s standpoint, the ownership is usually clear and then a criminal investigation follows.

“He stole my project.”  But the theft of a concept or idea involves an entirely different scenario.  (I am not a lawyer and none of my comments in this article are meant to be in any way construed as legal advice.  I do, however, have substantial experience in investigating intellectual property thefts.  We’ve worked with major entertainment companies to identify unauthorized distribution of copyrighted materials,  individuals unlawfully copying proprietary coding to former gym partners claiming ownership of a work out technique.)

First, let’s look at how intellectual property is stolen via the two below methods.

I.  Intellectual property theft

Intellectual property is any innovation, commercial or artistic; any new method or formula with economic value; or any unique name, symbol, or logo that is used commercially. Intellectual property is protected by patents on inventions; trademarks on branded devices; copyrights on music, videos, patterns, and other forms of expression; and state and federal laws. The crime of stealing intellectual occurs when someone intentionally copies someone else’s ideas or product. The other person or company—the victim—has done all the work, but the thief reaps all of the profits.  From the National Crime Prevention Bureau

II.  Conversion

n. a civil wrong (tort) in which one converts another’s property to his/her own use, which is a fancy way of saying “steals.” Conversion includes treating another’s goods as one’s own, holding onto such property which accidentally comes into the convertor’s (taker’s) hands, or purposely giving the impression the assets belong to him/her. This gives the true owner the right to sue for his/her own property or the value and loss of use of it, as well as going to law enforcement authorities since conversion usually includes the crime of theft.  From law.com.

Intellectual property theft investigations and conversion investigations are similar but researching the latter requires the detective to think like the convertor; ok, the thief.


How a conversion thief thinks:

“I like what John is doing.  I have a similar – but better – idea but his is already working.  How do I cut through the years it took him to put this all together and get MY show on stage?”

Let’s further break down the thought process:

  1. The thief notes that John is ahead of him in terms of viability.  (The concept is already successful for John so it works and, why recreate the wheel or put in the hard effort?)
  2. The thief’s mindset defaults to his concepts being better than John’s, therefore, he is entitled to “build” on John’s body of work.  He sees himself as the grand master.
  3. The thief already thinks of the “new” or “reimagined” product/concept as his.

The convertor then has three options in accessing and transforming John’s materials to make them his own:

  1. To outright copy John’s work;
  2. If the thief is already involved in the project, he will then distance John from his property by modifying the original concept.
  3. Draw John in under the guise of being part of the overall bigger, better production; extract the unique concepts or techniques that John has worked on for many years and eventually overshadow him until the thief has his own property built from John’s labor and that of others.

From an investigator’s perspective in determining how and when the conversion occurred, we draw the timeline:

  • How did the victim and thief meet? (Were they simply mutually in the same physical space, were they introduced – if so, by whom? Was it a casual, circumstantial introduction or intentional connection? If the latter, why?)
  • What did the victim possess that the thief wanted? (Define the concept.)
  • How was the victim drawn in? (Partnership offered? Alleging a shared goal?)
  • How was the victim eventually (and inevitably) removed or marginalized from the production?

The logical questions asked within that timeline will always yield the answers to how and when a property was stolen.

Personality traits of a conversion thief:

  • Narcissistic
  • Surrounds himself with credentialled people, (borrowed credibility)
  • Usually very socially adept
  • Charming, congenial
  • Sees himself as smarter than everyone else

Guard your intellectual property as best possible by having your property trademarked, copyrighted, registered, patented, etc.,  and avail yourself of solid legal advice.

BNI Operatives: Situationally aware.

As always, stay safe.







Get every new post delivered to your Inbox.

Join 222 other followers