• Categories

  • Pages

  • Archives

Your Browsing History – SOLD! To the Highest Bidder; No Longer Private.

Soon,  every search you’ve ever made online will not only be available to your internet service provider (ISP)-  it will be available to any corporation or foreign government who wants to see your interests, peculiar as they may be.

Yesterday (March 28, 2017) via the House’s decision, ISPs can sell your entire web browsing history to literally anyone or any entity without your permission: The CRA resolution.  Literally, it would take an act of Congress to enact legislation now to prevent this massive governmental overreach.   The House basically repealed all prior legislation that would have prevented ISPs from marketing your private browsing history.

Why did the House make this move?  You don’t benefit, the government doesn’t either, so why?  So that a few Too-Big-To-Fail corporations can make a few more rubles and so that politicians – who have received millions in campaign contributions from the ISPs for decades – can continue to sell us out.

How did this happen?

The Congressional Review Act (CRA) was passed in 1996 to allow Congress to overrule regulations created by government agencies.

Prior to 2017, Congress had only successfully used the CRA once. But since the new administration took over in January, it’s been successfully used 3 times — for things like overturning environmental regulations.

“Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds.” — John Perry Barlow

All that’s left is for the President to sign the resolution, which he most certainly will do.

So what kind of shady things can ISPs now legally do with our data?

According to the Electronic Frontier Foundation, there are at least five creepy things the FCC regulations would have made illegal. But thanks to the Senate, ISPs can now continue doing these things as much as they want, and it will probably be years before we can do anything to stop them.

  1. Sell your browsing history to basically any corporation or government that wants to buy it
  2. Hijack your searches and share them with third parties
  3. Monitor all your traffic by injecting their own malware-filled ads into the websites you visit
  4. Stuff undetectable, un-deletable tracking cookies into all of your non-encrypted traffic
  5. Pre-install software on phones that will monitor all traffic — even HTTPS traffic — before it gets encrypted. AT&T, Sprint, and T-Mobile have already done this with some Android phones.

We will be updating this article as our research on wrap-around solutions is completed.  In the meantime, contact your Senator and Congressional representative and tell them, “Hell, no – they have no need to know!”

BNI Operatives: Situationally aware.

As always, stay safe.

Situations and Professions at High Risk for Covert Surveillance.

This week we explore the situations and people  most likely to be covertly surveilled.  At the end of this article, we list the FBI‘s top professions most likely to encounter bugging situations.

Given the proliferation and ease of use now of “bugging” devices, the probability of being secretly recorded is higher than ever.   So under what circumstances and which professions are most likely to get bugged?

In Business

– Companies that have publicly traded stock (even more at risk, those about to IPO)

– Corporate entities experiencing labor problems, union activities or are in negotiation situations.

– Companies involved in any type of litigation or lawsuit.

– Businesses anticipating layoffs

– Companies involved in the fashion, automotive, advertising or marketing industries.

While anyone can be the target of covert eavesdropping, some people are at a higher risk than others because of financial status, occupation, legal or domestic situation.  These targets may include:

– Spouses involved in a divorce, child custody case or other serious financial situation.

– Teen drivers and kids (by their parents/guardians)

– Professors (by their students)

– Business people among themselves (intra/extra-company)

– Claimants by insurance companies

– Clients by salespeople

This list goes on ad infinitum, so when should you be seriously concerned?

You (and or someone close to you) is or have been:

– Involved in any type of litigation or lawsuit

– Been questioned or arrested by the police

– In the process of getting married, divorced, separated or recently widowed

– Running for any type of elected public office

– Recently filed an insurance claim

– Are an executive or scientist at any large company

– Engaged in political demonstrations or activism

– Are in the upper income brackets

Extreme High Risk Businesses  (info provided by the FBI):

Materials:

  • Materials synthesis and processing
  • Electronic and photonic materials
  • Ceramics
  • Composites
  • High-performance metals and alloys

Manufacturing:

  • Flexible computer-integrated manufacturing
  • Intelligence processing equipment
  • Micro- and nano-fabrication
  • Systems management technologies

Information and Communications:

  • Software
  • Micro and optoelectronics
  • High-performance computing and networking
  • High-definition imaging and displays
  • Sensors and signal processing
  • Data storage and peripherals
  • Computer simulation and modeling

Biotechnology and Life Sciences:

  • Applied molecular biology
  • Computational Chemistry
  • Medical technology

Transportation:

  • Aeronautics
  • Surface transportation technologies

Energy and enviroment:

  • Energy technologies
  • Pollution minimization, remediation and waste management

Finally, we look at those professions that are particularly target for covert surveillance.

High Threat Occupations (again, according to the FBI):

– Attorney

– Doctor

– Chiropractor

– Dentist

– Architect

– Police Officer

– Court Clerk

– Judge

– Elected official

– Mayor

– Selectman

– School Principal

– Professor

– Product Engineer

– Software Developer

– Executive/Scientist at a large development company

– Employees at defense contracting companies

– Ministers and other religious leaders

– Corporate Buyer or Purchasing Agent

– Labor or Union Official

– Fashion employees

– Advertising personnel

– Personnel managers

Paranoia is unnecessary; vigilance required.

BNI Operatives; Situationally aware.

As always, stay safe.

Electronic Crime Scene Investigations; Evidence Collection. II/II

In Part I of our two-part Electronic Crime Scene Investigations series, we covered recognizing and securing an electronic crime scene.  In this post, we delve into the actual investigation itself.

First and foremost, now that you have identified and isolated all persons with access from the crime scene, please ensure that they provide your investigator with a release similar to the below.  (Please check with your local law enforcement on particular jurisdictional guidelines.)

CONSENT TO SEARCH ELECTRONIC MEDIA AND CLOUD STORAGE
I, __________________, hereby authorize __________________, who has identified himself / herself as an investigator lawfully engaged by _____________________, and any other person(s), including but not limited to a computer forensic examiner, he / she may designate to assist him / her, to remove, take possession of and / or conduct a complete search of the following: computer systems, electronic data storage devices, computer data storage diskettes, DVDs, or any other electronic equipment capable of storing, retrieving, processing and / or accessing data and any and all cloud storage accounts that may contain any company information, files and references.
The aforementioned equipment and storage will be subject to data duplication / imaging and a forensic analysis for any data pertinent to the incident / criminal investigation.
I give this consent to search freely and voluntarily without fear, threat, coercion or promises of any kind and with full knowledge of my constitutional right to refuse to give my consent for the removal and / or search of the aforementioned equipment /data, which I hereby waive. I am also aware that if I wish to exercise this right of refusal at any time during the seizure and or search of the equipment / data, it will be respected.

This consent to search is given by me this ________ day of, __________________
20__________, at ____________ am / pm.

Location items taken from: ____________________________________________
Consenter Signature: ________________________________________________
Witness Signature: _________________________________________________
Witness Signature: _________________________________________________

Evidence Collection
Handling digital evidence correctly is essential to preserving the integrity of the physical device as well as the information or data it contains. Turning off the power to a computer or other electronic device may cause the information or data stored on it to be damaged or lost.
If you are not trained in handling digital evidence —
• Do not attempt to explore the contents of a computer or other electronic device or to
recover information from it.
• Do not alter the state of a computer or other electronic device.
• Do not press any keys or click the mouse.
• If the computer or device is off, leave it off.
• Do not move a computer or other electronic device that is powered on.
• Do not accept offers of help or technical assistance from unauthorized persons.
• DO request technical assistance from personnel with advanced equipment and training in digital evidence collection.  See http://www.ecpi-us.org/Technicalresources.html for a list of available resources.

Assess the Situation

Before caputring digital evidence, make sure you have the legal authority to do so. Improper access to information or data stored on electronic devices may violate provisions of various local, sate and federal laws.

After securing the scene and identifying the computer’s power status, follow the steps listed below for the situation most like your own. (If the final suggestion in each situation is “Proceed to If Computer Is On” or “Proceed to If Computer Is Off.”, those two sections are posted on the bottom on this article.)

Situation 1: Monitor is on. Program, application, work product, picture, e-mail or Internet site is displayed.

1. Photograph screen and record information displayed.
2. Proceed to “If the Computer Is ON”

Situation 2: Monitor is on. Screen saver or picture is visible.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Note any onscreen activity that causes a change in the display.
3. Photograph screen and record information displayed.
4. Proceed to “If the Computer Is ON”

Situation 3: Monitor is on. Display is blank.
1. Move mouse slightly without depressing buttons or rotating wheel if present.
2. Display changes to login screen, work product, or other visible display.
3. Note change in display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4a: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display changes to a login screen, work product or other visible display.
3. Note change in the display.
4. Photograph screen and record information displayed.
5. Proceed to “If the Computer Is ON”

Situation 4b: Monitor is off. Display is blank.
1. If monitor’s power switch is in off position, turn monitor on.
2. Display does not change. Screen remains blank.
3. Note that the display does not change.
4. Photograph blank screen.
5. Proceed to “If the Computer Is OFF”.

Situation 5: Monitor is on. Display is blank.
1. Move mouse slightly without depressing any buttons or rotating the wheel if present.
2. If display does not change, confirm that power is supplied to the monitor.
3. If display remains blank, check computer case for active lights and listen for fans spinning or other indications computer is on.
4. If computer case gives no indication that it is powered on, proceed to “If the Computer Is OFF”.

================================

If the Computer Is OFF
For desktop, tower and minicomputers follow these steps:
1. Document, photograph, and sketch all wires, cables, and devices connected to the computer.
2. Uniquely label and photograph the power supply cord and all cables, wires or USB drives attached to the computer and the connection each of these occupies on the computer.
3. Remove and secure the power supply cord from the back of the computer and from the wall outlet, power strip or battery backup device.
4. Disconnect and secure all cables, wires and USB drives from the computer and document the device or equipment connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

For laptop computers follow these steps:
1. Document, photograph and sketch all wires, cables and devices connected to the laptop.
2. Uniquely label and photograph all wires, cables and devices connected to the laptop and the connection each occupies.
3. Remove and secure the power supply and all batteries from the laptop computer.
4. Disconnect and secure all cables, wires, and USB drives from the laptop and document the equipment or device connected at the opposite end.
5. Place tape over the floppy disk slot if present. Ensure that the CD or DVD drive trays are retracted into place and tape across the drive tray to prevent it from opening.
6. Place tape over the power switch.
7. Record the make, model, serial numbers and any user-applied markings or identifiers.
8. Record or log the laptop computer and all cords, cables, wires, devices and components according to agency procedures.
9. Carefully package all evidence collected to prevent damage or alteration during transportation and storage.

If the Computer Is ON
Removing the power supply is generally the safest option. If evidence of a crime is visible on the computer display, however, request assistance from personnel with experience in volatile data capture and preservation.

Immediate disconnection of power is recommended when —
• Information or activity on screen indicates that information or data is being deleted or overwritten.
• A destructive process appears to be in progress on the computer’s data storage device(s).
• The system is powered on in a typical Microsoft Windows® environment. Pulling the power supply cord from the back of the computer will preserve information about the last user account logged in, login time, most recently used documents, most
recently used commands, and other valuable information.

Immediate disconnection of power is NOT recommended when —
• Information or data of apparent evidentiary value is in plain view onscreen. Seek assistance from personnel with advanced training in digital evidence collection.
• Indications exist that any of the following are active or in use: Chat room(s), text documents, remote data storage, Instant Messaging (IM), child pornography, contraband, financial documents, data encryption and obvious illegal activities.
• The device is a mobile or smart phone. Leave mobile and smart phones in the power state in which they were found.

Improper shutdown of mainframe computers, servers or a group of networked computers may result in the loss of data, loss of evidence and potential civil liability. Secure the scene and request assistance from personnel with advanced training in digital evidence collection of large or complex computer systems.

(We suggest you print Parts I and II of this series into a manual format.)

BNI Operatives: Street smart; info savvy.

As always, stay safe.

Yahoo and Google Data Availability to Law Enforcement & For Legal Process

email magnifying glass

 

As we’ve surmised by now, Lois Lerner’s missing emails exist – somewhere.  There’s also now the availability of cloud hosting, a method of saving your email on the net that allows you 24/7  access from any remote location.  So, do you really know what happens to all of your subscription information, emails, attachments, etc., once you shut down an email account?  What if your information is requested by law enforcement or in anticipation of litigation?   What is the legal process in such a case?

We’ve conducted research into data retention by the two major service providers: Yahoo and Google:

YAHOO

yahoo data save

Compliance With Law Enforcement:    PRESERVATION

Will Yahoo! preserve information?

Yahoo! will preserve subscriber/customer information for 90 days. Yahoo! will preserve information  for an additional 90-day period upon receipt of a request to extend the preservation.   If Yahoo! does not receive formal legal process for the preserved information before the end of the  preservation period, the preserved information may be deleted when the preservation period expires.

 

GOOGLE

What kinds of data do you disclose for different products?

To answer that, let’s look at four services from which government agencies in the U.S. commonly request information: Gmail, YouTube, Google Voice and Blogger. Here are examples of the types of data we may be compelled to disclose, depending on the ECPA legal process, the scope of the request, and what is requested and available. If we believe a request is overly broad, we will seek to narrow it.

Gmail
Subpoena:

  • Subscriber registration information (e.g., name, account creation information, associated email addresses, phone number)
  • Sign-in IP addresses and associated time stamps

Court Order:

  • Non-content information (such as non-content email header information)
  • Information obtainable with a subpoena

Search Warrant:

  • Email content
  • Information obtainable with a subpoena or court order
YouTube
Subpoena:

  • Subscriber registration information
  • Sign-in IP addresses and associated time stamps

Court Order:

  • Video upload IP address and associated time stamp
  • Information obtainable with a subpoena

Search Warrant:

  • Copy of a private video and associated video information
  • Private message content
  • Information obtainable with a subpoena or court order
Google Voice
Subpoena:

  • Subscriber registration information
  • Sign-up IP address and associated time stamp
  • Telephone connection records
  • Billing information

Court Order:

  • Forwarding number
  • Information obtainable with a subpoena

Search Warrant:

  • Stored text message content
  • Stored voicemail content
  • Information obtainable with a subpoena or court order
Blogger
Subpoena:

  • Blog registration page
  • Blog owner subscriber information

Court Order:

  • IP address and associated time stamp related to a specified blog post
  • IP address and associated time stamp related to a specified post comment
  • Information obtainable with a subpoena

Search Warrant:

  • Private blog post and comment content
  • Information obtainable with a subpoena or court order

Note about general Gmail retention:  Even if you Purge your Trash email or shut down your gmail account, your email remains available for recovery for 20 days beyond when the mail is deleted or the account closed.

Please feel welcome to contact us with more specific questions regarding data retrieval from these two major service providers (and lesser used ISPs w/unique data product.)

BNI Operatives: Street smart; info savvy.

As always, stay safe.

 

 

Tactical Trainer, Christian Swann, on NSA-resistant Communication Encryption.

(This week, we bring you an informative article on protecting sensitive client data from our friend and one-woman whirlwind of accomplishments, Christian Swann (featured below): Christian is a writer, mom, edged and blunt tool instructor for law enforcement and the military, and a risk mitigation security and vulnerability assessment specialist.

christianswann

Be vigilant about protecting sensitive  client data with these tools.

 I wrote an article not long ago about protecting our personal and sensitive important information. As some of you are well aware, once your data is out there, it’s out there. From the first click of the “check out now” button, you are being traced, watched and analyzed. From how much you spend, where you shop, to your favorite products to your prime shopping time – you’re being tracked. But that’s just one aspect of this passive monitoring.   Big Brother (e.g. and fact, as we now all know,  the NSA) has the capability and may not only watching but also listening, recording and even transcribing your confidential client conversations.

What about when it’s not only your information that is being tracked, but your clients’ confidential information is at risk of also being recorded? As a risk and security director of a multi-million dollar company, it is one of the toughest questions and concerns I have. I’m in constant contact with high-profile clients and sensitive data.

The good news for lawyers, corporations and medical professionals, concerned about maintaining their duty of confidentiality is that there are tools and safeguards now to help them.

Legal and risk management specialists, such as myself, need to be very aware of the possibility (or now, probability) of  their communications being intercepted by empowered governmental agencies.  Given the ever-changing, nebulous status of agency data collection laws, legal professionals have to deal with the ambiguity of this usage of collected data –  while contending with the secretive nature of intelligence agency operations, as well as the U.S. Foreign Intelligence Surveillance Court that oversees surveillance warrants.

Lawyers –  and anyone for that matter – should assume all of their conversations are subject to covert surveillance an should  take steps to protect confidential information.

I can’t stress enough that all pertinent emails, electronic messages and communications should be encrypted. There is no shortage of available encryption hardware and software, and I highly recommend using an encryption service such as ZixCorp or the open-sourced TrueCrypt: (Warning: this is an open source method and may not be as stable as desired.) Platform-specific devices are also available, such as, Apple’s FileVault.

“One can also purchase self-encrypting hard drives such as the Seagate Secure and already-encrypted flash drives – e.g.,  IronKey from Imation Corp.  and encryption software such as Symantec Whole Disk Encryption and Sophos Ltd.’s Safeguard“, says Lina Maini of Beacon Network Investigations, LLC.

As for passwords, I recommend a more secure method of authentication, such as security tokens or USB tokens.

Perhaps apparently, I’m a big fan of firewalls, and encrypting everything networked – from email to any and all telecomm technology apps.   I’ve also become a huge fan of the company Silent Circle. One of my favorite features of Silent Circle’s service is the ability to program burn settings.  I.e., one I’ve  sent any type of message: email, text, audio, it is then encrypted and will burn itself at the pre-set time. I’ve chosen.

Many people forget that one a voice message, text or email  has bent sent, that data  has to go through a provider, e.g.,  Apple, and is then is transferred back to the end-user, therefore leaving data footprints that can be copied.

For professionals that mainly communicate via phone, relief from eavesdropping is on its way. This month: Spanish smartphone company GeeksPhone and software company Silent Circle launch Blackphone, an encrypted smartphone that protects phone calls, text messages, emails and Internet browsing. Using VPN technology, Blackphone promises to be an NSA-resistant phone.I’m looking forward to ours arriving soon.

%d bloggers like this: