• Categories

  • Archives

  • Pages

  • Who. What.

    For the trial law and legal community from a private investigator's perspective. The Beacon Bulletin is the weekly newsletter authored and published by our parent company, Beacon Network Investigations, LLC (BNI). We're a private investigation company. We DON'T dispense legal advice, respond to anonymous queries or black hat your enemies for you. (Internally, however, points are alloted for perfectly wordsmithed compliments.) We DO hope to inform. That's our business.
  • September 2019
    M T W T F S S
    « Aug    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • Recent Posts

Need An Email Vapor Trail? Disposable, Anonymous Email Addresses.

Sometimes you just want to read an article (and have to register), redeem a coupon or spy on the opposition. (One can play clean and hard and be creative!)

The gmail jig – that of creating new, temporary accounts for one-time or express purposes –  is up.  As soon as any of us now experienced email users see a gmail address from an unknown sender, we will either junk it or run back the sender info to identify its real originator.

So, what do you you if you absolutely, positively need to send a non-traceable email?

Fortunately, prescient program developers have filled in this gap and we now have reliable temporary anonymous email generator sites from which to dispatch our hidden sender messages.

Below are our favorite disposable email provider sites:

Guerrilla Mail

Disposable Temporary E-Mail Address:  Lasts for 60 minutes, either use a domain provided to you or create your own.

Hide My Ass – (Ok, our first test run was out of curiosity.  With a name like that…)

“When websites or persons you do not necessarily trust ask for your email address, give them one of our anonymous email addresses and hide your true email address and online identity.” – can last anywhere from 24 hours to 12 months (year) – “Hide behind one of our email address aliases and never have to reveal your real email address.” – “Need to register on a shady website? Stop spam emails from entering your real email inbox.”

SendAnonymousEmail 

“Every day over 60,000 free anonymous emails are sent from our servers, making us the world’s largest and most trusted anonymous email service” – It is a one time use email (obviously can be used multiple times using different anonymous emails)

Anonymize responsibly.

(Visit www.sjbn.co for great info on everything techno-related as it applies to domain searches, email identifiers and tagging.)

 

As always, stay safe.

8 Ways That You Can Be Legally Tracked

 fb sub

“But don’t they have to have probable cause to search my email or get my Facebook records?”  I can’t tell you how many phone calls we’ve received with that question  – and as we tell each caller, “We are not attorneys, judges or the court or the police department. But, uh, what happened?” (Who doesn’t want to hear a good story??)

(Anyhow, for the purpose of this article,  “they” means law enforcement.)

Here are the situations and the applicable laws:

1. Phone Records: Calls you have made and received

How they get it

Wiretapping is illegal without a judge’s warrant, however, police only require a subpoena from a court to obtain your phone scrolls (outgoing and incoming calls).

A warrant requires showing probable cause, a subpoena needs only to be relevant to an investigation, a much lesser standard of evidence.

Applicable law: 

Smith v. Maryland, a Supreme Court ruling in 1979, which found that the Constitution’s Fourth Amendment protection against unreasonable search and seizure doesn’t apply to a list of phone numbers.

2.  Location: Your phone is a tracking device

How they get it

Cell towers.

Applicable Law: 

The federal Electronic Communications Privacy Act (EPCA) cited by the police for these records dictates that the data must contain “specific and articulable facts” related to an investigation – again, that lesser standard of evidence.

3.  IP Addresses: Which computers you use

How they get it

Email providers such as Google, Yahoo, MS, etc.  amass tremendous amounts of data about our digital journeys. A warrant is needed to access some emails (see below), but not for the IP addresses of the computers used to log into your mail account or surf the Web. According to the ACLU, those records are kept for at least a year.

Applicable law:

U.S. v. Forrester, is a case involving two men trying to set up a drug lab in California.  Prosecutors successfully argued that tracking IP addresses was no different than installing a tracking device to a phone to track each number dialed by a given phone (which is legal).   Police only need a court to sign off on a subpoena certifying that the data they’re after is relevant to an investigation — the same standard as required for cell phone records.

4. Emails

How they get it

Prior to Sen, Leahy’s bill introduced earlier this year, only recent email required a warrant; email aged over 180 days required only a court subpoena related to an investigation.

Applicable Law

Once again, the ECPA comes into play.  The Leahy bill would require a warrant to get all emails regardless of age.

5. Email drafts: drafts are different

How they get it

Communicating through draft emails, à la David Petreaus and Paula Broadwell, seems sneaky. But drafts are actually easier for investigators to get than recently sent emails because the law treats them differently.

Applicable Law:

The ECPA distinguishes between communications — emails, texts, etc. — and stored electronic data. Draft emails fall into the latter, which get less protection under the law. Authorities needs only a subpoena for them. The Leahy bill would change that by requiring a warrant to obtain them.

6. Text messages: As with emails, so with texts

How they get it

Investigators need only a subpoena, not a warrant, to get text messages more than 180 days old from a cell provider — the same standard as emails.

Applicable Law: 

Currently being challenged in several states otherwise, the ECPA applies.

7. Cloud data: documents, photos, and other stuff stored online

How they get it

Authorities typically need only a subpoena to get data from Google Drive, Dropbox, SkyDrive, and other services that allow users to store data on their servers (aka, cloud storage).  EXCEPT: If that data is shared. (see below).

Applicable Law:

The ECPA defines cloud data the same way it does draft emails – as storage – making a warrant unnecessary. However, shared files, such as a collaboration through Google Docs is considered “communication” so a warrant is required.

8. Social media: Too new to tell

How they get it

Read your social network’s Terms of Service and Privacy Policy. (Stop laughing.) When it comes to sites like Facebook, Twitter and LinkedIn, the social networks’ privacy policies outline how cooperative they are in handing over users’ data to law enforcement. Facebook states it requires a judge’s warrant to disclose a user’s “messages, photos, videos, wall posts, and location information.” But it will supply basic information, such as a user’s email address or the user’s IP addresses under a subpoena.

Applicable Law:

Too soon to tell but we’re know that a Manhattan Criminal Court judge upheld a prosecutor’s subpoena for information from Twitter regarding an Occupy Wall Street arrest on the Brooklyn Bridge in 2011, marking the first time a judge allowed prosecutors to use a subpoena rather than a warrant to get the information.

Bottom Line: Assume that everything you write can and will, if necessary, be read by law enforcement so don’t do whatever it is that you haven’t done.

BNI Operatives: Situationally aware.

As always, stay safe and stop typing your life online.

Electronic Crime Scene Investigations; Assessing & Documenting the Situation. I/II

When a computer crime is suspected in the workplace, action must be taken immediately. We’ll take you through a step by step computer crime scene investigation; the same protocol that we security and information specialists conduct.

When securing and evaluating the scene:
• Do not alter the state of an electronic device. If a computer or an electronic device is off, leave it off.
• Remove all unauthorized persons from the area where evidence is to be collected.
• Identify, seize and secure all electronic devices, including personal ones used at work. (Have the employee sign a release or note the type of device and serial number – including the hard drive serial number, if s/he refuses).
• Recognize potential digital evidence in telephones, digital video recorders, other office appliances and motor vehicles.

If the computer is on or the power state cannot be determined:
• Look and listen for indications that the computer is on — e.g., fans running, drives spinning and lit light-emitting diodes (LEDs).
• If you cannot determine the power state of the computer, observe the monitor to determine if it is on, off or in sleep mode.
• Check display screen for signs of data destruction.  Look out for words such as “delete,” “format,” “remove,” “copy,” “move,” “cut” or “wipe.”
• Look for indications that the computer is being accessed remotely and/or signs of ongoing com-
munications with other computers or users — e.g., Instant Messaging (IM) windows or chat rooms.
• Take note of all cameras and determine whether they are active.

Preliminary Interviews
•Separate and identify all persons of interest and record the location they occupied when you entered the scene. Obtain the following information from interviewee(s):
• Purpose of computers and devices.
• All users of the computers and devices.
• Type of Internet access and Internet service provider.
• Computer and Internet user information — e.g., login names, user account names and passwords, and Instant Message screen names.
• E-mail and Web mail (Web-based e-mail) accounts and Web pages.
• Account information for online social networking Web sites — e.g.,  Facebook, LinkedIn
• All security provisions, data access restrictions, destructive devices or software in use.
• Any automated applications in use.
• Any other relevant information.

Documenting the Scene
Your documentation should include:
• The type, location, position, condition and power status of the device.
• A record of all activity and processes visible on the display screen(s).
• A record of all physical connections to and from the computers and other devices.
• A record of any network and wireless components capable of linking devices to each other and the Internet.
• The type, condition and power status of the device’s Internet and network access.
• Video, photos, notes and sketches to assist in recreating/conveying the details of the scene.
(Some computer systems and electronic devices — and the information they contain — may be protected under applicable laws, agency policies or other factors, that may prohibit collection of these devices or components.  That’s when you call in a pro.  However, do include the location, condition and power state of these devices in your documentation.)

Movement of a running computer or electronic device may cause changes or damage to the computer or device or the digital evidence it contains. Computers and electronic devices should not be moved until it is determined by a professional that it is safe to do so. 

In Part II/II we will get into the meat of Evidence Collection.  The instructions we will impart will not be generalizations but rather, actual, working directions.

Our Operatives: A step ahead.

As always, stay safe.

%d bloggers like this: