Menu
  • Home
  • Brett's Blog
  • My Books
  • Courses
  • About Me
  • Contact
  • Home
  • Brett's Blog
  • My Books
  • Courses
  • About Me
  • Contact

Brett Shavers | Ramblings

Brett's Ramblings

Subscribe to blog
Unsubscribe from blog
Settings
Sign In
If you are new here, Register
  • Forget Username
  • Reset Password
Brett Shavers

Brett Shavers

DEC
26
0

I took a look at Instagram's Terms of Service so that you won't have to.

Posted by Brett Shavers
in  Digital Forensics

Who really reads the Terms of Service anyway?

Are EULAs and TOSs intentionally designed as multi-page, single-spaced, 4 font, legalized writing to confuse users or simply to dissuade users from reading past the first paragraph?

A few highlights from Instagram

“…you hereby grant to us a non-exclusive, royalty-free, transferable, sub-licensable, worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate, and create derivative works of your content…”

Translated: All your content is ours. We do with it as we wish.

Opinion: You create it, Instagram/Facebook will make money off of it with no compensation to you. This is the model of how “free stuff on the Internet” works.


“It can also include what you see through features we provide, such as our camera, so we can do things…”

Translated: We have access to your camera, I mean “Instagram’s” camera.

Opinion:  They haz your phone camera.


“For example, we log when you’re using and have last used our Products, and what posts, videos and other content you view on our Products. We also collect information about how you use features like our camera.”

Translated: Instagram keeps track of everything that you do on their platform, including the use of their camera.

Opinion: Sure. I get it. But this would be like a car rental company keeping track of every place you drove the car that you rented. Car rental companies probably do that too…


“We also receive and analyze content, communications and information that other people provide when they use our Products. This can include information about you, such as when others share or comment on a photo of you, send a message to you, or upload or import your contact information.”

Translated: Instagram collects data about you even when you don’t provide it.

Opinion: Do they mean private messages too? Sure. Why not.


“…we collect information from and about the computers, phones, connected TVs and other web-connected devices you use that integrate with our Products, and we combine this information across different devices that you use.”

Translated: We gonna map out your network.

Opinion: Yikes!


“Information we obtain from these devices includes: …operating system, hardware and software versions, battery level, signal strength, available storage space, browser type, app and file names and types, and plugins…mouse movements….unique identifiers, device IDs, and other identifiers such as from games, apps or accounts you use…associated with the same device or account…Bluetooth signals and information about nearby Wi-Fi access points, beacons, and cell towers…your GPS location, camera or photos….name of your mobile operator or ISP, time zone, mobile phone number, IP address, connection speed, and in some cases, information about other devices that are nearby or on your network, so we can do things like help you…”

Translated: Everything. We take everything.

Opinion: For the love of all that is good and holy! This looks like a digital forensics examination (and I mean “digital exam” as a “digital prostate exam”.


“Advertisers, app developers, and publishers can send us information through Facebook Business Tools they use…about your activities off Facebook including information about your device, websites you visit, purchases you make, the ads you see, and how you use their services whether or not you have a Facebook account or are logged into Facebook.”

Translated: In case you didn’t get it earlier, we take everything, even that which is not on our platform.

Opinion: Instagram/Facebook is a third-party data collector that takes your data from another third-party data collector which probably takes your data from another third-party data collector. All to be curated ultimately by Facebook/Instagram. You don’t even need to have a Facebook account!


“For example, we can suggest that you join a group…

Translated: We know what is best for you. This might because we know everything about you or because we want you to behave a certain way and believe in what we want you to believe in.

Opinion: When you want to see a movie, you might want to ask a friend or read reviews, but you don’t have to. You can simply choose to see or not see a movie. Facebook/Instagram requires that you agree to be pushed toward groups that they want you to join. Kinda like getting jumped into a gang that you didn’t think you wanted to do, but got pushed into it by the local gang bangers.


“We use location-related information such as your current location, where you live, the places you like to go, and the businesses and people you’re near-to-provide..can be based on things like precise device location…IP addresses, and information from your and others’ use of Facecbook products…”

Translated: We know everywhere you been, exactly where you are now, and can accurately predict where you will be going next.

Opinion: This is life on IoT and our addiction to “smart” devices. And we must agree to it in order to use ‘free’ services.


“…we use face recognition technology to recognize you in photos, videos, and camera experiences…”

Translated: Ha! We haz your biometric data too!

Opinion: Facial recognition is one of the security features that we have to give up, but is something that we can’t change like a password.


“..when you search for something on Facebook, you can access and delete that query from within your search  history at any time, but the log of that search is deleted after 6 months.”

Translated: Not only do we see what you search for, but we keep that, just in case…

Opinion:  Forensic peeps know this. Anything you type online is there for everyone to see, even those you don’t want to see it, potentially forever.


“We share information globally, both internally and with the Facebook Companies, and externally with our partners and those you connect and share with around the world…your information may, for example, be transferred outside where you live…”

Translated: We not only take, curate, analyze, and store your information indefinitely, but we will share it around the world to our “partners”.

Opinion: Who are the “partners” and WHY DO THIS?!?


Summary

Free is not free.

Social media platforms are like leopards stalking dinner. You don’t see the leopard. You don’t think anything about it. And you don’t care that tidbits of your Internet activity are being analyzed by humans, ML, and AI. By the time you realize how much private data is gone, it is too late to much about it. Presumably, this is all for a profit motive, in which you make none. Worst case scenario is a nation-state obtaining this immense data. But that would never happen..

 

update: This from Twitter, best visual of EULAs that I have ever seen.

https://t.co/uYXup8iEdE

— #StopTheStupid! Goat (@bill_e_ghote) December 26, 2020

 

  9849 Hits
Tweet
Share on Pinterest
9849 Hits
DEC
16
0

White Paper: The Susceptibility of Interconnected Devices in a Global Concept as Surveillance Affects the Consumer-user

Posted by Brett Shavers
in  Digital Forensics

I read an article that China used technology to spy on users via their phones (https://www.theguardian.com/us-news/2020/dec/15/revealed-china-suspected-of-spying-on-americans-via-caribbean-phone-networks). 

Here is my white paper analysis.

#1 - If a device has connectivity with at least one other device, it can be,  has been, or will be compromised.

#2 - If a device has the ability for connectivity with at least one other device but isn't connected yet, see #1.

#3 - If a device is airgapped from any other device, it can still be compromised.

#4 - If a device has a speaker, someone you don't know can hear you.

#5 - If a device has a camera, someone you don't know can see you.

#6 - If one nation-state is monitoring your device, probably another one is too (maybe your own government!).

The good news is that criminals are more easily identified, tracked, arrested, charged, convicted, and incarcerated.

The bad news is that every bit of your life is logged somewhere, by multiple entities without your consent or knowledge.

 

  5828 Hits
Tweet
Share on Pinterest
5828 Hits
NOV
12
0

How long does it take to get into the DFIR field?

Posted by Brett Shavers
in  Digital Forensics

Question I received: How long does it take before I can expect to get into a DFIR career?

Answer: It depends!

It depends on your available resources + available time + motivation to learn.

Meaning

The more of each of these that you have, the faster it will be. A lack of resources (software/hardware) means scraping together machines and free/open-source tools. A lack of time means squeezing in minutes here and there over a longer period of time.

A lack of motivation is the most important factor because, without motivation, you will never make it regardless of your available resources. Period.

Motivation

By the same token, motivation is the biggest factor to make up for a lack of resources.  Do not ever underestimate the power of motivation.  The sheer force of drive. The unstoppable energy of determination.  If you are driven to succeed in face of anything, then you will make it. It does not matter where you start from, age is irrelevant. Education level meaningless. Socio-economic background means nothing.

I say this full well knowing that someone with a high education or "elite" status in society with unlimited sources starts farther ahead than you or I. I say this because without motivation, resources are useless and any success is limited and a dead end. With motivation, there is no limit. You will have to work harder.  Study more.  Endure stress and keep moving forward against friends or family advice to quit. Others will appear to effortlessly pass you by. Everything will seem more difficult. And it will be.

Keep the pace

It is one foot in front of the other. That should be your focus. Your goal is not to master the entire registry at the same time that you have a goal to master Linux logfiles.  Learn a registry concept. Then a registry hive. And a key. One step at a time.  As long as you keep moving forward, you will move forward.

Mentor

Find one. Follow your mentor. Know that your mentor, whether you ever met or communicate, has gone through exactly what you are going through. Maybe they had an even more difficult time with circumstances you'll never know. The best mentor is the one that motivates you. It is the person that you know will pull you forward as long as you make the effort to make the effort.

An example of making the effort

When I was a much younger Marine, I had an aptitude for humping a pack (ie; long, forced marches carrying a heavy backpack).  I had the same pains as everyone else, blistered feet, sore back, muscle cramps, and lots of sweat! But I would never quit and never quit putting one foot in front of the other.  A new Marine behind me on one of the marches didn't do so well, but he tried.  So on a really long hump, I told him to grab ahold of my backpack straps (the straps that you use for your sleeping bag). I said, "Hold my straps and as long as you keep walking, I'll help."  The secret was, I didn't pull him at all, but he kept going. He learned that as long as he worked and did his part, he'd be able to keep up.  He never really needed to hold my straps that day, and he only needed it for a few minutes that he could do it. He just needed to know everyone goes through the same pains and understands, but if you do your part, everyone is there for you.

You are next

Know now that someone is going to look to you as a mentor, if not already.  You won't know who they are, but they are watching you. They are hanging on your every word.  They are inspired by you. They are motivated by you, all because they know you made the effort and didn't quit. There are more than a few peeps in DFIR that I watch like a hawk because they inspire me every day. On the days when I don't believe that I know enough, I fall back on my mentors and their work. I fall back on those who give a little of themselves by sharing, and speaking, writing, and teaching.  Do not be surprised that if and when we meet, I tell you that you inspired me.  You never know when something that you did or said made a difference to someone else who is also swimming in the ocean of DFIR information, trying to figure it all out. 

This thing we call "DFIR"

DFIR (Digital Forensics Incident Response) is simply one small part of the Information Security world (or cybersecurity). There are many sub-fields, cross-fields, and related fields, but none are DFIR. The people in DFIR are awesome. Infosec is one thing, but DFIR is something all by itself. I look at DFIR as the Green Berets of Infosec (or Navy SEALs, or Marines, or SWAT...take your pick, but you get the point). In those communities, everyone pulls more than their own weight. They work to excel in their respective expertise. They help each other. They work as team players. For this, DFIR has advanced and advances in skill and knowledge beyond practically any other field.If you are new to DFIR, welcome to the family.  If you have been here a while, be sure to hold the door open to the new folks. They bring a whole new world of motivation, innovation, and drive that benefits us all.

  16498 Hits
Tweet
Share on Pinterest
16498 Hits
    Previous     Next
1 2 3 4 5 6 7 8 9 10

DFIR Training

Be sure to check out my DFIR Training website for practically the best resources for all things Digital Forensics/Incident Response related.


Brett's blog

© 2022 Brett Shavers