Menu
  • Home
  • Brett's Blog
  • My Books
  • Courses
  • About Me
  • Contact
  • Home
  • Brett's Blog
  • My Books
  • Courses
  • About Me
  • Contact

Brett Shavers | Ramblings

Brett's Ramblings

Subscribe to blog
Unsubscribe from blog
Settings
Sign In
If you are new here, Register
  • Forget Username
  • Reset Password

tor browser

Subscribe to this list via RSS
JAN
01
0

What is this thing "privacy" you speak of?

Posted by Brett Shavers
in  Privacy

 

I luckily missed being born into the Internet generation.  Facebook creeped me out with the amount of information demanded to create an account.  It took me all of 1 minute to create an account, 5 minutes to decide to delete it, and then two hours to figure out how. That was years ago and I still receive email reminders from Facebook to re-join with all my information still in the deleted  account, as if I never deleted it. If you ever wondered what Mark Zuckerberg thought of Facebook users, you may want to take a look...http://www.businessinsider.com/well-these-new-zuckerberg-ims-wont-help-facebooks-privacy-problems-2010-5 

Perhaps a decade of working undercover has made me ultra-paranoid on personal information. At the time of doing UC work, I had little concern of sitting in an illegal business, having dinner with an organized crime figure and having one of his goons run me through Google, because there was no Google when I first started. That changed before I left the narc world and an undercover friend of mine was identified with Internet searches (while he was in the midst of a group of bad guys). If I was still doing undercover work, I'd no longer be doing undercover work. Thanks Google...

I can imagine that being born into the Internet age means never knowing what privacy is, nor have any concern about it all. Kids are literally texting in grade school, Facebooking in middle school, and blogging by high school.  Every generation now willfully gives up every aspect of their lives on social media and to buy some gadget online.

So when I see that the majority of people could care less about their most intimate and private details of their lives, it gives me pause. If you don’t think your Internet searches and web browsing is intimate, take a look at your web history and tell me that you don’t have some secrets in what you look at that you wouldn’t want anyone else to know about you. Health, wealth, and interests. How much more intimate can you get?

Despair at the Number of Americans Who Choose Security over Liberty, Privacy - Reason (blog)

http://news.google.com Thu, 31 Dec 2015 17:41:15 GMT

Reason (blog)Despair at the Number of Americans Who Choose Security over Liberty, PrivacyReason (blog)According to a new, frustrating poll, a majority of Americans in both the major parties appears to support warrantless government surveillance of Am ...

Read more ...

 

I’m not sure if people just don’t care the government watches and logs their Internet activity or if they just don’t know that they have a right to be secure in their homes, papers, and possessions. Either way, the result is the same. Privacy no more, and like the arrow flown, you can’t get the data back.

I can say that there are government organizations that actually take issue with privacy, one for example: Public Libraries. I’ve had criminal investigations where I needed information about a library patron for serious felonies. Not only were librarians willing to throw down with me to fight giving it to me, but I was promptly kicked out and told to get a warrant (which I did every time).  The library in the county where I live takes privacy seriously (KCLS). No security cameras anywhere. Not inside the library. Not in the parking lots. Nothing recorded. Patrons can use Tor if they bring it on a CD or flashdrive to plug into public use computers. The WiFi is free, no login required, no tracking of the users. 

For this, I say libraries may be the last bastion of personal privacy protection, but then again, I have no idea how many national security letters have been handed out to librarians…

Certainly the day is close where privacy no longer exists in any manner. Already, if you ever applied for a security clearance, foreign governments have your application and probably your fingerprints too.

China says OPM breach was the work of criminal hackers - Engadget

http://news.google.com Thu, 03 Dec 2015 04:59:00 GMT

EngadgetChina says OPM breach was the work of criminal hackersEngadgetChina says the massive security breaches at the US Office of Personnel Management (OPM) that exposed the personal information of more than 21.5 million US government employees, con ...

Read more ...

I can say with experience, the Internet is great for investigators. Finding suspects has never been easier. In fact, finding an entire life history of a suspect takes on a whole new meaning with Facebook and every other type of social networking account.  Heck, they list their associates too. How much easier can it get? Criminals are people too, and they put as much personal information online as everyone else. Take the Dark Web as one example.  The Silk Road creator took massive steps to hide his identity, but an IRS agent identifed him with Google searches...

The Tax Sleuth Who Took Down a Drug Lord - New York Times

http://news.google.com Fri, 25 Dec 2015 17:48:14 GMT

New York TimesThe Tax Sleuth Who Took Down a Drug Lord New York Times It was Mr. Alford's supervisors at the I.R.S. who assigned him in February 2013 to a D.E.A. task force working the Silk Road case. The Strike Force, as it was known, had so far had l ...

Read more ...

My only concern with personal privacy evaporating like dry ice in the summer is that criminals also have an easier time of finding enough personal information to do damage to anyone, whether as ID theft, stalking, or worse.  It's bad enough that there are several levels of government agencies tracking everyone (including you), and that the criminals are using the same methods, but we also have the foreign governments doing it too.

Probably the best thing that can happen to the Internet is that it breaks...but then again, how will students find answers to their homework if they can't access Wikipedia? Can you imagine telling your kids to go to the library? The horror!

0
  4326 Hits
Tags:
wiretap surveillance privacy tor browser
Tweet
Share on Pinterest
4326 Hits
DEC
24
0

The best part of writing a book is finishing the book.

Posted by Brett Shavers
in  Digital Forensics

I choose the title of my latest book (Hiding Behind the Keyboard) to be provocative, although the book may not completely be what you would expect if you think that it is a manual to hide yourself on the Internet. Being from Syngress, this is technically a technical book in that it discusses how to uncover covert communications using forensic analysis and traditional investigative methods.

The targeted audience is those charged with finding the secret (and sometimes encrypted) communications of criminals and terrorists.  Whether the communications are conducted through e-mail, chat, forums, or electronic dead drops, there are methods to find the communications to identify and prevent crimes.

For the investigators, before you get uptight that the book gives away secrets, keep in mind that no matter how many “secrets” are known by criminals or terrorists, you can still catch them using the same methods regardless of how much effort criminals put into not getting caught.

As one example, one of the cases I had years ago as a narcotic detective was an anonymous complaint of a large, indoor marijuana grow operation.  Two plainclothes detectives and I knocked on the door and politely asked for consent to search the home for a marijuana grow.  I told the owner that he didn’t have to give consent, or let us in, and could refuse consent at any time.  He gave consent and we found hundreds of marijuana plants growing in the house.  The point of this story was that on a table near the front door, was a book on how to grow marijuana that was opened to the page that said “when the cops come to your door for consent, say NO!”.  He had the book that advised not to do what he did anyway.

The point being, even when knowing how to commit crimes, criminals are still caught and terrorist plots are still stopped. The more important aspect is that investigators need to know as much as they can and this requires training, education, and books like Placing the Suspect Behind the Keyboard and Hiding Behind the Keyboard.

I had help with this book with early reviews, suggestions, recommendations, and co-authoring.  Most of what is in the book, I’ve done or helped others do. Some things work sometimes, other things work other times, and nothing works all the time. But having a toolbox to choose from gives you choices of methods that can fit individual cases.

As a side note, many of the methods can work in civil litigation depending upon cooperation and legal authority. For example, use of the Tor browser in a corporate espionage or employee IP theft case can make a huge difference in the direction a forensic analysis takes.

For anyone going to Las Vegas for the Enfuse conference, I’ll be presenting on this book and look forward to meeting you there (please say hi).

You can order Hiding Behind the Keyboard here:

Hiding Behind the Keyboard: Uncovering Covert Communication Methods with Forensic Analysis

0
  5260 Hits
Tags:
Hiding Behind the Keyboard tor browser wiretap book
Tweet
Share on Pinterest
5260 Hits
NOV
15
0

Libraries and the Tor Browser

Posted by Brett Shavers
in  Digital Forensics

A few weeks ago, I was asked by a librarian for my opinion on library patrons using Tor in public libraries. My initial reaction, based upon having done more than a few cybercrime cases, is that Tor in public libraries is a bad idea. How can law enforcement track criminals who use library computers when the Tor browser is being used?  And libraries are government entities! Tax dollars would be spent helping criminals commit crimes on the Internet and remain anonymous. By all means, NO! Don’t do it!

From a law enforcement perspective (which I have not lost since my days in law enforcement), the Tor browser makes cybercrime investigations practically impossible to identify the user for 99% of cyber detectives and this is a major problem for investigators.  The remaining 1% of cyber analyts have access to supercomputers and virtually unlimited budgets that is beyond the scope and reach of the regular police detective.   Since the Tor network is so effective in providing anonymity to Internet users and police are practically powerless against it, why support it since criminals are using it?

About a half second later, my opinion changed.

The public library protects freedoms more than most people will ever know (except for librarians…they know about freedom protections). Sure, police protect freedoms by protecting Constitutions (state and federal versions) but law enforcement has a dilemma. On one hand, they swear to protect freedoms and on the other, the freedoms restrict their ability to protect.  Using the First Amendment as an example;

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.

Taking the freedom of speech as an example, people have a right to express themselves and that not only includes speaking, but also reading, and communicating (assembly) with other people. Libraries provide access to information and support intellectual freedom.  And of course, people abuse freedoms and commit crimes, such as harassment where free speech goes too far and intrudes on someone else’s rights. Maybe it's easier to protect speech by getting rid of it? Nope. That doesn't work...

Many (all?) public libraries today in the United States provide Internet access with WiFi and public terminals. Complete freedom to browse the Internet and communicate with people around the world certainly meets freedom of speech criteria.  You can’t get much more supportive in providing access to information than that. As a government entity, the public library supports the First Amendment more than any other entitity.

Here comes Tor.

Without getting into too much detail about “Tor” (The Onion Router: http://www.torproject.org), let’s just say that Tor can be looked at simply as an Internet browser that hides the Internet Protocol (IP) address of the computer user. That means that a computer user can be practically anonymous online when using the Tor browser.  The Internet history cannot be tracked, the physical location of the user cannot be tracked, and users can feel secure that they have privacy online without interference from government or other persons.

Internet privacy is important. Not only is government tracking of Internet users invasive, but so is corporate intrusions into personal privacy. Every person has different tastes, likes, interests, and beliefs. The founding principle of privacy is…privacy. Tor provides that privacy when it is used appropriately.

Running the Tor browser is simple enough since it is just an Internet browser (basically anyway). For a library to support Tor use, IT staff just need to download the browser to the public computers and put the icon on the desktop.  That’s all there is to it to give library patrons access to Internet privacy.

During a recent conversation with a librarian, I was told that the library (in the Seattle area), does not monitor, track, record, or even look at patron Internet history and useage. After explaining that the library certainly has the technology to do so, by default in their network system, and that every patron’s Internet history can be viewed, tracked, recorded, logged, and be required to be produced to law enforcement by court order, the conversation changed quite a bit. Obviously, if a crime has been committed and a search warrant is obtained, providing any information to investigate and prosecute criminals is a good thing for society as a whole.  The drawback is Internet history being logged or viewed for all patrons, in any manner, for general purpose or for later historical analysis. That negates privacy and goes against intellectual freedoms for which the public library stands.

With Tor, patrons can generally be assured their Internet use is private (barring screen capture software, keyloggers, compromised systems, etc…). This is a good thing for patrons to have as a choice. Tor is not perfect and has drawbacks to the ‘normal’ Internet browsers, but for the most part, if privacy is a concern, the Tor browser relieves the concerns.

As an investigative point, if a criminal wants to remain anonymous and use Tor to commit crimes, the library probably isn’t the best place to do it. Although most libraries do not have video surveillance cameras, some do.  There are libraries (the East Baton Rouge Parish Library as one example) that hire police officers as security! For a criminal to use a library computer to commit a crime may make it easier to get caught.

Tor relays: it’s Tor, but a little bit different topic. One of the methods that Tor is effective is that when using the Tor browser, computer relays (“Tor relays”) are being used to route the computer user’s traffic around the world.

http://www.torproject.org 

Anyone can volunteer to be a Tor exit relay, where Internet traffic running through the Tor network will ‘exit’ from your system. By being a volunteer, you help world-wide Internet anonymity by providing a Tor exit relay. For the most part, nothing bad happens, but occasionally, the Internet traffic leaving your relay could be criminal in some aspect, such as child pornography. You won’t see it, nor have anything to do with it, but your IP address will be tied to it since your relay is the last relay to receive/send it.

Not that this makes you a criminal, or that you facilitated a crime any more than if you sold a Ford that was used in a bank robbery as a getaway car, but it can happen. Today, law enforcement is more aware that Tor exit relays are not the source of crime, and the person running the relay is not the criminal they are looking for.

https://www.propublica.org/article/library-support-anonymous-internet-browsing-effort-stops-after-dhs-email

So it was strange to find an article where law enforcement pressured a library to not volunteer as a Tor relay. Tor relays exist world-wide. There are literally thousands of relays, everywhere. Shutting down every relay is virtually impossible. So why push libraries to not volunteer when it is the public library standing for the freedoms in the first place?

As a business consideration, my opinion on public libraries being Tor exit routers depends upon the cost required to set up and maintain it since public libraries are funded by the public with taxes. Other than that, if the public supports it and libraries can do it, why not? A public library can do little more for intellectual freedom than not only providing use of the Tor browser, but also operating a Tor relay.

Restricting or eliminating use of the Tor network would be like shutting down Toyota dealerships because the Toyota Camry is used for bank robbery getaway cars.

For the investigators worried about rampant crime in the library because of Tor…you can still catch the cybercriminals.  And for libraries worried that they will facilitate crime, don’t worry about that either. Tor users can’t choose the Tor exit relays.  It won’t be like cybercriminals will be able to pick a library Tor exit relay and commit crimes.  I give an entire chapter on beating Tor in my next book, at least as much as Tor can be beaten.

 

 

 

0
  9456 Hits
Tags:
tor browser
Tweet
Share on Pinterest
9456 Hits
    Previous     Next
1 2 3

DFIR Training

Be sure to check out my DFIR Training website for practically the best resources for all things Digital Forensics/Incident Response related.


Brett's blog

© 2023 Brett Shavers