The Privacy, Security, & OSINT Show – Episode 119

Posted on April 12th, 2019

EPISODE 119-How to Find Hidden Recording Devices

This week, my guest is Tom Gibbons, and he will explain the best ways to locate hidden recording devices such as microphones and cameras. Also, I have a slew of recent privacy news and a new OSINT tip to discuss.

Support for this show comes directly from the IntelTechniques online OSINT & Privacy video training. We now have over 85 hours of content, with more added every month. Listeners of this show always receive a 25% discount at https://inteltechniques.com/25.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Apple Update
https://www.forbes.com/sites/thomasbrewster/2019/04/10/what-happened-when-the-dea-demanded-passwords-from-lastpass/#10f93bdb7ebe
https://www.zdnet.com/article/cybercrime-market-selling-full-digital-fingerprints-of-over-60000-users/
https://www.bombitup.net/
https://www.foxnews.com/tech/thousands-of-amazon-workers-listening-to-alexa-recordings-hear-personal-information-even-potential-crimes-report
https://news.sky.com/story/family-discovers-hidden-camera-livestreaming-in-airbnb-11684049

HOW TO FIND HIDDEN RECORDING DEVICES:

Tom Gibbons
http://www.tscmnet.com/

Thermal Imaging Camera: https://amzn.to/2UJF70w

Network Scanning Apps:

https://itunes.apple.com/us/app/blue-hound/id1067368392?mt=8

https://play.google.com/store/apps/details?id=com.overlook.android.fing&hl=en_US

OSINT:

https://www.carvana.com/trades/new?licenseplate=HACKER&state=CA


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
ProtonVPN: https://protonvpn.net?aid=IntelTechniques
Amazon: http://amzn.to/2IAyNzm
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 119

New Online Investigation (OSINT) Resources

Posted on April 9th, 2019

It has been a while since I posted a collection of new OSINT resources, so this one is lengthy. The following were recently added to the online search tools, live training curriculum, and online training courses.

Trumail API (https://api.trumail.io/v2/lookups/json?email=test@inteltechniques.com): This API was demonstrated in my recent webinar about email search. It serves as a verification option to identify legitimate email addresses and filter burner accounts. It also explicitly identifies disposable and free email services, while announcing whether an account is a catch-all.

Spycloud (https://portal.spycloud.com/endpoint/enriched-stats/test@test.com): This API provides a positive or negative indicator for an email address present in the Spycloud collection of data breaches. While the information is minimal, no API key is required. It also identifies the number of breached email records for the domain.

 

VIN-NHTSA (https://vpic.nhtsa.dot.gov/api/vehicles/decodevinextended/3GTEK13Y87G527460?format=json): This is an official government VIN search for vehicle make/model details. The output is very detailed, and below is a portion.

“Message”: “Results returned successfully”,
“SearchCriteria”: “VIN:3GTEK13Y87G527460”,
“Value”: “GENERAL MOTORS LLC”,
“Value”: “Sierra”,
“Value”: “2007”,
“Value”: “1500 (1/2 ton)”,
“Value”: “TRUCK “,

FAXVIN (https://www.faxvin.com/): This alternative option allows you to enter a VIN to identify full details about the vehicle (but no owner information).

Vehicle History (https://www.vehiclehistory.com/): Vehicle search by VIN which provides details about the make/model/recalls/thefts/etc.

O’Reilly License (https://www.oreillyauto.com/): This option allows you to enter a VIN or license plate to identify full details about the vehicle (but no owner information).

Carvana (https://www.carvana.com): This alternative option allows you to enter a VIN or license plate to identify full details about the vehicle (but no owner information).

 

Facebook Live (https://www.facebook.com/search/str/Live/videos-live): A less powerful replacement for the Facebook Live Video Map, which was eliminated earlier this year.

Facebook Intersect Search Tool (https://www.osintcombine.com/facebook-intersect-search-tool): Graphical option for Facebook intersect searching.

 

Carbon Dating The Web (http://carbondate.cs.odu.edu): This service uses public archives of a domain to estimate the creation date. The following demo of my own site was only off by two months.


DomainBigData ( https://domainbigdata.com): This is a typical Whois lookup site, but contains a free historic record, as seen below. This can identify the owner of a website which currently possesses a private registration.

URLScan (https://urlscan.io/): This resource provides an additional screen capture of the target address, which is often dated prior to undesired website changes or deletions. This is a small supplement to archive sites.

 

Website Informer (https://website.informer.com):This offers yet another unique historical view of a domain.

 

DomainIQ – Hosting Research (https://www.domainiq.com/hosting_research): The screen capture archive of this resource has been extremely helpful in the past. It is currently down, but will hopefully return. When working, the following screen would be full of archived screen captures of a website.

 

FluidDATA Podcast Search Engine (https://fluiddata.com): This resource allows you to search the spoken text of many podcasts. Useful for searching email addresses such as mike at gmail dot com.

BitcoinAbuse (https://www.bitcoinabuse.com): This Bitcoin service identifies incidents of malicious use of cryptocurrencies. Great for tracking the use of Bitcoin in email scams.

 

Google: This Google Search operator will find practically any type of file publicly linked, using the word Book as an example.

 

AIOSearch (http://www.aiosearch.com): This service searches the most popular file sharing hosts.

 

The following three background removal services will attempt to remove any undesired content from an image. This can lead to better results when conducting a reverse image search in attempts to identify a person or object.

Remove.bg (https://www.remove.bg/)
Clipping Magic (https://clippingmagic.com/)
Background Burner (https://burner.bonanza.com/)

Filed under OSINT | Comments Off on New Online Investigation (OSINT) Resources

The Privacy, Security, & OSINT Show – Episode 118

Posted on April 5th, 2019

EPISODE 118-How Neighborhood Watch Watches You

This week I call a company which provides neighborhoods with license plate readers, plus a new email breach notification API in the OSINT segment.

Support for this show comes directly from the IntelTechniques online OSINT & Privacy video training. We now have over 85 hours of content, with more added every month. Listeners of this show always receive a 25% discount at https://inteltechniques.com/25.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify


SHOW NOTES:

INTRO:

New (Cheaper) Silent Pocket Faraday Bags:
https://silent-pocket.com/discount/IntelTechniques

Webinar now offline

HOW NEIGHBORHOOD WATCH WATCHES YOU:

Discussion & Call

OSINT:

https://portal.spycloud.com/endpoint/enriched-stats/test@test.com


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: http://amzn.to/2IAyNzm
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 118

The Privacy, Security, & OSINT Show – Episode 117

Posted on March 29th, 2019

EPISODE 117-This Week In Privacy

This week I discuss the latest privacy news and threats including the new Apple credit card, more spy cameras in hotels & Airbnbs, another family tracking DB leak, and how to make $122M sending out bogus invoices. Plus, an “Offense/Defense” style of the OSINT section returns with nextdoor.com. Finally, Listener questions tackle Walmart surveillance video and the removal of sponsors for the show.

Support for this show comes directly from the IntelTechniques online OSINT & Privacy video training. We now have over 85 hours of content, with more added every month. Today, I posted the video from yesterday’s webinar about email address investigations. Listeners of this show always receive a 25% discount at https://inteltechniques.com/25.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Ron Swanson
Webinar Catastrophe (part II)
https://inteltechniques.com/webinar.html

THIS WEEK IN PRIVACY:

https://gizmodo.com/the-apple-card-is-great-at-privacy-but-mediocre-overall-1833582689
https://www.theatlantic.com/technology/archive/2019/03/what-happens-when-you-find-cameras-your-airbnb/585007/
https://www.cnn.com/2019/03/20/asia/south-korea-hotel-spy-cam-intl/index.html
https://boingboing.net/2019/03/24/evaldas-rimasauskas.html
https://techcrunch.com/2019/03/23/family-tracking-location-leak/
https://amzn.to/2ASCmPs

OSINT:

https://nextdoor.com/

LISTENER QUESTIONS:

Q: The self checkout at Walmart displays video of customer. Is this recorded and kept?
Q: I don’t hear you recommending Privacy.com any more, should I read more into this? Should we be concerned?


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

PIA (Affiliate):
https://privateinternetaccess.com/pages/buy-vpn/crimeinfo


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 117

The Privacy, Security, & OSINT Show – Episode 116

Posted on March 22nd, 2019

EPISODE 116-OSINT Basics & Careers

This week long-time guests Justin Seitz and Jason join me to talk about Open Source Intelligence (OSINT) basics and careers. We start from the beginning and work our way through a potential career for you in the growing OSINT community.  Support for this podcast comes directly from my online training. Listeners always receive a 25% discount at https://inteltechniques.com/25

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Ron Swanson

OSINT BASICS & CAREERS:

Jason

Justin Seitz
https://hunch.ly


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

PIA:
https://privateinternetaccess.com/pages/buy-vpn/crimeinfo


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 116

The Privacy, Security, & OSINT Show – Episode 115

Posted on March 15th, 2019

EPISODE 115-Back to Basics: The Costs of Privacy

This week I talk about the costs associated with privacy. I provide my top-5 list for each category: Free, Affordable, and Expensive. I also present an OSINT segment about license plate searching. Support for this podcast comes directly from my online training. Listeners always receive a 25% discount at https://inteltechniques.com/25

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Broad City

BACK TO BASICS: THE COSTS OF PRIVACY:

Affiliate VPN Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
ProtonVPN: https://protonvpn.net/?aid=IntelTechniques

PIA Blog: https://inteltechniques.com/blog/2019/03/11/pia-raising-prices-lock-in-lifetime-rates-now/

OSINT:

https://www.oreillyauto.com/


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf


Filed under Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 115

PIA Raising Prices, Lock In Lifetime Rates Now

Posted on March 11th, 2019

There have been a few third-party PIA affiliates reporting that the VPN provider will be doubling their rates on March 18th, 2019. I never place too much faith in these reports, as the reporting party has something to gain by encouraging people to buy (as I would as an affiliate). The only official response I could find from PIA is a response to a tweet about the price increase:

“If you have an active subscription, your price will NEVER go up, you will be able to renew at the same price for as long as you have an active subscription”

https://twitter.com/buyvpnservice/status/1105216571843248129

I have been using Private Internet Access (PIA) as my primary Virtual Private Network (VPN), and ProtonVPN as my secondary option, for several years (long before I became an affiliate). Overall, I always suggest that everyone use a VPN at all times in order to protect the security of their internet connection, and the privacy of their internet browsing. There are many VPN’s to choose from, and I am often asked why I use PIA. No VPN is perfect, but here are my reasons:

1) COST: PIA is still under $40 a year with access on up to five devices. This is much lower than other reputable VPNs. While cost should never be a deciding factor when it comes to privacy and security, the low price helps me convince others to use a VPN at all times. If you lock in that rate now, you will avoid the price increase.

2) SPEED: Many VPNs (especially free versions-never advised) will drag down your internet speed to a point of misery. With 100mb download speed at my home, I consistently receive 98-99mb while using PIA.

3) UNOFFICIAL AUDITS: Reputable VPNs claim that they do not log users’ IP addresses. This is an industry standard. How do we know that this is true? We place a lot of trust in our VPN providers, and they rarely provide any proof to their anonymity claims. In 2016, search warrants issued by the FBI to PIA became public record, and were blasted to the internet. Basically, criminals were hiding behind PIA IP addresses, and the FBI came knocking to identify the suspects. While PIA cooperated, they simply had no data to offer. They did not have any logs that would identify the culprits. While I do not like that criminals escaped prosecution, it provides more confidence in my usage of the VPN service. I will always evaluate techniques used by criminals in order to provide my own personal protection while online.

4) ROUTER USAGE: I protect my entire home network with a firewall running pfSense. I program PIA as the VPN on this device, and I no longer worry about VPN apps crashing. I now know that every device in my home has a VPN by default. PIA is the only VPN that I tested (out of five) that maintained constant access for weeks straight. Others refused to re-connect after a couple of days, and left me exposed.

5) AFFILIATE PROGRAM: Most VPN companies offer some type of affiliate program, and PIA is not unique. I only bring this up because it is irresponsible to not disclose that I get a few bucks if you purchase service through one of my links. Unlike other VPNs, PIA does not share any purchase details or information about you to me.

No VPN is 100% bulletproof. With PIA protecting my entire network, and the Tor browser or ProtonVPN on standby when I need some extra protection, I believe I have a secure and private solution for my daily internet usage. You can always find the best deal on PIA at https://privateinternetaccess.com/pages/buy-vpn/crimeinfo.

Filed under Privacy, Security | Comments Off on PIA Raising Prices, Lock In Lifetime Rates Now

The Privacy, Security, & OSINT Show – Episode 114

Posted on March 8th, 2019

EPISODE 114: Fallout from the Previous Show

This week I discuss the aftermath of last weeks show about the data which Apple stores about us, and present ten new sources for downloading your data from the biggest online companies. Whether you are a casual surfer, online investigator, or extreme privacy enthusiast, you should see what is being shared about you! I also bring back the Listener Questions segment, and this week is all about OSINT.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Google / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Free OSINT Webinar:
https://www.bigmarker.com/pipl-search/OSINT-MB?utm_bmcr_source=MBN

New HFTI Workbook:
https://inteltechniques.com/data/workbook.pdf

FALLOUT FROM THE PREVIOUS SHOW:

Amazon:
https://www.amazon.com/gp/help/customer/display.html?nodeId=201983330

Alexa Recordings –
https://www.amazon.com/gp/help/customer/display.html?nodeId=201602040

Apple:
https://privacy.apple.com/account

Facebook:
https://www.facebook.com/help/1701730696756992

Google:
https://myaccount.google.com/privacy#takeout

Instagram:
https://www.instagram.com/download/request/

LinkedIn:
https://www.linkedin.com/psettings/member-data

Reddit:
https://www.reddithelp.com/en/categories/using-reddit/your-reddit-account/accessing-your-reddit-data

Snapchat:
https://accounts.snapchat.com/accounts/downloadmydata

Tinder:
https://account.gotinder.com/data

Twitter:
https://help.twitter.com/en/managing-your-account/how-to-download-your-twitter-archive

LISTENER QUESTIONS:

Q: Since Backpage has shut down, our abilities to investigate sex trafficking are minimal. Where should we be looking?

Q: This week Facebook said it will shift data toward private and encrypted communications. What does this mean for me as an online investigator?


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 114

New Domain Search Tools

Posted on March 4th, 2019

I have recently completely overhauled my Domain Name Search Tools at https://inteltechniques.com/tools. The new offering has sections split by category and many new query options including new archives and registration histories.

 

Filed under OSINT | Comments Off on New Domain Search Tools

Free Webinar on Email Investigation Techniques

Posted on March 4th, 2019

On March 28, 2019, I will be presenting a free webinar on email investigation techniques, hosted by Pipl.com. This live session will last about an hour, and we will have Q & A directly following. Our previous webinar had over 3,500 registered attendees, and this one is strictly limited to the first 2,000 people. Therefore, I highly encourage you to get in early, as it will not be recorded or published. I look forward to presenting several new ideas and hearing from the attendees. Use the following link to register:

https://www.bigmarker.com/pipl-search/OSINT-MB?utm_bmcr_source=MBN

 

Filed under OSINT | Comments Off on Free Webinar on Email Investigation Techniques

Search

Recent Posts