Brett's Blog

Just some ramblings.

The Secret to Becoming More-Than-Competent in Your Job

The Secret to Becoming More-Than-Competent in Your Job

I was part of an interesting and product online podcast today.   You can check it out at: http://nopskids.com/live/

The topics ranged from hacking, forensics, how to catch hackers, and a little on how criminals sometimes get away with it. Although I didn’t give any tips on how to get away with a crime, other than DON’T DO IT, I did speak a little on some of the things that can be found forensically on a hard drive.  Actually, I think I only had time to talk about one thing (the Windows registry) for a few minutes and nothing of which that has any impact on a criminal using the information to get away with a crime.

The one thing I wanted to stress that even if every top secret, secret squirrel, spy and investigative method was exposed, criminals would still get caught using the very techniques they know.  Proof in the pudding is seeing cops being arrested for committing crimes.  You’d figure they would be the most knowledgeable of not getting caught, but they get caught. Same with accountants being arrested for fraud, and so forth.  I’ve even arrested criminals when they had in their possession, books on how not to get caught.   The most diligent criminal can be identified and arrested by simple mistakes made and sometimes by sheer massive law enforcement resources put on a single case to find a criminal or take down an organization.

With that, I learned a few things from the podcast too.  One of the moderators was actually a case study in my latest book (Hiding Behind the Keyboard).  To be an expert, to be knowledgeable, and to be more than just competent requires talking, listening, and sharing.  That doesn’t mean sharing trade secrets or confidential information, but it does mean having conversations to learn your job better.

When I worked as a jailer, I talked to every person I booked (at least the sober arrestees and those cooperating with the booking process).  I asked personal questions like, “how did you get started with drug use?” and “how did you start doing X crime”?  I learned a lot after hundreds of bookings.  I learned so much that when I make it to patrol and hit the streets, I had a big leg up on the criminal world, in how it worked with people.  That directly helped me in undercover work.  I spoke to so many criminals, both as a police officer and as an undercover (where they didn’t know I was a police officer), that I learned how to investigate people who committed crimes.  I was darn effective.

...
Continue reading
924 Hits
0 Comments

Behind the Keyboard - Enfuse 2016 Presentation download

I had the amazing honor of speaking before a full room at Enfuse this week.  This was not only my first time speaking at Enfuse, it was my first time at Enfuse. The conference was put together well.  Kudos to poolside event coordinator.  Those who know my forensic tool choices also know that I do not use Encase as my primary forensic tool.  However, I have a license for v7 and have used Encase since v4 (with sporadic breaks of use and licensing).

This year at Enfuse, I did not speak on any forensic software (or hardware) at the conference. I gave a snippet of two recent books I published (Placing the Suspect Behind the Keyboard and Hiding Behind the Keyboard).  I say “snippet” because one hour is not even near enough time to talk about the investigative tips in the books.  I was able to give a few good tips that I hope someone will be able to take the bank and boost case work.   I could spend weeks talking about investigative methods of not only finding suspects that are using computers to facilitate crimes, but also to place them at a specific device with both forensic analysis and traditional investigative techniques.   

After my talk, I received emails from some who did not or could not attend my Enfuse talk; I am providing my slidedeck for them and others who may want to see high-level notes from the Powerpoint slides.  However, I removed a number of slides that had personally identifiable information to avoid any embarrassment from Google searches and cases.  I did not get to a few slides in the presentation due to time (only one hour!), and I removed them as well.   Nonetheless, the meat and potatoes of the presentation is in the below PDF.

  

 

...
Continue reading
1119 Hits
0 Comments

When everyone's talking about it

When everyone's talking about it

The King County Library System asked me to present on cyber safety topics in a very neat program they have (“When everyone’s talking about it..”).  I have been giving two separate, but related presentations and both have been well-received by those who have attended.  Mine is but a small part of the KCLS program.  I have even attended presentations that I had interest  (like the presentation on drones!).  

For the most part, I have skipped over the basics in my presentations. There really isn’t much need to talk about “what is email” or “the Internet is a bunch of computers connected together”.  We all know that kind of information.  Rather, I have been giving practical advice on what to do right now to reduce the risk of having your devices compromised by hackers and reducing the risk of predators accessing your children online.  Every bit of information I talk about is real time applicable, from reducing your digital footprint to surfing the Internet while maintaining your privacy.  I even show how to use the Tor Browser and encrypted email!

In every presentation, I am seeing parents take notes furiously, ask serious questions, and show a genuine interest in online safety for their families and themselves.  For me, this is easy stuff.  I have already raised two kids in the digital age of Facebook and cell phones (hint: they survived, but still not easy).  And I have investigated cybercriminals (hackers, child pornographers, and others who have used technology to commit crimes).  That is the biggest benefit to attendees I try to give.  Cram as much pertinent information from what I know into an afternoon or evening presentation that can be put to use right away.  Free to anyone.

This is one of the few presentations you can step out the door and put the information to use before you get home.

But if you think this is just another Internet safety program, you are mistaken.  I go through how to use social media to help get (or keep) a job, get into (or prevent getting kicked out) of school for families and individuals, and reduce the risk of cyberbullying.  I show how easy it is for anyone to be a victim by clicking the wrong link or opening the wrong email along with ways to identify the dangerous links and emails. The term "Third party provider" takes on a whole new meaning to attendees when they are shown the ways their personally identifiable information (PII) can be stolen when stored on third party service providers such as their health insurance company or a toy company.

...
Continue reading
928 Hits
3 Comments

Tech Talk Can Get You Lost in Lingo

Tech Talk Can Get You Lost in Lingo

    Every career and academic field has its own “lingo” to the extent that a conversation buried deep in lingo sounds like a foreign language. I have experienced military lingo, law enforcement lingo, and technical lingo in my life to the point that I practically dream in acronyms, speak with words not recognized by Webster’s Dictionary, and instantly recognize the glazed-over look when speaking to an non-native lingo listener.

                The reasons for individualized lingo range from the coolness factor such “oh dark thirty”  in order to express time as ‘really damn early’ to efficiency such as using “HMMWV” instead of saying “High Mobility Multi-purpose Wheeled Vehicle”.  Many acronyms are spoken as works when gives an added effect of the listener not having a clue of what you are talking about.  For example, “I’m going to pick up a hum-v” means “I’m going to pick up a high mobility multipurpose wheeled vehicle”. Even in law enforcement, the acronyms can irritate the most patient listener if they are not in the club.

b2ap3_thumbnail_hmmwv.JPG

                There are two situations where lingo can get you killed, or at least make you feel like you are getting killed. One is in court. The other in your writing.

                Getting killed in court by lingo as a witness is painful. In fact, I’ve seen witnesses get physically ill as if the roach coach burrito eaten at lunch has suddenly reached its final destination in all its glory. Getting beat up on the stand by an attorney or judge is so unpleasant, that time actually slows to a stop and you wonder why you even got up that morning. Using lingo on the stand can give you a bad case of ‘why did I say that?” when being cross examined.

                I talk about lingo today, because I recently experienced one of the best cases of using lingo in all the wrong ways in a federal district court.  I gave my testimony first as the defense expert in a class action lawsuit, and spoke as simply as I could to make sure the judge understood what I intended to say. Then the opposing expert was called. One of the attorneys asked her a question, she answered, but her answer was not only complicated, it was complex, full of lingo, and I even felt a sway of arrogance. I barely understood what she said and took notes to make sure I got correct what she said.

...
Continue reading
1785 Hits
1 Comment