Archive

Category Archives for "Features"

Top 30 Privacy Blogs

With the recent unveiling of the intense Internet surveillance operation being carried out by the NSA, more people than ever are interested in keeping up to date on the latest laws, news, software, and other information related to maintaining privacy online. There is an immense number of blogs related to information security in all of its incarnations, so we have picked through the offerings to find you the best blogs that deal specifically with personal privacy law and technologies. These are listed mostly without any indication of which is better than any other and are instead separated into categories based on their focus. The focus of the blogs includes hacking methods, ways to protect yourself from identity theft, news on information security topics, and discussion about censorship and identity law.

 Privacy image by Sean MacEntee

Cream of the Crop

  1. The Privacy Blog – In a list of privacy blogs, one named The Privacy Blog would clearly seem to fit the criteria. Luckily, it is also one of the best in the genre for details on privacy in the technological world. Updates are posted weekly, and most of the content is original. This includes a podcast for those who would rather listen to news on the latest security threats. Content covers security technologies, opinions on privacy and hacking litigation, and news related to privacy threats and tools. Check out their latest podcast to get a taste of the monthly episodes.
  2. Electronic Frontier Foundation – The EFF is an organization dedicated to the defense of the right to privacy in a world where everyone from the hacker kid down the street to the government can snoop on you. Their Deeplinks blog includes almost everything related to privacy and personal rights with an impressive amount of content delivered daily. If there is news that remotely touches on electronic privacy – whether its copyright laws, government surveillance, hacker tricks, or even just swag – you can find it here, but the blog does have a marked legal focus. Check out this article on the issue of warrantless DNA acquisition.

Privacy on the Net

  1. The Online Privacy Blog – This blog is run by the company Abine, an Internet privacy software developer with products like DeleteMe and DoNotTrackMe. The content is a mix of news about online privacy laws, security breaches, tips for keeping yourself secure while using social media and other common online services, and press releases for the company. Two articles a week is the rough release schedule. Check out a report on the surveillance capabilities of Microsoft’s next console, the Xbox One.
  2. EPIC: Electronic Privacy Information Center – EPIC is an organization that provides information with a focus on online privacy, though they do branch out into related technological fields such as biometric data, drones, and other hot button issues. The majority of the site content is in their static information, but their news feed does provide short updates on current news and events. If you want to get a quick synopsis of privacy related news without excess analysis or reading, then their blog should come in handy. The rest of the site is also extremely valuable for its large amount of educational material. Check out their news report on a Supreme Court ruling on DNA privacy.
  3. WIRED: Threat Level Blog – WIRED is a site renowned for its news and insights into the world of technology, and their Threat Level blog applies the same quality of content to the dedicated topic of privacy and the law within the context of technology. Thanks to WIRED being a news organization, the tone of the articles stays more subjective than personal or company blogs, though opinion always bleeds through in writing. Check out this opinion article on email privacy law and the lack of protection that electronic communications receive legally.
  4. Freedom to Tinker – FtT posts focus on news related to technological privacy and law alongside a large amount of insightful commentary and opinion pieces. The number of writers is smaller than you will find on some bigger websites, while still being large enough to provide more variety of opinion than a single user blog and a decent update schedule. Check out this article from 2006 on wiretapping abuse and the NSA that foretells some of the recent privacy related news.
  5. ACLU on Technology and Liberty – The ACLU is a well-known American organization dedicated to the preservation of civil liberties in every form they take. Their blog is a robust and well-developed collection of useful and informational content on a variety of topics, and because of the volume of information they cover, the blog has several subsections to help those looking for information on a specific topic. For online privacy related news, the Technology and Liberty section is where you want to go. Check out this article on metadata to see just how important it can be in light of the NSA surveillance issue.
  6. Center for Democracy & Technology Blog – The CDT is an organization similar to the ACLU but with a focus on influencing policy related to the freedom to privacy and expression on the Internet. Unlike most of the above blogs, the CDT has a broad, worldwide view and will often discuss online privacy policy from nations other than the US. There is still more focus on American and EU news, but it is refreshing to get a glimpse of the world at large. Check out one of their weekly looks at global policy for news from Syria, Japan, China, Taiwan, and Australia.
'Eyeing John Marshall Law School' photo by Seth Anderson.

Photo by Seth Anderson

Privacy Law & Policy

  1. FCC Blog – The Federal Communications Commission is an organization with which most American are familiar due to its role in radio and television broadcasts as well as the Internet. As it is a government website, you can expect a lot of dry content and not so much in the way of unique viewpoints, but it is a good idea for Americans to stay abreast of an organization that influences their online privacy to a large degree. Check out this article detailing some of the consumer protection services the FCC offers.
  2. Privacy Law Blog – The Privacy Law Blog is managed by the Proskauer law firm, a group with a focus on international privacy law. The blog content does trend to US and EU policy and law. The topics covered are usually about informing about laws concerning privacy, patents, and security and updates to them. Though the release schedule is low compared to some of the others on the list, they still tend to release an article every week. Check out this report on the conundrum of when European privacy law applies to American companies.
  3. Privacy & Security Law Blog – The editors and contributors of this blog belong to the Davis Wright Tremaine law firm, a nationwide entity with over 500 associates. Their firm handles cases covering a wide variety of subjects, but the privacy and security blog is managed by their resident expert associates on the topic. Articles range from discussion on cybersecurity, discussion of data standards like HIPAA, and news related to changing laws regarding privacy and technology. Check out their report on a recently introduced federal data breach law.
  4. Law and Terrorism – Gregory S McNeal is a security specialist and university professor who has received national recognition by news corporations, Congress, the military, and other notable organizations. His blog only features content he writes himself, leading to a low update rate with articles that trend towards his focus and activities at the time, but this does mean the content covers topics that might not be the focus of other privacy blogs at the time. Check out his article on drones and due process to see the focus of his latest work.
  5. CERIAS Blog – The Center for Education and Research in Information Assurance and Security is an organization ran by several Perdue university professors and contributors. They broach topics ranging from the technical aspects of ensuring privacy in a digital world to the ethical, moral, and legal guidelines that govern the behavior of individuals and organizations when it comes to information privacy. The blogs content is updated one or two times a month, but every article is unique, lengthy, and full of useful information on security and privacy topics. Check out their objective look at NSA’s PRISM program.
  6. beSpacific – Most of the content on beSpacific is collected news and information about privacy, law, technology, copyrights, and finance. Rather than a blog to go to for original content, beSpacific is an amazing resource and repository for documents, press releases, and other articles in the topics it covers. Content is added daily, and on many days you will find up to ten new posts. Check out the main page. There is no better way to get an idea of the bevy of information hosted on the blog.
See ID - Photo by Bryan Rosengrant

See ID – Photo by Bryan Rosengrant

Privacy & Identity

  1. Privacy Rights Clearinghouse – The PRC is a nonprofit organization based out of California whose mission is to “engage, educate and empower individuals to protect their privacy.” The blog itself is not updated frequently, but the amount of information available regarding privacy concerns on the site in general is staggering. Check out this article for a few simple tips on keeping your privacy private.
  2. Bruce Schneier’s Blog – Bruche Schneier is an internationally renowned security specialist, a member of the board of directors of the EFF, and has published multiple books concerning security and cryptography. His blog content includes recordings of his speaking events, articles and opinions written by him, links to interesting security and cryptography articles, and important news on the same. All of his articles are well-cited and in a format that makes them both look professional and easily understood. His insights are great, and if you like his blog then you should definitely check out his published work. Check out his comparison of the privacy abuse of online companies to the Game of Thrones.
  3. Identity Theft Blog – The entire purpose of this blog and the other portions of its site is to educate people on the dangers of identity theft and how to protect themselves from those who would steal their information and put it to nefarious use. The updates are a bit slow, averaging two posts to the blog per month, but the extra content value in the rest of the site more than makes up for it. If you want to get educated on identity law, identity theft tactics, and how to protect yourself from identity theft, stop by this site. Check out this article showing how something as simple as filling in the information necessary for an insurance quote can give up compromising data.
  4. Spaf Blog – The Spaf Blog contains content written or reposted by Professor Eugene H. Spafford, an educator who specializes in digital forensics, privacy, and information security. He is also the founder and director of the CERIAS web blog listed in the above section. The original content is published roughly on a monthly schedule, but reposting occurs daily. There are over 5,000 article links on the over 500 pages of the blog. Check out the very first page for links to over a dozen high quality privacy articles.
  5. IdentityWoman – The alter ego of Kaliya Hamlin, IdentityWoman, is an intensely active force in the field of privacy information security. Her grammar and punctuation may not be perfect – meaning grammar nuts should avoid the blog – but it is to be expected given the busy schedule the super-heroine keeps. The content on the blog ranges from videos of her talks at various conferences (and “un”conferences), updates on notable privacy events, and her work in an astounding number of IT groups, consortiums, and organizations. Check out the collection of her speaking appearances for some good audio on user-centric identity.

Safety Awareness Week 2011 – NASA Goddard Space flight Center

Security

  1. Krebs on Security – Brian Krebs got into information security for the same reasons many people do these days: thanks to the attacks of hackers on his personal computer network. This sparked a long career of security writing for the Bachelor of Arts, including a long stint as a major security author for the Washington Post with several front page appearances. As far as the blog goes, it is one of the best for quality, the amount of information presented, and originality. The frequency is also very good for the general quality and being a personal blog. Check out his article on the Styx exploit package and the article detailing the story behind its creation and marketing for a look at the brazen offering of script-kiddie tools.
  2. 1 Raindrop – This blog, written and maintained by Gunner Peterson, focuses on security more from a business standpoint than it does on individual privacy and identity. The posts are long and informative, but they assume some familiarity with security issues and the technologies from which they derive. This makes it not so friendly to newcomers to the world of security, but it is more useful to those who want high level information. The blog is updated roughly three to four times a month with mostly original articles of notable length. Check out this article on mobile APIs and security, a useful and important consideration for any business.
  3. CERT – The US government’s Computer Emergency Readiness Team’s site does not officially call itself a blog, but the main page is comprised of time-ordered updates that keep you posted on the latest patches for notable applications like WordPress, Adobe, Java, and Google apps. The site should be on every CEO’s and CISO’s short list to check frequently to see if they happened to miss any important updates. They also occasionally post security bulletins and information from themselves and large IT companies. In addition to their tracking of security updates, the site features a number of resources on protecting yourself from online threats and general security information. Check out the National Cyber Awareness System, a springboard for links to information on security.
  4. Bleeping Computer – While the main page does feature a blog roll of updates and articles, Bleeping Computer is far more than just a security blog. The blog updates themselves are standard fare for a security focused blog, though the focus is clearly on education and teaching for people who might not be as tech savvy as some professionals or enthusiasts.  Once you have gotten your daily update, swing over to the forums and other information resources to get help on understanding and fixing computer problems ranging from security issues to day to day malfunctions. A great overall resource for computer users of all skill levels. Check out their guide on how to remove a tricky bit of disguised malware that disguises itself as antivirus software.
  5. Malware Don’t Need Coffee – While the writing style is haphazard and points to someone using English as a second language, there is no better blog out there if you want to know everything there is to know about the latest malware and exploit kits on the streets. The posts are extremely tech heavy, so less savvy readers will likely need to do additional research when reading. Posts come roughly every two weeks, but they are loaded with content and worth the wait. Check out this detailed and lengthy article on the ransomware called Urausy.
  6. InfoWorld’s Security Articles – InfoWorld is a news site, similar to Wired, which focuses on everything technology. Just like Wired, they also feature a dedicated section for security related articles. As with other news sites, you can expect frequent updates and original content with a more neutral tone overall. You can also branch out from security related articles into general technology news when you finish getting updated. This is a great resource to keep on hand and check daily. Check out this article on bug bounties, the new method larger IT companies are using to hunt down security vulnerabilities in their applications.

Company Blogs

Most of these companies function in the Information Security world in some form or fashion. They usually maintain fairly decent blogs as a way to generate site traffic, keep their users informed, and to increase their appearance as “leaders” in the field. You do have to watch out for product placement in some of them, but they are self-motivated to provide good and reliable information that keeps people coming back.

  1. Fortinet Blog – Fortinet is a company that produces physical and virtual firewalls alongside other network security equipment and applications. The blog sees regular contributions from five different writers, keeping things both fresh and current. Article topics are typically educational pieces on malicious IT attack forms, patch updates for major IT organizations, and security and privacy related news.Check out this post on how to determine if a seemingly innocuous email in your inbox might just be a phishing attempt or other scam.
  2. FireEye Blog – FireEye is an Information Security company with a focus on antimalware applications, penetration testing, and overall system protection. Their blog focuses on the latest trends and tools in malicious cyber activity, and there is a definitive slant towards tech-heavy articles. A great resource, but those less inundated in the world of IT may have to spend some time with Google to get the full value that the articles represent. The speed of their updates is a bit slow for a company blog, averaging two to three posts a month. Check out this informative post concerning a Trojan that recently swept across Asia.
  3. Kaspersky Blog – Kaspersky is most widely known for their antivirus and antimalware applications. There is a bit more “Yay Kaspersky products!” in this blog compared to some of the other companies, but it still manages to get balanced out by the actual information. Check out their article detailing the dangers and costs of employees misusing networked devices while on the job.
  4. SANS Securing the Human – SANS is a company that works to increase security on what is most often the biggest weak point in a network, the human user. On their blog, you will usually find articles relating to attacks that attempt to take advantage of the user, such as phishing attempts and other social engineering scams. They also have a monthly newsletter full of extra material. Check out their look at passwords, one of the biggest mistreated tools in keeping things secure.
  5. TrendMicro Blog – Like Kaspersky, TrendMicro focuses on malware detection, prevention, and removal software. The blog itself tends to focus on preventative measures against malware and other security related issues. The update schedule is fairly slow for having multiple writers, but there is no rehashed content. Check out a post on the dangers of media overflow when it comes to your pictures and other digital information that ends up stored on the Internet, forever.
7

The 45 Best Forensic Tech Blogs

Forensic technology encompasses a wide range of fields and technologies and is often used, with some controversy, in criminal trials. The blogs below examine forensic tech from all angles, from professionals active in the field, to journalists covering the impact and evolution of forensic technology, to skeptics concerned about the ramifications of junk science being labeled as forensic science being used to convict in trials.

Forensic Science

West Midlands Police Forensic Science Lab - Photo by West Midlands Police

West Midlands Police Forensic Science Lab – Photo by West Midlands Police

  1. Anti-Polygraph BlogOpened: April 2006 with regular updates in the last few years. Style and Focus: Detailed and supported articles about the ways in which polygraph tests are used and abused, information about the deficiencies of the technology, and news. Also very active on Twitter. What to Read: Polygraph Countermeasures: What Polygraph Operators Say Behind Closed Doors, for a glimpse at the concerns even polygraph operators have with the reliability of the technology.
  2. Zeno’s MonthOpened: July 2004, with biweekly or monthly posts since then. Style and Focus:   Much more of a personal blog than an informative one, this blog, run by a forensic scientist, touches a bit on his work and life. Expect vacation adventures to be mixed in with news and conference details related to the forensics industry. What to Read: October 2012: Some Challenges in Digital Evidence, for a glimpse at what forensic science was concerned with and preparing for in late 2012.
  3. FSN: Forensic Science NewsOpened: April 2008 with post frequency varying but highly active since then. Style and Focus: This frequently updated blog provides opinionated responses to news and events related to forensics from the point of view of a professional forensic scientist. Well written and timely responses to criminal cases and forensic news and advances. What to Read: Institutional Bias Examined, for a great introduction to how insidious institutional bias can be and some thoughts on how it plays out.
  4. All About Forensic ScienceOpened: May 2012 with fairly regular posts each month. Style and Focus: Despite the busy look of this site, it contains a wealth of information for individuals looking at entering the field of forensics. Regular posts focus on information relevant to potential forensic students or those with a casual interest. Posts are short and sweet but informative. What to Read: Mathieu Orfila, for a wonderful brief bio on one of the forefathers of forensic medicine.
  5. UF Forensic Science BlogOpened: March 2012, fairly consistent with bimonthly posts. Style and Focus: This blog provides its readers with reasonably fascinating posts covering different types of forensic science along with forensic analysis in the news. Not the most frequently updated and the author is not a native English speaker (and it shows in the writing), but it is worth a gander. What to Read: Untying the Knots, for a quick and dirty overview of the importance of forensic knot analysis and the rarity of such expects (with a link for more information).
  6. Forensic Odontology: Bitemark EvidenceOpened: January 2011 with regular updates about once a week since. Style and Focus: With a minimalist look and easy to navigate interface, this blog welcomes readers to explore the world of bite mark evidence, with a focus on educating readers to the potential negative legal ramifications of relying on it as evidence. The author is a highly experienced professional forensic odontologist, with plenty of background to provide invaluable expertise to the posts. What to Read: Ted Bundy Bitemarks and Richard Milone: How DNA, bitemark research and failed cases have changed bitemark analysis, for an examination of how these high profile cases used bitemark evidence questionably and how it is used today.
  7. Forensic DNA Testing Blog Opened: December 2007 with irregular posts since then. Style and Focus: This blog allows posts from both DNA Diagnostic Center staff and clients that concern forensic DNA testing. While DDC moderates the posts, the authors can vary and thus the style of writing as well. The blog is easy to navigate and contains a wealth of information for readers interested in keeping up news, advancements, and case studies involving forensic DNA. What to Read: New DNA Test Predicts Eye Color, for a quick article introducing a new advancement in forensic DNA analysis – the ability to predict eye color from samples left at crime scenes. Not strong enough as a sole source of information, but an asset to an investigative team.
  8. Forensic AstrologyOpened: July 2007 with irregular posts that appear at least once a month since. Style and Focus: Admittedly, this site is a bit of an outlier amidst genuine scientific research blogs and companies and the site reinforces this general feel with its dark background and starry banner, but the information presented makes for an interesting read. The author has a 30 year background in utilizing astrology to analyze case files with an eye for forensics and provides detailed case file information, often sent in by readers, as well as the process by which astrology is used to hunt for new details in the case. Even if you do not buy into the premise of astrology, the blog is worth a look. What to Read: Shemika Cosey – Young Lady Leaves Her Aunts Home and Disappears, for a typical case study that details the process of forensic astrology and paints a narrative of what might have happened in this disappearance.
  9. GunSim Ballistics Blog Opened: March of 2009 with irregular but generally biweekly posts since then. It has slowed a bit recently. Style and Focus: No-nonsense style reminiscent of the early days of the internet, this blog’s pared down appearance suits the straight forward information it provides to readers. It focuses specifically on technology and software used in ballistics testing with helpful tips on getting the most out of it, news, and more.  What to Read: Zero in the warm, shoot in the cold, for a quick look at how ballistics information can help improve cold weather sharpshooting.
  10. Empirical Legal Studies Opened: February 2006 with regular and frequent posts ever since.  Style and Focus: Another early internet era styled site, this collaborative effort was founded by a group of professors from a few different Law Schools with the intent to bring together empirical methodologies and legal theory. Posts can greatly vary in length, but are usually well-written and informative. They bring commentary to news, changes in legal policy, useful resources, and more. What to Read: Kahan on National Research Council critique of multivariate regression, for review of one professor’s concerns about the potential problems in research and how they influence policy view.

Forensic Medicine

Medical evidence collection - Photo by Army Medicine

Medical evidence collection – Photo by Army Medicine

  1. Forensic Science for NursesOpened: February 2011 with consistent weekly posts. Style and Focus: RN Patricia Bemis provides her readers with straightforward, to the point blog posts that give other nurses tips on how to preserve potential evidence, information on forensic nursing, and news related to the field. She also discusses the importance of keeping forensics in mind as a nurse of any stripe. What to Read: Evidence Collection in the ED, for a quick review of simple steps ED nurses can take to preserve potential evidence.
  2. Digital Pathology BlogOpened: Active since 2007. Style and Focus: More like an information hub than a typical blog, this site features regular posts from experts in digital pathology on news, advancements, cast studies, and educational information. The site is a bit busy, but easy to navigate and features a lot of resources for those with an interest in the field. What to Read: The Anxiety of the Biopsy from NY Times Health Blog, for Dr. Kaplan’s response to a NY Times article on the mental health effects biopsies can have on patients.
  3. Forensic Medicine with Dr. Cox Opened: Started September of 2009 with semi-sporadic posts, generally once a month. Style and Focus: While sporadically updated, this blog is nevertheless a wonderful resource for those with an interest in forensics, particularly with a medical bent. Written by professional forensic pathologist and neuropathologist, Dr. Cox, each post is designed to inform and instruct readers on an aspect of forensics. Often, the blog posts are short introductions to longer papers linked in the post. What to Read: Human Skeletal Remains – An Introduction to Forensic Anthropology, for an introduction to a well-written and informative article introducing readers to the important concepts in forensic anthropology.

Forensic Museums and Historians

Forensic Anthropology Lab - National Museum of Natural History - Photo by Leticia (Tech Savvy Mama)

Forensic Anthropology Lab – National Museum of Natural History – Photo by Leticia (Tech Savvy Mama)

  1. Crime Museum’s Criminal Convictions BlogOpened: February 2009 with consistent weekly posts since. Style and Focus: This blog is run by a museum and readers can expect highly entertaining, detailed, and well-written posts covering crime, criminals, and forensics. Recently, they posted the story of a potential real-life inspiration for the American mythical hero the Lone Ranger. The site itself is well designed and easy to navigate and offers readers more than just a lively and engaging blog. What to Read: The Vidocq Society: ‘The Heirs of Sherlock Holmes’? A glimpse into first real life French undercover detective agency and the fascinating character who helped found it, former criminal reformed into detective, Eugene Vidocq.
  2. The Writer’s Forensics BlogOpened: May 2009 with regular posts since. Style and Focus: This blog’s intended audience is writers who want realistic, informative advice and information on forensics. It includes general writing advice, like how to make your first few pages shine, and detailed information on a whole range of forensic science. A fascinating read if you have an interest in forensics at all. The design is clean and easy to navigate, with lots of resources and great organizational tools. What to Read: Connecticut Massacre Not New, Just Disturbing, for a quick and dirty guide to the assorted classifications of multiple murderers and real-life examples of such.
  3. Jen J. Danna ~ Forensic Crime WriterOpened: April 2011 with regular posts since, generally updated Tuesday evenings. Style and Focus: Another writer’s blog, this one expands beyond simply advice for authors, it chronicles this author’s journey in writing, provides information on research, writing processes, and the path to publication. She also does an excellent job in covering forensic science and how it can be effectively used in writing. She has a particular focus on forensic anthropology. What to Read: Forensic Case Files: Cannibalism in Jamestown in the Early 17th Century, for a gruesome look, figuratively and literally, at some of the evidence illuminating the meal-times at Jamestown colony, courtesy one 14 year old immigrant.

Computer Forensics

Digital Recovery Storage for Child Online Safeguarding Team in the West Midlands Police Dept.

Photo by West Midlands Police

  1. Computer Forensics BlogOpened: August 2008 with very frequent posts ever since, generally more than twice a week. Style and Focus: This highly active blog is a fantastic resource for any computer forensics professional or individual interested. They keep readers informed of product information, news, and events while also providing lots of tips and guides to improve one’s computer forensic tool bag. What to Read: Four Focus Areas of Malware Analysis, for an informative post briefly explaining one method of analyzing malware.
  2. Digital Forensics BlogOpened: November 2010 with sporadic updates, generally once a month. Style and Focus: While this blog isn’t frequently updated, it does provide excellent information and tips targeting other computer forensic personnel. The author provides advice born from practice, events relevant to the field, news, advancements, and more. What to Read: No Partition Table? No Problem, for a helpful post targeting newer computer forensic professionals who need a way around disks lacking partitions they need to mount.
  3. Random Thoughts of ForensicsOpened: February 2010 with posts generally updated once a month. Style and Focus: More of a personal blog than one designed to provide a great deal of professional advice and resources, it provides a glimpse into the journey of one student of computer forensics and includes his experiences with different forensics techniques and triumphs along with personal and professional experiences alike.What to Read: Tools in the Toolbox Mandiant Red Curtain, a quick and dirty overview of a free software for Incident Responders analyzing malware.
  4. Didier StevensOpened: June 2006 with regular posts from that point forward. Style and Focus: This is not a blog for those with a casual interest, it is full of technical details and step-by-step instructions designed to share ideas, tactics, and resources with other professionals.  Regularly updated and  on a wide variety of related topics, this is a highly useful tool for any computer professional interested in forensics. What to Read: Quickpost: TeamViewer and Proxies, a quick and dirty how-to post.
  5. Windows Incident Response BlogOpened: December 2004 with very active and regular posts, at least one a week, frequently more. Style and Focus: This long running blog is focused on providing resources to professionals involved in computer and digital forensics with Windows systems. Most posts are focused on explaining different analysis approaches or techniques, but it also informs readers of news updates, products, and events. What to Read: There Are Four Lights: The Analysis Matrix, for an explanation of analysis matrix and how it can be used to more effectively analyze data.
  6. Forensic Focus Blog Opened: November 2007, generally updates often. Style and Focus: Focused on providing news and tools for other computer forensic professionals, this blog features well written and tool-packed articles, interviews with folks in the industry, news, reviews, and more. The site itself is slightly busy, but well organized and easy to navigate. What to Read: Generating computer forensic supertimelines under Linux: A comprehensive guide for Windows-based disk images, for a guide to the assorted solutions available to assist with creating digital forensic timelines with code files.
  7. Forensic 4:castOpened: January 2008 with regular and fairly consistent weekly updates. Style and Focus: This sleek and well-designed site offers its visitors a wealth of information related to digital forensics delivered in podcast format with discussions from a range of industry experts. They also run a regular newsletter that supplements the information provided in the podcasts. They also host the 4:cast awards to acknowledge great forensic tools, resources, and individuals in the field.   What to Read: How to do the worst job possible, presenting a very poorly written forensic report.
  8. Mobile & Technology eDiscoveryOpened: November 2006, with somewhat sporadic posts, but generally at least one a week since open. Style and Focus: While it doesn’t present the most elegant design ever, the blog delivers excellent content for readers involved or interested in digital forensics. It features regular articles on tools, best practices, resources, case studies, and more.  What to Read: Signal Strength and Distance, for a discussion on what cellular signal strength and distance is and how to discuss it in court.
  9. CSItechOpened: May of 2008, with bimonthly posts since. Style and Focus: The clean layout allows readers to focus on the content, which is focused on informing readers about newly developed tools and tactics designed to improve the computer forensics industry. Expect lots of reviews and guides on using new tech and practices. What to Read: Password extraction fun, for a good review of a program that can help uncover passwords on devices first responders need to access quickly.

Forensic Technology & Techniques

Fingerprint - Image by CPOA

Fingerprint – Image by CPOA

  1. Crime Scene TrainingOpened: December 2010 with fairly consistent, frequent posts. Style and Focus: This very well organized blog has been regularly providing advice, insight, product reviews, and more targeting any investigators who do any part of their work directly at the crime scene. Articles are informative and practically useful. What to Read: Avoiding Hazards at the Crime Scene, for a well-written, thorough, and extremely handy article for any forensic tech who goes on scene.
  2. The Truth about Forensic ScienceOpened: February 2010, with frequent and regular updates. Style and Focus: This blog targets DUI lawyers and criminal defense attorneys and helps educate its readers on the different types of forensic evidence that can be brought to a trial, with a focus on weaknesses and defenses against them. The blog is authored by a highly respected criminal defense and DUI attorney. What to Read: Limitations of Forensic Odontology, for an overview of the problems with forensic odontology.
  3. The Hacker Factor BlogOpened: November of 2006, with fairly regular posts at least once a month since then. In the last two years, it has trended towards weekly updates. Style and Focus: This blog is a treasure, with entertaining and informative posts that are often designed to generate discussion amidst the readers. The primary focus is on the tools and techniques designed to help computer techs of all sorts, but it occasionally drifts into completely unrelated but often fascinating territory.  What to Read: Chasing Rainbows, for a really fascinating article discussing super-senses.
  4. Forensic MethodsOpened: August 2009 with sporadic but fairly regular posts since then. Style and Focus: The layout of this blog makes it feel more like a digital magazine than a traditional blog, and its posts take a non-traditional spin too. Some are simply quick Twitter updates; others are snippets of a great article found elsewhere with a shortened link to the primary article. Still, the original content here is not to be missed; the articles are well-written and informative and often offer a behind the scenes glance at the writing process. What to Read: Digital Forensics Magazine: Big Brother Forensics, for an article on an article, also a brief introduction to the potential ramifications of geo-location technologies.
  5. Forensic ResourcesOpened: July 2011 with frequent posts, often more than once a week, since then. Style and Focus: A sleek and well-written blog providing detailed information about forensic science, including techniques, news, legal issues, and advancements. It caters primarily to attorneys based in North Carolina, but is a worthy read for anyone who needs to increase their armchair knowledge of the science. What to Read: Improving Arson Investigations, a resource-filled article pointing readers towards new developments in science that shook up fire investigation.

Cold Cases & Wrongful Convictions

  1. Defrosting Cold CasesOpened: November of 2009 with prolific posting habits, though slightly slower in recent months. Style and Focus: The blogger clearly cares about justice for victims who have been left behind by time. Posts are frequently focused on bringing light to cold cases that may have been gathering dust, telling the stories of the victims, and sharing information about the crimes. The author also focuses on wrongful convictions and forensic information that may help solve some of these cases. The site is beautifully designed, easy to navigate, and the articles are well-written. What to Read: In Loving Memory: Jimmy Stanaway, for a heartfelt memorial to a cold-case victim, providing a personal face to a dusty file.
  2. The Wrongful Convictions BlogOpened: It’s hard to pinpoint the open date of this blog, but it is currently highly prolific, with often multiple posts in a day. Style and Focus: Informative, well-written, and prolific, this blog features a panel of expert authors from a variety of backgrounds to bring readers the latest in news about wrongful convictions, including forensic analysis changes, case studies, legal changes, and more. The site is a little difficult to navigate, as it lacks a proper archive; users can search, or sort through categories to find what they are after. What to Read: Calculating Bad Math’s Contribution to Wrongful Convictions, for an interesting analysis of how a judge or jury’s failure to comprehend mathematics might lead to miscarriages of justice.

Fraud & Crime Blogs

Fraud Tech on a $20 - Image by Jack Spades

Fraud Tech on a $20 – Image by Jack Spades

  1. The Fraud Files BlogOpened: November 2005, with prolific and regular posts since. Style and Focus: This blog is focused on fraud of all kinds, from small to massive, on a national scale. Expect lots of links to related information, quality writing, and informative posts. What to Read: MckMama House Fire is Not Suspicious In the Least.
  2. Expert Witness BlogOpened: March of 2007, with near daily posts. Style and Focus: Most posts are very brief and present readers with information about what expert witnesses are testifying about in trials around the nation. Some posts focus on preparing witnesses for trial, news, or other relevant information. What to Read: Environmental Health Expert Witnesses & Hanford Nuclear Reservation, for a typical post example.
  3. Grits for BreakfastOpened: January 2004, with highly prolific and regular posts since then. Style and Focus: A very well-respected blog focused on Texas criminal justice. The author has been recognized for his excellence from a number of Texas newspapers, organizations, and other criminal justice bloggers and even won a handful of awards over the years. Except quality writing, well-researched content, and no-nonsense (and often contrary) opinion delivered near daily. What to Read: A forensic science ‘blockbuster’ and limits of accreditation, taking a glance at several forensic science news articles and points to the shaky ground some forensic data is built upon.

Forensic Anthropology & Psychology

Bones in the Monasterio de San Francisco, Lime, Peru. Photo by Phil Whitehouse.

Bones in the Monasterio de San Francisco, Lime, Peru. Photo by Phil Whitehouse.

  1. Forensic PsychologistOpened: April of 2007, with at least a post a week consistently since then. Style and Focus: The site itself is a little aged, but that has no impact on the quality of its contents. Blogger Karen Franklin, Ph.D. is an experienced forensic psychologist and adjunct professor who has served as a criminal investigator and legal journalist. She has the chops and the ability to write effectively about what she knows. Her posts cover news, resources, case studies, methodologies, and more in the fields of criminology, forensic psychology, and psychology law. What to Read: Beware “voodoo” brain science, for an examination of some of the controversial claims made by proponents of brain imaging as a way to distinguish potentially dangerous traits in an individual.
  2. Mind HacksOpened: November 2004 with consistent and prolific posts since. Style and Focus: Clean design with easy navigation introduces readers to a site loaded with information presented from very prolific bloggers. Posts focus on the fascinating world of neuroscience and psychology. Well-written responses to news articles, explanations of weird brain quirks, neuroscience history and notable figures, and much more can be found here. What to Read: A brief history of narcoanalysis, for a fascinating introduction to the use and history of the administering of ‘truth drugs’ to elicit supposedly truthful confessions.
  3. Smith ForensicOpened: September of 2004 with consistent and prolific posts since. Style and Focus: This blog offers a simple, clean style and easy navigation with a focus on forensic pathology as presented by blogger Harold Levy, a Toronto Star investigative journalist who gained an interest through his reporting on once famed doctor Charles Smith. His blog examines flawed pathology and delves into the cases they impact around the world. He also examines junk science and its impact in criminology broadly.  What to Read: Marvin Wilson: How Texas is using literature rather than scientific methodology to kill a clearly retarded man – to circumvent the U.S. Supreme Court. – For a heart-rending examination of an abuse of the justice system, forensic science, and one man’s life.
  4. Bones Don’t LieOpened: Style and Focus: Written by mortuary archaeology and bioarchaeology graduate student Katy, this blog shares her discoveries, like a recent dig in Oakington containing the burials of over 100 Saxons. She also writes about forensic techniques, archeological history, news, and more on a blog that is beautiful and easy to navigate. What to Read: Displaying the Famous Political Dead, for an interesting glimpse into the practice of preserving the notable dead for public display.

Forensic Companies

  1. Forensic Technology NewswireOpened: April 2009 with frequent but irregular posts. Style and Focus: Their style is much more like a newsfeed than a personal blog, they keep readers up to date on how their products are being used and received around the world, as expected from a company blog, but they do so with solid and informative writing.  What to Read: CSI: Miami & Real Forensics: We Won’t Get Fooled Again, for a post examining the relationship between CSI and real life crime solving.
  2. Forensics Blog (BCIT)Opened: July 2010 with consistent weekly posts since. Style and Focus: A simple interface greets visitors in this Forensic Institute’s blog focused on forensic education, Canadian forensics, news, events, and advancements in forensic science. Most posts are short and sweet. Those local to the area will also find timely related job postings and course updates. What to Read: Forensics’ Grad Bringing Backpacks to the Homeless, for a lovely quick bio on a recent BCIT graduate doing good for her community.
  3. The Forensic GroupOpened: Style and Focus: Clean and straightforward writing designed to inform and educate readers on the methods and developments in computer forensics tactics and technology. Some news and events are introduced as well as case studies. Clean interface but somewhat difficult to navigate. What to Read: Computer Forensic Artifacts: Windows 7 Shellbags, for an informative introduction to how Win7 Shellbags can be used to trace activity and contents in computer forensics.

Forensic Imagery & Artists

1940 Mugshot - Image by Lisa Bailey

1940 Mugshot – Image by Lisa Bailey

  1. Four And SixOpened: June 2011 with regular posts, about one a week, consistently since day one. Style and Focus: Four and Six offers its readers a clean style with useful posts ranging from image forensics techniques to thoughtful posts on ethical treatment of imaging tools and news and information related to image tampering.   What to Read: The Case of the Pole in the Middle of the Road, for a nifty inside glimpse into what photographic forensic investigation.
  2. Forensic Video and Image AnalysisOpened: September 2007 with consistent and prolific posts ever since. Style and Focus: An absolutely fantastic resource for anyone who is involved or interested in image forensics, this highly active blog provides readers with information or resources on tools, software, product reviews, technique basics, image forensic cases, educational opportunities, and a mix of personal insight. Very informative, well-written, and easy to navigate. What to Read: Learn new Photoshop features in a click, for an introduction to a free and handy tool available to improve your Photoshop CS6 experience.
  3. Ask a Forensic ArtistOpened: January 2010 with regular and prolific posts since. Style and Focus: This well-designed blog is a great tool for other forensic artists, those who want to be, and those who are just simply fascinated by the process. It includes techniques, news, educational opportunities, fascinating interviews from other forensic artists, and more. What to Read: The “Pencil Trick” for Edentulous Skulls… Debunked, for a great breakdown of what the pencil trick is, and why it doesn’t at all work as it is supposed to, with photographic evidence.

 

Solitary Confinement in the United States is Worse then Iran [INFOGRAPHIC]

EMBED THIS INFOGRAPHIC ON YOUR SITE

(use this code to ensure proper source attribution)

PRISM: Everything you need to know [Infographic]

EMBED THIS INFOGRAPHIC ON YOUR SITE 

(use this code to ensure proper source attribution)

Working with People: An Introduction to Social Engineering

Humans are inherently social creatures who have developed a world strongly based on interacting with others. Just like the world of information technology, the human social protocols are a complex series of rules and guidelines for how people behave when interacting with each other, and just like any other system, there are methods to use and abuse it once you understand the rules that govern it. Social engineering is a broad subject, but in this article we will focus mostly on social engineering as it is used to gain access to social groups and sensitive information.

Social Engineer is one of the few blogs dedicated to the topic.

Photo by OUTography.com

 

What Is Social Engineering?

Social engineering is using the common tendencies of how people interact with others in order to gain information or a benefit of some kind. Effectively, social engineering can be referred to as the hacking of people. Before the Internet age, social engineering would more likely be referred to as conning, but the scope of social engineering’s applications goes beyond tricking people out of money. It is about causing people to act according to your wishes. Getting someone to say yes to a date is social engineering. So is getting your company a contract from a tough client. In regards to information security, social engineering is getting people to give up protected information.

A social engineering definition can be found here.

 

How Effective Is Social Engineering?

 

Even companies that place a high focus on securing their information networks can prove extremely vulnerable to social engineering attacks. DefCon, one of the largest hacking conferences in the world, routinely features a social engineering competition that has demonstrated over and over again that simple tactics can be used to get enough information to potentially do harm to a company. Position in the company also seems to have almost no effect on how susceptible a person is to social engineering; a big wig is just as likely to give up information as a cashier, but the big wig also usually has access to more pertinent info.

Social engineering is gaining attention for its insidious effectiveness, and is starting to get recognized in the media and the corporate world. Check out these news articles for an idea of how it is being perceived:

Smooth-Talking Hackers Test Hi-Tech Titan’s Skills – A look at DefCon hacking competitions, utilizing social engineering within legal boundaries to ferret out intelligence designed to weaken a company’s security.

Social engineering to blame in Syrian Electronic Army hijack of the Onion – The targets of these sorts of attacks aren’t always the ones you might expect, the Onion was a recent victim of a phishing scheme.

Facebook Social Engineering Attack Strikes NATO – Often, the targets are important, such as this attack against NATO. Every organization contains a human element, the target of savvy social engineers.

How a lying ‘social engineer’ hacked Wal-Mart – Many people are naturally biased to trust based on a set of subtle criteria; a tone of voice, a style of dress, even word choices can lead people to give credence to otherwise nonsensical ideas or situations, like this Wal-Mart store manager being duped into giving away company data in exchange for a non-existent contract possibility.

 

General Tips for Social Engineering

These are common guidelines and methods used by social engineers before and during any assignment on which they are working. These focus more on the preparation and mindset of the social engineer than the actual attack methods that are used.

Do Your Research

Take a look at this seminar on social engineering strategies.

Information is everywhere. If there is a topic you want to know about, you usually only need to glance at the Internet. Reading the news and press releases from a company can give you a firm background history from which to work. A social media site may give you insights into the temperament of a person or give you an idea of the social scene in which they operate. If you are trying to infiltrate a group or become closer to a person with any notable focus, then the Internet can be used to familiarize yourself with the topic.

Hackers may go above and beyond in this regard. If they manage to gain access to someone’s email account or messaging service, there may be records of conversations that can be used to mimic the person in electronic communications or learn about key topics that anyone on the inside should know about.

Look the Part

Photo by Viktor1558

Imagine for a moment that you are watching a movie set in modern times and focused on the happenings in a government or business office.  If there was someone dressed in jeans and a hoodie in the middle of a meeting of executives or elected officials, you would likely immediately feel the character was out of place or at least question why they were there. The same holds true whenever you want to interface with another social group, whether it is a company or a club.

Also worth noting is that looking professional – wearing a nicely tailored and well-kept business suit – can generate an obscene level of trust in your social interactions. The suit conveys a lot of subtle messages: this person is a successful member of society, they likely have money, and you can trust then a bit more than the average person. You may not gain complete trust and unlimited access, but the difference between the trust levels shown to someone in a suit and someone in casual clothing is palpable.

Learn to Read People

This article gives you a glimpse into the advancement of research into the integration of robotics and emotions.

If computers are getting to the point that they can recognize and react to the emotional displays of people, then there is no reason that a person should not be able to better do the same task. Taking the time to read on facial expression theory and other psychological articles can help point you in the right direction, but the only way to really learn is to go out and talk with people. Doing this with new people consistently will also give you practice on learning how to pick up the subtleties in a new person’s expression and tone.

Backup Your Backup Plans

Just having an idea of how to work a plan does not mean you should ignore contingency plans. Even if a failure in one portion of a plan only leaves breaking off the attempt, you should be prepared for the possibility and have a clear idea of how you will break it off. This is not going to eliminate having to think on your feet, but having a guideline for your actions can mean the difference between a smooth response and something haphazard that sends the wrong signal.

Strength in Numbers

Unlike the world of open conflict, more numbers on the side of the target can be a firm advantage. Working your way into a small firm can be a dogged task, but it can be easy to turn into “just another suit” at larger offices. It is almost always easier to work your way into social situations when the target has a larger number of people involved.

Take the Time to Do It Right

If you were to take movies and shows as fact, you would think social engineers waltz into a business with a suit and savvy and somehow manage to make their way into the confidence of the boss or gain access to sensitive areas within a few minutes. A real social engineering effort may take weeks or months to accomplish properly.

 

The Social Engineer’s Toolkit

Photo by _sarchi

A number of techniques have become common practice for social engineers. The list here is not exhaustive, and the variations on these techniques makes covering them all a task better suited for a textbook.

Phishing, Vishing, and SMiShing

This rainbow of techniques is typically meant to refer to scenarios where the attacker poses as a person or service the target already knows via electronic communications. One of the most common phishing emails is one that mimics the company’s style and email address while telling the target that their account has been locked out due to potentially malicious activity. A link is supplied to the target to reset their password. The site looks like the company’s to the smallest degree, but the reset instead sends your old and new passwords to the phisher.

The delineation between the terms is based on the attack vector. Phishing is done through the computer, vishing is done through the phone, and SMiShing is done through text messaging.

Pretexting

Pretexting is the art of constructing a scenario in which the target is more inclined to go along with the wishes of the attacker. The most common example of this in action might be taken from the ways people try to convince traffic cops to not give them tickets: “My friend is in the hospital”, “My wife is delivering our baby”, or “I’m on my way to stop the love of my life from getting on a plane and never coming back.” In the movie Live Free or Die Hard, a character uses the pretext of his grandfather in the hospital to get an OnStar agent to activate a car he wants to steal.

There is always a host of information for any company that is not considered protected, but social engineers can piece these bits together to create the façade that they are a member of the company or an associate. For example, instead of just sending an email to the tech support desk for a password reset, a social engineer might send it directly to one of the IT staff members with a message stating that there is a vital report wanted immediately by a big name at the company on that computer, and you need your password reset immediately.

Sex Appeal

When dealing with a pretty face, a person can become distracted and lose focus on the things that matter. Not every social engineer will be a model, but you can expect the ones that have been favored with good looks and charm to use the advantage.

Tech Support

Most people simply have no idea what is going on with their computers beyond interfacing with the applications they use to work. Computers also have an unfortunate tendency to break down due to misuse or just over time. In larger companies, it may not be uncommon for the IT department to be behind on fixing all the computer issues that are active. By masquerading as tech support, savvy social engineers can troubleshoot for the employee while also placing themselves in a trusted position to ask for personal information like passwords.

The Indirect Approach

Coming up to a person directly and asking them about secure, private topics may immediately trigger warning signals. If the social engineer instead approaches a person via a secondary topic and befriends them, then later probing for the information has a higher chance of success due to the longer time for which trust has developed. As an example, if the target is an avid golfer, then a social engineer might find a way to arrange for them to end up playing together. This would let the engineer strike up a conversation naturally due to the common event.

 

Spy Versus Spy: Counteracting Social Engineering

Photo by tr.robinson

It is nigh on impossible to stamp out the threat that social engineering represents even when utilizing proper security methods at a business or simply trying to avoid falling victim to it yourself. Much of the research and the supported methods for handling the threat of social engineering are to educate people on the dangers of it, develop security policies based on what needs to be protected, install Data Leak Prevention (DLP) software, and do penetration testing to get a real idea of the level of security in place.

Enforce Strict Information Release Policies

Both in your personal life and in the business world, sensitive information should be treated with respect and controlled properly. That does not mean you have to give someone trouble every time they ask  for personal information, but taking the time to double check that the person is who they say they are and that you can feel comfortable handing over sensitive information can be done with a high degree of trust.

Education

To use an analogy, the human minds that reside within a social group can be thought of as computers on that social network. Where you would patch a computer, you would educate a mind. The ways in which you can be educated are numerous: you could have an article on social engineering (like this one) made mandatory reading, make social engineering news part of your company newsletter, or hold a class every couple of months. At the very least, people should be aware of the information policy on which you decide. The patch may not take on every person, but you should at least try.

Data Leak Prevention Software

An up and coming type of software is joining the ranks of applications like antivirus and firewalls on the list of things any network trying to be secure should have: Data Leak Prevention (DLP) tools. The software can monitor data in storage, in use, or going over the network, and it can perform tasks like preventing the data from sending or triggering an alert if something is sent. This is limited to just helping to prevent social engineering mishaps on computer networks, but social engineers are likely to use a combination of methods to try and gain access to the most valuable information.

Penetration Testing

Just like your hardware and software, your people can benefit from penetration testing in order to ascertain their awareness of social engineering as a threat and the information security policies that protect from it. This usually requires the aid of an outside entity to get a proper simulation of an attack from someone currently outside the company.

Social Engineering Fundamentals: Part II: Combat Strategies – An article on preventative measures against social engineering from Symantec, a notable information security software company.

 

How Can You Use Social Engineering in Your Everyday Life?

You  may not want to con someone out of their account passwords or savings fund, but that does not mean that the methods of social engineering cannot find their place in your life. They can even be used effectively for altruistic purposes. For example, making new friends can benefit from the inclusion of social engineering information.

Social engineering as a way to gain access to secure information is a threat of which everyone should be aware. Like almost any form of science or technology, it can be used for good and for evil. Taking the time to learn social engineering methods is the best way to use them to your benefit and know how to defend against them. Unless you move to a deserted island with no technology, you are going to be subject to the designs of social engineering, so you may as well stay informed on the subject.

The Top 40(+) Private Eye Blogs

A great number of excellent PI and related blogs have fallen in the last few years, but there are still quite a few worthy of perusing. They are pretty evenly divided between a focus on other PI’s and educated potential clientele. Most of the quality PI blogs come from professional investigative firms, but some are from individual PIs. This list also includes interesting criminal justice blogs from the perspective of police investigators as well as detective and murder mystery oriented writing blogs, as they often pull heavily from real investigation and often contain interesting or useful information.

Photo by It'sGreg

Professional PI’s

  1. G.E. Investigations – This Arizona based private investigation firm run a blog that responds to news related to the industry, posts about wanted criminals and persons-of-interest, investigative tactics, announcements, hacking, and more. The blog is easy to navigate and well organized. Must Read: West Virginia Private Investigator Arrested for Illegal Wiretapping
  2. The Marriage Detective – A newly utilized blog for a professional detective agency, this blog focuses on partner investigations and the topics they post about reflect information that would be useful to a potential client. They offer national reference servicing and are sales oriented, but there is some good information in the posts. Must Read: 5 Myths About Private Investigators – What They Cannot Legally Do
  3. Diligentia Group Blog – This professional agency provides some excellent advice in this well designed blog, both for other private investigators and for potential customers considering hiring one. Frequently updated and easy to navigate. Must Read: 101 Things a Private Investigator Can Do
  4. AFX Search Blog – This Florida based investigative firm provides regular blog posts on of use to both potential clientele and other investigators ranging from different research strategies, to legal issues, and more. Must Read:  Asset Recovery – Dangers of delaying civil action until criminal cases are completed
  5. ICORP Investigations Blog – A newer blog run by a Florida-based investigative firm, they have started off strong with quality articles focused on informative articles on investigative methods and responses to relevant news. Must Read: Is Someone Recording This? It’s Harder to Find Out
  6. Orange County Private Investigator Blog – Full of useful information for people interested in doing their own investigation, including product reviews, practical skills, information about PI services, and general information. Must Read: Social Media: Your Private Life Made Public!
  7. JFA Brisbane Blog – Updates, advice, and stories from the trenches, this blog is written from the perspective of an Aussie licensed private detective firm.  A great resource for the prospective client or wanna-be investigator alike. Must Read: So You Think You Might Like To Be A Private Investigator? 
  8. Jan B. Tucker: The Detective Diary – Long-lived and frequently updated, The Detective’s Diary has been recognized for its quality before. Jan Tucker focuses on more than just PI topics; he’s also a progressive political activist and keeps tabs on topics important to hislocal area and national issues. You may even find a review of local venues or notices of interesting events tucked away here and there. Must Read: The Small Freaky World of White Collar Crime
  9. Private Eye Confidential – This California-based investigator keeps us updated on local news, personal stories, and fascinating history related to his area alongside practical tips for other investigators. Must Read: My First Domestic Success
  10. Handcuffed to the Ocean – Repeatedly noted as one of the best PI blogs around, this fantastic combination of well-told stories from real investigations and beautiful introductions to the beaches and dive sites he’s explored. Must Read: Spearman’s Barge
  11. Mass Private I – This blog’s focus is on issues of criminal justice and civil rights, and takes a watchdog stance on issues of state and federal government stepping over the boundaries of ethics and the spirit of law in their own investigations. Must Read:  NYPD’s rationale for stop & frisk quotas: some of their police officers are lazy.

Photo from Conner395

The Criminal Justice World

  1. Criminal Justice USA – This site illuminates its readers on a wide array of criminal justice topics with playful design and accessible writing. It regularly features infographs meant to quickly provide statistics in an easy to comprehend manner. Must Read: A Timeline of Police in the U.S.
  2. Tickle The Wire – This blog keeps its readers updated on the news and issues relating to federal law enforcement. Updated frequently and featuring a number of experienced columnists, it is a worthy addition to anyone who wants to get a feel for the national crime beat. Must Read: Column: The Justice Department’s Seizing of Associated Press Phone Records is Disgusting!
  3. Murder by Gaslight – A fascinating look into the crime of 19th Century America. It includes profiles, histories, stories, photographs, and resources for researchers. A great read for those who are interested in the history of investigation, crime writers, or historical crime aficionados. Must Read: The Legend of Lavinia Fisher
  4. Crime Magazine – All the stories about crime, historical and modern, that you could wish to read. Organized by type of crime, regularly updated, and very much worth reading. Helpful for investigators in studying case files to gain a greater understanding of how criminals operate. Useful for crime writers for inspiring the imagination. Must Read: Nixon, Sinatra and the Mafia
  5. Crime Library – This regularly updated blog shares interesting crime stories from all around the world, including the notorious and mundane, with insight into the criminal mind. An excellent resource for investigators learning more about criminal methodology or fictional crime writers looking for new ideas. Must Read:  The Definitive Rodney Alcala
  6. The True Crime Report – Keeping readers up to date on the latest unsolved crimes, homicides, sex crimes, missing persons, and my personal favorite category – douchebags. Regularly updated with quick and dirty updates on real crime, with links back to the original sources. Must Read: Carmen Wysong, Girl Scout Troop Leader, Steals Thousands in Cookie Money
  7. The Crime Scene – Updates on crime from the southwest Missouri region. Murders, missing persons, and your typical medley of hooligans and mischief. Regularly updated with fairly detailed accounts of each crime and links to further information on each case. Must Read: Oklahoma Cold Case Heats Up With Discovery of Three Sets of Human Remains
  8. My Life of Crime – Despite a rather busy format, this blog does an excellent job of keeping its readers up to date on criminal investigations, upcoming executions and trials, and notable sentencing. It features monthly themes and historical tidbits as well. Regularly updated with lots of linked resources relating to each crime. Not much in the way of personal perspective on each case, but lots of data.  Must Read:  Deadly Wives: Nancy Mancuso Gelber, true crime writer, tried to hire a hitman to kill her husband
  9. The Thin Blue Line – A UK based blog focused on issues relating to crime and criminal justice matters in the region. Regularly updated, well written and researched, with excellent analysis from professionals with experience in the field. Must Read: Contempt of Cops – The Thing End of the Wedge
  10. Constable Chaos – This UK policeman’s blog contains both criminal justice insights and some playful steaming off from a man behind that thin blue line. A recent post includes a picture and lyrics to a lively tune about policemen rounding up drunks on a Friday night. Another details the unexpected rescue of a Norwegian Blue parrot. Must Read: #GangnamPoliceman
  11. The Thinking Policeman – Opinion and updates about criminal justice matters and behind the scenes accounts from his peers still on the job are frequently seen on this retired UK police inspector’s blog. Issues are primarily relevant to his side of the pond. Must Read: Gadget Lives On – The iPhone Resolution
  12. Tales of a Public Defender Investigator – This blog is a fascinating look at investigative work done on the part of a public defender. Lots of useful tidbits in here, plus legal updates and events relevant to the industry. The color scheme leaves something to be desired, however. Must Read:  GANGS 101
  13. LAPD Blog – Any investigator in the LA area might want to keep up with the goings-on in the LAPD. This blog keeps readers informed about recent criminal cases, recruitment information, legal changes, and more. Must Read: Suspects Attempt to Lure Young Girls into Cars
  14. Bounty Hunter Discussion – All sorts of information useful for bounty hunters or private investigators found here, including product reviews and updates, news, tips and tactics, and practical business matters. Must Read: Judge in Favor of Private Bail
  15. Guns, Gams, and Gumshoes – This blog exists in a strange balance point between the writing world and the world of the working PI. It includes resources and information handy for PI’s and writers chronicling the adventures of literary private dicks. Must Read: Staying Legal in a Shady Business: When PIs Are Asked to Break the Law
  16. L.A. Noir – An enjoyable read, this blog is a combination of personal stories from a crime writer’s perspective and interesting tidbits from real-life crime stories in the LA area. Must Read:  The Dead Lady in the Water Tank Story Just Got Weirder
  17. Detectives Beyond Borders – Reviews of great literature, news about upcoming noir events, behind the scenes news about the writers in the genre, and more. Frequently updated, well written, and easy on the eyes. Must Read: “Ah refuse tae be victimized”: William McIlvanney and Glasgow patter

Photo by mark Coggins

Great Detective Story Blogs

  1. Guns, Gams, and Gumshoes – This blog exists in a strange balance point between the writing world and the world of the working PI. It includes resources and information handy for PI’s and writers chronicling the adventures of literary private dicks. Must Read: Staying Legal in a Shady Business: When PIs Are Asked to Break the Law
  2. L.A. Noir – An enjoyable read, this blog is a combination of personal stories from a crime writer’s perspective and interesting tidbits from real-life crime stories in the LA area. Must Read:  The Dead Lady in the Water Tank Story Just Got Weirder
  3. Detectives Beyond Borders – Reviews of great literature, news about upcoming noir events, behind the scenes news about the writers in the genre, and more. Frequently updated, well written, and easy on the eyes. Must Read: “Ah refuse tae be victimized”: William McIlvanney and Glasgow patter

 

International Private Investigators

  1. Crown Intelligence PI & Intelligence Services Blog – This is a company blog, so it is primarily focused on articles geared for potential customers. It discusses various tactics used by private investigators, how to pick a PI suitable to your needs, the role of investigators, and news related to the industry. Written in an accessible style with an easy to navigate format. Must Read: Things to Consider Before Hiring a Private Investigator
  2. PI Telegraph – This e-zine based out of the UK targets investigative professionals who are interested in free resources, relevant news, product reviews, and other tidbits that can help hone skills.  The design is elegant and the site is well-organized, making it easy to locate topics of interest. Must Read: How Much Should I Charge? Pricing For Profit
  3. Keynorth Blog – A professionally oriented blog from Canada reporting on changes to laws, professional development, and information that can be applied in the field. Must Read:  Primer on the Federal Administration Act, Asset Recovery, Reporting and Deterrence
  4. Bali Eye Private Investigation – This blog provides useful information on how to protect oneself and avoid scams as a potential client, and offers advice and tactics to other investigators. Based in Indonesia, it provides a unique perspective on private investigations in other parts of the world. Must Read: Dating Cons Games in Indonesia

E-zines, News, and Community Blogs for PI’s

  1. PIbuzz.com – This hub of information is made for and by private investigators. It features news important to the industry, product reviews, tips and tricks, and useful research links. The design is pretty clean and the site is easy to navigate and offers a newsletter. Must Read: Dynamic Internet Searching with Google Products
  2. PI Stories – Covering a wide range of stories of interest to the PI industry, including personal perspectives, responses to news, case studies, examinations of technology, and more. Long running and easy to navigate. Must Read: Parents Find Out About Their Daughter’s Death Through Facebook
  3. Fraud Magazine – Technological updates, headline responses, regular columns, professional development tips, product and book reviews, and much more are featured in this bimonthly magazine focused on white-collar crime and fraud examination techniques. Their articles are focused on providing actionable, practical information.  Must Read: Cyber-attack vector? Who, me?
  4. The Background Investigator – This is essentially an aggregate source of news relating to information gathering. It covers popular stories, national, and international news. The news is primarily focused on background screening but covers related topics as well. Must Read: Washington State Courts Office Suffers Data Breach

 

Advice, Tactics, and Resource Oriented Blogs

  1. PI Advice – A comprehensive blog designed to aid new and veteran P.I.’s interested in honing their craft. The blog features a minimalist style and includes podcasts, apps, and an online store with tools for investigators. The posts range from advice, to real-life stories, to product reviews, and more. Must Read:#58: Investigation Stories – The Lessons I Learned with a Bit of Luck – Part 1
  2. The Confidential Resource – As the title suggests, the focus of this blog is on providing useful sources and methodology for investigators and researchers.  It is well designed with a clean and modern look, easy to navigate, and searchable. Must Read:  The Cost of Investigative Internet Research
  3. BPI Security Blog – This blog is full of excellent advice from the field, practical skills development, and great information about the business of running an investigative services firm from the perspective of a successful firm. Must Read: Slight of Hand(lers)
  4. Title Search Blog – This blog is focused on real-estate oriented investigative work and news. It includes up to date legal information, news reports related to the industry, practical advice, and even videos with step-by-step instructions. Must Read: Case Law on Invalid Mortgages

Small Business Owner’s Guide to PCI Compliance

Information theft and the damage it can cause to consumers and businesses have been featured extensively in the news for most of the past decade as we move to an almost entirely online way of doing business. The usage of the Internet for business has changed the landscape of the commercial world for the better, but it does provide an avenue of attack that allows malicious entities to acquire sensitive data without ever stepping foot inside an office. For this reason, the PCI DSS was created.

Chances are high that, as a modern business owner, you at least have a passing knowledge of the need for PCI compliance. For those less technologically savvy or who do not have the time to read through extensive regulations, this need can seem like an unnecessary burden, both to your budget and your time. To help you at least become more familiar with the PCI DSS, this guide will give a high level overview of the purpose and requirements of the regulations and provide advice and resources for becoming PCI compliant.

Photo by eliazar

What Is the PCI DSS?

PCI stands for “Payment Card Information,” and the appended DSS often seen accompanying it stands for “Data Security Standards.” The PCI DSS was created by the PCI Security Standards Council, which consists of the five largest credit card companies: MasterCard, Visa, JCB, American Express, and Discover. Its intent was to establish a system for protecting payment card data which can be used for malicious purposes easily once it is in the hands of unauthorized persons. It details the baseline security procedures that companies who interact with payment card information should follow, assists in providing information so the companies can do so, and establishes penalties for noncompliance.

To Whom Do PCI Regulations Apply?

The PCI security guidelines apply to anyone who stores, processes, or transmits consumer payment card data. It does not matter if you run a restaurant, work from home, or have a small chain of stores. If you directly interact with payment card data in any fashion, even by just processing one payment, you are almost assuredly under the purview of PCI DSS. Even if you utilize a payment gateway or merchant account service, your business is responsible for adhering to the regulations as long as it interacts with the payment data in any fashion.

Steps to Adhering to PCI Guidelines

This is a general, step-by-step guide to becoming compliant with the PCI DSS. The PCI regulations themselves outline this process, though the sections are broken down a bit further. These steps do not address every action you need to take through the process. For the exact details on how to follow these steps, consult the PCI DSS version 2.0, available on the PCI security standards site. This especially applies to the more technical sections of firewall and encryption usage.

Photo by: Aman Deshmukh

Step 1: Install a secure firewall and establish good system passwords.

Firewalls are used to monitor and manage the network traffic running through a system. There are a number of free software firewalls available online, but a high quality, commercial firewall is typically going to be more secure. You can also opt for a hardware firewall for increased security.

Password policy is a simple security procedure that many people fail on regularly. A complex password system may be inconvenient, but when people use generic passwords such as “firstnamelastnamenumber,” “password1,” “qwerty,” or “abc123,” it becomes easier for rudimentary cracking programs to bypass this first level of defense and even makes it so an account could be accessed by an unauthorized user without the use of such a program. Passwords should be case sensitive and use a mixture of upper case letters, lower case letters, and numbers. They should also avoid common dictionary words and should not be recycled.

Step 2: Protect consumer data with encryption.

Data encryption renders a file virtually unreadable without a proper decryption key. Encryption technology has evolved to the point where, even if a hacker somehow accesses the encrypted data, decrypting the data is still a difficult task. The method is not foolproof, and you cannot store certain pieces of information even if you encrypt it.

Step 3: Consistently run and update anti-virus and anti-malware software.

Viruses and malware can find their way onto a computer through a number of seemingly harmless methods, such as installing a new program or browsing a website. Once compromised, an infected system may be more easily subjected to hacker attacks or the activity on that system, including network traffic that contains payment data, can be monitored remotely. The capabilities of these malicious programs are extensive, making the use of software to detect and remove them essential for information security.

Step 4: Maintain proper access control over sensitive systems.

Limiting the ability of unauthorized personnel to gain access to sensitive information is aided intuitively by limiting who can access it, both electronically and physically. With more people who can access the data through normal operations, the risk of a security breach increases. Payment data access should be restricted to specific user accounts based on need, and you should not utilize any group or public access accounts on sensitive systems. The physical access to the data should be limited as well and be situated in a secure and monitored area. Additional levels of access control such as managing user accounts, password cycling, secondary login verification methods like biometric data or access cards, and lockouts on repeated login attempts are also required.

Photo by: JermJus

Step 5: Monitor and test network security regularly

Keeping track of the systems which interact with sensitive data can be useful in determining intrusion attempts or discovering the source of a data breach. All activities should ideally be monitored, but the PCI DSS specifically calls for keeping logs of access attempts, creation of system-level objects, the activities of root and administrator accounts, any accessing of payment card data, and audit trails with specific attention paid to recording the time, outcome, origin, type, and effected components of the event.

Once all the security measures are in place, the PCI DSS necessitates a variety of regular testing procedures. Quarterly procedures include penetration testing performed by an Approved Scanning Vendor (ASV), scanning for unauthorized access points, and vulnerability scans. Extensive penetration testing is required at least once per year, and additional testing should be performed after any significant changes to your systems.

Step 6: Establish an information security policy

This is one of the more detailed and overarching requirements of the DSS. Put simply, it requires that your business has established operating procedures relating to information security. Obviously, part one of this policy is to ensure that your systems remain PCI DSS compliant. Other considerations include maintaining a list of approved electronic devices for your systems and clear information as to who and what the devices are intended. The responsibilities of “information security manager” should be assigned to an individual or group, which can be an outside security provider. These responsibilities include account management, educating personnel on information security procedures, and monitoring the company’s networks. Security procedures should be discussed with any third-party vendors the company uses, and a formal, written agreement should be composed. The plan should also specify when testing procedures should take place, and the plan itself should be subject to testing and scrutiny.

Also, bear in mind that the individual payment card companies may place extra requirements onto merchants. For example, this is a list of Visa’s requirements. While not too far off from the main PCI DSS, it is important to be aware of these requirements to avoid issues.

Penalties for Failure to Comply

While the PCI regulations are not enforced by law, the major credit card companies and banks level fines that are tiered to the volume of transactions a company processes. The exact amount of the penalty also varies based on a case by case basis, but they can range from $5,000 to $500,000. They may also continue fines on a monthly basis if non-compliance is not rectified.

Help for Becoming PCI Compliant

While the overall concept of becoming PCI compliant is fairly straightforward, the intricacies of actually adhering to all the various guidelines and regulations can be difficult for small business owners to handle, and it can often eat up the limited time of the fewer employees that the smaller companies possess. Enlisting the help of companies certified to validate and assist with PCI compliance is recommended by the PCI regulatory body and is required in some cases, such as the regular testing by an ASV made necessary in the regulations. QSAs (Qualified Security Assessors) can be used to verify that you are adhering to the PCI DSS.

Aside from the companies directly related to PCI compliance, the help of a Managed Security Service Provider (MSSP) is good practice for enhancing your general security and thus helping your systems to comply with PCI guidelines. These organizations are experienced in setting up information security functions for businesses and individuals, and utilizing them is often more inexpensive for small businesses who cannot afford to bring on several IT staff members just to handle information security. Many MSSPs can also function as QSAs, but it is better practice to use different companies for these services, even if it is not required to do so.

A report detailing some of the best MSSPs based on various criteria can be found here and the lists of PCI Security Standards Council approved QSAs and ASFs are located in the resource section at the bottom of this guide.

You can also engage in further reading with tools like the free PCI for Dummies ebook, courtesy of Qualys. This can be found on the web through various search engines.

Photo by: kchbrown

Is PCI Compliance Enough?

PCI represents a baseline level of security that should be adhered to by companies that handle sensitive data. While it may seem to be an unnecessary burden, information security breaches have been responsible for trillions of dollars lost through fraud and secondary expenses. Even if your business does not handle high volumes of transactions from a number of different customers, neglecting to properly secure your information systems can result in data breaches that put you and your customers at risk and do extensive monetary damage. It is in your best interest to take information security extremely serious and even go beyond the security standards set by the PCI DSS.

Helpful Resources

PCI Security Standards – The main PCI DSS site. It contains the regulations, supplemental information, links to certified assistant companies, and more.

Approved Scanning Vendors –  The official list of ASVs certified by the PCI regulatory body.

QSA List – A searchable database of QSAs certified by the PCI regulatory body.

PCI Compliance Guide –  A helpful reference for PCI compliance questions and information.

Emerging Managed Security Service Providers, Q1 2013 – A detailed analsys provided by Forrester of the most promising MSSPs.

Becoming ‘PCI Compliant’ If You Accept Credit Cards – A checklist of tasks for becoming PCI compliant from the BBB.

32

How to be a secret Agent: 101 Tools and Tricks to spy on your friends and family for under $100

Photo by: .:Mat:.

 

Rules of Engagement

On Laws and Home-Brewed Espionage

The laws regarding eavesdropping and spying on family vary on a state-by-state basis and in many cases the legality is not extremely clear. There are cases to support, for example, a husband using GPS  software to track his wife’s car without her knowledge or keylogging his home computer to spy on his wife without legal repercussion. Conversely, some have been convicted and jailed for keylogging family computers. Particularly with regard to information gathered with the intent to go to court, it is wise to seek legal counsel before beginning. Be aware that encouraging others to spy on your behalf using illegal methods, whether they are friends or professional investigators, may still leave you legally culpable. Play it safe and educate yourself.

On the subject of digital spying:

Keylogging has become a very popular activity for keeping track of your loved ones and colleagues. Be aware that it is a felony offense to be caught keylogging in the US. It is legal only if an employer has reason to believe an employee may be divulging trade secrets, when a company policy allows for workplace surveillance, if a computer user is clearly notified that their online activities may be monitored, or to track children’s activities online and protect them from predators and other risks. Use against a spouse is legally murky, as seen in the previous examples, and has the potential to land the spy in legal hot water.

Legitimate Cases for Becoming a Spy

There are a multitude of reasons people choose to spy on one another: parents keeping track of suddenly independent teenage children, spouses concerned with infidelity, or perhaps someone requires evidence that a friend has sticky fingers. Perhaps it is simply fun and games – a child play-acting as Bond, James Bond. Whatever the reason, it is important to examine motivations before engaging in spying. In many cases it constitutes a major invasion of privacy as well as being potentially illegal depending on the tools and strategies used, and many would view it as highly unethical. Be sure of what you are doing before you begin. For spouses who may be dealing with infidelity, particularly those with a lot of assets or prenuptial agreements on the line, espionage can be a highly effective means of ensuring smooth divorce proceedings should it become necessary. For parents, it is a surefire way to ensure a child’s online safety. In these cases in particular, the sense of security born from an unalterable truth may outweigh the ethical and moral concerns.

The Value of Social Engineering

Fortunately, there is a tried and true method of gathering information that is wholly legal and requires only a bit of charm and planning. Social engineering has gotten a lot of attention recently for its role in major hacking attempts, but it is equally useful to those seeking information. People are, by and large, inclined to be helpful to someone that does not appear alarming. Take some time to read up on social engineering in depth to make the most of it, here are a few books worth acquiring on the subject.

1)      Influence: Science and Practice by Robert B. Cialdini – This book is written in an approachable tone and combines research with experience as a salesperson to instruct its readers in the art of getting a ‘yes’. All about the power of persuasion. Offered on Amazon in paperback for $19.20 or on Kindle for $6.99.

2)      Social Engineering: The Art of Human Hacking by Christopher Hadnagy – This book, written by the man who coined the phrase ‘social engineering’, explains through personal experience, real-world examples, and the science that drives it, how social engineering works. It explains how to utilize social engineering and how to minimize risks associated with it. Amazon offers it for $19.12 in paperback or $18.16 on Kindle.

3)      What Every BODY is Saying: An Ex-FBI Agent’s Guide to Speed-Reading People by Joe Navarro – Written by a former FBI counterintelligence officer, this book instructs its readers on how to pick up on and translate non-verbal cues as well as how to maximize your own non-verbal cues to subtly influence people. Offered for $13.98 in paperback form on Amazon or $9.99 on Kindle.

4)      Introducing NLP: Psychological Skills for Understanding and Influencing People by Joseph O’Conner – This book is well known for its ability to effectively teach the subtle ways in which people can be influenced in the reader’s favor. Written in an accessible style with a clear progression from basics to more challenging concepts, it is considered one of the most definitive NLP texts available.  Offered for $10.28 on Amazon.com

Photo by: AJC1

On Tactics

Planting Devices

Private Space

–          Private places are the most likely to get you into legal trouble, so be aware before you start spying within businesses or private homes. You will need to pick a location that is extremely unlikely to be examined or disturbed by others but that is close enough to main activity centers to pick up useful sound. High shelves, beneath coffee and end tables, behind sofas and chairs pressed against walls.

Public Space

–          Placing a listening device in a public location is primarily about determining a place that will usefully return you interesting tidbits of conversation without being drowned out by ambient noise like the sound of traffic, the movement of people, and group conversation. Place microphones, if possible, as far from ambient noise sources as you can be and preferably in enclosed spaces.

On Your Person

–          Clothing often muffles the sound incoming, so hiding listening devices on the body can be tricky. You must balance sound quality with visibility. There are listening devices meant to be worn visibly and go unnoticed, meant to resemble buttons or Bluetooth devices. You can also transform your cellphone or similar electronic devices into spy gear and most people will never question it, given the commonality of having such a device at the ready these days.

Inside Things

–           Many listening devices are designed to pick up sound through vibrations, so can be safely tucked away within items that have a solid exterior. So long as the device is secured against the internal wall, it can detect and record sound from without. If the device in question can play sound, it will mask any other noise, so items like computers, stereos, cell phones, and TVs are useful to hide devices in but may occasionally interfere as well.

Social Engineering Strategies

5)      Dress well – People are much more inclined to be friendly towards someone who looks like they might be important or well connected. Dress the part.

6)      Be pleasant – Charm is disarming. Playful flattery of a casual nature, genuine attention, and a warm smile can go a long way towards making another comfortable enough to share information with you.

7)      Ask appropriate questions – If you are trying to find out, for example, if your wife is leaving work early it would make sense to ask a company receptionist about her hours so you could schedule a meeting with her. Have a suitable reason for wanting the meeting. Tailor your questions and background to the environment and your needs.

8)      Have a reason! – This follows up on the previous idea, but expands it to include accessing private journals or other personal items. If you wish to acquire something in a space you do not belong in, find a good, justifiable reason for you to be rooting around in there. If it is a child, bring them folded clothes to put away. A husband? Dust the shelves in his office. Make it an action that would not be out of place for your behavior. If you never clean, a sudden interest in dusting his things is going to create red flags.

Photo by: *Kicki*

Effective Camouflage

Personal Surveillance

9)      If you are intending to actively listen in, there is the chance that someone may encounter you. Dress appropriate to the environment you are in, and be prepared with a good excuse. Despite the title of this section, wearing –actual- camouflage is almost never a good idea.

Remote Surveillance

10)   Some of this has already been addressed in ‘Planting Devices’ but be aware that eyes may settle on your device. To increase effectiveness, it is best to conceal the device is possible. Some devices are already meant to appear to be something other than they are – a pen, an innocuous electronic device, a button, or similar. If you are hiding a listening device on a high shelf, consider hiding it within a junk book hollowed out.

Intelligent Preparation

11)   Target – Have a clear idea of who you need to speak to, or where you need to be, to obtain the information or items you are after.

12)   Goal – Know precisely what you are interested in obtaining. Fishing aimlessly is a sure way to stumble and raise triggers in other people. If you know what you need, you can determine the most likely avenue to acquire that information before you begin speaking. You gain control of the conversation before it begins.

Nifty Gadgetry

Audio & Video Surveillance

13)   USB Drive Voice Recorder – This useful little devices looks like a sleek USB stick, but has the added capacity to record up to 45 or 90 minutes of audio with a 15 hours of battery life. It recharges as soon as its insert into a USB port. It does not flash or have any visible notification when it is actively recording and it features incredibly simple operation. $$44.95 for the 4GB (45 minute) option from Pen Recorder Pro.

14)   2.5” HD Dashcam – Designed to affix to your windshield via suction, this camera records clear, quality images even at night. It supports Micro SD cards from 1-32 GB and charges while you are driving with an included cord for your cigarette lighter. It automatically begins recording when you turn it on and includes a date and time stamp (handy if the footage ends up in court proceedings). Just $99.00 from Proof Pronto.

15)   Wall Listening Ninja Spy Device – This small tool is designed to be pressed against a solid surface with the intent of picking up sound from the other side. It can ‘hear’ through up to 20cm of thickness and includes a built-in rechargeable battery and an audio jack. It comes with a headset, but you could also conceal the device within an object and connect it to an audio recorder with the right cabling. It costs $49.50 from DX.

16)   500 Meter Spying Transmitter and Receiver Set – This set includes a micro audio spying bug that can be concealed easily and transmits up to 500 meters away. It has adjustable volume and allows for active remote listening with the included receiver or recording on micro SD cards up to 8 GB. It uses a built-in rechargeable battery. Just $90.30 from DX.

17)   Cigarette Lighter Hidden Camera Recorder – This faux lighter includes a rechargeable li-ion battery and has the capacity to capture video and picture. It features sound-triggered recording and offers a simple and subtle manual recording mode. It can support MicroSD cards up to 16GB, though they do not include one with the device. The lens is located on the bottom of the lighter. The button that you would normally use to strike the lighter turns it on, and the top removes to access the USB port to upload images to a PC or Mac. Amazon offers it for $99.99, and it is currently on sale for $20.99.

18)   Orbiter Electronic Listening Device – This thing isn’t going to win points for stealth, but it is highly effective at detecting audio from up to 300 feet away. It comes with quality headphones and allows for digital recording with a 120 second playback features. It also includes a view finder that can magnify up to 10x.

19)   Mini Spy Cam Pen – This executive-style pen in black and gold conceals a HD 3 megapixel camera capable of producing high res color photographs in JPG format or recording video at 1280×960 resolution at 30 FPS. It has a concealed USB 2.0 interface at its end and has driver support for Windows, Linux, and Mac computers. It comes standard with 2 GB of memory and can be upgraded up to 8 GB with a microSD chip. It has a built-in rechargeable lithium ion battery capable of recording up to 100 minutes of video or 6+ hours of photography. Offered for $23.90.

20)   Avangard Optics Waterproof Spy Watch – This clever watch features a built-in HD camera recorder, capable of capturing video or stills with 640×480 resolution at 30 FPS. It includes an onboard mic, date and time stamp, with 4GB of built-in NAND flash memory, and connects via USB to a PC to capture gathered data. The watch itself is dust and water resistant and uses a rechargeable lithium battery which lasts for about an hour with a full charge. Priced at $35.00 from B&H.

21)   Concealed Camera within a Toyota Car Key – This key records video at 640×480 resolution with 30 FPS and allows storage up to 16GB via MicroSD. It uses a high capacity lithium polymer battery to support roughly one hour of life from a full charge. It connects to a PC with a USB cable for data extraction. Priced at $65.95 from Sears.

22)   Spy Clock Camera with Motion Detection – This innocuous camera comes in the form of a sleek and fashionable bedside alarm clock. The concealed HD 2.0 megapixel camera is capable of recording at 1280×960 resolution up to 30FPS. It begins recording when activated via motion detection and can record continuously for up to 2 hours. The AVI files can be transferred directly to a microSD (it comes with a 4GB SD card that can be upgraded for more storage). Costs $48.95 from Newegg.

Photo by: nikos providakis

23)   Super High Gain Microphone – This microphone is incredibly lightweight and minuscule, making it easy to conceal nearly anywhere. It weighs less than half an ounce, and the preamp features low noise, powerful high gain and automatic level adjustment with its onboard IC. The output is line level and the device comes with 6 feet of power/audio cables so you can connect it anywhere you need. It needs a 6-15 volts DC battery.  Offered for $37.50 from Spy Associates.

24)   Coat Hook Hidden Camera – Cleverly hidden, this camera is situated at the top of this hook, ensuring that it will function even while in use. The camera can be activated manually or automatically start when it senses motion. Video is recorded in 1280 x 960 resolution. Available in white or black for $49.95 from Brickhouse Security.

25)   Sonic Sleuth Parabolic Microphone – Parabolic microphones help you pick up and isolate sounds at a distance. This particular one is designed for children so the cost is not prohibitive. It can pick up sounds up to 300 feet away and offers a frequency controller to remove unnecessary background noise. It comes with a set of headphones but not the necessary 9-volt battery. Offered by Amazon for $23.21.

26)   Uzi Parabolic Microphone – This parabolic microphone also features a monocular capable of viewing up to 8x. The microphone can pick up sounds up to 100 meters (roughly 328 feet) away. It features an integrated chip to record sounds. It includes high quality headphones, but not the necessary 9-volt battery. Offered for $42.95 from Amazon.

27)   Sonic Sound Amplifier – While still not necessarily subtle, this sound amplifier is much less obvious to the casual observer than a parabolic microphone. The handheld device can detect sounds up to 300 feet away and can attach via clip to a pocket, belt, and many binoculars. It includes the necessary ‘AAA’ battery and stereo headphones. Offered for $22.95 from Amazon.

28)   Smoke Detector Hidden Camera – This pinhole camera is tucked within a nonfunctional smoke detector casing. The camera itself utilizes a CCD (charged coupled device) solid-state imaging device, ensuring top quality image capturing and exceptional reliability. It features auto-white balancing and automatic gain control to provide clear images under normal lighting conditions. It adjusts automatically based on light levels, but will not function well in a dark room. Users will need to acquire power supply and cable separately. Currently on sale at Amazon.com for $34.99.

29)   Miniature Wireless Color Camera Set – This set includes a miniature wireless camera with microphone pickup that allows for quality color imaging at a range of 150’ with no obstacles. The camera runs on a 9-volt battery or an AC adapter. The receiving tuner can be fine-tuned to acquire a better picture. The receiver can be set up to record, and can mount on a wall or lay flat for a more permanent set up. Price is just $22.64 via Amazon.

30)   Wireless Pan/Tilt/Nightvision Camera with Remote Monitoring – This remote camera can pickup quality images even at night and allows remote access to its pan and tilt functions. It requires a power connection and access to a network and it comes with a power adapter and network cable. Offered for $59.99 from Amazon.

31)   Mirror Spy – This security mirror holds a powerful secret camera capable of recording color footage at a 420 TVL resolution. It has a wide angle lens and a coverage range of 82 degrees, ensuring that it can cover an average sized room or hallway. It requires access to a power plug, but does not rely on batteries so once it is installed you can let it run without fear that it will die at a critical moment.

 

Simple Devices

32)   Right Angle Mirrored Lens – This nifty lens attachment will fit any lens with a 58 mm filter thread. It’s simple to install – just screw on and you are ready to use it. It allows you to snap pictures around corners easily without raising attention to yourself. $28.99 from Amazon.com.

33)   Telescoping Mirror – These delightful tools generally feature a telescoping handle and flexible neck, allowing you to peak into hard to access places or around the corner without being obtrusive. Generally, they cost a little less than $10. This model from Amazon sells for just $7.29

34)   Spy Periscope – While you can make your own simple periscope with a cardboard tube, small inexpensive mirrors, and a hot glue gun, the more dedicated might want to put up the cash for this professional-grade periscope. It makes it easy to see around corners, over, and under all kinds of obstacles and allows magnification up to 5x. Its design ensures that the picture is always displayed right side up regardless of how the periscope itself is set up. SpyVille offers it for $119.99 (on sale for $79.99 at the time of this article).

35)   ViewPoint Mirror – Now you too can have eyes in the back of your head, motherhood not required! This handy little mirror is meant to adhere to the inside of your sunglasses and grants users a clear view of what is behind them. Discrete and inexpensive, at just $15.00 from CycleAware.

36)   “Safe” Books – A two-piece false book set to conceal your valuables, or a hidden observation device, within. Each book features faux-leather spine and felt lining within the concealed compartments. They are large enough to easily conceal pinhole miniature cameras or listening devices as well as extended media storage or other accessories. The set is currently on sale on Amazon for $29.98.

37)   Hide-A-Mic Rocks – Fashioned to resemble a rock, this concealed compartment is designed to secure an extra key, but it can easily be used to conceal a hidden audio recording device designed to pick up sound via vibration through a solid surface. It would not be a challenge to conceal cabling leading to the false rock beneath the ground surface. Currently on sale for $6.02 from Amazon.

38)   Make your own false compartment – Any container can easily be provided with a false bottom. There are a number of quick how-to guides online that can walk you through the process. Pick a new item or one that does not get used much. A bedside drawer that is rarely opened or an inexpensive jewelry box. Match the interior when you prepare the false addition. Make sure your measurements are absolutely correct. Create just enough hidden space to conceal your device; the larger the compartment, the more likely it is to be noticed.

39)   Concealed pocket clothing – When you are attempting to walk out with potentially incriminating items, or walk in with bugging devices, having concealed pockets can come in handy. Even those with minimal sewing skill can create simple pockets tucked away inside waistbands or jeans. There are also many styles of clothing that come with an abundance of pockets that are easily accessible. Take advantage of functional fashion.

40)   Spy Coin (MicroSD concealment) – This realistic looking coin comes in a variety of denominations – A U.S. Nickel, Half Dollar, or Dollar, a British Pound, a 50 cent Euro piece, or an Aussie 20 cent piece. They seal tightly and are completely undetectable from a typical coin and require a special device (included with purchase) to open them once more. Each will fit a microSD card (the U.S. quarter will not, which they also offer). Available for just $18.49 from Amazon.

41)   BIC Lighter Secret Stash – This non-functional lighter offers subtle concealment for small items. The size makes it perfect for a microSD card, which is what many spy devices utilize. It looks identical to a typical lighter. Offered for $9.95 via Amazon.

42)   Wireless Network Detector Keychain – This simple keychain device detects and displays wireless networks and displays their signal strength via visible LED lights. It comes with batteries. Costs just $5.55 from DX.

Intel Acquisition

43)   Wireless Scanning Pen – This silver and purple pen allows users to scan up to 1000 pictures or voice memos up to 1 minute long. It syncs with Evernote and features a storage capacity of 1GB. Offered for $87.73 from DX.

44)   Mini Portable Document Scanner – When a pen-sized scanner won’t cut it, this portable scanner can step in. It allows fast scanning of standard sized documents, up to 2 seconds per page with lower resolution. It can scan high resolution images at a slower rate. It stores data on a Micro SD slot and is powered by 2 AA batteries. Costs $54.50 from DX.

45)   Spy Remote Control Helicopter – This helicopter can serve as your own personal flying spy. It obviously requires that your target be viewable from an outdoors location. The RC ‘copter can fly for roughly 10 minutes full charged and features a 1G Micro SD card, which can be upgraded. It has a hi-res built-in camera and has a solid state gyroscope for stable control when in use. Users can take snapshots or record video in flight. The RC has an integrated rechargeable LiPo battery that comes included, and the transmitter requires 6 ‘AA’ batteries that are not. It costs $59.95 from Hobby Tron.

46)   Spy Mini RC Drone Helicopter – This miniature RC helicopter can fly for 20-30 minutes with a full charge and has a range of 100’ from the transmitter. Multiple bands allow up to 3 RC helicopters to be flown at once. It includes 2 LED search lights, built in gyro for stability, and a mini HD camera to capture and record visual information. The receiver requires ‘AA’ batteries, not included. It costs just $59.98 from Trend Times.

47)   Make Your Own Drone – DIY Drones has a ton of information for those interested in crafting their own miniature drones. With the assortment of minuscule audio and visual recording devices on the market and accessible miniaturized RC components, a little technical knowledge and a penchant for DIY is all one needs to create their own spy drone at home. Check out this site for inspiration.

B&E Tools

48)   8 Piece Spring Steel Lock Pick Set – This is a good starter set of quality lockpicking tools. It comes with a double ball lock pick, two different hook lock picks, a snake rake lock pick, a jagged rake lock pick, two different single sided lock picks, and a double ended tension wrench. Each piece is made with black diamond spring steel and have re-enforced handles. Costs $24.95 from Newegg.

49)   Super Lock Pick Set – For the more demanding lock-picker, this set includes any style pick you might need, all wrapped up in a faux-leather case. It includes a guide-book to walk you through most lock styles. Costs $96.59 from WayFair Supply.

50)   Practical Lock Picking – This guide walks even newbie lock picks through the process of breaking through most lock styles. It includes detailed, full-color diagrams and step by step instructions using a multitude of the most common techniques and tools. Amazon offers this book for $32.72 in paperback and $31.08 on Kindle.

Surveillance Software

51)   ISpy Connect – iSpy connects your existing cameras, webcams, microphones and other related equipment into a dynamic surveillance system. Users can set up three types of motion detection and four types of motion processing, with record automated upon detection, or scheduled recording with audio and remote access. It also offers desktop recording and SMS/MMS/emailed alerts.  It can be run across multiple computers simultaneously and can even be integrated into iOS devices.

52)   I-Can-See-You WebCam Spy Software – This sneaky software runs silently on your PC and allows you to remotely watch it. Whenever your computer goes online, the program sends you an email with an address to connect and watch live. Offered for $29.99.

53)   Real Time GPS Tracker App – This application sends an exact location of the mobile device to Google Maps, but only works if the user keeps the program running. Good for tracking children, not good for tracking stealthily. Offered for free for Android devices.

54)   GPS Tracking Pro – Another GPS-enabled mobile tracking app, it works best for children as it requires the user to keep the application running on their device. It uses proprietary maps that display local safety points like hospitals and police stations. For any of the GPS phone trackers, you can conceal a locked phone in a vehicle to track its movements more stealthily. This application is free and available for Android devices.

55)   Follow Mee – This application turns a smartphone or tablet into a GPS tracker. The app records whatever location the device goes to periodically and sends that data to a secured server. Users can track location data from any browser. It can track multiple devices, establish geo-fences for children, and it runs silently and starts up automatically when the device is turned on. It is designed to stealthily monitor the whereabouts of children, spouses, employees, or stolen devices.

Photo by: z_fishies

56)   Mobistealth – This service offers stealth applications for your computer and mobile device designed to monitor all activities and provide you with a comprehensive report. Cell phone monitoring can allow you to listen in on calls, read text messages, and view videos and pictures sent to and from the phone being monitored. Similarly, the computer program allows you to read emails sent and received, as well as record and listen in on Skype calls, and monitor online chatting. Both can be set up to track GPS coordinates in the case of laptops and mobile phones. Available for Android, iOS, BlackBerry, and Nokia/Symbian phones and Windows and Mac computers.

57)   Stealth Genie – This application lets you record and intercept live calls, review call history, redirect or view sent and received SMS messages, view incoming and outgoing emails, and track GPS coordinates. The GPS tracking allows you get updates if it enters ‘restricted areas’ or ‘safe areas’.  You are also able to view an assortment of instant message chats, photos, music, videos, and voice recordings as well as view their phone’s calendar and internet activities. Phones can even be bugged to pick up the surroundings and record them or allow you to listen live. Available for nearly any mobile phone and network.

58)   XPCspy – A simple to use PC surveillance software. It monitors and reports on all activities on the target computer while running unobtrusively. It allows you to review the log at any time, from any location. Recorded activities including keystrokes, web browsing history, application usage, clipboard history, system activities, emails, and chat conversations. Free trial, $59.95 to purchase after that.

59)   IamBigBrother – This keylogging software is designed to run quietly without alerting users and protect against attempts to disable it. It does not show up in the start menu, nor will it be visible in the Task Manager. It can be set up to capture screen shots when certain keywords are typed, it creates a list of all web sites visited, with a title, and the length of the visit. It records everything typed, including incoming and outgoing emails and web chats, and records passwords.

60)   SniperSpy7 – This remote computer surveillance software allows users to watch live what is happening on the computer it is installed to. It allows you to browse file systems remotely, view chats, visited websites, keystrokes (in any language), and capture screen shots. You can install it to your computer via email and it is compatible with any firewall. It allows you to remotely download files from the computer, to view and kill active processes, control the mouse, restart or shutdown the computer, and much more. A single 3 month user license costs $39.97.

61)   eBlaster7 – Designed to monitor the activities of children and employees, this program is designed to record everything being done on the computer it is installed into, report the activities in an organized fashion to your email as often as you wish, forward to you every email and online conversation, and alert you when certain keywords (pulled from a list you create) are detected, and block web sites or individuals. Costs $99.95.

Photo by: Aaron Landry

62)   Refog Personal Monitor 7 – Another stealthy program designed to run in the background and monitor the activities of your children. It captures both sides of chats from IM programs, blogs, forums, chatrooms, and more. It can automatically capture screen shots, send alerts when configurable keywords are triggered, and update you via email so you can remotely monitor activities. They offer a free trial version and the cost is $69.95 for the full-featured version.

63)   Elite Keylogger Pro – This program claims to be completely invisible when running, able to avoid detection from anti-virus and anti-keylogging software and not show up through any method to computer users. It records keystrokes, including passwords, monitors emails and online chats and allows you to search and analyze online communication, and allows you to capture automatic screen shots. It also offers a deployment installation method, granting you the right to remotely install the software. Monitoring one PC costs $79.

64)   Spector Pro – One of the better known computer surveillance programs, Spector Pro offers a completely undectable software package capable of recording and analyzing everything any user on a monitored computer does in a format that is easy to review, search, and analyze. You can receive remote access and get alerted when certain keywords or sites are accessed. It grants you the control to block websites or access to individuals on the web. You can watch live or use the video-style playback of what they are doing online. Offered for $99.95.

65)   PC Pandora 7 – Another stealthy keylogger, PC Pandora’s ability to avoid detection begins with purchase – billing shows up from Click Bank, a common processor for thousands of online shops. When it is installed, it deletes all web browsing history related to PCPandora.com as well. It offers all the typical keylogging functions including web history tracking, silent monitoring, keystroke recording, conversation logs, remote viewing and control, and the ability to block specified websites or individuals online. Costs $69.95 for one year of customer support and access to one computer.

66)   WebWatcher 8 – PCMag.com gave WebWatcher a top rating in 2013, and it has gotten great reviews from a number of other sources for good reason. Web Watcher protects PCs, laptops, and mobile devices. You don’t need to have physical access to monitor any device after installation. You can set up your own custom triggers for instant alerts and get near real-time access to everything occurring on your device from any remote location with internet access. It records activities and allows you to review or search through them at your leisure from anywhere. It allows you to view search terms, web history, online conversations, program activity, and record passwords. You can also set up triggered screenshots based on your customized trigger words. Costs $97.00 for Windows or Mac.

67)   Spy Agent – A slightly less expensive but very robust keylogger that offers some powerful parental control features, Spy Agent is a good choice for parents or partners wanting to track online activity. Along with monitoring web history, application use, file access and downloads, and online communication, along with triggered screenshot captures and alerts it offers content filtering. This can be used to filter online chats, websites, or applications based on criteria you establish, and notify you and begin automatically logging based on specific keywords, applications, windows, or screenshots. Plus it offers excellent tools for managing the data gathered, including automatically generated reports, top 10 feeds, cross-referencing, filtering, and searching capabilities. It costs $79.95. Not available for the most recent iterations of Windows or Macs.

Just Plain Cool

68)   Eviltron – This nifty little device is just a tad bit larger than a US quarter, and includes an embedded rare-earth magnet to make it a snap to hide. The included battery lasts 1 month or more with continuous use. It comes with five scary sounds, and a ‘random’ feature to cycle through them. Use it to draw a person away from a place you need to gain access to. Offered from ThinkGeek Labs via Amazon.com for just $12.95.

69)   CheckMate, 5 Minute Infidelity Test Kit – This simple kit makes it easy to collect samples from clothing and linen to locate traces of semen stains. The testing can be done from home and takes minutes to get results. Simply wet the stain, blot the area with a test pad, allow to try, then mix the provided bottle with provided reagents and drop mixture onto the test pad. A positive result turns the sample purple. Costs just $39.99 from Spy Emporium.

Defense Tools

70)   Data Encryption Key – To secure sensitive information, use this USB 2.0 device to encrypt and decrypt any file or files you please. It has 128 bit AES hardware protection, and attaches to your keychain so you can always keep it with you. Costs $18.50 from DX.

71)   Anti-Spy Bug Detector Pen – This pen flashes an LED light whenever it encounters wireless frequencies common to spy cameras and audio recorders. It is not as sensitive as professional level scanners, but is considerably more subtle. It is a functional ball pen and comes with dozens of spare batteries in its included case. The UV LED also works to track blood stains and validate watermarks on documents, bank notes, and money. Costs $13.95 from DX.

72)   Anti-Spy Laser Wireless Signal Detector – A professional version of the bug detector pen, this device is capable of pecking up a wide variety of espionage equipment, sometimes as far away as 10 meters. It prevents users from unknowingly being observed or recorded by listening devices, eavesdroppers, or hidden cameras. DX offers it for $44.70.

Photo by: Stefan

Required Reading

73)   Cyber Spying: Tracking Your Family’s (sometimes) Secret Online Lives – This book is designed to instruct readers in exactly how to spy on someone online. It helpfully covers motivations and the ethics involved, as well as the psychology involved in spying. It gives an introduction to computers and networking basics, teaches readers about online activities and how they can be compromised, and how to prevent being spied on as well. It is designed to help concerned parents and partners check up on online activities. Costs $39.85 for the Amazon paperback edition and $33.56 for the Kindle edition.

74)   The Spy’s Guide: Office Espionage – This book is written to help modern day business professional gain the most valuable tools in today’s fast paced world – information. With step-by-step instructions on everything from phone tapping to social engineering strategies, this book helps professionals get ahead. It includes real life stories demonstrating how these techniques have been used successfully by spies in Fortune 500 companies, the CIA, the KGB, and more. Costs $3.38 from Amazon.

75)   The Official CIA Manual of Trickery and Deception – Written as a training manual for CIA operatives during the Cold War Era, this manual describes step-by-step instructions on how to gather covert intelligence with sleight of hand and other tricks. Offered for $11.56 from Amazon in paperback.

76)   Top Secret: A Handbook of Codes, Ciphers, and Secret Writing – All you need to know on how to create, break, and utilize secret codes and complicated ciphers. Lots of hands on practice, tips for creating your own code-making kit, and tidbits discussing the use of ciphers throughout history. Offered for $6.91 in paperback from Amazon.

77)   101 Spy Gadgets for the Evil Genius – As the title suggests, this is a book with over a hundred projects that you can construct using inexpensive and easy to obtain parts that will allow you to gather intel and conduct surveillance. Projects range from easy to challenging and include a complete list of tools and parts with illustrated guides and step by step instructions. Costs $39.70 in paperback from Amazon, or $14.72 on Kindle.

78)   Covert Persuasion: Psychological Tactics and Tricks to Win the Game – Using skills developed with a firm understanding of psychology, linguistics, sales tactics, and human communication strategies, this book teaches you how to become a master of persuasion. Designed especially for sales professionals, but useful for anyone who can make use of a silver-tongue. Offered in paperback for $24.99 from Amazon, and $13.72 from Kindle.

Photo by: katiek2

Kid-Friendly Spy Gear

79)   Bionic Ear – This simple listening device allows kids to listen through walls, windows and doors. The device works well through glass, sheetrock, and wood. It includes a simple audio earphone. Designed for children aged 8 and up. Priced at $9.39 from Amazon.

80)   Amateur Spy Micro Listener Toy – Used to eavesdrop on conversations on the other side of a thin wall or barrier or held at a distance across open space. Includes its necessary LR44 (AG13) battery. Designed for children. Just $2.95 from DX.

81)   Spy Net Recording Pen – This recording pen features a secret audio recorder. Stored audio can be accessed via the concealed USB connection. It utilizes 3 ‘button cell’ batteries and unlocks access to the Lie Detector on SpyNetHQ.com. Designed for children 8 and up and offered from Amazon for $17.95.

82)   Master Spy Kit – This top secret spy kit comes with an RC car capable of picking up audio and visual signals, a spy pen, two walkie talkies, perimeter motion alarms, and a portable scope. It requires 3 ‘AAA’ batteries that are not included. All of this comes in a hard black case. Toys suitable for ages 6 and up. Offered for $49.99 from Meijer.

83)   Top Secret Spy Kit – This professional looking case includes fingerprinting tools, spy glasses, a code book and kit, and more. Meant for ages 8 and up and offered for $39.00 from Land of Nod.

84)   RC Spy Tank – This iOS operated RC car features a camera capable of streaming live video of taking photographs. It can travel up to 20 meters without obstacle and up to 10 meters around walls and other obstacles. The car generates is own wireless connection and runs on 6 ‘AA’ batteries which are not included. The controlling app is available free from the iTunes app store. Costs $79.95 from NitroRCX.

85)   Long Range Walkie Talkie – Designed for children, these long-range walkie talkies can work up to 2 miles apart. They have a special code button meant to send and receive coded messages, and can also transmit spoken messages. They require 6 ‘AAA’ batteries that are not included. Offered from Amazon for $26.99.

86)   Spy Gear Lie Detector Kit – This kit uses a simple finger sensor to pick up the subject’s truthfulness. Indicator lights make note of when the subject is lying. Includes a Lie Detector Handbook. Offered for $12.66 from Amazon.

87)   Spy Gear Night Scope – This hi-tech looking night scope allows vision up to 25’ in the dark, includes a spring-activated mechanism to activate a spotlight. It offers a ‘stealth mode’ beam. Offered for $23.99 from Amazon.

88)   Multi Voice Changer – A voice changer which offers 8 different voice modifiers and adjustable levers to create a hundreds of modulation options. It requires a 9 volt battery which is not included. Offered for $10.03 from Amazon.

89)   Video Recording Watch with Night Vision – This spy watch features a 1.4” full color screen to watch recorded videos and get live playback from the included camera. It includes a rechargeable battery and USB connection and is compatible with both Mac and PCs. It comes preloaded with apps and games, including ‘Spy Detector’ and ‘Lie Detector’ apps from SpyNetHQ. More can be downloaded from SpyNetHQ. Offered from Amazon for $37.69.

90)   Stealth Video Recording Glasses – These sleek black-framed spy glasses conceal a camera behind the lenses capable of recording up to 20 minutes of video or capturing over 2,000 pictures. Evidence gathered can be uploaded to PC or Mac with the included USB connection and uploaded to SpyNetHQ.com. Offered from Amazon for $34.34.

91)   Color Code Message Kit – This nifty kit includes a decoder filter, message code pad, 4 colored pencils and an instruction manual teaching users how to create and decode color-hidden secret messages. Offered for $5.98 from Amazon.

92)   Copper Decoder Ring – This small copper ring contains a basic decoder. The top dial rotates 360 degrees to make it easy to encode or decode a message. Weighs just over an ounch and is only 1-1/2” in diameter. Features geocaching clues. Offered for $14.99 from Amazon.

93)   Jefferson Style Cylinder Decoder Wheel – This solid wood decoder wheel allows users to create a message and select their array of encoded letters. High quality and attractive method of sending and receiving secret ciphers. Offered for $23.99 from Amazon.

94)   Spy Science Intruder Alarm – This simple device allows kids to create an intruder alert by connecting simple electrical circuits to a door buzzer. Requires two “AA” batteries that are not included. Only $10.49 from Nature Pavilion.

95)   EIN-O’s Burglar Alarm Kit – This electronic kit allows children to build their own burglar alarm. Designed for children 7 and up and includes all the parts necessary to make a functional device. Only $7.83 from Newegg.

96)   Vanishing Ink Pen – Sometimes you want to leave a message with a built-in self-destruct feature. Exploding messages are hazardous, so the next best thing is vanishing ink. This pen, which appears to be completely normal, features ink that fades after 12 hours. It writes normally on any paper and the ink appears to be typical. Just $4.00 from CrimeScene.

97)   Invisible Ink (Homemade) – A good spy knows how to make use of the tools at hand. Invisible ink is a good way to share intel with your fellow spies. Most of us have chemicals at home that we can use to create heat, black light, or chemical reaction based invisible inks. This includes milk, tonic water, laundry detergent diluted, table sugar solution, vinegar, and acidic fruit juices. About.com has a great article on homemade invisible ink that can get you started.

98)   Permanent Invisible Ink Marking System – Of course, if you want to ensure the longevity of your invisible message and be sure you have a way to review it later, you may want to purchase this pen. The invisible ink is permanent and waterproof, ensuring its longevity on non-porous surfaces. It includes a UV light so you can check the message after it has been written. Costs $11.99 from Whatever Works.

99)   Invisible Ink Pen & UV Light – This less expensive pen allows users to write secret messages that can be revealed with the included UV light. It’s only 5 inches long, so easy to conceal, and priced at just $1.49 from Lazerpoint it is inexpensive enough to stock up on them.

100) CSI: Fingerprinting Analysis Kit – This kit, available from Toys-R-Us for just $17.99, contains everything a budding investigator needs to examine evidence. It includes tools to gather and analyze fingerprints and other data. It is targeted towards forensic analysis but could be adapted for the budding spy.

101) Spy Gear Evidence Kit – Made specifically for young spies, this kit comes in a professional-looking black hardcase and contains a UV blacklight, a functional 30x microscope, a 10-piece fingerprint kid, and an LED flashlight. Priced at $20.38 from Amazon.