Via: Online MBA

Anyway, that’s why the highlight of my weekend was watching the news!

A few weeks ago, I wrote about how the Lower Merion School District in Pennsylvania had gotten itself in some trouble for using the webcams on school-issued laptops to take pictures of students without the students or their parents knowing. Mercifully, there have been some new developments in the case, and that has given me something to write about.

Size of the Iceberg

We’re now starting to get a better picture of how much the laptop webcams were used.

You might remember that the district initially stated that the webcams had been activated on “at least 42 occasions.”

Here’s an excerpt from a motion filed last week by Blake Robbins’ parents:

“Since the filing of the lawsuit, it is now known, as to Blake Robbins:

(a) Blake Robbins’ laptop was neither lost nor stolen;

(b) the “peeping tom” spying technology was activated for a fifteen day period between October 20th and November 4th, 2009;

(c) over 400 screen shots and webcam pictures were taken using the LanRev “peeping tom” technology;

(d) most of the screen shots and webcam pictures were taken while Blake Robbins’ computer was in his home;

(e) there were numerous screen shots of private IM communication between Blake and his friends;

(f) there were numerous webcam pictures of Blake and other members of his family, including pictures of Blake partially undressed and of Blake sleeping; and

(g) there are additional webcam pictures and screen shots taken of Blake Robbins which, to date, have not been recovered because the evidence was purged by the IT department.”

Later, in the same motion:

“In addition, discovery to date has now revealed that thousands of webcam pictures and screen shots have been taken of numerous other students in their homes, many of which never reported their laptops lost or missing…”

In a story posted on Philly.com Monday, the district has stated that the webcams were activated at least 80 times and that the total number of images captured is around 56,000.

So, for those of you keeping score, we’ve gone from 42 activations to 80, and we’ve gone from an unstated number of images to 56,000. That’s a big jump, and that’s a lot of images.

Picture of Blake Robbins sleeping, taken by his laptop webcam – CREEPY!!!

What They Knew and When They Knew It

On Lower Merion School District’s website, Carol Cafiero’s job title is listed as “Information Systems Coordinator.” She’s actually listed third from the top underneath George Frazier, Director of Information Systems, and Jason Hilt, Supervisor of Instructional Technology. Apparently, she’s not very excited about participating in the current investigations involving her employer.

Ms. Cafiero was subpoenaed to appear for a deposition, but back in March, she asked the court to excuse her from appearing. The court rejected her request and ordered her to appear, however, at her deposition, Ms. Cafiero refused to answer any questions invoking her Fifth Amendment right.

The motion filed last week contains this tantalizing statement…

“First, Carol Cafiero, unlike any of the witnesses asked to testify, invokes the Fifth Amendment to every question asked of her, including a question asked as to whether she had ever download[ed] pictures to her own personal computer, including pictures of students who were naked while in their home.”

…and this one…

“Second, emails suggest that Carol Cafiero may be a voyeur. For instance, in one email, when one IT person commented on how the viewing of the webcam pictures and screen shots from a student’s computer was like ‘a little LMSD soap opera’, Cafiero responded ‘I know, I love it!’”

The plaintiff’s attorney is now asking the court to fine Ms. Cafiero $2,500 (for refusing to answer deposition questions) and to compel her to turn over any personal computers for examination.

What might an examination of Ms. Cafiero’s computers reveal?

Did Ms. Cafiero’s superiors know that the webcams were being used? Did the school board know?

How many people had access to the images, and is it possible any of those people made unauthorized copies?

Have the roughly 56,000 images collected by the district been thoroughly reviewed and what do they contain?

What are the chances that criminal charges will eventually be filed against someone (Ms. Cafiero’s attorney apparently thinks so)?

I don’t know the answer to ANY of these questions, but I can’t wait to find out. And, we shouldn’t have long to wait – Ms. Cafiero had until today (4/20/2010) to respond to this most recent motion.

It seems this case may not quietly drop from the headlines as I previously predicted.

Disclaimer

To my wife and kids:

If you’re reading this, I was just kidding about the news being the highlight of my weekend. I really REALLY enjoyed going to the park. It was definitely the highlight of my weekend…I swear…and I didn’t mind missing the hockey playoffs one bit.

Used car salespeople have such a bad reputation that they are a cliché, and the Texas Auto Center in Austin has now done its part to keep that reputation solidly in place.

A Simple Plan

Last week, a story broke about a Texas Auto Center employee who had used the web to play pranks on customers. The car dealership had installed GPS-enabled devices in their cars that would allow the dealer, using a web application, to remotely disable the vehicle and honk the horn. The dealership says these devices were installed so that they could more easily repossess cars from delinquent customers – disable the car so it doesn’t go anywhere, then honk the horn so the repo man can find it easier.

Ingenious. What could possibly go wrong?

The Pride of Austin

Enter 20-year-old Omar Ramos-Lopez, an employee of the dealership at the time. He used his home computer and another employee’s ID and password to access the web app and then set about disabling cars and setting off horns causing angry customers to call the dealership.

Super Cyber Criminal Genius

This went on for about a week until the dealership finally reset all user passwords on the system effectively locking Ramos-Lopez out. The police were then called in and Austin’s High Tech Crime Unit was able to trace the changes back to Mr. Ramos-Lopez’s computer. He was then fired from his job, arrested and charged with felony breach of computer security.

Tupac and Spidey

Most stories about this event have concentrated on Mr. Ramos-Lopez’s actions. Clearly the dealership was cleverly outwitted by some kind of criminal genius. Oh, did I mention he also changed the name of one of the customers in the system to that of dead rapper Tupac Shakur?

Super Rapper (I guess they have used cars in heaven???)

Let’s see – 20 years old and working at a used car dealership. I’m not seeing genius at work here. In fact, the world is full of idiots who think disabling a person’s car and stranding them somewhere is hilarious. Far more troubling to me are the actions of the dealership. As Spider Man says, “With great power comes great responsibility,” and this story raises serious questions about the dealership’s role in all this.

Super Hero and Deep Thinker

What the…???

• Were customers aware that these devices had been installed and that they were capable of disabling the vehicle?
• Were the devices installed in all cars sold or only those financed by the dealership? What if the customer got financing somewhere else, or paid for the car in full?
• Were the devices removed once the car was paid off?
• Who had authority to activate the devices?
• Why was it so easy for Mr. Ramos-Lopez to gain access?
• What audit procedures, if any, were in place to monitor the use of the system?
• Why did it take so long for the dealership to figure out something was going on and respond?
• Finally, I was going to ask, “What were they thinking?” but clearly they WEREN’T thinking.

Like any other technology, computers and the Internet are not inherently good or bad – they just are. It’s how they are used that makes the difference. And when they are put in the hands of the incompetent and unscrupulous, it should be no surprise that they will eventually be abused.

Happy Ending?

While computers and the Internet made it possible for super genius Omar to cause all this trouble, they also helped catch him (big ups to the Austin High Tech Crime Unit), so maybe there’s hope we’ll learn our lesson…but probably not.

It should be noted that I attempted to contact the Texas Auto Center dealership for their comments but as of the time of this post I have gotten no response. I guess they’re a little busy these days, and probably more than a little tired of answering questions.

And then you have events like the webcam controversy at Lower Merion School District near Philadelphia last week.

If you didn’t catch this story in the news, here’s a quick recap. The school district issued laptops to its students for them to use both at school and at home. Before issuing the laptops, the district installed some software on the laptops that, among other things, allowed the district to turn on the laptop’s webcam and capture images. Students and their families were not informed of this ability.

MacBook Webcam

Now, it might surprise you that a school district that implemented such a well thought-out plan might get itself tripped up by said plan, but it did.

Enter Blake Robbins, a student at Harriton High School in Lower Merion School District. Accused by one of the school’s assistant principals of not just taking, but SELLING drugs, his parents asked what evidence the school had to support such an accusation. They were told the school had pictures of Blake taking drugs – taken with his laptop’s webcam while he was sitting in his home. Mom and dad were unimpressed and have since filed a lawsuit against the school district.

Blake & His Mom

The school admits that this isn’t the first time they have “activated” the webcams. They say they have done it on at least 42 occasions. However, since this story came out, many students, including Blake, claim they have noticed the green “activity” light for the webcam come on frequently.

I have just one question: What in the World Wide Web were these people thinking?!?!

Here are just a few of the troubling issues I wonder if the school district considered before putting their grand plan into action:

• The district claims they turned webcams on to help locate lost or stolen laptops. Let’s ignore for just a moment the fact that Blake didn’t report his laptop lost or stolen. Using a laptop’s webcam to identify its physical location is maybe a hair above useless. There are much more useful techniques and software – Lojack has been selling this type of solution for several years now.
• Without the students or their families consenting to the use of the webcams inside their home, this seems a serious violation of privacy. Even WITH consent, the practice seems unnecessarily invasive not to mention excessively risky for the school district.
• Calling someone a drug dealer without factual basis could be grounds for a defamation claim.
• Using a webcam to take pictures of someone in their private home could be considered a type of electronic surveillance, and that can only be done by law enforcement agents and only AFTER they have obtained a court order.
• Taking any minor’s picture, when not in public (especially in the minor’s own home), requires parental consent. This is something the school district should be extremely familiar with!
• Since there’s no way to know what’s in front of the webcam until it is “activated,” images are captured, transmitted and potentially saved before anyone can review them for appropriateness. What if webcams were turned on while students were changing their clothes? Wouldn’t that be child pornography?

I don’t doubt the district’s motivations, but this case shows astonishingly poor judgment. It also shows there are still plenty of people and organizations in the world who don’t understand technology and are frustrated and threatened by it – a bad combination that can lead to trouble.

I’m not usually one for predictions but I’m willing to go out on a limb here and say that this case will NOT be heard by a jury. It will be settled as quickly and quietly as possible, and that’s unfortunate because it could result in some valuable case law, and the media coverage would help drive home a lesson for others.

By the way, the “drugs” Blake Robbins was accused of taking and selling were actually Mike and Ike candies.

Mike and Ike's

ED-209 – Definitely a killer robot! Get it???

This post has very little (if anything) to do with computer forensics, but who cares – I think it’s cool.

The Epiphany

The other night I had a deep thought. This event was rare enough for me that it kept me up until late in the night. The thought was this: it occurred to me that DNA, the code responsible for all known life, is made up of only four “values” – A, T, C and G. Digital information, as we all know, is made up of only two values – 0’s and 1’s (a.k.a., binary).

DNA vs. Binary

I thought about this in the context of the premise that computers might one day become “intelligent”, destroy mankind and take over the world.

Really?! I mean seriously, they want to take over OUR world?!? That doesn’t seem very intelligent, but whatever.

“Would you like to biggie-size that value meal?”

I digress.

The ‘Killer Robot’ theme has been explored for decades by more scientists and science fiction authors than you can fit into an Isaac Asimov symposium or a Trekkie convention.

Trekkies

Clearly, humanity finds this topic and the issues it raises particularly interesting (BTW: in case you didn’t catch it, that was my justification for this blog post).

Anyway, lying there in my bed, it occurred to me that, compared to binary information, DNA is an incredibly efficient system for storing information. Assuming all the other technical problems could be solved, I wondered if it would be physically possible to build a computer (robot…whatever) capable of carrying the same complexity as a living organism in terms of DNA.

Then, mercifully, an old episode of Hogan’s Heroes came on and I fell asleep.

But a couple of days later I started thinking about my deep thought again and decided to try and run the numbers. I admit I’m no Alfred Einstein, but here’s what I came up with:

Big Gloves and Big Shoes

Let’s say we want to build a single robot that is as complex as a human. Apparently the human genome contains about 750 megabytes of data. Not bad – that seems like a manageable number, right?

But wait! Copies of our DNA are contained in every cell in our body. Well, that’s not technically EXACTLY correct. There are some cells that don’t have DNA, but I’m a computer geek, not some kind of brain scientist, so we’ll go with one copy of DNA per cell in the typical human body.

So, how many cells are in a human body? Estimates range from 10 trillion to 100 trillion, but most are in the range of 50-100 trillion. We’ll stay on the conservative side and use 50 trillion.

So, 50 trillion cells. 750 megabytes of data in each cell. That comes out to…

39,321,600,000,000,000,000,000 bytes

Whoa, that’s a lot. Let’s try knocking that down to terabytes. That would be equal to…

35,762,786,865 terabytes

Hrmmmm…that’s…still a lot.

Well, the largest hard drive sold these days is a 2 TB drive, so to hold that much data we would need…

17,881,393,433   2TB hard drives

No problem – hard drives are cheap these days. Plus we can probably get a volume discount.

A Western Digital Caviar Black 2TB SATA drive has the following physical specs:

Height:        1.028 inches

Length:       5.787 inches

Width:         4 inches

Weight:       1.66 pounds

So, 17,881,393,433 hard drives would have a weight of 14,841,557 tons and would take up 408,763,677 cubic feet of space. That’s a weight equal to 41 Empire State Buildings and a volume equal to 4 ½ Great Pyramids of Giza.

How Many Daltons in a Picogram?!?

Now I’m no rocket surgeon, but that seems a little unwieldy to say the least, and all that just to hold the DNA. We haven’t even started making laser eyes or machine gun arms or rocket legs or any of that stuff yet. So now consider this: all the DNA in your body probably adds up to less than a pound, maybe less than half a pound – a very small percentage of the average adult’s total weight. So with 41 Empire State Buildings just for the DNA, we’re barely getting started. Wow, this is going to be one seriously big robot. Where would a robot that big even sit down?!?!?

Anywhere it wants!!!!           [buh-dump-bump]

E. Coli bacteria – the most common species of bacteria. That’s comforting, huh?

Finally, one last thing to consider: we have bacteria that live in our body (many that are actually useful to the human host). In fact, we have LOTS of bacteria in our body. Scientists have determined that the number of bacteria living inside a human body outnumbers our own cells by 10-20 times! And each one of those little bacteria has its own set of DNA!

Deep, huh? Now you see why I was up all night!

Now, we are learning about a couple of other clumsy moves the TSA has made regarding technology.

On New Year’s Eve, the TSA dropped two subpoenas it had issued a few days earlier against a couple of Internet bloggers.

This article by Alison Grant from The Plain Dealer provides even more information about the initial subpoenas.

Now, there’s already plenty of flak flying back and forth in the blogosphere about whether the TSA’s actions were heavy handed, if Frischling and Elliott’s civil rights were violated, and if the TSA is targeting bloggers to get back at them for the aforementioned embarrassment. And, just in case they ARE targeting bloggers, I’ll be leaving those topics alone.

What I DO want to talk about are a few details from the story that jumped out at me as a computer forensics examiner.

The story says that the TSA agents tried to image Frischling’s hard drive during their initial visit but were unable to do so.

Why couldn’t they manage to image the drive on their first visit? Either they had a problem with the imaging equipment or a problem with the laptop drive. If you’re going to be imaging computers in the field, you should have a backup for every device, so that should eliminate problems with the imaging equipment. And a simple laptop drive certainly shouldn’t present any major difficulties for even a beginner examiner.

The agents returned the next day and took his laptop with them for imaging.

Wow, sneaky.

If there was anything incriminating on the drive when the agents left on Tuesday, it certainly wasn’t there on Wednesday when they came back!

When his laptop was returned it had developed some technical problems. The TSA’s Deputy Drennan apparently acknowledges these technical issues and has promised his administration will help resolve them.

What are these guys using to duplicate the drive, a hammer and chisel?!?

Frischling lists several problems with his computer after it was returned to him, and the TSA not only doesn’t have any counter to this claim, it acknowledges the problems. This seriously calls into question the procedures and tools the examiners used as well as the validity of any evidence they might have recovered. A proper computer examination uses tools (hardware and software) and procedures that never alter the original evidence. If the original evidence is altered during the examination, defending any findings from that examination becomes difficult if not impossible.

I’ve known many computer examiners who worked for government agencies and I can say this is absolutely NOT the norm. Most of the investigators I’ve known, both government and private sector, have been excellent, and these types of mistakes would be unthinkable for them or their agencies.

However, if these statements are true, they become just the most recent in a series of events that together paint a troubling picture of a TSA that is woefully out of touch with technology and simply not capable of taking on the crucial duties assigned to it.

Appointment of a permanent administrator for the TSA certainly seems like an important step towards addressing the situation, however this appointment has been held up in the Senate since September.

First, on December 7^th, the world found out that the TSA released a document from 2008 titled “SCREENING MANAGEMENT: STANDARD OPERATING PROCEDURES.” The document had been redacted using Adobe Acrobat and then released in PDF format. Perfectly safe, right? Well, as long as the reader doesn’t know how to copy and paste. BTW: most computer forensic examiners have known about this weakness in Acrobat for several years.

Then, this past week we found out that terrorists have been able to intercept video feeds of Predator drones flying over Iraq and Afghanistan because the video feeds weren’t encrypted.  Where have these guys been?!?!? My home network is more secure!

Fun and Games with Adobe

Here’s another little trick you can do with Adobe Acrobat – I found this one the hard way.

To demonstrate, I have created a document using Adobe Illustrator. There are two document layers in the original Illustrator file – one with my ‘To Do’ list and one with a portion of my Baloney Manifesto. When I was done creating the document, I turned visibility off for the layer with my manifesto on it. Then I exported the document as a PDF.

Right-click the link below and save the document to your computer.

Baloney Manifesto

Next, open the file you saved with Adobe Acrobat. Just a harmless looking To Do list, right?

Now, in Acrobat, go to View >> Navigation Panels and select Layers. The Layers panel should open on the left-hand side of Acrobat showing the two layers in my document. Check the checkbox next to “Layer 2” and voilà – my manifesto!

You might also be able to do this within your browser if you have the right plug-in installed. Look at the picture below – click the icon that looks like two pieces of paper and you should see the Layers panel.

Layers panel in Internet Explorer Acrobat plug-in.

Now be honest – how many of you knew there could be hidden layers in PDF documents?

Army of the 12 Lunch Meats

Remember the manifesto on the evils of baloney sandwiches? Let’s say I’ve decided it’s time to stop writing and take action.

Army of the 12 Lunch Meats

My Plan: First, I will recruit an army of “soldiers” who share my views on sandwich meats. Then, we will defeat baloney sandwiches. And then we will defeat portobello avocado with sun dried tomato mayonnaise sandwiches. And when we have done that, we will be supreme sandwich beings!

Now that I have my plan, let’s look at how I will advance my cause without revealing my identity.

Email Address

Like I said in my last post, the first step is to get an anonymous email address. I’ll use this later to open other accounts.

Also, email accounts can be used in a sneaky way to exchange information without ever sending an email. I can just give the password for the email account to each of my sandwich soldiers. When I want to send a message, I login, write an email and save it as a “draft.” My soldiers login, check the draft folder and read my message. No transmission of an email so no way to “track” the sender or recipients.

Facebook

Next, I’ll setup a Facebook page to recruit people. I’ll use my free anonymous email address to setup the account, and I don’t have to give any personal information. The five students recently arrested in Pakistan allegedly used Facebook to link up with their terrorist groups, so it should work just fine for me.

Public Internet Access

I’ll use public computers and a U3 USB thumb drive whenever I need to do some 12 Lunch Meats work online.  If the public computer I’m using doesn’t let me plug in a thumb drive, I can use an anonymous browsing site like Hide My Ass!.

Prepaid Visa/MasterCard

I’ll use these for online purchases or any purchase that would track my movements, like gas, food, etc.

PayPal

I’ll use my email address to setup an anonymous PayPal account, and I can load it up with a Green Dot MoneyPak card that I can buy at the grocery store with cash. This will give me an additional option for online purchases, and I can use PayPal to transfer money to my hoagie hoards.

Prepaid Cell phones

Prepaid cell phones will allow me and my fellow sandwich nuts to communicate directly if we need to. We’ll just buy new ones occasionally so we can’t be tracked.

Also, we might need to conduct some illegal activities to help finance our war against inferior sandwich meats, and our cell phones can help with that too.

Finally, a cell phone number can help project a sense of legitimacy if we decide to run any kind of confidence scam, and when people figure out they’ve been scammed we can just throw the phone away.

Second Life

My army can use free anonymous Second Life accounts to do all sorts of things. We can exchange money between members, have online meetings, maybe even run some Second Life scams to help fund us. There are no police in Second Life, so we don’t have much to worry about. If an avatar does get caught, no big deal – we just create another one. Plus, it’s not even clear whether something done in Second Life would BE a crime in real life. Isn’t it a game?

My Getaway

Finally, if I think the authorities are getting too close, I’ll buy a netbook with one of my prepaid credit cards. I’ll use it to hack into some random person’s computer through his unsecured wireless router. I’ll copy my manifesto and all my other documents to his computer. I’ll log into all my accounts (and send some emails) using his internet connection. Then, I’ll make an anonymous call to the police to complain about “some weird guy ranting nonsensically about sandwiches or something.” When I’m done, I’ll ditch my prepaid cell phone and the netbook in his garbage can.

Then I’ll just start all over again.

So, there it is. That’s my plan. Oscar Mayer, look out!

Monkeys?

Email Accounts

If a person is online but doesn’t have an email address, do they really exist? Deep.

The first step in creating an alternate online identity is setting up an email account – you can’t really “do” much online without one. It’s probably not news for most people, but there are plenty of websites offering email accounts that are free and don’t require any personal information.

So, let’s say your name is Bob Jones. Of course you could do like most people and get an email account like ‘bob.jones@gmail.com.’ But there’s no rule that says you have to use your actual name. You COULD choose ‘McLovin@cyberdude.com’ (except that I grabbed it when I found it was available).

Prepaid Credit Cards

Prepaid Visa, MasterCard and American Express cards are available at nearly every grocery store, convenience store, pharmacy and gas station. You can buy one with cash. You don’t need to give any personal information to activate it online. You can even get one with your name (or any name) printed on it so that it looks just like a standard credit card.

Prepaid Visa Card

Prepaid credit cards can be used anywhere a regular credit card is accepted…anywhere…like, places at which you may not want people to know your shopping (hint, hint).

Prepaid Cell Phones

You can go to Target and pickup a prepaid cell phone for $15 bucks. Again, you can pay for it with cash and you don’t need to give any personal information to activate it. When you run out of minutes, you can buy more on prepaid cards also without giving any personal information.

Prepaid Cell Phone

Prepaid Mobile Broadband

A prepaid mobile broadband card lets you connect to the Internet anonymously from just about anywhere. These cards are relatively new but everyone is jumping on the bandwagon now. At the time he wrote his story in Wired, Ratliff said Virgin Mobile was the only company with nationwide coverage and no credit check, but Verizon now offers that too, and I’m sure there will be many more offering the same shortly.

Mobile Broadband USB Card

Public Internet Access

Wi-Fi hotspots are popular these days, but if you don’t have, or don’t want to use, your own computer, there are all sorts of places you can jump on a public computer with Internet access. Hotel lobbies and public libraries often have computers available to use, and cybercafés are common all over the world now. Just wear a hat and sunglasses so they don’t see you on the surveillance video.

If you prefer a less public locale, and don’t mind using your own computer, there are always all the unsecured wireless home networks out there. From my home, I can see 11 wireless networks – 1 of them is completely unsecured and 3 use WEP (an old and easily cracked type of wireless network security).

This is all too common. I have a few relatives with their own wireless routers and have asked me for help with problems they were having. Just curious, I asked them how they had been connecting to the Internet before they called me. They each essentially said, “Oh, there are a couple of other networks available in the neighborhood so I just connected to them.” Oy.

Don’t want to use a network near your home? Just drive through any neighborhood where there are lots of retirees – NONE of their wireless routers are secure (I hope my mother-in-law isn’t reading this).

"Great Googly Moogly"

U3 drives

U3 technology allows applications to run from a thumb drive as opposed to running on the computer itself. U3 applications remove all traces of themselves from the host computer when they are shut down.

U3 Thumb Drive

So, you can walk up to a public computer, plug in your U3 drive and send some email or check your bank balance. When you’re done, just unplug your U3 drive and no personal data should be left behind.

There are plenty of other products and technologies out there but I think that’s enough – you get the idea.

Are you starting to see how these items might be used? In case it’s still a bit fuzzy, I’ll help connect some of the dots next week.

When I first saw Wired’s story, I was upset they had beaten me to the punch, and by mere days. It was MY story, MY idea! No Fair!

But the more I thought about it, the more I realized (through the power of rationalization) that this was validation I was covering something timely and relevant. Plus, while I think Evan Ratliff’s article is excellent, there are things he didn’t cover that I will.

Ratliff set out to test the idea that a person could “disappear” and create a new identity. The scarier scenario, in my opinion, is the person who continues their normal life as usual but creates an alternate identity under which they pursue their clandestine endeavors. And, can they do this without revealing their real identity?

So go ahead and read both articles – they go together nicely.

My “Dark Alleys” Theory

We live in a digital world, and in many ways we’ve become dependent on all this technology. I believe that our dependency on technology – our assumption that it is part of everyone’s lives – has created digital “dark alleys” where people can operate with little worry of being tracked or even noticed.

Consider Ted Kaczynski. He lived in the woods in a cabin with no electricity or running water. His bombs were made with simple everyday items like nails, lamp cord and rubber bands. In fact, early in the Unabomber investigation, the FBI referred to Kaczynski as the “Junkyard Bomber” because of the materials used in his bombs. It took the authorities 18 years to catch Kaczynski, and even then it was only because his brother turned him in. Clearly, Kaczynski’s zero-tech ways made him more difficult to catch.

But you don’t have to shed technology to remain anonymous. In fact, it’s amazing how much you can do in cyberspace without revealing a single bit of personal information. I’ll get to that in my next post.