Hogwarts Should Conduct Background Checks

Evil - HolmesPIWho are the Slytherin anyway?  And why is Hogwarts teaching them the ancient and forbidden magic arts?  My wife is going through the process of re-watching all of the Harry Potter films.  She’s read all of the books ahead of the films, watched the films in the theater and now she has decided to see them all again.  Perhaps this is in preparation of the grand opening of The Wizarding World of Harry Potter next year at Universal Studios Hollywood.  Besides the first one that had Gary Oldman in it, I always encouraged Wifey to take a niece or nephew to see these movies.  Mission accomplished.  Somehow, though, I have a feeling I’m not going to be able to weasel out of attending the theme park.  To quote a great song of the 1970s “The Things We Do for Love”.  10cc had it right.  But this new homespun film festival has gotten me thinking.

Why would the world’s foremost school in witchcraft and wizardry accept students prone to evil?  It’s not like Harvard, where some of their alumni somehow end up managing hedge funds and bilk the poor.  Hogwarts actually has a major in Evil.  No kidding!  It’s called Slytherin.  The folks who major in this topic learn cunning, ambition and — no I’m not kidding — blood purity.  Yes, blood purity.  Voldemort, the Devil figure of the Harry Potter series, attended Hogwarts years prior and majored in Slytherin.  Throughout the entire series, Voldemart is the Grand Dragon of the purists and demands for “muggles” (non-wizards and mixed-breeds) to be eliminated.  You’d think that, after Voldemort became a problem, the (apparently) prestigious Hogwarts school would phase the Slytherin track out of its curriculum.  But no, they do not.  They continue to teach the most evil of their applicants the secrets of their power and actually sponsor games where they watch them all battle it out.  Did I forget to tell you this is a school for children?  Yeesh yiminy!  This makes me think that the ‘Lord of the Flies’ version of the New Jersey public schools in which I grew up was child’s play.

Let’s turn this around to non-fiction.  I remember reading many years ago after 9/11 that it was revealed that a number of the folks involved had originally met at a martial arts studio in Brooklyn.  This includes one of the alleged ringleaders, Mohamed Atta.  The hijackers, dubbed in intelligence training the ‘Hamburg Cell’, also attended flight schools here in the United States.  After a book was written making these connections, a number of martial arts and flight schools began conducting background checks on their students.  Nothing is absolute, but it does make sense to be sure you’ve done your due diligence to make sure your students do not have an apparent propensity for evil already dripping from their pores.

Now let’s elevate this thought to a more modern and hi-tech level.  Anyone with a credit card and a couple thousand dollars can attend classes to teach them how to hack innocent individuals.  Yes, the classes are presented with the disclaimer that all students must only use their new-found powers for the forces of good.  But it is ludicrous to believe that is the case.  I’ve attended numerous hacking courses, from online to real-life.  There is a general consensus that bad folks need not apply.  But this isn’t enforced.  Some of the best hackers on the planet I know personally.  And (for the most part) they are great folks with impeccable values that want nothing more than to find security flaws in their clients’ infrastructure and report directly to them with a plan to remedy said flaws.  I’m not saying this because they can all hack me right now.  I really mean it.  Seriously.  But it still needs to be noted that creeps and felons attend these courses.  Currently there is no good/evil benchmark for the hacking community.  But perhaps soon there will be.  Whether it’s magic, hacking or karate-chopping, it’s nice to know your student.

Now, I’m going to finish my coffee.

Stain on blog from Rob's coffee cup

Knockoff Report™ #572: China, Football, eBay Lawsuit

eBay - IPCybercrimeChinese Spies Target U.S. Intellectual Property

Notre Dame Warns About Counterfeit Tickets for Texas Game

Irvine-Based Wimo Labs Files eBay Lawsuit, Alleging they Facilitated the Sale of Counterfeit Merchandise

First Defendant in Fake Cancer-Drug Case to Be Arraigned

Sayreville Couple Charged With Counterfeiting Designer Watches

Feds in Dallas Warn of Knockoff Products — Including Cancer Drugs — Hitting the Market

Counterfeit Goods Easily Available, But Not Always Easy to Spot

Oman Crime: ROP Seizes 3,000 Boxes of Counterfeit Cigarettes; Deports 70 Illegal Expats

Beijing Firm Accused of Selling Knockoff of Israeli AESA Radar

Counterfeit Tourniquets Found in New Hampshire

Counterfeit Mobile Phone Accessories: 2 Arrested in Raids

Iran’s Supreme Leader is not Happy About This McDonald’s Knockoff in Tehran

Don’t Waste Your Money: Counterfeit Cosmetics

Top Online Marketing Conference Slates Rob Holmes to Speak

Pubcon - IPCybercrimeFounder and CEO of IPCybercrime, Rob Holmes, is scheduled to speak at PubCon, which is known worldwide as the leading online marketing conference in the world. Holmes will take part in a panel entitled ‘Trends in Trademark and IP’ which will take place on Wednesday, October 7, 11:35a – 12:35p at the Las Vegas Convention Center. Here, he will share the stage with seasoned attorneys and other online professionals. Rob will share many insider tips and tricks he observes from his various cases.  On Tuesday, October 6, from 11am to noon, Rob will be meeting with attendees for exclusive one-on-one lab sessions. Here he will be sharing his insights on where the Black Hat Meets the Black market.  It should be noted that Rob Holmes will be the only licensed private investigator slated to speak at PubCon. His most recent major cases include a victory in Federal Court against a major online marketplace on behalf of a conglomerate of luxury brands.

In addition to Rob Holmes, other speakers at this conference include Guy Kawasaki, Rand Fishkin and Google executives Gary Illyes, John Brown and Richard Zippel.

If you’d like to book an appointment with Rob, send an email to rob@ipcybercrime.com.

About Pubcon

Pubcon, the premier social media and optimization conference and expo, will hold its multi-track Las Vegas event on October 5 – 8, 2015 at the Las Vegas Convention Center South Halls in the sunny entertainment capital of the world. Pubcon, the premier social media and optimization conference, is supported by the industry’s leading businesses, speakers, exhibitors, and sponsors involved in social media, Internet marketing, search engines, and digital advertising, and offers an in-depth look at the future of technology presented by the world’s top speakers in provocative cutting-edge sessions. Pubcon named a Forbes must-attend conference and an Inc. top conference for growing your business — is one of the biggest and boldest international gatherings of optimization and new media innovators ever assembled. Since 2000, Pubcon has been bringing the very best in online marketing and SEO to countless attendees from over 130 different countries.

Knockoff Report™ #571: Cosmetics, Donuts, Poker Chips

Counterfeit Cosmetics How Luxury Replicas Can Make Their Way Into Your Makeup Bag - IPCybercrimeCounterfeit Cosmetics: How Luxury Replicas Can Make Their Way Into Your Makeup Bag (feat. Rob Holmes)

Will Microsoft Block Windows 10 Users From Playing Counterfeit Games?

Do Venture Capitalists Care About Intellectual Property?

One Man’s Quest To Combat Counterfeit Drugs — With A Suitcase

Beware: Counterfeit Tourniquets Could Cost Lives

Meet Tim Mortons, South Korea’s Tim Hortons Knockoff

Canadian Company Charged in the U.S. With Selling Unapproved, Counterfeit Drugs

NC Man Admits Bringing Counterfeit Chips to Poker Tournament

Speck Sues Counterfeit iPhone Case Maker For Millions

The Chinese Made a Counterfeit Nerf Stryfe!

The Haystack Principle of Counterintelligence

Hay PileAnyone who knows me or follows me online knows that I’m a pretty open person. I share almost everything I’m up to.  Anyone I know (or any stranger for that matter) can experience with me my lunch, thoughts on a number of odd topics, and even what I’m doing with my dog, Chauncey. In fact, right now you can click any link on the right of this page and learn a plethora of details about my exploits, both past and present.  You may say that this is bad for someone in the investigative profession. You are not alone. Overwhelmingly, security professionals of a certain level preach this concept as gospel. I’m here to tell you that, in the 21st century, “security by obscurity” is the most ludicrous method of keeping secrets.

My father was a private investigator unlike myself.  For the most part, I investigate white collar businessmen.  He took organized crime head on in the tri-state area of New Jersey, Pennsylvania and New York.  When I was an adult, he shared some of those stories with me, including one of a story of a mob enforcer parked in front of our house while we were leaving for school.  His account of how he made the man leave is a story for another day.  It’s worthy of its own post.  My point is that I’ve lived cautiously my entire life more than most.

If we guard our toothbrushes and diamonds with equal zeal, we will lose fewer toothbrushes and more diamonds.” ~ McGeorge Bundy, US National Security Advisor under John F. Kennedy.

I have always subscribed to this concept, even before I was aware of Bundy’s statement.  Before the age of Web 2.0, this was not a major issue for most of us.  We now live in a time when anyone with a computer and a credit card can compile a dossier on anyone as thick as a telephone book in a matter of hours.  Some say that, in twenty years, there will be no more secrets.  If organizations like Wikileaks and Anonymous have their way, it may be the scenario.

Over the years, I have developed what I call ‘The Haystack Principle of Counterintelligence’.  This is how it works in four easy points:

  • Decide what your needles are.  These are the very few things that you truly don’t want anyone to know.
  • Understand that hiding everything is unrealistic and get comfortable with sharing things that are not true secrets (hay).
  • Build your haystack.  Create social media profiles and share details about yourself publicly to your level of comfort.  The more you share, the larger the haystack.  The larger the haystack, the smaller the needles.
  • Keep your needles to yourself.

Now I’m going to finish my coffee.

The Dark Web Ain’t As Dark As You Think

Businessman searching virus in a laptopI have recently been asked several times by clients and colleagues about the dark web.  When I began writing this article I was still debating whether I should use capitals when addressing the dark web.  After a few thoughts, I decided that it does not warrant its own title.  The dark web is as much a proper place as a dark alley.  Before I discuss my reasoning here, I should give you all a quick synopsis of what the dark web actually is, and it isn’t what you may think.  The Internet, as we know it, is a network of millions of servers that connect to one another and, as a result, catalog one anothers’ contents.  This enables search engines like Google and Bing to index the information for free and resell it to their consumers for a profit, financed by advertisers.

The dark web, however, is a network of tens of thousands of servers that connect using a service called TOR.  TOR (or The Onion Router) is partially funded by the United Stated Department of Defense and guided by the Electronic Frontier Foundation.  Neither of these organizations have an inkling of how this network will make a profit.  Websites that reside in the dark web use a TLD (top level domain) different than most.  Here is the secret that the low-level professionals wish not for you to know.  The only difference between a regular website and a dark website is the TLD (or top level domain).  The Electronic Frontier Foundation created a specifically anonymous TLD at .onion.  After explaining you this simple issue, many of you may have already figured out the next step.  But here goes:

The only way for anyone to access a .onion website is to be logged in using the Electronic Frontier Foundation’s TOR browser.  Once you know the URL of a dark web website, you can access it by typing it into your browser after already being logged into the TOR network.  Look, your teacher here is a Freemason.  So I already understand the concept of a secret handshake.  It’s even possible that some of you have had a tree house at some point.  Everything of secrecy requires a secret handshake.  This is literally all the dark web requires.  A secret handshake that’s available to anyone.

So the only secrets behind accessing the dark web are two.  One is knowing the protocol mentioned above.  The second is knowing where to get around.  There is obviously no Google or Bing set up in the dark web at this juncture.  This is where the ability to develop an undercover identity is valuable.  No matter how dark the web, or how scary the neighborhood, you need to get to know the territory.  So don’t waste time.  Download TOR and start looking for .onion sites.

Now, I’m going to finish my coffee.

Stain on blog from Rob's coffee cup

Domain Valuation: There is No Kelley Blue Book

Domain Valuation: There is No Kelley Blue Book - IPCybercrimeWhen someone goes about buying a car, there is a valuation model to follow.  If a car is brand new, the value is set by the manufacturer, which allows for their margin plus a margin for the dealer.  Once a vehicle is driven off of the lot the depreciation begins.  That is, unless the vehicle’s value appreciates.  Take, for example, the greatest car ever constructed, the Shelby Mustang GT500 of the late 1060s and early 1970s.  When the 1971 model starred in the film classic Gone in 60 Seconds, it changed the world of movie car chases.  The 2000 Nicholas Cage remake of Gone in 60 Seconds used a 1967 model of the same vehicle, and revitalized the world’s fascination with “Eleanor” (the code name given to the sumptuous steel vixen).  That particular model was recently sold at auction for over one million dollars.  If you’re lucky, you’ll find a fix-er-upper for $100,000.  That’s a far cry from the original sticker price of $8,000 when it was sold right off of the assembly line.

This same story can be told about domain valuation.  There are websites out there giving ‘valuations’ of domain names but, as well-meaning as they may be, only take into account simple factors such as keyword popularity, selling price of similar names and very little else.  Domain valuation is never that simple.  When we first receive a request from a client to inquire about the purchase of a domain we first investigate the owner.  This allows us to take into account factors such as their initial intention, other uses, their tech savvy and even their financial bracket.  Typically there are two kinds of domain owners out there.  The first is the ‘domainer’, who valuates the domain using a cold formula then awaits a reasonable price and moves on to the next domain.  No emotion is tied to the deal.  It’s just a number.  Then there’s the individual who purchased it with a vision in mind, went to the trouble to register the same name on other social networks and sees the name’s potential in a way that only a parent can with its own child.  With the latter person, it doesn’t matter if the project is dead or alive; whether they are in need of funds or not.  To them, the name is priceless.

This does not mean there isn’t a number that could greenlight this sale.  It just means that the owner of the name values it in such a way that ‘they’ can’t put a price on it.  There is always a price.  It is our job to begin a negotiation that welcomes a dialogue.  This means to get to know the individual and build rapport.  It also means we need to come up with a starting price that does not turn them away.  If I offered you $500 for Eleanor, you’d likely not return my call and, even more likely burn me for future contact.  Our approach has shaved millions off of domain name selling prices.  This doesn’t mean we’ll be able to buy you a domain for a fraction of its potential price.  What we guarantee at IPCybercrime will provide honest, respectful treatment of both sides and the best possible outcome for you, the buyer.

Social Discovery is Changing Everything

Social MediaWhenever a legal incident that begins online comes to notice there is a very small window to manage the collection and preservation of the data. If you’ve ever watched the popular A&E documentary television series entitled “The First 48“, you have been exposed to the importance placed into the actions that take place within first couple of days after the discovery of the crime.  Just as in the physical world, a “CSI” team must be the first to step in to ‘freeze’ that moment in time for later analysis.  No one else involved should touch anything until it has been preserved by their trained evidence collection team. Popular culture has conditioned us to accept this process in the physical world. Over the last decade, we have been introduced to the concept of computer forensics where a computer or smartphone may contain important data and must be preserved. But what happens when that case begins online? Online cases far outnumber both physical crimes and also crimes that start with a device that is in your custody. In these cases, the collection of data must be handled with much more care and finesse.

This is where Social Discovery comes in. The most common methods of preserving a moment of time online are: 1) Taking a screenshot using software like TechSmith’s Snagit, 2) printing to PDF, or 3) downloading the entire website using an offline browsing tool such as HTTrack. All of these methods are good, but they do not present data in a forensic fashion that can be scrutinized later by an expert. A screenshot can be taken of a doctored web page. The same can be done with a PDF printout. Files can be manipulated in an offline browser after download. In all of these cases the case is relying only on the testimony and the credibility of the individual who collected the data. There is no benchmark with which to measure his/her accuracy by an outside expert.  Social Discovery, a very recent specialty introduced in the last couple of years, has made it possible for online acquisition of data to be held to the same standard as blood evidence and computer forensics. Let’s face it. More crimes are taking place in the cloud than known locations. This requires a tried process that has been tested in court. Social Discovery is a process that ensures all data is not only collected properly, but preserved with the proper forensic properties including a hash value that can be compared to the original. This will be the difference whether or not your online evidence stands the scrutiny of the opposing counsel’s expert.

At IPCybercrime, all of the common techniques are included in every service we provide. We also recommend that you request our additional Social Discovery service. For an additional fee, we can deliberately collect every tweet, Facebook post, Youtube video, or anything else that can be published online. Social Discovery also includes forensic collection of web-based emails such as GMail, Hotmail and Yahoo! (if credentials are provided by deponent).  Whatever you do, make sure you have your bases covered. Social Discovery is the way to go.

Silicon Beach Vital to Future of IP on the Web, IPCybercrime Re-Opens CA Office

Santa MonicaNext month, world renowned intellectual property investigations and cyber consulting firm IPCybercrime will be opening a satellite office in Los Angeles’s Westside in order to address the needs of their intellectual property and technology clients.  This neighborhood, also known as the Silicon Beach, has long been home to digital entertainment firms and is now headquarters to more than 500 technology companies and content creators.

Long a staple in the fashion and luxury markets, IPCybercrime has seen a surge in technology clients in the last half decade; specifically, content creators.  “In 2013 we witnessed the dawn of the platinum age of television.  In 2014 quality online streaming video became a viable profit model”, says IPCybercrime’s founder & CEO Rob Holmes.  According to PwC, streaming home video revenue will exceed physical home video revenue by 2018.  “In 2015 we will be faced with a new gold rush of intellectual property theft.  For the first time in history online pirated content will be in direct competition alongside major legitimate sources of revenue,” Holmes predicts.

Originally forming his company in Los Angeles, Rob Holmes moved IPCybercrime’s headquarters to the burgeoning North Texas area a few years ago to be more central between coasts and to position the company for long-term growth.  For the last several years, Holmes has been a prominent fixture in the Texas technology, marketing and political communities, while making frequent trips to both coasts.  Since 2006, the operational side of IPCybercrime has been overseen by President & COO Jason Holmes, who will continue to run operations and employees at the IPCybercrime Headquarters in Texas.  Rob will be consulting on major IP projects and developing new business in California.  With qualified principal officers in both Texas and California, IPCybercrime aims to tackle the tough issues for brand owners with twice the force.  Both Rob Holmes and Jason Holmes have more than twenty years experience investigating intellectual property crimes each (forty years combined).

IPCybercrime’s focus will remain on enforcing the intellectual property rights online for fashion, entertainment and technology companies.

Fakes in Film: Orphan Black

Fakes-in-Film-Orphan-Black-300x300Anybody watch the Season 2 Premiere of this cool show?! Well, if you didn’t this post may be a bit of a spoiler, but not much.  For those of you who have not seen the show yet, here is a brief summary: Orphan Black is a Canadian science fiction television series starring Tatiana Maslany as several identical women who are revealed to be clones. The series focuses on Sarah Manning, a woman who assumes the identity of her clone, Elizabeth (Beth) Childs, after witnessing Beth’s suicide. The series raises issues about the moral and ethical implications of human cloning and its effect on issues of personal identity.

From an entertainment perspective my respect goes out to the lead actress, Tatiana Maslany, who plays multiple roles including a streetsmart grifter (Sarah), a manic suburban mom (Alison), a pot-smoking lesbian scientist (Cosima) and a feral Russian assassin (Helena) among others. For those of you who have not seen the show (yet), the main character is Sarah, who is partnered with Alison and Cosima, pooling their collective resources to figure out who made them and who is trying to kill them off.  Maslany’s award-worthy performances are often done playing opposite herself, whether in shootouts or comedic banter.  But the reason I’m writing about Orphan Black on Knockoff Report is the cloning issue. On the surface, cloning can be an interesting topic in the IP debate.

The thing that made me think hard about this wasn’t the epically cool first season.  It was this week’s Season 2 premiere that really brought out the IP geek in me.  The scientist, Cosima, is investigating the codes embedded in their DNA and cracks it. Turns out, embedded in her DNA, and the rest of her clone sisters is a patent notice. Her quote, “We’re property. They patented us.” was the topic of this episode which was entitled “Personal Property”. As interesting as this seems, this is still not why Rob Holmes, an anticounterfeiting expert and enthusiast, was drawn to write about this.  Here is the reason: I admit I do not know the outcome of the entire series and this is where speculation comes in. But, assuming one of the individuals is an original… are the patent owners actually counterfeiters? I say yes.  If I owned the patent for a duplication device, it would not give me rights over the items I copy.  Only rights overs the duplication process.  A patent is a grant of ownership over a specific process. Patents do not protect images, words or content.  This show is very good and I hope it goes on for many seasons.  If this is the case, we will not know some of those answers for years to come.  This means my actual argument may not even be valid until perhaps more seasons pass.  Is there an original?  Was the original created, or born?  But, as an IP geek, this is fun stuff and will keep us thinking for many years to come.

Now, I’m going to finish my coffee.