I am computer forensic expert Mark Lanterman. I was a member of the US Secret Service Electronic Crimes Task Force. I now conduct investigations ranging from theft of IP to crimes on the Dark Web - Ask me anything!

Could you generalise the top reasons you are asked to investigate?

1. Did former employee steal data on his/her last day of work?
2. Has our company been breached?
3. Can you test our security?

In that order.

What kind do of crimes happen on the dark Web that most people wouldn't even know exist?

The Dark Web is like Deadwood, South Dakota circa. 1850. No rules, no sheriff. Buy/sell literally anything, including people. Human trafficking, fraudulent (real!) passports, hacking services, stolen credit cards and, yes, hitmen. I don't want to say crimes on the dark web are impossible to investigate, but....it's close.

Have you seen Mr. Robot and if so what are your thoughts on it?

I am not a big TV guy, but my son told me about Mr. Robot. It blew me away. It is, from a my view, the most technically accurate portrayal of (in)security I have seen. I love it when some of the tools we use are featured. Highly recommended.

Thank you all for spending your evening with me. I have enjoying our time together. Stay safe and have a good evening.

1. What can we do as internet users, to protect our privacy from prying eyes (eg govt, hackers etc)?

2. What was the most interesting thing you found in your line of work?

3. What tools would you recommend starting with for a forensics beginner/enthusiast?

1. ALWAYS use a VPN. I like one called IPVanish. Inexpensive and effective.
2. Most interesting case was determining NBA player Daunte Cunningham was framed for assault by his live-in girlfriend. Sadly, it took 5 months before the prosecutor dropped the charges.
3. I would start with any linux distribution or an apple computer. 90% of the tools a forensic enthusiast needs will be at your fingertips.

Serious question, do you trust Google (or should I say Alphabet)?

The amount of data they can collect on people and access they have due to their widespread of investments feels prickly to me.

I could be paranoid, but that could also be how they want me to feel!

Do I trust Google? Unfortunately, I am 1 of only 11 people who have actually read their Terms and Conditions. I do not trust any company that reads/indexes my data and then sells my online buying habits for a buck. Their free apps are great, but nothing is free- is it?

How many times would the average Joe have to wipe a file so that it becomes unrecoverable? Also what do you suggest as a freeware file shredder?

LAUGH. Data overwritten once is, for all real world purposes, destroyed. 3x, 5x, 10x is good advertising for the software companies. My favorite freeware is dd, available in almost all Linux distributions.

Snowden. Hero or traitor?

Tough one. Ultimately, I believe he is a traitor. However, what he has shown us scares me.

Did you have a role in taking down the original Silk Road? Any details you are allowed to share would be amazing. I'm fascinated!

I had no role in that investigation. Law enforcement did an outstanding job. Crimes on the dark web and TOR are very difficult to solve.

Can you tell us your views of the security of our voting technology from external attack?

Depends on the definition of external attack. I am most concerned with the USB port on the side, right next to the reset button. And behind the curtain who knows what's going on.

One more question...Cicada 3301...Any thoughts? Speculation?

I love it. I wish I was smart enough to solve it.

If I had to guess, it's a recruitment tool.

If I use TOR, would my ISP know what i'm viewing as well?

Your ISP would not know what you are viewing. However, TOR traffic is easily recognizable. In short, they know you're using TOR but they don't know what for.

How did you get into this line of work, and what kind of education does one need for this line of work?

I have a BS and MS in computer science. Upon graduation I was "computered out." I volunteered my time to the local police department to assist with a publicized hacking case. They offered me a job doing what I love to do. I think of forensics as digital chess. I love the work because it gives fact finders evidence free of bias. The files are what they are.

I'm a techie in a whole different field, so I don't have any clever questions. Here's the usual set:

Any weird/funny stories?

What's your typical day like?

Favorite pizza toppings?

I thought you said you didn't have any clever questions! Not so much funny as surprising, 10-15% of our law enforcement projects proves the suspect was innocent. I expected a much lower percentage. My typical day is spending time with people educating them so they can take control of their own security. I love jalapeño and banana peppers. Can't eat pizza without them. Unfortunately, they give me the hiccoughs.

Does using incognito mode do anything to protect the privacy of the user?

Yes and no. Incognito mode will prevent the typical prying eye from looking over your digital shoulder. However, it is often possible to recover browsing artifacts that allow an investigator to piece together your usage. In short, Incognito is good for everyday average use but it's not as effective as most of us think.

What security certification holds the most weight in your book?

The certifications that get my attention are issued by sans.org. When making hiring decisions, and all other things being equal, the applicant with a sans cert will get the job with us every time. I have never been a huge fan of certificates issued by security and forensic software vendors. We know who they are....

What does my browser history tell you about me?

Good question. A browser history report can reveal quite a lot about a user, including your Google search terms, dates/times of web page visits and often non-Internet file access. A browser history is important to compile in almost every case.

Any free programs or courses you would recommended for people that are curious and want to see if they would be interested in this type of career?

No free programs come to mind, but there are a lot of resources online. I like the Forensics Exposed and Hacking Exposed series of books as well.

Forensically speaking, how useful is the unix "shred" command in wiping storage devices that we would like to give away or donate?

It's good. However, I prefer dd if=/dev/zero of=/dev/hda or some variation of that. Write zeros to the drive. THEN run a grep (find) for any non-zero character. No hits=verified wipe.

Okay computer guy....why isn't windows able to configure my updates?!?! Stuck at 12%!!! Wait.....is that why you're on here? Lol

Excellent question. I may take heat for this, but your mistake is that you are using Windows. We switched to a combo of Linux and Apple and haven't looked back. If you are stuck with Windows, I hear rebooting helps! Sometimes!

AB 1681 proposes essentially a way for manufacturers to disable/decrypt user phones. Are encrypted cell phones & computers (Apple's FileVault, for example) tough enough to crack that government agencies and law enforcement can't unlock?

What is your opinion on the proposed law?

Thank you. I see both sides. However, a back door for law enforcement is also a back door for hackers. I would err on the side of security. I have also heard interviews with the Director of the FBI claiming Apple encryption is so strong it is interfering with their investigations. Apple encryption is not as strong as he represents.

Here's my qualifying question: SAML or OAuth? Which do you prefer and why?

SAML. I have never been comfortable granting a third party application permission to authenticate. Call me crazy. Thanks for the techie question.

Was Truecrypt safe? I was told it was unsafe by someone but he couldn't point me to any practical exploit. Was there any real case you know about where Tryecrypt encryption was broken into?

The Truecrypt saga is a mystery. A thorough source code audit revealed no back door and no known exploit. Out of the blue, the authors told user to abandon it. Perhaps they were pressured by a higher power. I loved it and would still use it had this not happened.

Which Presidential candidate in your opinion is best on cyber security issues and keeping government out of citizens private internet activity?

Not looking for an endorsement. Just on these particular issues that you are involved in, which candidate do you think is the most informed and will best protect the American people from the governments prying eyes?

Also what do you think of the CIA director John Brennan's AOL email account being hacked? Why would a CIA director even have such an email, even if it was just for personal use?

Hillary Clinton has proven that she can keep data away from the government's prying eyes, hasn't she? GEEZ. Seriously, I don't think any of the candidates have shown any understanding or knowledge of cyber security. It is shameful that the head of our primary foreign intelligence agency can't protect his own AOL(!?!?) account.

I think most of them don't "get it" and don't care to. I really hope I'm wrong.

Hey Mark I appreciate the sentiment that Windows is bad and we should all move to something else and I REALLY want to move to Linux but...

Im a gamer and the support still isn't there primarily because for directx... I tried dual booting for a while but found the Linux partition just sat there as I was going into Windows mostly to game and anything else was easier to do since I was already in windows.

So I'm not sure what the actual question here is other than "any advice" to get out of windows grasp,without forgoing one of my biggest hobbies?

Gotcha. I am very fond of VMware. I have multiple pristine machines covering most operating systems, including Windows. When the OS blows up, I just restore. Otherwise, try setting up a Windows environment on an external SSD just for gaming. I also recommend using VPNs while on the Internet.

do people actually wake up missing their kidneys in a bath tub?

That's happened to me three times! Seriously, there is a black market for everything. I was interviewed yesterday by KARE11 about a rash of cheese thefts in Wisconsin. I had no idea there'd be a black market for CHEESE, and yet there is. Who knew?

Thanks for taking the time to speak with us, yours is a fascinating field. What's the biggest cyber threat to common users in today's world and what measures can they take to safeguard against it?

Thank you. I am very fortunate to have found a career that I can't wait to get out of bed in the morning. I think the bigger cyber threat to us is us. We give our SSN to anyone who asks. We post our lives online and wonder how the stalker found us. Our children live in their phones instead of playing in the backyard. We need to think outside the "box." Literally.

[deleted]

Click fraud is rarely investigated. Resources just aren't there. However, it's important to warn others of the risks. Education is the only path to security. Not easy for a copy to drive a squad car to Russia to make an arrest! Nor is will there be cooperation from their government.

How much snuff/child snuff is on the darkweb, is any of this stuff related to satanism/cults and what is the consumer demographic?

Unfortunately, the dark web overflows with crimes against children. I have not had a case involving child "snuff" evidence, thank God. I can't comment to satanism/cults, but I think the consumer demographic is monsters and lost souls.

Are many IP thefts ever prosecuted? I guess I figured most of that was from foreign interests, is that not the case?

Most IP theft cases I have worked on are resolved in litigation. A smaller percentage are criminally charged. Most foreign IP theft cases go unpunished.

Do you believe that the version of CISA added to the omnibus bill that was signed into law about a month ago has any serious implications for the average user? If so, why?

Time will tell. I am concerned that it could be abused. I hope I'm wrong.

What did you do to GitHub? :p

What did you go to school for? How did you get into law enforcement?

What kind of music do you like?

I deny any involvement with GitHub! Laughing. I went to school for computer science. My local bank was hacked, so I volunteered to assist my local PD. Turned into a 26 year adventure.

I have been into Mumford and Sons lately. I also celebrate Disco breakfast every Sunday morning.

What are your thoughts on Kevin Mitnick?

80% smooth talker, 20% tech genius. His is an interesting story. However, I prefer Cliff Stoll and the Cuckoo's Egg. Read the book. Fascinating old school hacking.

Which country's citizens are responsible for most of the intellectual property theft in the US?

I believe most US IP theft is committed by US citizens. Typically, the sales guy moving to a new company who takes the customer database with him. If you meant to ask which foreign country's citizens, the answer is China. The culture toward IP is much different there than in the US.

Are you hiring? I would love to work in that field. (18 years in all things IT)

Always looking for good people. Submit letters of interest to [email protected]

Warning: coworkers are merciless!! LOL.

[deleted]

Read everything you can on the topic, including Krebs on Security. Learn command line Linux as a second language. Most importantly, educate your co-workers. Eventually you'll be the "security" guy and not just the IT guy. Be excellent at what you do and others will notice.

What is your opinion and recommendation for law regarding private use of encryption? For context, the federal government is in deliberations regarding this very issue. On one side, law enforcement claims they cannot gain access to evidence even with a warrant. On the other side, possible access by those other than the intended party presents vulnerabilities.

I am pro encryption on this. We work with 38 police departments in Minnesota, so I understand law enforcement's frustrations. However, a back door for them is a back door for Johnny Hacker.

[deleted]

I can already see everything you have googled.

Security is a balancing act with convenience. When we gain one, we lose the other. Lose Facebook. Lose your Google account, meaning don't log in to google. Yes, use a VPN. Always.

Do government agencies use standardized opensource soft/hardware like nmap, aircrack or MITM tools like cain&able or exploit infrastructures like metasploit?

Or do they just rip the source, edit some things and rebrand it into their own cocktail of tools?

Also, what do you think of the white/grey/blackhat community?

Government agencies tend to use whatever they can get their hands on. Some prefer commercial tools like EnCase or FTK. Others are old school and prefer compiling their own code. I have also seen some organizations rip, edit, rebrand and take credit as their own. It takes all kinds in both the private and public sectors.

1. What command line/shell environment do you primarily use?

2. Do you enjoy or use any other programming languages such as C or Lisp?

3. What do you think of Kali Linux?

Apple's Terminal. I have always enjoyed C, but I have learned to love Python. Kali rocks!

Hi! I'm a beginner web developer (mostly front end). I would like to know is there anything you look for towards security for online stores or in general from websites? Also do you have any advice or sites you would recommend for a web developer and where I could get hired for front end work?

There is no such thing as perfect security. Therefore, organizations need to focus security efforts on data that really matters. Typically, that would our databases and web apps. Focus your studies on security these two critical assets and you'll be employed for a very long time.