914
I am computer forensic expert Mark Lanterman. I was a member of the US Secret Service Electronic Crimes Task Force. I now conduct investigations ranging from theft of IP to crimes on the Dark Web - Ask me anything!
I am Chief Technology Officer at Computer Forensic Services in Minnetonka, MN. I have led thousands of investigations for law firms, Fortune 500 companies and governmental organizations. I have been recognized as an expert witness and am frequently asked to speak at national and international conferences. I am told that my tour of the Dark Web is a favorite among members of the Minnesota State Bar Association. I often serve as a court appointed computer forensics expert and received recognition from the Director of the U.S. Secret Service for my contributions to law enforcement.
marklanterman75 karma
- Did former employee steal data on his/her last day of work?
- Has our company been breached?
- Can you test our security?
In that order.
cat_with_giant_boobs39 karma
What kind do of crimes happen on the dark Web that most people wouldn't even know exist?
marklanterman83 karma
The Dark Web is like Deadwood, South Dakota circa. 1850. No rules, no sheriff. Buy/sell literally anything, including people. Human trafficking, fraudulent (real!) passports, hacking services, stolen credit cards and, yes, hitmen. I don't want to say crimes on the dark web are impossible to investigate, but....it's close.
marklanterman64 karma
I am not a big TV guy, but my son told me about Mr. Robot. It blew me away. It is, from a my view, the most technically accurate portrayal of (in)security I have seen. I love it when some of the tools we use are featured. Highly recommended.
marklanterman34 karma
Thank you all for spending your evening with me. I have enjoying our time together. Stay safe and have a good evening.
_Rowdy24 karma
What can we do as internet users, to protect our privacy from prying eyes (eg govt, hackers etc)?
What was the most interesting thing you found in your line of work?
What tools would you recommend starting with for a forensics beginner/enthusiast?
marklanterman39 karma
- ALWAYS use a VPN. I like one called IPVanish. Inexpensive and effective.
- Most interesting case was determining NBA player Daunte Cunningham was framed for assault by his live-in girlfriend. Sadly, it took 5 months before the prosecutor dropped the charges.
- I would start with any linux distribution or an apple computer. 90% of the tools a forensic enthusiast needs will be at your fingertips.
lasthobo22 karma
Serious question, do you trust Google (or should I say Alphabet)?
The amount of data they can collect on people and access they have due to their widespread of investments feels prickly to me.
I could be paranoid, but that could also be how they want me to feel!
marklanterman73 karma
Do I trust Google? Unfortunately, I am 1 of only 11 people who have actually read their Terms and Conditions. I do not trust any company that reads/indexes my data and then sells my online buying habits for a buck. Their free apps are great, but nothing is free- is it?
hmmpepsi22 karma
How many times would the average Joe have to wipe a file so that it becomes unrecoverable? Also what do you suggest as a freeware file shredder?
marklanterman45 karma
LAUGH. Data overwritten once is, for all real world purposes, destroyed. 3x, 5x, 10x is good advertising for the software companies. My favorite freeware is dd, available in almost all Linux distributions.
marklanterman0 karma
Tough one. Ultimately, I believe he is a traitor. However, what he has shown us scares me.
Awesome-o_O18 karma
Did you have a role in taking down the original Silk Road? Any details you are allowed to share would be amazing. I'm fascinated!
marklanterman11 karma
I had no role in that investigation. Law enforcement did an outstanding job. Crimes on the dark web and TOR are very difficult to solve.
gerbilsbite17 karma
Can you tell us your views of the security of our voting technology from external attack?
marklanterman31 karma
Depends on the definition of external attack. I am most concerned with the USB port on the side, right next to the reset button. And behind the curtain who knows what's going on.
marklanterman44 karma
Your ISP would not know what you are viewing. However, TOR traffic is easily recognizable. In short, they know you're using TOR but they don't know what for.
CaptnSave-A-Ho14 karma
How did you get into this line of work, and what kind of education does one need for this line of work?
marklanterman31 karma
I have a BS and MS in computer science. Upon graduation I was "computered out." I volunteered my time to the local police department to assist with a publicized hacking case. They offered me a job doing what I love to do. I think of forensics as digital chess. I love the work because it gives fact finders evidence free of bias. The files are what they are.
goltrpoat12 karma
I'm a techie in a whole different field, so I don't have any clever questions. Here's the usual set:
Any weird/funny stories?
What's your typical day like?
Favorite pizza toppings?
marklanterman25 karma
I thought you said you didn't have any clever questions! Not so much funny as surprising, 10-15% of our law enforcement projects proves the suspect was innocent. I expected a much lower percentage. My typical day is spending time with people educating them so they can take control of their own security. I love jalapeƱo and banana peppers. Can't eat pizza without them. Unfortunately, they give me the hiccoughs.
DocBanana11 karma
Does using incognito mode do anything to protect the privacy of the user?
marklanterman27 karma
Yes and no. Incognito mode will prevent the typical prying eye from looking over your digital shoulder. However, it is often possible to recover browsing artifacts that allow an investigator to piece together your usage. In short, Incognito is good for everyday average use but it's not as effective as most of us think.
marklanterman25 karma
The certifications that get my attention are issued by sans.org. When making hiring decisions, and all other things being equal, the applicant with a sans cert will get the job with us every time. I have never been a huge fan of certificates issued by security and forensic software vendors. We know who they are....
marklanterman8 karma
Good question. A browser history report can reveal quite a lot about a user, including your Google search terms, dates/times of web page visits and often non-Internet file access. A browser history is important to compile in almost every case.
coal810 karma
Any free programs or courses you would recommended for people that are curious and want to see if they would be interested in this type of career?
marklanterman8 karma
No free programs come to mind, but there are a lot of resources online. I like the Forensics Exposed and Hacking Exposed series of books as well.
MsNewKicks9 karma
AB 1681 proposes essentially a way for manufacturers to disable/decrypt user phones. Are encrypted cell phones & computers (Apple's FileVault, for example) tough enough to crack that government agencies and law enforcement can't unlock?
What is your opinion on the proposed law?
marklanterman28 karma
Thank you. I see both sides. However, a back door for law enforcement is also a back door for hackers. I would err on the side of security. I have also heard interviews with the Director of the FBI claiming Apple encryption is so strong it is interfering with their investigations. Apple encryption is not as strong as he represents.
Qorhtomh9 karma
Forensically speaking, how useful is the unix "shred" command in wiping storage devices that we would like to give away or donate?
marklanterman47 karma
It's good. However, I prefer dd if=/dev/zero of=/dev/hda or some variation of that. Write zeros to the drive. THEN run a grep (find) for any non-zero character. No hits=verified wipe.
TheBeardedPilot9 karma
Okay computer guy....why isn't windows able to configure my updates?!?! Stuck at 12%!!! Wait.....is that why you're on here? Lol
marklanterman29 karma
Excellent question. I may take heat for this, but your mistake is that you are using Windows. We switched to a combo of Linux and Apple and haven't looked back. If you are stuck with Windows, I hear rebooting helps! Sometimes!
marxistimpulsebuyer7 karma
Was Truecrypt safe? I was told it was unsafe by someone but he couldn't point me to any practical exploit. Was there any real case you know about where Tryecrypt encryption was broken into?
marklanterman15 karma
The Truecrypt saga is a mystery. A thorough source code audit revealed no back door and no known exploit. Out of the blue, the authors told user to abandon it. Perhaps they were pressured by a higher power. I loved it and would still use it had this not happened.
marklanterman13 karma
SAML. I have never been comfortable granting a third party application permission to authenticate. Call me crazy. Thanks for the techie question.
akuthia6 karma
Hey Mark I appreciate the sentiment that Windows is bad and we should all move to something else and I REALLY want to move to Linux but...
Im a gamer and the support still isn't there primarily because for directx... I tried dual booting for a while but found the Linux partition just sat there as I was going into Windows mostly to game and anything else was easier to do since I was already in windows.
So I'm not sure what the actual question here is other than "any advice" to get out of windows grasp,without forgoing one of my biggest hobbies?
marklanterman7 karma
Gotcha. I am very fond of VMware. I have multiple pristine machines covering most operating systems, including Windows. When the OS blows up, I just restore. Otherwise, try setting up a Windows environment on an external SSD just for gaming. I also recommend using VPNs while on the Internet.
ReginaldLADOO6 karma
Which Presidential candidate in your opinion is best on cyber security issues and keeping government out of citizens private internet activity?
Not looking for an endorsement. Just on these particular issues that you are involved in, which candidate do you think is the most informed and will best protect the American people from the governments prying eyes?
Also what do you think of the CIA director John Brennan's AOL email account being hacked? Why would a CIA director even have such an email, even if it was just for personal use?
marklanterman27 karma
Hillary Clinton has proven that she can keep data away from the government's prying eyes, hasn't she? GEEZ. Seriously, I don't think any of the candidates have shown any understanding or knowledge of cyber security. It is shameful that the head of our primary foreign intelligence agency can't protect his own AOL(!?!?) account.
I think most of them don't "get it" and don't care to. I really hope I'm wrong.
marklanterman10 karma
Click fraud is rarely investigated. Resources just aren't there. However, it's important to warn others of the risks. Education is the only path to security. Not easy for a copy to drive a squad car to Russia to make an arrest! Nor is will there be cooperation from their government.
web_maker5 karma
Thanks for taking the time to speak with us, yours is a fascinating field. What's the biggest cyber threat to common users in today's world and what measures can they take to safeguard against it?
marklanterman13 karma
Thank you. I am very fortunate to have found a career that I can't wait to get out of bed in the morning. I think the bigger cyber threat to us is us. We give our SSN to anyone who asks. We post our lives online and wonder how the stalker found us. Our children live in their phones instead of playing in the backyard. We need to think outside the "box." Literally.
marklanterman21 karma
That's happened to me three times! Seriously, there is a black market for everything. I was interviewed yesterday by KARE11 about a rash of cheese thefts in Wisconsin. I had no idea there'd be a black market for CHEESE, and yet there is. Who knew?
FailureToExecute4 karma
Do you believe that the version of CISA added to the omnibus bill that was signed into law about a month ago has any serious implications for the average user? If so, why?
marklanterman7 karma
Time will tell. I am concerned that it could be abused. I hope I'm wrong.
marklanterman14 karma
80% smooth talker, 20% tech genius. His is an interesting story. However, I prefer Cliff Stoll and the Cuckoo's Egg. Read the book. Fascinating old school hacking.
waiting_for_rain4 karma
What did you do to GitHub? :p
What did you go to school for? How did you get into law enforcement?
What kind of music do you like?
marklanterman7 karma
I deny any involvement with GitHub! Laughing. I went to school for computer science. My local bank was hacked, so I volunteered to assist my local PD. Turned into a 26 year adventure.
I have been into Mumford and Sons lately. I also celebrate Disco breakfast every Sunday morning.
DeviousNes4 karma
Are many IP thefts ever prosecuted? I guess I figured most of that was from foreign interests, is that not the case?
marklanterman6 karma
Most IP theft cases I have worked on are resolved in litigation. A smaller percentage are criminally charged. Most foreign IP theft cases go unpunished.
Ap0R14 karma
How much snuff/child snuff is on the darkweb, is any of this stuff related to satanism/cults and what is the consumer demographic?
marklanterman9 karma
Unfortunately, the dark web overflows with crimes against children. I have not had a case involving child "snuff" evidence, thank God. I can't comment to satanism/cults, but I think the consumer demographic is monsters and lost souls.
marklanterman12 karma
I can already see everything you have googled.
Security is a balancing act with convenience. When we gain one, we lose the other. Lose Facebook. Lose your Google account, meaning don't log in to google. Yes, use a VPN. Always.
Dysl3xicDog3 karma
Are you hiring? I would love to work in that field. (18 years in all things IT)
marklanterman7 karma
Always looking for good people. Submit letters of interest to [email protected]
Warning: coworkers are merciless!! LOL.
marklanterman10 karma
Read everything you can on the topic, including Krebs on Security. Learn command line Linux as a second language. Most importantly, educate your co-workers. Eventually you'll be the "security" guy and not just the IT guy. Be excellent at what you do and others will notice.
chipskipbud3 karma
Which country's citizens are responsible for most of the intellectual property theft in the US?
marklanterman12 karma
I believe most US IP theft is committed by US citizens. Typically, the sales guy moving to a new company who takes the customer database with him. If you meant to ask which foreign country's citizens, the answer is China. The culture toward IP is much different there than in the US.
pestroytheblackstone3 karma
What is your opinion and recommendation for law regarding private use of encryption? For context, the federal government is in deliberations regarding this very issue. On one side, law enforcement claims they cannot gain access to evidence even with a warrant. On the other side, possible access by those other than the intended party presents vulnerabilities.
marklanterman20 karma
I am pro encryption on this. We work with 38 police departments in Minnesota, so I understand law enforcement's frustrations. However, a back door for them is a back door for Johnny Hacker.
WarDredge2 karma
Do government agencies use standardized opensource soft/hardware like nmap, aircrack or MITM tools like cain&able or exploit infrastructures like metasploit?
Or do they just rip the source, edit some things and rebrand it into their own cocktail of tools?
Also, what do you think of the white/grey/blackhat community?
marklanterman5 karma
Government agencies tend to use whatever they can get their hands on. Some prefer commercial tools like EnCase or FTK. Others are old school and prefer compiling their own code. I have also seen some organizations rip, edit, rebrand and take credit as their own. It takes all kinds in both the private and public sectors.
NoLifeSkeleton1 karma
Hi! I'm a beginner web developer (mostly front end). I would like to know is there anything you look for towards security for online stores or in general from websites? Also do you have any advice or sites you would recommend for a web developer and where I could get hired for front end work?
marklanterman2 karma
There is no such thing as perfect security. Therefore, organizations need to focus security efforts on data that really matters. Typically, that would our databases and web apps. Focus your studies on security these two critical assets and you'll be employed for a very long time.
jrzk1 karma
What command line/shell environment do you primarily use?
Do you enjoy or use any other programming languages such as C or Lisp?
What do you think of Kali Linux?
marklanterman1 karma
Apple's Terminal. I have always enjoyed C, but I have learned to love Python. Kali rocks!
glitterclaw42 karma
Could you generalise the top reasons you are asked to investigate?
View HistoryShare Link