I am Chief Technology Officer at Computer Forensic Services in Minnetonka, MN. I have led thousands of investigations for law firms, Fortune 500 companies and governmental organizations. I have been recognized as an expert witness and am frequently asked to speak at national and international conferences. I am told that my tour of the Dark Web is a favorite among members of the Minnesota State Bar Association. I often serve as a court appointed computer forensics expert and received recognition from the Director of the U.S. Secret Service for my contributions to law enforcement.

My Proof: http://www.mnbar.org/members/committees-sections/msba-sections/probate-and-trust-law-section/publications/2016/01/07/mark-lanterman-hosts-reddit-ama#.VqaR3fkrJ48

Comments: 435 • Responses: 43  • Date: 

glitterclaw42 karma

Could you generalise the top reasons you are asked to investigate?

marklanterman75 karma

  1. Did former employee steal data on his/her last day of work?
  2. Has our company been breached?
  3. Can you test our security?

In that order.

cat_with_giant_boobs39 karma

What kind do of crimes happen on the dark Web that most people wouldn't even know exist?

marklanterman83 karma

The Dark Web is like Deadwood, South Dakota circa. 1850. No rules, no sheriff. Buy/sell literally anything, including people. Human trafficking, fraudulent (real!) passports, hacking services, stolen credit cards and, yes, hitmen. I don't want to say crimes on the dark web are impossible to investigate, but....it's close.

mantictoboggan39 karma

Have you seen Mr. Robot and if so what are your thoughts on it?

marklanterman64 karma

I am not a big TV guy, but my son told me about Mr. Robot. It blew me away. It is, from a my view, the most technically accurate portrayal of (in)security I have seen. I love it when some of the tools we use are featured. Highly recommended.

marklanterman34 karma

Thank you all for spending your evening with me. I have enjoying our time together. Stay safe and have a good evening.

_Rowdy24 karma

  1. What can we do as internet users, to protect our privacy from prying eyes (eg govt, hackers etc)?

  2. What was the most interesting thing you found in your line of work?

  3. What tools would you recommend starting with for a forensics beginner/enthusiast?

marklanterman39 karma

  1. ALWAYS use a VPN. I like one called IPVanish. Inexpensive and effective.
  2. Most interesting case was determining NBA player Daunte Cunningham was framed for assault by his live-in girlfriend. Sadly, it took 5 months before the prosecutor dropped the charges.
  3. I would start with any linux distribution or an apple computer. 90% of the tools a forensic enthusiast needs will be at your fingertips.

lasthobo22 karma

Serious question, do you trust Google (or should I say Alphabet)?

The amount of data they can collect on people and access they have due to their widespread of investments feels prickly to me.

I could be paranoid, but that could also be how they want me to feel!

marklanterman73 karma

Do I trust Google? Unfortunately, I am 1 of only 11 people who have actually read their Terms and Conditions. I do not trust any company that reads/indexes my data and then sells my online buying habits for a buck. Their free apps are great, but nothing is free- is it?

hmmpepsi22 karma

How many times would the average Joe have to wipe a file so that it becomes unrecoverable? Also what do you suggest as a freeware file shredder?

marklanterman45 karma

LAUGH. Data overwritten once is, for all real world purposes, destroyed. 3x, 5x, 10x is good advertising for the software companies. My favorite freeware is dd, available in almost all Linux distributions.

gravitas7321 karma

Snowden. Hero or traitor?

marklanterman0 karma

Tough one. Ultimately, I believe he is a traitor. However, what he has shown us scares me.

Awesome-o_O18 karma

Did you have a role in taking down the original Silk Road? Any details you are allowed to share would be amazing. I'm fascinated!

marklanterman11 karma

I had no role in that investigation. Law enforcement did an outstanding job. Crimes on the dark web and TOR are very difficult to solve.

gerbilsbite17 karma

Can you tell us your views of the security of our voting technology from external attack?

marklanterman31 karma

Depends on the definition of external attack. I am most concerned with the USB port on the side, right next to the reset button. And behind the curtain who knows what's going on.

ReginaldLADOO17 karma

One more question...Cicada 3301...Any thoughts? Speculation?

marklanterman13 karma

I love it. I wish I was smart enough to solve it.

marklanterman14 karma

If I had to guess, it's a recruitment tool.

thisisdjjjjjjjjjj15 karma

If I use TOR, would my ISP know what i'm viewing as well?

marklanterman44 karma

Your ISP would not know what you are viewing. However, TOR traffic is easily recognizable. In short, they know you're using TOR but they don't know what for.

CaptnSave-A-Ho14 karma

How did you get into this line of work, and what kind of education does one need for this line of work?

marklanterman31 karma

I have a BS and MS in computer science. Upon graduation I was "computered out." I volunteered my time to the local police department to assist with a publicized hacking case. They offered me a job doing what I love to do. I think of forensics as digital chess. I love the work because it gives fact finders evidence free of bias. The files are what they are.

goltrpoat12 karma

I'm a techie in a whole different field, so I don't have any clever questions. Here's the usual set:

Any weird/funny stories?

What's your typical day like?

Favorite pizza toppings?

marklanterman25 karma

I thought you said you didn't have any clever questions! Not so much funny as surprising, 10-15% of our law enforcement projects proves the suspect was innocent. I expected a much lower percentage. My typical day is spending time with people educating them so they can take control of their own security. I love jalapeƱo and banana peppers. Can't eat pizza without them. Unfortunately, they give me the hiccoughs.

DocBanana11 karma

Does using incognito mode do anything to protect the privacy of the user?

marklanterman27 karma

Yes and no. Incognito mode will prevent the typical prying eye from looking over your digital shoulder. However, it is often possible to recover browsing artifacts that allow an investigator to piece together your usage. In short, Incognito is good for everyday average use but it's not as effective as most of us think.

maroonmonday10 karma

What security certification holds the most weight in your book?

marklanterman25 karma

The certifications that get my attention are issued by sans.org. When making hiring decisions, and all other things being equal, the applicant with a sans cert will get the job with us every time. I have never been a huge fan of certificates issued by security and forensic software vendors. We know who they are....

Soghain10 karma

What does my browser history tell you about me?

marklanterman8 karma

Good question. A browser history report can reveal quite a lot about a user, including your Google search terms, dates/times of web page visits and often non-Internet file access. A browser history is important to compile in almost every case.

coal810 karma

Any free programs or courses you would recommended for people that are curious and want to see if they would be interested in this type of career?

marklanterman8 karma

No free programs come to mind, but there are a lot of resources online. I like the Forensics Exposed and Hacking Exposed series of books as well.

Qorhtomh9 karma

Forensically speaking, how useful is the unix "shred" command in wiping storage devices that we would like to give away or donate?

marklanterman47 karma

It's good. However, I prefer dd if=/dev/zero of=/dev/hda or some variation of that. Write zeros to the drive. THEN run a grep (find) for any non-zero character. No hits=verified wipe.

TheBeardedPilot9 karma

Okay computer guy....why isn't windows able to configure my updates?!?! Stuck at 12%!!! Wait.....is that why you're on here? Lol

marklanterman29 karma

Excellent question. I may take heat for this, but your mistake is that you are using Windows. We switched to a combo of Linux and Apple and haven't looked back. If you are stuck with Windows, I hear rebooting helps! Sometimes!

MsNewKicks9 karma

AB 1681 proposes essentially a way for manufacturers to disable/decrypt user phones. Are encrypted cell phones & computers (Apple's FileVault, for example) tough enough to crack that government agencies and law enforcement can't unlock?

What is your opinion on the proposed law?

marklanterman28 karma

Thank you. I see both sides. However, a back door for law enforcement is also a back door for hackers. I would err on the side of security. I have also heard interviews with the Director of the FBI claiming Apple encryption is so strong it is interfering with their investigations. Apple encryption is not as strong as he represents.

dswpro7 karma

Here's my qualifying question: SAML or OAuth? Which do you prefer and why?

marklanterman13 karma

SAML. I have never been comfortable granting a third party application permission to authenticate. Call me crazy. Thanks for the techie question.

marxistimpulsebuyer7 karma

Was Truecrypt safe? I was told it was unsafe by someone but he couldn't point me to any practical exploit. Was there any real case you know about where Tryecrypt encryption was broken into?

marklanterman15 karma

The Truecrypt saga is a mystery. A thorough source code audit revealed no back door and no known exploit. Out of the blue, the authors told user to abandon it. Perhaps they were pressured by a higher power. I loved it and would still use it had this not happened.

ReginaldLADOO6 karma

Which Presidential candidate in your opinion is best on cyber security issues and keeping government out of citizens private internet activity?

Not looking for an endorsement. Just on these particular issues that you are involved in, which candidate do you think is the most informed and will best protect the American people from the governments prying eyes?

Also what do you think of the CIA director John Brennan's AOL email account being hacked? Why would a CIA director even have such an email, even if it was just for personal use?

marklanterman27 karma

Hillary Clinton has proven that she can keep data away from the government's prying eyes, hasn't she? GEEZ. Seriously, I don't think any of the candidates have shown any understanding or knowledge of cyber security. It is shameful that the head of our primary foreign intelligence agency can't protect his own AOL(!?!?) account.

I think most of them don't "get it" and don't care to. I really hope I'm wrong.

akuthia6 karma

Hey Mark I appreciate the sentiment that Windows is bad and we should all move to something else and I REALLY want to move to Linux but...

Im a gamer and the support still isn't there primarily because for directx... I tried dual booting for a while but found the Linux partition just sat there as I was going into Windows mostly to game and anything else was easier to do since I was already in windows.

So I'm not sure what the actual question here is other than "any advice" to get out of windows grasp,without forgoing one of my biggest hobbies?

marklanterman7 karma

Gotcha. I am very fond of VMware. I have multiple pristine machines covering most operating systems, including Windows. When the OS blows up, I just restore. Otherwise, try setting up a Windows environment on an external SSD just for gaming. I also recommend using VPNs while on the Internet.

theonlypotatoman5 karma

do people actually wake up missing their kidneys in a bath tub?

marklanterman21 karma

That's happened to me three times! Seriously, there is a black market for everything. I was interviewed yesterday by KARE11 about a rash of cheese thefts in Wisconsin. I had no idea there'd be a black market for CHEESE, and yet there is. Who knew?

web_maker5 karma

Thanks for taking the time to speak with us, yours is a fascinating field. What's the biggest cyber threat to common users in today's world and what measures can they take to safeguard against it?

marklanterman13 karma

Thank you. I am very fortunate to have found a career that I can't wait to get out of bed in the morning. I think the bigger cyber threat to us is us. We give our SSN to anyone who asks. We post our lives online and wonder how the stalker found us. Our children live in their phones instead of playing in the backyard. We need to think outside the "box." Literally.

no_comment_acc15 karma


marklanterman10 karma

Click fraud is rarely investigated. Resources just aren't there. However, it's important to warn others of the risks. Education is the only path to security. Not easy for a copy to drive a squad car to Russia to make an arrest! Nor is will there be cooperation from their government.

Ap0R14 karma

How much snuff/child snuff is on the darkweb, is any of this stuff related to satanism/cults and what is the consumer demographic?

marklanterman9 karma

Unfortunately, the dark web overflows with crimes against children. I have not had a case involving child "snuff" evidence, thank God. I can't comment to satanism/cults, but I think the consumer demographic is monsters and lost souls.

DeviousNes4 karma

Are many IP thefts ever prosecuted? I guess I figured most of that was from foreign interests, is that not the case?

marklanterman6 karma

Most IP theft cases I have worked on are resolved in litigation. A smaller percentage are criminally charged. Most foreign IP theft cases go unpunished.

FailureToExecute4 karma

Do you believe that the version of CISA added to the omnibus bill that was signed into law about a month ago has any serious implications for the average user? If so, why?

marklanterman7 karma

Time will tell. I am concerned that it could be abused. I hope I'm wrong.

waiting_for_rain4 karma

What did you do to GitHub? :p

What did you go to school for? How did you get into law enforcement?

What kind of music do you like?

marklanterman7 karma

I deny any involvement with GitHub! Laughing. I went to school for computer science. My local bank was hacked, so I volunteered to assist my local PD. Turned into a 26 year adventure.

I have been into Mumford and Sons lately. I also celebrate Disco breakfast every Sunday morning.

Downundermonkey4 karma

What are your thoughts on Kevin Mitnick?

marklanterman14 karma

80% smooth talker, 20% tech genius. His is an interesting story. However, I prefer Cliff Stoll and the Cuckoo's Egg. Read the book. Fascinating old school hacking.

chipskipbud3 karma

Which country's citizens are responsible for most of the intellectual property theft in the US?

marklanterman12 karma

I believe most US IP theft is committed by US citizens. Typically, the sales guy moving to a new company who takes the customer database with him. If you meant to ask which foreign country's citizens, the answer is China. The culture toward IP is much different there than in the US.

Dysl3xicDog3 karma

Are you hiring? I would love to work in that field. (18 years in all things IT)

marklanterman7 karma

Always looking for good people. Submit letters of interest to [email protected]

Warning: coworkers are merciless!! LOL.

no_comment_acc13 karma


marklanterman10 karma

Read everything you can on the topic, including Krebs on Security. Learn command line Linux as a second language. Most importantly, educate your co-workers. Eventually you'll be the "security" guy and not just the IT guy. Be excellent at what you do and others will notice.

pestroytheblackstone3 karma

What is your opinion and recommendation for law regarding private use of encryption? For context, the federal government is in deliberations regarding this very issue. On one side, law enforcement claims they cannot gain access to evidence even with a warrant. On the other side, possible access by those other than the intended party presents vulnerabilities.

marklanterman20 karma

I am pro encryption on this. We work with 38 police departments in Minnesota, so I understand law enforcement's frustrations. However, a back door for them is a back door for Johnny Hacker.

no_comment_acc13 karma


marklanterman12 karma

I can already see everything you have googled.

Security is a balancing act with convenience. When we gain one, we lose the other. Lose Facebook. Lose your Google account, meaning don't log in to google. Yes, use a VPN. Always.

WarDredge2 karma

Do government agencies use standardized opensource soft/hardware like nmap, aircrack or MITM tools like cain&able or exploit infrastructures like metasploit?

Or do they just rip the source, edit some things and rebrand it into their own cocktail of tools?

Also, what do you think of the white/grey/blackhat community?

marklanterman5 karma

Government agencies tend to use whatever they can get their hands on. Some prefer commercial tools like EnCase or FTK. Others are old school and prefer compiling their own code. I have also seen some organizations rip, edit, rebrand and take credit as their own. It takes all kinds in both the private and public sectors.

jrzk1 karma

  1. What command line/shell environment do you primarily use?

  2. Do you enjoy or use any other programming languages such as C or Lisp?

  3. What do you think of Kali Linux?

marklanterman1 karma

Apple's Terminal. I have always enjoyed C, but I have learned to love Python. Kali rocks!

NoLifeSkeleton1 karma

Hi! I'm a beginner web developer (mostly front end). I would like to know is there anything you look for towards security for online stores or in general from websites? Also do you have any advice or sites you would recommend for a web developer and where I could get hired for front end work?

marklanterman2 karma

There is no such thing as perfect security. Therefore, organizations need to focus security efforts on data that really matters. Typically, that would our databases and web apps. Focus your studies on security these two critical assets and you'll be employed for a very long time.