Map and Travel Resources

Travel Boutique: Visit Spies Online's own travel boutique to find the best travel deals, luggage and more!

Flight Aware: The site allows you to view and track activity for any private (IFR) or commercial flight; you may also see scheduled, enroute, and recent flight activity for any airport.

MapQuest: This resource can do anything from provide you with a map and/or driving directions to helping you to locate hotels in a specific area. It's really a complete trip-planning resource.

Map Blast: Great maps and directions!

Maporama: Map any spot in the world!

MetroPlanet: This site is a gateway to subways, metros, undergrounds and other mass transit systems around the world.

Travelocity Map Center: Find a place with these incredibly detailed interactive maps/driving directions.

Universal Currency Converter: It has every known world currency!

Travelocity Custom Mini Travel Guides: Create a personalized travel guide to take with you on your trip -- hotels, restaurant reviews, currency rates, and more.

Travelocity Weather Center: Check the weather before you travel!

Hotel Reviews: Looking for the perfect accommodations? Let Frommer's experts find you hotels that meet your specific needs, courtesy of Travelocity.

Travel Pets: Here is a handy travel directory of hotels that will accommodate pets.

Pets Welcome: Here is a nice site devoted to traveling with pets. There is also a directory of lodgings that will allow pets.

Pet Taxi: Pet Taxi provides international and domestic transportation to wherever your pet needs to go, with or without you.

Restaurant Reviews: Hungry for some culinary advice? Let Frommers' experts find you restaurants that match your preferences, courtesy of Travelocity.

World Time Server: Find out what time it is anywhere in the world.

How Far Is It?: Find the distance between two cities.

Expedia.com's Flight Reservation Wizard: Use this tool to find the best airfare. You can also use this site to search for hotels, car rentals, cruises and good vacation deals.

Travelocity's Flight Page: This tool can also be used to find flight deals. The site also allows you to search for hotels, car rentals, cruises and bargain vacations.

Seat Guru: Take the guesswork out of choosing a seat on an airplane.

Greyhound: Get Greyhound bus information here.

Amtrack: Get Amtrack train information here.

Rand McNally Road Construction Database: Check out this database before planning your trip to see if road construction might affect the route you have to take.

U.S. Dept. Of State Passport Services and Information: Everything you need to know about passports is here.

U.S. Customs and Border Protection: Find out about the rules for bringing things back from your trip. For some items, like computers, you may wish to fill out a customs registration form to prove that you had the item before leaving the United States.

Bureau of Citizenship and Immigration Services: Lots of information is here, including links to the U.S. Border Patrol and the procedure for getting immigration information via the FOIA.

U.S. Dept. Of State Travel Warnings & Consular Information Sheets: Be sure to check this site before making your travel plans.

Tourism Offices Worldwide Directory: Find links to tourism offices worldwide. Many will send free travel brochures and such upon request.

CDC Travelers' Health Reference: Find out health information for specific destinations. Learn about outbreaks of concern to international travelers. Become aware of CDC’s vaccination recommendations for travelers. Find out how to avoid illness from food and water and what you should know before taking children to other countries.

Corporate Travel Safety: This site gives all sorts of helpful advice on how to protect yourself while traveling. It has some very informative articles. There's one that tells about how to protect yourself from phone card fraud while traveling that you should definitely read.

Embassy World: Find all of the world's embassies here in a searchable database.

Fly Rights: What are your rights if your airline flight gets cancelled or delayed?
The Aviation Consumer Protection page tells all about your travel rights here.

Complaint Resolution Service For Travelers: Complain to an airline, hotel or car rental company here. This service will ask you a few questions and then create a complaint letter for you to send, which you can modify as you see fit. They will then forward the letter to the appropriate person for you.

PlanetFeedback Complaint Service For Travelers: This service allows you to complain to any company in a travel-related industry. You can also check the ratings of companies here.

Complain To Aviation Consumer Protection: Have a problem with an airline? Find out how to complain to the government here.

Transportation Security Administration: Find out the current security rules for flying, including the latest list of permitted and prohibited items.

Aviation Consumer Protection: Get reports about flight delays, mishandled baggage, oversales and consumer complaints here before deciding which airline to fly.

The National Aviation Safety Data Analysis Center: Take a look at information about airline accidents, incidents and other safety information before choosing which airline to fly.

The Mile High Club: Yes, there's really a club!

CDC Sanitation Inspections of International Cruise Ships -- Database Search: Before you take a cruise, be sure to check out the results of the ship's sanitation inspections.

U.S. Fire Administration Hotel and Motel Safety: Before staying at a hotel, check the database here to see if it adheres to fire regulations.

Alta Vista Translator: Whether you want to translate a phrase or an entire web page, this service is very convenient.

Aviation Resources: Everything related to aviation is here - nice flight trackers and more!

Radio Locator: Find radio stations around the world!

Cybercafes: Sometimes when you travel, you will need to find a cybercafe. Spies Online has assembled a directory of cybercafe directories.

California UCC filings Web site shut down

A few weeks ago I wrote that the removal of social security numbers from state tax liens. Now, Debra Bowen, the new California Secretary of State, has shut down the online UCC filings database in order to remove social security numbers from the UCC filings index.

We have temporarily disabled the capability to perform online searches and orders. In order to prevent identity theft and protect the personal privacy of people whose information appears in documents filed with the Secretary of State, we are in the process of removing social security numbers from all copies and electronic images of UCC filings made available to the public.

Records researchers and private investigators (and anyone else) who requests the paper copies, will receive them with the social security numbers removed. Bowen is not explicit on whether she will redact the complete SSN, but based on the bruising fight private investigators had with her last year over the business records pretexting bill, SB 1666, I expect she’ll remove as much personal information as the law will allow.

What effect might this restriction of public records have on private investigators, businesses and attorneys conducting due diligence, background screening or judgment collection?

FTC releases 29th Annual Report to Congress on the Fair Debt Collection Practices Act

Thw Federal Trade Commission is pleased to submit to Congress this annual report summarizing the administrative and enforcement actions it has taken under the Fair Debt Collection Practices Act during the past year.

These actions are part of the Commission's ongoing effort to curtail deceptive, unfair, and abusive debt collection practices in the marketplace. Such practices cause substantial consumer injury, including payment of amounts not owed, unintended waivers of rights, invasions of privacy, and emotional distress. In some circumstances, illegal collection practices can place consumers deeper in debt. Although the Commission is vested with primary enforcement responsibility under the FDCPA, it shares overall enforcement responsibility with other federal agencies.

In addition, consumers who believe they have been victims of statutory violations may seek relief in state or federal court.

The FDCPA prohibits deceptive, unfair, and abusive practices by third-party collectors. For the most part, creditors are exempt when they are collecting their own debts. The FDCPA permits reasonable collection efforts that promote repayment of legitimate debts, and the Commission's goal is to ensure compliance with the Act without unreasonably impeding the collection process.

Stolen Identities Sold Cheap on the Black Market

Recovering from identity theft can take years and cost thousands of dollars. But how much is your identity worth to the thieves who sell it to other fraudsters? Turns out, less than the price of two tickets to the movies.

According to the latest Internet security threat report from Symantec Corp., the going rate for the keys to assuming someone else's identity can be had for between $14 and $18 per victim on underground cyber crime forums. Full identities typically include Social Security numbers, the victim's bank account information (including passwords), as well as personal information such as date of birth and the maiden name of the victim's mother.

Symantec engineers monitored more than 330 different underground Internet servers used by criminals as bazaars for stolen consumer data. During the latter half of 2006, the company observed nearly 5,000 credit cards being traded and sold on the online black market. More than half of the Internet servers monitored by the company were located on computers or networks here in the United States.

Alfred Huger, vice president of Symantec Security Response, said the bad guys are increasingly packaging stolen data about consumers to add value to the data.

"These guys are going to the effort of data warehousing this stuff and will steal or get data from multiple sites and package it at fairly standard underground market rates," Huger said. "Three years ago, this kind of commerce would have been exceptional: If your data was stolen there was maybe a chance it would be sold or battered around on underground networks. Now it's pretty much a certainty."

It's important to note that while Symantec monitored a large number of servers, a great deal more than 5,000 stolen credit card numbers were traded or sold online in the last six months of 2006. In fact, San Diego-based Secure Science Corp., which recovers stolen financial data from online fraud forums all over the Web, found more than 147,000 stolen credit card accounts for sale in online fraud forums last month alone. While the true number of stolen credit cards for sale on the black market at any given time is probably unknowable, Huger's observation is spot on, at least from my own reporting. I have found that criminals often will use stolen credit cards to conduct even more research on victims, by purchasing background reports at sites like Ancestry.com and PublicBackgrounds.com.

Symantec also tracked a fairly significant growth in the number of "bots," or home computers that bad guys have gained control over for use in sending spam, hosting scam Web sites and attacking other Internet users. In the first half of 2006, the company saw about 4.7 million distinct bot-infected computers; in the latter half of the year, Symantec tracked nearly 6,050,000 bots, a 29 percent increase.

Symantec attributed the spike in bots to a rash of "zero-day" security holes discovered in Microsoft Windows software in the last six months of 2006 Also called "0day" flaws, the vulnerabilities refer to software flaws that are being actively exploited by hackers and criminal but for which the vendor has not yet released an official fix or patch.

Still, the vast majority of the malicious software variants that appeared last year did not take advantage of any security flaws whatsoever, except perhaps human nature. Buried in the report was this little gem: Only 23 percent of all malicious software created in 2006 exploited a software security vulnerability. This is a very important stat to consider: By far the most common way that people infect their own computers with malicious software is by opening a virus-laden e-mail attachment or by clicking on a Web link included in an instant message.

Source: FBI Wrongly Obtained Telephone Records

WASHINGTON, FBI counterterrorism officials continued to use flawed procedures to obtain thousands of U.S. telephone records for two years as bureau lawyers and managers raised concerns about the practice, according to senior FBI and Justice Department officials and documents.

FBI lawyers raised the concerns beginning in late October 2004 but did not closely scrutinize the practice until last year, FBI officials acknowledged.

The lawyers also did not understand the scope of the problem until the Justice Department launched an investigation, FBI officials said.

Under pressure to provide a stronger legal footing, counterterrorism agents at that point wrote new demands for the information the bureau already possessed. At least one senior FBI headquarters official -- whom the bureau declined to name -- signed the "national security letters" without including the required proof that the letters were linked to FBI counterterrorism or espionage investigations, an FBI official said.

The flawed procedures involved the use of exigent circumstance letters, which are emergency demands for records. The letters contained false or undocumented claims. They also included national security letters that were issued without following FBI rules. Both types of requests were served on three phone companies.

Referring to the exigent circumstance letters, Sen. Charles Grassley, R-Iowa, wrote in a letter Friday to Justice Department Inspector General Glenn Fine: "It is ... difficult to imagine why there should not have been swift and severe consequences for anyone who knowingly signed ... a letter containing false statements. Anyone at the FBI who knew about that kind of wrongdoing had an obligation to put a stop to it and report it immediately."

A March 9 report by Fine bluntly stated that the FBI's use of the exigency letters "circumvented" the law that governs the FBI's access to personal information about U.S. residents.

The exigency letters, created by the FBI's New York office after 9-11, told telephone providers that the FBI needed information immediately and would follow up with subpoenas later. No law allows such letters to compel phone companies to turn over information, Fine found, and in many cases, agents never followed up with the subpoenas, he said. But Fine's report made no mention of the FBI's subsequent efforts to legitimize those actions with improperly prepared national security letters last year.

FBI officials acknowledged widespread problems but said they involved procedural and documentation failures, not intentional misgathering of Americans' phone records. FBI Director Robert Mueller ordered a nationwide audit, which began Friday, to determine whether the inappropriate use of exigency letters went beyond one headquarters unit.

"We wish, in retrospect, that we had learned about this sooner, corrections had been made and the process was more transparent," FBI Assistant Director John Miller said Saturday.

Fine's report said the bureau's counterterrorism office used the emergency letters at least 739 times between 2003 and 2005 to obtain records related to 3,000 phone numbers. FBI officials acknowledged that the process was so flawed that they may have to destroy some phone records to keep them from being used in the future if the bureau does not find proof that they were gathered in connection with an authorized investigation.

Telephone Pretext & Other Charges Dropped

Patricia C. Dunn, the woman at the center of the scandal involving Hewlett-Packard's aggressive search for corporate leaks, had all state charges against her dropped yesterday by a California court.

Three others who were also accused of breaking laws to obtain such personal information as phone records will have their misdemeanor charges dropped if they complete 96 hours of community service, their attorneys said.

The rulings marked an abrupt and somewhat anticlimactic turn in a once-dramatic case that captivated the public and shed light on a shadowy world of spies for hire. In turning investigators against its own board members -- ostensibly to plug leaks to the media -- the venerated Silicon Valley company tainted its corporate image and incurred the wrath of government officials.

Dunn became HP's chairman in 2005 as the company's concerns about damaging disclosures of such sensitive corporate information as proposed acquisitions escalated. Under Carly Fiorina's reign as chairman and chief executive, and continuing under Dunn's direction as chairman, the company quietly hired investigators who lied about their identities to obtain phone records and conducted extensive background checks of reporters and company directors and their spouses and children. It also planned to put spies in newsrooms and to trick a reporter into revealing her source by planting a tracer in an e-mail sent by a fictitious HP tipster.

The investigation later prompted one board member -- George A. Keyworth II -- to say that he had spoken on one occasion to one of the reporters in 2006 but that he did not disclose any sensitive information.

In December, Bill Lockyer, then California's attorney general, announced a $14.5 million civil settlement with HP. Yesterday, the lingering misdemeanor charges were essentially settled by Santa Clara County Superior Court Judge Ray Cunningham in a San Jose courtroom with none of the defendants present.

Jerry Brown, the former governor and presidential candidate, who succeeded Lockyer in January, felt the decision to drop all charges against Dunn was appropriate in light of her health problems and her degree of participation in the spying, said Nathan Barankin, a spokesman for Brown. Dunn is battling a recurrence of advanced ovarian cancer.

Dunn, who stepped down as chairman in September, said in a statement: "I am pleased that this matter has been resolved fairly. . . . I have always had faith that the truth would win out and justice would be served."

Three other defendants -- Kevin Hunsaker, Ronald DeLia and Matthew Depante -- sought to plead no contest to a state misdemeanor count of fraudulent wire communications. Cunningham rejected the pleas and agreed to drop the charges in six months if the men perform the community service, said John L. Williams, DeLia's attorney.

Hunsaker was HP's ethics director during the search for leaks. DeLia and Depante were private investigators hired by the company.

Federal investigators at one point were looking into the HP spying matter. Williams said he was unaware of any federal probe involving his client, and a Justice Department spokesman did not return a call seeking comment.

One of Dunn's fiercest critics during the spying controversy -- Thomas Perkins, then a board member -- called the case's resolution "most appropriate," adding, "My thoughts and hopes continue to be with Pattie Dunn in her courageous battle against cancer."

In the wake of the HP scandal, President Bush signed a bill making it a federal crime to obtain private phone records by "making false or fraudulent statements" to a phone company employee, by "obtaining false or fraudulent documents to access accounts," or by unauthorized access to accounts through the Internet.

Congressional testimony and litigation on pretexting

The Federal Trade Commission has settled another telephone pretexting case, Federal Trade Commission, Plaintiff, v. Information Search, Inc. and David J. Kacala, individually and as an officer of Information Search, Inc., Defendants.

The FTC will collect $3000 from the telephone information broker, who is also required to abandon the now illegal practice of impersonating telephone subscribers to get toll call records from the telecommunications carrier.

The Commission had previously filed suit against Information Search, Inc. for obtaining personal financial bank account records in violation of the federal law known as Gramm-Leach-Bliley.

The Federal Trade Commission testified today at the Committee on Energy and Commerce on, Combating Pretexting: H.R. 936, Prevention of Fraudulent Access to Phone Records Act. The text of the testimony of other participants is not yet available.

Information Brokers Settle FTC Charges

Consumers' Confidential Financial Information was Allegedly Obtained through Deception

For Release: March 8, 2002:

Information brokers who allegedly used deception to obtain consumers' confidential financial information have agreed to settle Federal Trade Commission charges that their practices violated federal law. The settlements bar the operators from obtaining or hiring others to obtain consumers' financial information through illegal means or by hiring or contracting with others who use illegal methods to obtain consumers' financial information. The settlements also require that the defendants give up the money they made in the illegal scheme.

In April 2001, the FTC filed suit in three U. S. District Courts to halt the operations of information brokers who allegedly used false pretenses, fraudulent statements, or impersonation to illegally obtain consumers' confidential financial information - such as bank balances - and sell it. The practice of obtaining consumers' private financial information under false pretenses is known as "pretexting." The Gramm-Leach-Bliley Act specifically outlaws pretexting and soliciting others to pretext.

"Pretexting, like that alleged in these cases, undermines consumers' basic expectation of confidentiality in their financial information," said J. Howard Beales, III, Director of the FTC's Bureau of Consumer Protection. "The clients of pretexters are often law firms and other businesses. These buyers should beware because knowingly obtaining pretexted information is illegal as well."

In documents filed with the courts, the FTC charged that the defendants maintained Web sites where they advertised that they could obtain non-public, confidential, financial information -- including such things as checking and savings account numbers and balances, stock, bond and mutual fund accounts and safe deposit box locations -- for fees ranging from $100 to $600, depending on the information sought. In sting operations set up by the FTC in cooperation with local banks, investigators established dummy bank accounts in the names of cooperating witnesses and then called defendants posing as purchasers of the defendants' pretexting services. In the three cases, an FTC investigator posed as a consumer seeking account balance information on her fiancé's checking account. The investigator provided limited information about her "fiancé's" account to the defendants. The defendants or persons they hired called the bank, identifying themselves by the name of the supposed "fiancé," and asked to check his balance. The defendants later provided the account balance information to the FTC investigator.

The FTC asked the courts to halt the illegal practices permanently, freeze the defendants' assets pending trial, and order them to give up their ill-gotten gains. The courts temporarily enjoined the defendants from continuing the illegal practices and imposed partial freezes of their assets pending trial. The settlements announced today resolve those court cases.

The settlements bar the defendants, in connection with the obtaining, offering for sale or selling of customer information of a financial institution, from:

• misrepresenting their identities or their right to receive customer information;
• using others who will obtain information using deception;
• selling or disclosing customer information obtained from a financial institution;
• making false and misleading statements

The settlements also bar the defendants from violating the pretexting provisions of the Gramm-Leach-Bliley Act and require the defendants to give up their ill-gotten gains.

The Commission complaints name Information Search, Inc., and David Kacala of Baltimore, Maryland; Victor L. Guzzetta, doing business as Smart Data Systems of Staten Island, New York; and Paula Garrett, doing business as Discreet Data Systems of Humble, Texas. The cases were filed under seal in U. S. District Courts for the District of Maryland, the Eastern District of New York, and the Southern District of Texas.

Defendants Paula Garrett and Victor L. Guzzetta will pay $2,000 each. Based on financial statements provided by defendant David Kacala, a $15,000 payment will be suspended. Should the Commission have evidence that the defendant made misrepresentations in his financial statements, the entire amount of the judgment will become immediately due.

All the settlements contain record keeping provisions to allow the Commission to monitor compliance with its order.

The Commission vote to approve the Stipulated Final Judgments and Orders was 5-0.

How To Catch A Cheating Spouse With A Hidden Camera

For a married individual, there is nothing worse than experiencing the feeling that eats away at you when you suspect that your better half is turning to another for attention.

Whether you see the common signs, find clues or want to relieve the paranoia, there are ways to get to the bottom of this lingering mistrust without letting your partner know your intentions. One of the best and most discreet approaches to this matter is to enlist the help of a wireless camera. Catching a cheating spouse has never been easier.

Throughout the years, hidden cameras have caught countless cheating wives and husbands. Many users enjoy the freedom of being the only ones to catch their spouses in the act, eliminating the usual hiring of a private investigator. Hidden cameras are safe and do not entail a stranger following your loved one wherever he or she goes. They are also very easy to use and are only detected when your significant other uses a hidden camera detector, which is highly unlikely.

When Does Online Cheating Cross the Line?

Online cheaters connect with other partners in cyberspace for adventures that range from erotic virtual encounters to basic flirting. While some don’t consider it cheating, many experts agree that online infidelity crosses the line – and can lead to real cheating in person.

Online cheating has many forms. Some internet users log onto online dating sites – or specifically, online dating sites designed especially for discreet married people – to meet someone in person. Many others simply flirt and have affairs online, without ever meeting the person they are speaking with.

What is online cheating?

Some justify “hot chats” as harmless fun, but this sort of behaviour has caused marital rifts – and has even lead to in-person affairs offline. At best, cybersex means that a partner starts spending time with someone besides their partner – time that can better be invested in the relationship. Since online flirting or online sex is simpler and fantasy-based, it can fuel desire even more, leading someone to seek a real-life affair. Of course, there is always the real possibility that the cheater’s partner will be upset and hurt when they find out about such online activity.

Flirting, and even having an erotic encounter online, is as simple as logging onto a chat group to meet people. Partners who meet this way can even go into “private online rooms” to continue their “virtual conversations.” Instant messaging, email, and forums are all communication devices that can allow online couples to have “virtual” encounters. Thanks to fictional usernames, these encounters can remain completely anonymous and completely online.

Why online affairs?

There are many reasons why people turn to online affairs. For instance, these “relationships” are really not relationships at all. They require far less work than a real marriage or partnership. In addition, virtual affairs are also fantasy-based in some cases. There is no need to discuss or face responsibility, and there is no need to work on the relationship. Fake usernames make many people feel that their online activities are remote from everyday life and completely anonymous.

Many experts view online intimacy as a move towards a relationship break-up. Some partners who start going online for intimacy start displaying addictive behaviours by spending more and more time online rather than in their real relationship. Others start taking their online fantasies to the next level by meeting in person with those they have met online. In either case, the partner of these online cheaters is left alone in a relationship, and the relationship starts to deteriorate quickly when two people are not communicating. The partner of the online cheater may start to feel envious or insecure about the online intimacy and resentment may formulate.

What can a couple do?

In any event, getting the facts straight is always the first step. In rare cases, a partner may be completely honest about their online activities. However, in most cases, a partner will simply see some signs that an online affair is taking place, such as noticing that their other partner is spending a lot of time online, getting very secretive about online activity, and/or withdrawing from the relationship. In all these cases, it is important to find out what is going on. Knowing whether an affair is virtual or in-person, and knowing the scope of the affair, can help bring closure and answers that lead to some concrete decisions.

A private investigator can provide concrete, indisputable answers – even answers that can stand up in court if an affair leads to a divorce. A professional investigator can tell a partner whether a spouse is having an affair, and can often identify the other party involved. In many cases, an investigator can set up a simple computer surveillance system that can track online chats and messages, thus revealing the real scope of an online affair.

How to Find An E-mail Address

If you know where a person works, most companies have web sites. Many of them have online directories of the e-mail addresses of staff. If someone works in a government position, their government e-mail address is public information. If you know the school a person attends, most schools have online directories. For graduates, there are often alumni directories. Here is a list of the most commonly used E-mail reverse directories:

• MESA - Meta E-mail Search Agent This does a search of many e-mail directories. If you don't find an address here, it still could exist, as there is no complete source on the Net.
• MIT Usenet Address Search Search an e-mail directory compiled from Usenet postings within a certain date range.
• Internet Address Finder There are lots of free searches here - not limited to e-mail searches!
• E-mail Address Finder This service searches many different databases.
• College E-mail Addresses This service helps to locate e-mail addresses for undergraduate and graduate students. There are many links with helpful hints.
• PostMinderSM From the developer: "The online equivalent of certified postal mail, PostMinderSM notifies you when emails are opened, read and forwarded. Digital certificate technology verifies emails with timestamps and datestamps. And advanced features, such as virus protection and self-destructing email, ensure your total control." This is a subscription service - it is not free. The service apparently works even when the recipient has disabled return receipts.
• Reverse E-mail Search Find the name behind an e-mail address; there's also a search to find ICQ e-mail addresses.
• FreshAddress.com If you change e-mail addresses, you can report it here. Then, if someone inquires about your new e-mail address, the service notifies you and you can say whether or not you want the party to have your new e-mail address.
• Free Email Address Directory This site has listings for over 1000 free e-mail services. User comments about various services are included. There are also resources to help you find e-mail addresses.
• If you're using Microsoft Windows XP, you can use the built-in search tool. Go to "Start" then choose the "Search" function and select "For People". From there, you can search your computer's address book, and various directories around the Web. You can import the results of your search into your address book.
• Don't neglect one important source of information: the search engines! You can try a search for an email address on Google or Yahoo! by simply entering the full email address into the search box - this will return all pages that contain that address.
• If all the above approaches fail, then it may be that the person you're looking for either doesn't have an email address, or has taken pains to make sure it isn't publicly visible online.

Texas Self-Defense Bill Heads to Senate!

This coming Monday afternoon, March 12, the State Senate is expected to vote on SB 378, the NRA-backed “Castle Doctrine” bill sponsored by State Senator Jeff Wentworth (R-San Antonio).

This bill offers protection from criminal prosecution and civil lawsuits to law-abiding citizens who use force to defend themselves and their families. SB 378 creates a presumption of reasonable use of defensive force in response to an unlawful and forceful entry into your occupied home, vehicle, place of business, and/or employment.

The bill also states that you have no duty to retreat from a criminal attack, if you are in a place where you have a right to be, if you are not engaged in criminal activity, and if you did not provoke your attacker. Lastly, SB 378 provides immunity from liability for the lawful use of force.

Your State Senator is a co-author to this important measure. Please contact your State Senator at their capitol office on Friday or Monday morning to thank him or her for co-authoring SB 378. Please urge your Senator to pass SB 378 and send it to the House for consideration. Contact information for your State Senator can be found using the “Write Your Representative” feature below.

The following Senators have signed on to co-author SB 378:Senator Kip Averitt (R-22)

Senator Kim Brimer (R-10)
Senator John Carona (R-16)
Senator Bob Deuell (R-2)
Senator Robert Duncan (R-28)
Senator Kevin Eltife (R-1)
Senator Craig Estes (R-30)
Senator Troy Fraser (R-24)
Senator Mario Gallegos(D-6)
Senator Chris Harris (R-9)
Senator Glenn Hegar (R-18)
Senator Juan "Chuy" Hinojosa (D-20)
Senator Mike Jackson (R-11)
Senator Kyle Janek (R-17)
Senator Eddie Lucio (D-27)
Senator Jane Nelson (R-12)
Senator Robert Nichols (R-3)
Senator Steve Ogden (R-5)
Senator Dan Patrick (R-7)
Senator Kel Seliger (R-31)
Senator Florence Shapiro (R-8)
Senator Eliot Shapleigh (D-29)
Senator Carlos Uresti (D-19)
Senator Leticia Van de Putte (D-26)
Senator Kirk Watson (D-14)
Senator John Whitmire (D-15)
Senator Tommy Williams (R-4)

To find further contact information or help identifying your legislatorsplease use the "Write Your Representative" feature found at www.NRAILA.org.

Seven ways to keep your search history private

The greatest threat to your privacy may not come from cookies, spyware or Web sites tracking and analyzing your Web surfing habits.

Instead, it may come from search engines, which collect and store records of your searches. Search engines track your search terms, the sites you visit as a result of your searches, the times you conduct your searches and your IP address. This makes it possible to figure out who you are, what your likes and dislikes are, and what you do online.

Search records can be subpoenaed by the federal government and used in any way the government sees fit. And the records can also be inadvertently released to the public, for all the world to see. For example, in August 2006, AOL LLC accidentally published the search histories of 650,000 users, and that data soon spread throughout the Internet.

Does this mean that you give up your privacy every time you visit a search engine? Not if you're smart about it. Follow these seven tips, and you'll go a long way toward keeping your search history private, no matter which search engine you use.

Tip No. 1: Don't log into search engines or their tools

If you log into a search engine, you make it easy for that search engine to build a comprehensive profile about you, because they know your identity as you search. You may think that you never log into search engines, but there's a good chance that you do, possibly without thinking about it. Long gone are the days when a search engine was only a search engine. Today, they're entire ecosystems of sites and services. Google, for example, offers dozens of services, including Gmail, online office software, blogging services and more. For most of them, you need to log in if you want to use them.

For privacy's sake, never do searches when you're logged into any of a search engine's services, such as its mail service. So, for example, when you're logged into Gmail, don't search the Internet.

As a practical matter, this may be difficult to do, so another option is to use one browser such as Firefox for a service like Gmail, and another such as Internet Explorer for doing Google searches. That way, it will be much harder for the search engine to correlate your identity with your searches. For maximum safety, use an "anonymizing" service or software such as Tor for the browser that you use to search with.

For full details about this topic please go to: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9012082&pageNumber=1

Massachusetts' motor vehicle registry warns of spoof site

Phony site charged consumers $10 to access the registry site
March 06, 2007 (Computerworld) -- The Massachusetts Registry of Motor Vehicles is warning customers about an online scam intended to trick them out of their credit card information and their money.

Registry officials last week uncovered a spoof site purporting to be the registry's Web site. The phony Web site asked consumers for their credit card information and then charged a $10 fee to conduct registry business online.

The registry discovered the spoof site after an angry customer called and said she was being charged $10 to access the registry's Web site to process a normal transaction, according to RMV spokesman Erik Abell.

"Internally, the red flags went off and we were concerned the site had been hacked because the registry does not charge a subscription fee just to access the site," Abell said. "So we shut down the site immediately and took a look at it with our IT department and the attorney general's office and found that the site hadn't been compromised."

Abell said officials continued their investigation and determined that the customer had gone to a search engine and typed in www.mass.gov/rmv, rather than typing it in the address line.

"So when [the search engine] brought up all the links at the top of the site, under 'sponsored link' was a link to a site -- Download-forms-DMV.com -- that purported to be the registry's Web site. When you clicked on it, it brought you a list of transactions that you could normally do through the registry, like renewing your license, renewing your registration," Abell said.

According to Abell, the site required the consumer to fill in her credit card information and pay a $10 subscription fee to access the part of the RMV Web site where she could conduct her business.

"But all it did was collect her credit card information and then forwarded her back to the registry's authentic Web site so she could conduct her business," he said. "After the customer paid the money, she couldn't renew her license because of a personal issue, like maybe she had an outstanding parking ticket or something like that. She called us because she had to pay the money and then couldn't conduct her business."

Abell said the attorney general's office is investigating. "It looks like there are similar sites for other states as well," he said.

What's Hidden on Your Computer

The Matt Bandy Story A Nightmare Before Christmas By Jonathan Bernstein

Author’s Note: By the time you read this, many of you will have already seen the January 12, 2007 episode of ABC’s 20/20 about Matt Bandy. If so, some of the information will be familiar, but at the same time no television broadcast can give you the depth of detail we are offering you on this website. However, for those who don’t want to read a 10-page story, go to our executive summary. The best way to help prevent this type of situation from happening to you or someone you love is to look at our How You Can Help section (none of which is a request for money!) and also, if you're a blogger or website owner, to talk about it online. And be sure to read the ABC News online story — in particular, click on the link for the transcript of Jim Avila's interview with County Attorney Andrew Thomas.

Your home computer could, as you’re reading this, contain child pornography or other illegal material placed there by criminals who have turned your computer into a "zombie" which they control at their whim. And under the laws of many states, and federal legislation being pushed hard in Congress, you could go to jail for what is found on your computer, even if you didn’t put it there.

This is not the Twilight Zone. This is the real deal. I’m a former Army counter-intelligence operative and investigative reporter. I have 25 years of experience in crisis management public relations. I know how to tell when a source is truthful, when a story has journalistic merit, and when a client is trying to do the right thing versus attempting any sort of cover-up.
The reason I know that our home computers are all at high risk is a kid named Matt Bandy. A kid accused of a horrible crime he didn’t commit, and which he didn’t have to tell you about at all. Let me tell you Matt’s story.

The Nightmare Before Christmas

At 6 am on Thursday morning, December 16, 2004, Matt — then age 16 — was getting ready to go to school, as was his younger sister. His mom, Jeanne, was coming down the stairs when she saw shadowy figures coming up their walk, to the Bandy’s front door, where they started pounding.

"This is the police, open up!"

After the officers showed their IDs to Jeanne through the window, she let them in.

"There were about ten police. They made me and my kids go outside where we huddled together, frightened. The police asked if we had any guns in the house and I said we didn’t own any. They asked if there was anyone else in the house and I told them yes, my husband, Greg, who was asleep upstairs with earplugs in. They pulled Greg (an emergency room physician) out of bed at gunpoint."

Eventually, the police made it clear to The Bandys that they had a search warrant for their home. The lead detective from the Phoenix Police Department, whom we’ll call Detective Drebin, said that child pornography had allegedly been uploaded to a specific Yahoo Group from an IP address (a unique identifying code) associated with The Bandys’ computer. Yahoo apparently reports such events to the National Center for Missing and Exploited Children (NCMEC), which then passes the information on to law enforcement serving the region from which the images seem to originate. "Seem" being the operative word, as you’ll come to understand later in this article.

Jeanne and Greg had no idea what Detective Drebin was talking about, but Matt ruefully admitted that he had participated in a Yahoo Group for the purpose of viewing Playboy-like adult images. He was asked what username he had employed and he provided that information, which was apparently similar to — but not the same as — the name the police said had been used to upload child porn. He adamantly denied ever viewing images that in any way could be construed as child pornography.

An officer from the Maricopa County Attorney’s office, whom we’ll dub Inspector Nordberg — an officer with no formal certification in forensic examination of computers — set about conducting an examination of two computers in The Bandy’s home, only one of which was connected to the Internet. To their shock and dismay, on the Internet-connected computer, he claimed he found a number of child porn images and traces of the email address used to upload the pics, although he never showed those images to The Bandys.

There were numerous flaws in the police procedure and logic which are described in detail in a companion article to this piece, Law & Order, Or The Naked Gun?, to include completely ignoring Jeanne Bandy when she pointed out that one of the dates on which Detective Drebin thought he could "see some activity" related to the images on a date when, demonstrably, no one had been home at The Bandys. The officer, recalls Jeanne, "seemed flustered and said ‘well the dates on the computer could have been changed.’"

"I was speechless," says Jeanne. "I realized for the first time in my life that not all police were there to serve and protect. I couldn’t believe it. A policeman, who I was always taught to respect, was refusing to even consider the possibility that Matt was innocent. That was when our nightmare began."

The Arizona "Justice" System

The Bandys immediately retained legal counsel, Ed Novak of Quarles & Brady.

For six months, The Bandys’ computer sat in the evidence locker. In June 2005, investigator Nordberg spent one week reviewing the hard drive and the CDs taken from The Bandys’ house. He confirmed that, in fact, there were child pornography images, one of which had been uploaded to Yahoo by someone with the username "mrbob1980hoopdu."

This was not the name Matt used, which was joebean1988hoopdu (hoopdu was the name of an online game Matt and his friends liked to play). But there was still, mysteriously, evidence that "mrbob1980hoopdu" had sent the image from The Bandy’s IP address. Additionally, it seemed that the illegal activity had coincided, roughly, with the times Matt had been active on Yahoo as joebean1988hoopdu. And, one or more images were also found on a CD-ROM.

Somehow, the investigators committed a classic blunder, jumping to a conclusion based on ignorance. They didn’t understand that it is possible for someone to take over your computer and use it for criminal purposes, to include burning images onto CD-ROMs if you have a read/write CD-ROM in the disk drive (see a full explanation of this phenomena in Are You in Danger Too?). And then they compounded their ignorance with stubborn arrogance, even after proof of this possibility was presented to them, amongst other mitigating facts, and would do nothing more than agree to allow Matt to plead to a lesser charge completely unrelated to child pornography.

In April 2005, there was an evidentiary hearing at which defense counsel Novak challenged the validity of the search warrant. Although the validity was upheld, Novak told the Bandys that Detective Drebin had admitted, on the stand, that the investigators could not tell who was on the computer at the time the pictures were uploaded. Based on that encounter, the attorney hoped the case would go away, and The Bandys breathed a sigh of relief and went back to what they believed would be a normal life, just waiting for the legal loose ends to be cleaned up. But the prosecution, rabidly intent on a win, wouldn’t let go.

The dreaded day didn’t come until November 9, 2005, when The Bandys received a certified letter from Maricopa County authorities indicting Matt Bandy on nine counts of class 2 felonies — i.e., possession of nine child pornography images. A Class 2 felony is just one level below murder, and Matt Bandy suddenly had to come to terms the possibility of 10 years in prison for each count on which he was convicted, with a judge having no discretion whatsoever in sentencing. A 16-year-old kid who did nothing more than look at Playboy-like images, facing the rest of his life behind bars, doing hard time as a sex offender.

On December 2, 2005, Matt Bandy entered a not-guilty plea, but was required to wear an electronic monitoring band around his ankle from that point on.

The Defense Goes on the Offense

It was then that first Ed Novak, and later I, started to help The Bandys present exculpatory evidence that the investigators had ignored. To do, de facto, what the police and prosecution should have been doing themselves in a thorough and competent investigation.

In February 2006, at Novak’s urging, Matt voluntarily underwent both a polygraph examination (which he passed with flying colors) and psychological assessment (which indicated he was not the "type" to commit such a crime).

The legal process continued and in March 2006 the prosecution relayed the first plea offer — while also fighting Ed Novak’s attempts to get an "imaged" copy of The Bandys hard drive into the hands of a certified forensic examiner. The offer: 5-15 years in prison, registration as a sex offender, sexual probation for life. It was immediately rejected, of course. The next plea offer allegedly took into consideration the first psych assessment, but merely reduced the prison time to one year, with the other terms the same.

"Without our being able to see any of the evidence that they said they had, they expected us to take this absurd plea," said Jeanne Bandy. "We turned it down, knowing Matt was innocent and expecting to have a chance to prove it."

The Maricopa County Attorney’s office, however, continued to fight the Bandy’s requests to have their hard drive imaged for forensic examination, ignoring court orders to produce that evidence. The County Attorney actually took the case to the Arizona Supreme Court, where the Court ruled against them. Finally, at the end of May, forensic examiner Tami Loehrs got the imaged drive, resulting in her startling report in September, in which she concluded that:

• There were more than 200 viruses on the hard drive
• The anti-virus software had been disabled
• There was no firewall
• A number of the viruses would allow a criminal to remotely control the computer
• There was no way to tell who was using the computer at any given time, since there was only one user name for login
• One of the viruses even renamed hundreds of files, making it very difficult to track activity
• There were a number of suspicious "executable" (program) files that started running during the time period when the child pornography images were allegedly transmitted
• Neither the Phoenix Police Department nor the Maricopa County Attorney’s office ever examined the hard drive for viruses!

Going to the Court of Public Opinion

In August 2006, Ed Novak called me. Ed and I had previously worked together on a number of crisis management situations. He said that the family wanted to "go public," but he was concerned that (a) they would get a lot of negative publicity because of the nature of the allegations and (b) they might irritate the prosecution and Judge, compromising the ongoing attempt to get the charges thrown out or, at least, a better plea offer. Ed wanted to stay clear of my work to avoid any ethical issues while the case was pending, but could answer my questions about the case.

I asked Ed the same question I had asked numerous criminal defense lawyers in the past, "Could this kid pass a polygraph exam?" I’ve had other defense counsel say "no" and refuse to allow their clients to take a test for fear of incriminating them. Ed Novak, to my surprise, said "He’s already passed one — and a psychological evaluation."

Then I fired a series of questions at Ed:

• "Would Matt Bandy be willing to voluntarily undergo another polygraph exam, this time by an examiner whose name would be very impressive to a national audience?"
• "Would Dr. and Mrs. Bandy be willing to undergo polygraph exams by the same expert, even though they are under no obligation to do so, simply to rule them out as suspects in the minds of the court of public opinion?"
• "Would Matt Bandy be willing to undergo a second psych eval to verify the results of the first one, and would his parents be willing to go through one each — again, to rule them out as suspects as far as the general public is concerned?"
  

Those questions led to my first meeting with The Bandys, in early September 2006, who answered those questions, without hesitation, "Yes, yes, and yes!"

In October 2006 all three Bandys went through and passed — with flying colors -- a polygraph examination by renowned examiner Dr. David Raskin, addressing whether they had ever seen or downloaded child pornography images.

Matt Bandy and his parents said "no" to each of these questions from Dr. Raskin:

• Did you ever use your computer to download or upload a sexually explicit photograph of a minor?
• Did you ever view a sexually explicit photograph of a minor on your computer?
• Did you ever record sexually explicit photographs of a minor on a disc?
• Did you know before the police came to your home on December 16, 2004 that there were sexually explicit photos of minors on your computer?
  

They also went through psychosexual assessment — the first for Greg and Jeanne, the second for Matt — by Dr. Judith Becker, a University of Arizona psychologist with impeccable credentials in this field. She concluded, "It is my clinical opinion that Matthew Bandy does not meet the DSM-IV TR Diagnosis of Paraphilia." A paraphilia is defined as "recurrent, intense sexually arousing fantasies, sexual urges, or behaviors generally involving 1) non-human objects; 2) suffering or humiliation of one’s self or one’s partner, or 3) children or other non-consenting persons that occur over a period of at least six months." Her summary conclusions about Greg and Jeanne Bandy were the same. Read Bandy Polygraph Exams & Psych Evaluations for more information.

I knew that, despite the recalcitrance of the prosecution, you — the court of public opinion — would find all that evidence pretty darn convincing. Reasonable doubt, indeed!

Kojak & Columbo Would Have Loved This One

So how did the crime actually happen?

Here’s the deal. I’m a geek, I admit it. I’ve been a geek since before Bill Gates made it kinda cool. My first business and personal use of a computer was in 1982, my trusty Atari 400. I was on the Internet before the World Wide Web was launched in the 90’s, have been a system operator of Bulletin Board Systems (older readers and techies will know what those were), moderated online forums, and launched websites. Everything about the prosecution’s case — to me as a geek, former Army spook and investigative reporter — didn’t pass the smell test.
I already knew that certain Trojan Horse viruses, like those Tami Loehrs reported being present on The Bandys’ computer, were capable of giving a criminal remote access to — and complete control over -- a computer without the user knowing it.

Now, if you’re a child porn collector, would you rather store your illegal collection on your own computer, or on someone else’s? Heck, if you’re committing ANY crime where you want to access illegal information or images and/or hide electronic evidence, wouldn’t you use some innocent and unknowing person’s computer if you could do so?

It became the highest priority of the Crisis Management Team I quickly assembled to find proof of this theory, and proof we found. You only have to read the expert interviews and authoritative articles from respected publications that you’ll find elsewhere on this website to know we’re right. Including one in which a UK court threw out a case when they found out how many viruses had been on the accused’s computer — but not before his life was ruined. I could have filled an entire website with more expert sources, and I’m hopeful that many of them will speak out after visiting this site or seeing news coverage.

As our experts discuss, it’s already common practice for computer hackers to use viruses and other techniques to take over control over huge groups, or "farms," of computers, and sell access to the "farm" for use in spamming and "phishing" and denial-of-service attacks. If remote computer access can be sold for those purposes, it can be sold for any purpose — again, as our experts testify.

Computers controlled this way are called "Zombies" and our "Are You in Danger, Too?" article is a must-read, because your family could be next. And once you can control a "Zombie," you can do anything with it that the user could do, to include burning images on a CD-ROM if there’s one sitting in the drive. And if you were going to commit further crimes on the computer, like uploading images, wouldn’t you do so in way that made it look like one of the innocent resident users was doing it, picking a similar username, accessing sites right after they do? I reached that conclusion before Tami Loehrs’ report came out — and her report obviously supports the conclusion. All of this information was relayed to the prosecution in October and early November 2006, although Ed Novak had to twice go over the head of lead prosecutor Dan Strange to make that happen.

The Prosecution Starts to Change Its Tune

Clearly, there were at least one or two people in the County Prosecutor’s office who started thinking, "Uh-oh, maybe we don’t have a case here." Suddenly, the prosecution was offering Matt a plea deal of three class 6 undesignated offenses, or as they were later described at Matt’s sentencing hearing (boldface and italics mine)

Each is a class 6 undesignated offense, each committed on or about September through October 2004). These are non-dangerous, non-repetitive offenses under the criminal code. (Translation: these are neither felonies nor misdemeanors until the end of probation, at which time the judge decides how to designate them. The likelihood, if Matt obeys the terms of probation, is designation as misdemeanors).

What the prosecutors were saying was "we’re dropping all the child pornography charges, but we want you to admit to something." The "something" was "solicitation to commit furnishing harmful or obscene material to minors." Matt was willing to admit he had taken a Playboy magazine to school and shown it three friends. This "offense" has probably been committed by 95 percent of the teenaged boys not only in Arizona, but all over the United States and in any country with access to adult pornography. In one of the many ironies of this case, a little research unearthed the fact that the US Supreme Court would likely consider Playboy a form of artistic expression and not pornography. Ed Novak commented that "this may be the only time an American teenage boy has ever been charged with a felony for showing adult pornography to his friends."

The Bandys were now up against a very nasty wall. Should Matt accept this plea — which included as much as three years probation that required "sex offender terms" be part of the probation, or should they go to court?

Here’s the thought process they went through, taken from a passionate email Jeanne Bandy sent me:

"We were totally ready to take our case to trial. We felt that no jury in the country would convict Matt. From the beginning however, we were told we could not risk going to trial, and jeopardize Matt's life and freedom. As it became apparent over the course of the last year, the prosecution didn't care, and disregarded any evidence we presented to them, i.e. polygraph test, psychological evaluations, computer forensic evidence, and expert testimony. From the time they broke into our home they singled out Matt and was convinced he was guilty regardless of the evidence presented to them, and when we ask why they were doing this they said ,"Because we can." They were just out to increase their conviction rate, and if some innocent people (children) got in the way too bad.

"Over the last year our belief and faith in the judicial system has eroded. Fundamental beliefs such as innocent until proven guilty, the police are there to serve and protect, they would never lie to you, everyone has a right to a FAIR trial have become no more than fairy tales to us. It slowly dawned on us, what our lawyer and psychologists were telling us was true, we could not win this one in court.

Here’s some of what they were advised by defense counsel Novak, as he summarized in an email to me:

Every jury trial has risks. Perhaps the most significant is the jury pool in Maricopa County. We find more older people, uneducated and undereducated, more unemployed and government workers in the jury box. Minorities are underrepresented. The understanding of computers by jurors is generally less than that of better educated professional or even, office workers.
The penalties for conviction are draconian. Matt faced 90 years in prison if convicted. The judge would have no discretion. Our Supreme Court recently found a 200 year sentence was not cruel and unusual. The governor cannot pardon and commutation provisions are limited.

The jury would see the images and, like photos of any other crime scene, it is hard to get some jurors to focus on reasonable doubt once those images have been displayed.

The polygraph tests are not admissible. Matt admitted to viewing adult pornography on the computer. Inferences might be drawn from such activity by the jury.

Jeanne, in her email, went on to explain:

"We felt, faced with these circumstances and upon the advice of our lawyer we did the only thing available to save our son — accept a plea. We are not for one instance accepting that Matt was guilty. He was innocent, but the system is broken. So we could not win this case in a court of law, but we knew in our hearts that this was wrong, and something had to be done. We were fortunate enough to be able to hire our own lawyer, pay for a psych evaluation, polygraph test and forensic testing. Now we can talk about this case publicly. We do not have to put our family at risk, but we feel compelled to stand up for those that may not be able to do so on their own.
"We adamantly agree that child pornography is horrific, and there needs to be laws to protect children, but we can not allow innocent people (children) to go to jail a