Friday, August 19, 2011
Five lessons learned from the Paul Peters/ Madeline Pulver case in Sydney, Australia
As you’ve heard in the news, after Peters attached a fake bomb, he left a ransom note on a USB drive looped around Madeline’s neck. The note included instructions to e-mail him at email@example.com.
Here are five lessons learned from this case.
Never send a secret message with a USB drive that has ever been used before. (Peters used such a USB drive, thinking that he'd wiped it clean.)
Never write a secret message using Microsoft Word. The USB drive revealed a version of the ransom note written in Word. It contained metadata about the document's author, including the name "Paul P."
Never use e-mail for a secret message. Each time Peters accessed his account, his location became known.
Never use a library or a video store to check your e-mail. When Peters did just that, video cameras caught both him and his Range Rover.
Never use a vehicle registered in your own name. Video cameras picked up the license on Peter's Range Rover, which was traced back to him.
(There are secure ways to send a secret message but this public blog is not the place to reveal them.)