Friday, August 19, 2011

Five lessons learned from the Paul Peters/ Madeline Pulver case in Sydney, Australia


As you’ve heard in the news, after Peters attached a fake bomb, he left a ransom note on a USB drive looped around Madeline’s neck. The note included instructions to e-mail him at dirkstraun1840@gmail.com.

Here are five lessons learned from this case.

Lesson 1:
Never send a secret message with a USB drive that has ever been used before. (Peters used such a USB drive, thinking that he'd wiped it clean.)

Lesson 2:
Never write a secret message using Microsoft Word. The USB drive revealed a version of the ransom note written in Word. It contained metadata about the document's author, including the name "Paul P."

Lesson 3:
Never use e-mail for a secret message. Each time Peters accessed his account, his location became known.

Lesson 4:
Never use a library or a video store to check your e-mail. When Peters did just that, video cameras caught both him and his Range Rover.

Lesson 5:
Never use a vehicle registered in your own name. Video cameras picked up the license on Peter's Range Rover, which was traced back to him.

(There are secure ways to send a secret message but this public blog is not the place to reveal them.)
Posted by at
Labels: ,

2 comments:

  1. I wonder, if he had used a brand-new USB drive paid for with cash, using Notepad or a Linux open-source office suite for the message, with a throwaway Mailinator email address, accessed via some unsuspecting person's unsecured wifi through a Tor Browser, if he would have then been found. This level of discretion would actually be simple to achieve. Can't comment on the car though.

    ReplyDelete

  2. Someone in Pittsburgh had sent the newspaper a fake message to the press on forged Pgh Police letterhead. They used their own laptop in a coffee house. The cops were so steamed that they raided the coffee house and seized their computers and wireless routers to try and find out who had sent the fake letter. Apparently, they didn't find out who did it, because the coffee house didn't have cameras, and the person used a lap top that didn't have any information that identified him or her.

    ReplyDelete

Please leave a constructive comment below. Spam and Advertising will not be posted, so it's not even worth trying - all comments are moderated.

Subscribe to: Post Comments (Atom)