Skip to main content


Showing posts from January, 2017

The New Colossus

The New Colossus  Emma Lazarus Not like the brazen giant of Greek fame,

With conquering limbs astride from land to land;

Here at our sea-washed, sunset gates shall stand

A mighty woman with a torch, whose flame

Is the imprisoned lightning, and her name

Mother of Exiles. From her beacon-hand

Glows world-wide welcome; her mild eyes command

The air-bridged harbor that twin cities frame.

"Keep ancient lands, your storied pomp!" cries she

With silent lips. "Give me your tired, your poor,

Your huddled masses yearning to breathe free,

The wretched refuse of your teeming shore.

Send these, the homeless, tempest-tost to me,

I lift my lamp beside the golden door!"

Protecting the Nation From Foreign Terrorist Entry Into the United States

Reptile vs Ground-truth, All War is Culture War

A toad is an amphibian, but that's ok because the part of the blog about any of that ends here.
Ground-truth is a standard of experimental control, it's applied to multiple disciplines. In video surveillance, it basically means comparing the way the computer sees things when the environment is controlled or simulated (but simulated here is meant as IRL, conditions are staged or acted out) with how the computer sees them in actual IRL, not to get bogged down in technical jargon.
The long, bizarre choreography below is NYPD cadets serving as the cast of a series of ground truth simulations of simple scenarios, like a crowded platform with an abandoned package, or collapsed person on same. Many people are saying they did sex things on more secret level footage, but I'm not saying that.

There's an evolution to deploying city-wide surveillance. Existing hardware is incrementally supplemented with new installations and all tested for progressively complex analysis.
Chicago ha…

A Dilettante’s Guide to the Secrets of the Internet

Being clever at the beginning of each post is exhausting, so from now on I'll mostly launch right into my subject matter, which is generally "searching the internet."

I also want to be able to use posts to explain some items as opposed to trying to edit tweet threads.

Begin with a basic organizational tool like Freeplane, open source mind mapping software. Here's two views, same map — Kenneth Lipp (@kennethlipp) January 16, 2017
Eventually you should look at files that you download, if your goal is to discover useful information. You want a form of index.

In my experience it is frequently necessary to download at least as many unwanted documents and files as those you can identify as of interest. This is a simple trade-off to avoid missing important items. It's just not that easy to target your Google search, click on documents based on the results page description, and read them sufficient to determine their use …

Networked Inference -- How to Stop Worrying and Understand the Bomb

Networked Inference is my blog, it's a non-technical advanced tutorial for Internet research. This is a post that could go on that blog, but is not really a tutorial, and I made it a Medium post to show I mean serious business that it's for learning.

Call it Offensive Critical Thinking, as long as you call it something cool, networked inference about understanding systems of information so you can make them work for you -- that is, inform you. I figured it would thus make a good breakout post for me to explain the universe.

Roger Penrose is a brilliant cosmologist whose explanation of a very abstract whole picture concept of the universe is achieved quite admirably, he's terribly British but it grows on you.

In a sentence: Penrose here explains how it is possible for everything to be nothing and for something to happen before and after the Big Bang, including the Big Bang.

Less briefly, and my own paraphrasing, not his words:

This involves two key principles or mechanisms,…

Part 3 - Facial Recognition and Plate Readers - Easy to Find Because They're Everywhere

What's really concerning is not that we can locate remote surveillance machines with Shodan, or with "Google dorks;" most of the hosts we've come across are not accessible without a password (or exploit, but that's out of my depth and not what we're doing). What's alarming is that our search results reflect the massive spying-infrastructure in the same way every roach you see in your kitchen is an emissary of thousands if not millions more. What we're finding now are outliers, most gear is not indexed by search engines.
ALPR is just the beginning -- since the last post I've found multiple hosts of biometric identification services -- fingerprints and facial recognition.

Something to note here is that the industry-agency approach to this biometric data is not really different from its treatment of license plates -- that is, as "anonymized" metadata (this may or may not be its legal status, but inasmuch as technology is developed for its …

Finding and Investigating License Plate Readers, Part 2

Yesterday we found license plate readers and want to learn more about them. At the end of the last post we had three IP addresses from a search of Shodan for “AutoVu” in the html field. AutoVu is the proprietary line of Genetec under which it sells a variety of automatic license plate recognition hardware and software.
Two of those IP address gave response pages with LPRaaS in the title, for “License Plate Reader as as Service.” and one titled Login - AutoVu Occupancy Study, all on the Microsoft Azure cloud. The latter and one of the former IPs are in Boydton, Virginia, according to Shodan, and one,, is in Dallas. 
Before digging more into these hosts I wanted to try some more searches on Shodan -- I went to a police magazine website’s product index and made a list from the ALPR page.
I didn’t need it yet; searching Shodan for html:”lpr” and html:”alpr” was plenty -- it produced dozens of leads. This post is the first lead to pan out (I eliminated several hosts that wer…

Networked Inference, or the Internet IS a Thing. Use it to find license plate readers

This will be a post in three, well, probably three, parts, which I will probably post to Medium once done as a single thread. The eventual idea is to give a more complete picture of what I am trying to do -- and what I mean by networked inference. For now I want to proof a concept and get some of you along for the ride. Don't think of yourselves as bookish researchers, think CSI-Woke.

When someone says a file or ‘page’ is on “the Internet,” they’re saying it’s on someone else’s computer where it can be accessed from another. The computers themselves must communicate according to a sort of heuristic, and “Google hacking” for research is really about understanding that vocabulary as well as that of the subject matter, how to find the lowest common denominator to make your task as fruitful and *automated* as possible.

For this post I’m trying a cold search, “live,” if you will, in that I am typing these words and have only now conducted some preliminary information gathering (which …

AFRICOM, Sharepoints, and the Horrible PowerPoint Forest

This is not a rule without exception, but the world of military PowerPoint briefings is ugly and filled with un-ironic, inadvertent self-debasement. That's not what this post is about, but it's true.

You're so vain, you probably think this bomb is about you — Kenneth Lipp (@kennethlipp) September 12, 2016
Actually many of the briefings I've browsed for this post about AFRICOM (or about looking for it), the US African Command, are quite dull, they may even make some people depressed.

I'm not going to attempt to explain or report on AFRICOM, I'm just going to show you how to learn about it using some Googling techniques I've crafted over time. Google's advanced operators require strict adherence, but my approach is not totally prescriptive, to find what *you* want, you'll have to somewhat wing it.

The choice of AFRICOM is speculatively topical: PEOTUS Donald Trump has signaled an aggressive stance toward China, frequently r…


I'm a freelance journalist, this is my personal blog, it will host a variety of posts. Its main purpose is to give me a place to write at length about a topic in which I am immersed -- a blog about searching the Internet, mostly by talking to Googlebot, for what you could loosely categorize as information of interest to the public that someone might not want the public to see.
I'm using the Blogger platform because it's free to use my custom Google domain on Blogger, and it also forces me to focus on writing and ignore aesthetics, as the latter is a lost cause. I hope you like the flowers. 
"Google hacking" for research is not all about using "Google dorks" or finding marked, controlled documents. Sometimes it's about finding enough breadcrumbs -- you don't have to recreate the bread, just follow the remnants to the final destination of the slob who was sauntering down the path eating a crispy baguette (I figure break the metaphor down before i…