Read this…people like this are worse than the “bad” guys. Also keep in mind all of the stuff you are putting out there on Facebook and other sites. It’s not hard to build a scarily detailed profile of you no matter “careful” you think you are being if you are just spewing stuff onto Facebook and other places like many individuals AND businesses do.
When Aaron Barr was finalizing a recent computer security presentation for the US Transportation Security Administration, a colleague had a bit of good-natured advice for him: “Scare the sh*t out of them!”
In retrospect, this may not have been the advice Barr needed. As CEO of the government-focused infosec company HBGary Federal, Barr had to bring in big clients—and quickly—as the startup business hemorrhaged cash. To do so, he had no problem with trying to “scare the sh*t out of them.” When working with a major DC law firm in late 2010 on a potential deal involving social media, for instance, Barr decided that scraping Facebook to stalk a key partner and his family might be a good idea. When he sent his law firm contact a note filled with personal information about the partner, his wife, her family, and her photography business, the result was immediate.
“Thanks. I am not sure I will share what you sent last night—he might freak out.”
This rather creepy behavior became common; Barr used it as a sign of his social media prowess. Another target of his investigations went to “a Jewish Church in DC, the Temple Micah.” Someone else “married @ the Inn at Perry Cabin in St. Michaels, MD (non-denominational ceremony).” Barr was even willing to helpfully guesstimate the ages of children in photographs (“they have 2 kids, son and daughter look to be 7 and 4”).
Barr’s rundown on his H&W contact
With one potential client, Barr sifted the man’s social media data and then noted that “I am tempted to create a person from his highschool and send him a request, but that might be overstepping it.”
As the money ran out on HBGary Federal, Barr increasingly had no problem “overstepping it.” In November, when a major US bank wanted a strategy for taking down WikiLeaks, Barr immediately drafted a presentation in which he suggested “cyber attacks against the infrastructure to get data on document submitters. This would kill the project. Since the servers are now in Sweden and France, putting a team together to get access is more straightforward.”