From Easter Egg Hunter to Online Sleuth

From Easter Egg Hunter to Online Sleuth

As a child, one of my favorite parts of spring was Easter. It’s easy to say, “Sure, every kid likes chocolate,” but the reality was that I liked the hunt. My parents hid those tiny chocolate eggs all over our house, and my sister and I – and occasionally our cousins – would run all around racing to be the one to find the most eggs. The door handle for the oven, the heater vent behind the couch, in the soil of each potted plant. Everywhere had chocolate and a lot of it was easy to find. Some of the eggs, however, were more difficult to find and you really had to search. The top of the door (clearly out of reach for little kids) meant shaking the door back and forth to see if any fell. The eggs in front of the old CRT television brought you to the less obvious trail on the carpet around the corner of the entertainment center. On that morning, you weren’t just a kid in pajamas running around with a colorful wicker basket, you were a detective honing your skills like Nancy Drew and the Hardy Boys. Your parents, on the other hand, had forgotten where they’d placed the eggs the night before and were secretly hoping you really were the world’s greatest sleuth, so that they could avoid finding melted chocolate behind the couch a month from now. As you got older, your parents stop hiding eggs or you start hating chocolate (both if you’re me) and the chance to be the Sherlock Holmes disappeared.

I suspect that I’m not the only one that feels a loss when they think back to that overflowing basket on Easter morning and realize their sleuthing days are over. Puzzle solving video games are incredibly popular and reddit is filled with amateur detectives just looking for a mystery to solve. Look at what happened when Netflix premiered Making a Murderer, everyone started sleuthing around, pausing their TV and analyzing the images that were displayed. Facebook is constantly showing me sponsored ads for Hunt a Killer and I’ve seen multiple friends mention the monthly interactive mystery game. One of the most popular forms of social entertainment today is the escape room – where you are locked in a room with friends and you must use your powers of deduction to solve the mystery and beat the buzzer. Deep down, we all secretly want to be the next Jim Rockford or Jessica Fletcher (Shawn Spencer or Veronica Mars for the younger readers).

Personally, as an avid online gamer and security professional, I find it fun to play detective with my fellow gamers. We live in a world where cyber bullying and doxing are an all too common occurrence, so it’s important to know just how much you reveal about yourself when you jump online to play your favorite MMO with gamers around the world. Whether it’s your teenager taming a Devilsaur in World of Warcraft after they finish their homework or you logging in to join a fleet in EVE Online, it’s important to understand just how much you reveal about yourself in private conversation and how those comments can be used to associate your online identity with your physical one. Disclaimer, when I engage in this form of entertainment, I involve the person I’m researching; they always know I’m doing it and are actively involved in the verification of data.

The first thing to keep in mind is that you are likely revealing information about yourself every time you speak. This information, over time, can help others identify who you are. More importantly, remember that every time you interact with a service controlled by another gamer, you are revealing information to them. This could be a voice chat like TeamSpeak or Mumble or simply a forum that you use for planning and conversation. You are revealing your IP address (assuming you don’t use a VPN) which is likely to reveal your country (by determining your ISP) and potentially your city or state (depending on how your ISP sets up DNS – the service that translates domain names into IP addresses and vice versa). If we look at the domain name assigned that my IP address resolves to, we see the following: (all numbers are replaced by #). Right away, we know that I get my internet services from Bell Canada, one of the biggest Canadian ISPs. A quick Google search for toroon domain reveals a list of DNS servers in Canada hosted by public-dns. A quick search for in their full list of 446 valid servers reveals that Bell uses 6 characters, 4 for the city (otwa for Ottawa, mtrl for Montreal, and toro for Toronto) and two for the province (on for Ontario and qc for Quebec). Immediately, anyone who has access to my IP address knows that I live in Toronto, Ontario, Canada.

We know that a minimal number of people will control services that you access, so you may think this is a small risk, but it’s not the only way that you reveal data about yourself. Casual conversation with online friends can lead to all sorts of discoveries with a minimal amount of sleuthing.  Perhaps, you’ve mentioned casually that you live in Idaho but you’ve avoiding telling people the city you live in because you don’t feel comfortable sharing it online. What happens when you mention that your spouse ran out to Walmart? A website like will quickly tell me where I can find a Walmart in Idaho (there are 25 of them). Google Maps will even let me focus on a specific section of the map and use Search This Area, letting me focus on specific areas within Idaho. Maybe you mentioned that you were only about an hour from the Canadian border after I mentioned I was Canadian. Using directions on Google Maps, I quickly learn that the northern most Walmart in Idaho, located in Ponderay is only 75 minutes from Lister, British Columbia, a town close to the US border. Maybe you live in Kootenai or Sandpoint (neighboring towns to Ponderay), but we’ve now narrowed your location down to Bonner County, population 41,000. Perhaps in another conversation you mention living on the water or watching planes land in the backyard, each of these pieces of information allowing an online “friend” to more closely narrow in on your location.

It only takes a matter of minutes and a few innocent comments about life for an online stalker to narrow down your location. With a longer term conversation, what else are you likely to mention in passing? Your first name? Your high school? Perhaps that you “ran across the street to grab McDonalds for lunch today” or “stopped at Starbucks during your 2 mile run.” Now imagine that it’s not you, it’s your teenager or child and they’re playing Minecraft or League of Legends with some other “kid” on the internet. It’s amazing how these little bits of casual conversation can help someone build a profile and identify you.

As I mentioned, this type of thought exercise brings me back to my dreams of being a detective while egg hunting as a child. It also provides a form of entertainment for myself and my fellow gamers. We’ve played video games together for years, we’re mostly in our late 20s to early 40s, and many of us have met outside of video games. It’s become a game for us, “How fast can Tyler find <insert information request here>?”  This is where you realize how scary this is and how important it is to educate our children with regard to online privacy, because with a couple of pieces of information dropped in casual conversation, it’s often easy to identify someone in under 30 minutes.

Consider that the next time Facebook asks you to verify your privacy settings or you wonder how much detail you should add to LinkedIn to aid in your upcoming job search. Educate your kids, spend time online with them and see what type of information they are sharing with strangers. Consider reviewing my Checklist for Online Gaming Privacy with them. Even more importantly, however, pay special attention to where you place those Easter Eggs this Sunday, you may have just created a spy school for the next budding 007.

Posted by Tyler Reguly on Mar 30, 2018


  • 12 Commercial Crime Sites to Do Your Research

    12 Commercial Crime Sites to Do Your Research

    Understanding crime statistics in your industry and area is crucial for making important decisions about your security budget. With so much information out there, how can you know which statistics to trust? Read Now

  • Boosting Safety and Efficiency

    Boosting Safety and Efficiency

    In alignment with the state of Mississippi’s mission of “Empowering Mississippi citizens to stay connected and engaged with their government,” Salient's CompleteView VMS is being installed throughout more than 150 state boards, commissions and agencies in order to ensure safety for thousands of constituents who access state services daily. Read Now

  • Live From GSX: Post-Show Review

    Live From GSX: Post-Show Review

    This year’s Live From GSX program was a rousing success! Again, we’d like to thank our partners, and IPVideo, for working with us and letting us broadcast their solutions to the industry. You can follow our Live From GSX 2023 page to keep up with post-show developments and announcements. And if you’re interested in working with us in 2024, please don’t hesitate to ask about our Live From programs for ISC West in March or next year’s GSX. Read Now

    • Industry Events
    • GSX
  • People Say the Funniest Things

    People Say the Funniest Things

    By all accounts, GSX version 2023 was completely successful. Apparently, there were plenty of mix-ups with the airlines and getting aircraft from the East Coast into Big D. I am all ears when I am in a gathering of people. You never know when a nugget of information might flip out. Read Now

    • Industry Events
    • GSX

Featured Cybersecurity


New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • Camden CV-7600 High Security Card Readers

    Camden CV-7600 High Security Card Readers

    Camden Door Controls has relaunched its CV-7600 card readers in response to growing market demand for a more secure alternative to standard proximity credentials that can be easily cloned. CV-7600 readers support MIFARE DESFire EV1 & EV2 encryption technology credentials, making them virtually clone-proof and highly secure. 3