Information is leverage. Information is power. Information is Maltego.
While targeted mostly to forensics and information security professionals, it is not hard to see how such a tool could be easily deployed to mine the vast amounts of personal and identifiable data people are increasingly sharing in the Web 2.0 world. No longer is it necessary to have the computational power or singular repository of data of Google or Amazon. With Maltego, anyone can scan “open data repositories” on the Web and compare the results with their own data.
Some examples of possible uses of Maltego is provided by a recent Forbes article:
Worried about information leaks your company? Input lists of employees from your rival companies, and Maltego can graphically depict how they might be related to your employees. It can also provide likely e-mail address, phone numbers and personal Web sites–and then use this information to add a new layers to the investigation.
…Curious what’s being written about your company on blogs? Try the Technorati.com transform, and parse out all the most common related tags and keywords. Or try the Spock.com transform, which queries a database billed as “the world’s leading people search engine.” Search yourself or your neighbors; Maltego’s approach is agnostic.
Agnostic, indeed. About the only restrictions placed on the use of Maltego is to refrain from performing illegal acts with the software, and to not use it for generating spam. Other than that, we are encouraged to use Maltego to collect and mine “information posted all over the internet” and uncover “hidden” information and relationships, whether “it’s the current configuration of a router poised on the edge of your network or the current whereabouts of your Vice President on his international visits.”
While some recognize the potential privacy and surveillance concerns with the fact anyone can download a free version of such a powerful tool (and the full-featured version is only $430), others make that old argument that there’s no need to worry since “Maltego doesn’t snoop into closed data repositories, but instead mines publicly available data.”
Another potentially privacy-invading tool cast aside becuase it merely is using data that is already public in the first place. Sigh.