Open Source How To: Hook Teams to Social Media

January 19, 2022

I read “Internal Facebook Note: Here Is A “Psychological Trick” To Target Teens.” Interesting stuff. One of the insightful items in the write up is that Facebook shut down the TBH operation. Well, that’s an assertion which a prudent person may want to verify. The write up also contains one of the Cambridge Analytica-type insights, a mini step by step guide to hooking a target sector.

Here’s the how to:

TBH noticed that teens often list their high school in their Instagram bio. So, using a private Instagram account of its own, the company would visit a school’s location page and follow all accounts that included the school’s name. TBH made sure its private account featured a mysterious call to action — something like “You’ve been invited to the new RHS app — stay tuned!” The startup would make one private account for each high school it wanted to target. The company found teens were naturally curious and would follow the private account back.

Helpful, particularly to bad actors without access to a pool of psychological tricks.

Stephen E Arnold, January 19, 2022

OSINT for Amateurs

January 13, 2022

Today I had a New Year chat with a person whom I met at specialized services conferences. I relayed to my friend the news that Robert David Steele, whom I knew since 1986, died in the autumn of 2021. Steele, a former US government professional, was described as one of the people who pushed open source intelligence down the bobsled run to broad use in government entities. Was he the “father of OSINT”? I don’t know, He and I talked via voice and email each week for more than 30 years. Our conversations explored the value of open source intelligence and how to obtain it.

After the call I read “How to Find Anyone on the Internet for Free.”

Wow, shallow. Steele would have had sharp words for the article.

The suggestions are just okay. Plus it is clear that a lack of awareness about OSINT exists.

My suggestion is that anyone writing about this subject spend some time learning about OSINT. There are books from professionals like Steele as well as my CyberOSINT: Next Generation Information Access. Also, attending a virtual conference about OSINT offered by those who have a background in intelligence would be useful. Finally, there are numerous resources available from intelligence gathering organizations. Some of these “lists” include a description of each site, service, or system mentioned.

For me and my team’s part, we are working to create 60 second videos which we will make available on Instagram-type services. Each short profile of an OSINT resource will appear under the banner “OSINT Radar.” These will be high value OSINT resources. Some of this information will also be presented in a new series of short articles and videos that Meg Coker, a former senior telecommunications executive, and I will create. Look for these in LinkedIn and other online channels.

Hopefully the information from OSINT Radar and the Coker-Arnold collaboration will provide useful data about OSINT resources which are useful and effective. Free and OSINT can go together, but the hard reality is that an increasing number of OSINT resources charge for the information on offer.

OSINT, unfortunately, is getting more difficult to obtain. Examples include China’s cut offs of technology information and the loss of shipping and train information from Ukraine. And there are more choke points; for example, Iran and North Korea. This means that OSINT is likely to require more effort than previously. The mix of machine and human work is changing. Consequently more informed and substantive information about OSINT will be required in 2022. The OSINT for amateurs approach is an outdated game.

Coker and Arnold are playing a new game.

Stephen E Arnold, January 13, 2022

  • Archives

  • Recent Posts

  • Meta