Skip to content
This repository has been archived by the owner on Jun 1, 2021. It is now read-only.

Latest commit

 

History

History
56 lines (49 loc) · 3.46 KB

collect-it-all-osint.md

File metadata and controls

56 lines (49 loc) · 3.46 KB
Raw

Collect It All: Open Source Intelligence (OSINT) for Everyone

Governments post reports and data about their operations. Journalists publish documents from whistleblowers. But there is a third type of open data that is often overlooked- the information people and companies post about themselves. People need jobs. Companies need to hire people. Secret prisons do not build themselves. By making it feasible for anyone to collect public data online in bulk and exploring ways to effectively use this data for concrete objectives, we can build an independent, distributed system of accountability.

M. C. McGrath

Talk notes

  • ICWatch.
  • Similar systems.
    • Uses data to target people in war zones; Iraq, Afghanistan.
    • SIGINT, interrogations, data from drones, traffic patterns, etcetera collected.
    • According to documents, same software used in Germany and other countries.
    • Other correlation tools uses cell phone to collect who travel together in pairs/groups.
    • Uses hadoop, accumulo.
    • Goal is to know everything.
    • Several companies creates software which scans social media.
      • Lockheed Martin's "Wisdom".
      • Scans and classifies information.
      • Sold with video using targeting Middle East politics as an example.
      • Used by Walmart to find and fire employees who organize others into unions.
  • Open source software, called Harvester.
    • Can search for keywords and locations, scan certain websites for more info.
    • Example finds NSA employees by searching for xkeyscore in Maryland on indeed.com (?).
    • Can also scan PDFs on disk etcetera.
    • Using open source and making it adaptable for the target audience is key.
      • Even NSA (accumulo) and GCHQ (gaffer) have release open source software for searching/matching.
  • The people behind security stuff aren't "bad".
    • McGrath went to security conferences with people close to NSA etcetera.
    • Focus on people behind the data, instead of dehumanizing them like the intelligence agencies do (to make their jobs easier).
    • With information about these people, they can be understood and perhaps influenced.
    • Digging in to people who have worked at NSA.
      • One example was interesting because of early involvement (possibly) in PRISM.
      • Another has been working on several interesting projects.
      • Another is an actual plumber, who has security clearance and has worked on various (secret) bases for for example drones.
      • Seems many people have worked on psyops and humint.
    • Some contacted ICQatch.
      • Some where angry about being in the database, or had questions.
      • Some were polite, others sent death threats.
      • One guy ended up in ICWatch because of working in the Israeli intelligence doing phone surveillance, but claimed he never worked with surveillance.
  • Other data in Transparency Toolkit.
    • Also includes non-publish documents.
      • Snowden documents.
    • Can be used:
      • To do the same thing the NSA and others do, except not to kill people.
      • As a basis for FOIA request.
      • As a basis for legal action.
    • Need help from:
      • Laywers, journalists, NGOs, activists etcetera to actually use the data.
      • Software developers to improve the software.
      • Project managment to focus the work.