OSINT Search Strategy #1 : ”Google Guessing”.

Regardless the subject, regardless the purpose or goals, the by far majority of investigators use the same search strategy over and over again. It’s called Google Guessing and involves the use of the Google Internet search engine to solve any information problem, regardless the subject

Just hammer in a few terms, hit enter and hope for the best. After one or two minutes, repeat.

This has two obvious assumptions. One, that (part of) the answer to solve the information problem is available somewhere on the world wide web on the Internet, and two, that the Google search engine has access to it. Both are very wrong.

The Internet is only a small part of the global information landscape. There is a lot of open source information out there that is not on the Internet. Talk to a librarian. They know. Think about satellite imagery, or data from telephone masts, acoustic signals etc.

Secondly, the ‘Internet’ consists of a lot more then just the world wide web. There is other protocols offered on the Internet where open source information is stored, such as NNTP, IRC, FTP and others. They are not as large as HTTP, but still.

Of the world wide web, only a fraction is indexed by search engines. Estimates are that the deep web is 50 to 500 times larger than the surface web. Roughly 2 percent or less is indexed by search engines, the rest is available only behind paywalls, interactive datbases etc. Google only covers a fraction of information on the world wide web.

It is really interesting to see how students change their search behaviour after just a few days of OSINT training. Learning about requirement analysis, problem deconstruction, constructing a collection plan, source analysis, the OSINT Intelligence Cycle. No more Google guessing, but applying a technique of structured, systematic and planned open source research to solve any information problems using open sources.

See for yourself and look for an OSINT training that will share a methodology of OSINT research. Forget for now about tricks, tools and such.

https://lnkd.in/eK4xR5WZ
#OSINT #OSINTtraining #osintsolutions

Are you ready to learn a proven methodology to find the best open source information out there? Delivered by the founder and former manager OSINT of the defence intelligence and security service with more then 30 years experience in OSINT.
https://lnkd.in/eK4xR5WZ
hashtag#OSINT hashtag#OSINTtraining hashtag#osintsolutions

Arno’s Sunday morning OSINT. Updated the Open Source Intelligence Resource Discovery Toolkit on the subject of academic papers (‘Academia’). Now listing 20 sources to find dozens of millions academic papers. Also see ‘Thesis and dissertations’. And many more open sources obviously.

Proper OSINT research requires knowing about sources.
http://rr.reuser.biz

Future OSINT plans

The future of our OSINT range of training programmes looks ever more promising. The OSINT Pathfinder range of training programmes will continue to be offered about four times a year. On top of that, we plan the following:

Online training

We will offer in the near future a full OSINT training programme online.

The idea is to schedule the training in modules of no more than 3 hours. Each module will be offered twice, one in a CEST timezone, the other in ET (USA) timezone. Documentation as usual will be extensive, and in print. Participants will indeed get a postal package with all the stuff they need to complete the OSINT training.

OSINT Master training

We are working to organise an OSINT Master training near the end of this year.

The Master is the follow-up of the Pathfinder and is a scenario exercise where groups of former Pathfinders are challenged to solve a complex scenarion exercise following the OSINT Methodology studies during a Pathfinder.

There is obviously also a short refresher of Pathfinder and some extra things such as a lesson on how to compile an OSINT report, the art of writing for intelligence, fact checking and geolocating.

Intelligence Analysis training

We will work on a new course, where we combine OSINT with intelligence analysis techniques.

We are looking at a 4 day training here, with an expert intel analysis trainer (I have two candidates already) taking two days and the OSINT training doing the first two days. The overall idea is this:

• OS – we retrieved open source information that is reliable, timely, relevant, validated etc,
• INT – now what are we going to do with it?

Giving a set of open source information that meets certain quality criteria, what intelligence analysis techniques would be useful to try and analyse the information. How does one then use these techniques to produce an intelligence report.

Refreshers

We like the concept of offering a yearly refresher to former participants of the Pathfinder training.

The only thing is that we wonder if a four hour refresher is too long. Is it a better idea to offer a refresher per theme and then maximum 90 minutes or so. In that case we would like to offer about 4 refreshers per year. Participants will obviously get updated documentation.

Let us know your thoughts on this one. 

 

 

…and how it all gets together

Open Source Intelligence (OSINT) is a collaborative, integrated research/production METHODOLOGY to CREATE an actionable intelligence product (called OSINT report) resulting from analysis of a representative selection of open source information (OSINF) in order to meet some intelligence requirement that is used to take decisions and start some change.

Open Source Information (OSINF) is information that can be COLLECTED from the public domain by anyone in a legal and ethically acceptable way, and that meets quality requirements such as authenticity, reliability, accuracy, time etc, regardless source, format or time, whether for free or commercial, and is being used to be analysed, probably in conjunctions with other sources, to become OSINT.

Information is any piece or document that serves the purpose of deriving information from, or is assigned that purpose. Thus, anything can be OSINF as long as the object is used to derive information from, like digital info, books, newspapers, audio/video, oral history, taxi drivers, porters, phone logs or archeological findings are all considered information that can be collected, indexed, catalogued, described, categorized and used for analyse, again after applying quality criteria.

Intelligence is analysed information that interprets, explains, predicts, clarifies, connects, judges, opinionates, categorizes, qualifies OSINF in order to support decision makers in making decisions and implementing change. Intelligence is by definition never collected, but created. An intelligence report produced by service P and send to Q is for the sender P intelligence, but for the recipient Q it is information, not intelligence, until Q has analysed the report, then it becomes intelligence again.

Legal and ethical restrictions mean, in short, that OSINF is only OSINF if the information was obtained in a legal way and that the information was intentionally published in the public domain. Hacking, cracking, password sniffing, stealing, data leaks etc. are therefor not considered OSINF and thus not eligable for OSINT. Wikileaks is thus not OSINF since that information was never intended to be in the public domain.

Conclusion. OSINT is thus very much more than just the world wide web (WWW) or social media. OSINT also deals with the other 98% of open source information that is NOT on the WWW or social media or even on the Internet. The W3 is only a fraction (less then 2%) of the surface web.

There is a wide variety of OSINT definitions. Mainly because there is many different requirements or backgrounds. Obvciously, an OSINT definition for a stratetic intel service is different then that of a law enforcement agency. In addition, there is different levels of OSINT, typically there are five classes with varying complexity.

One never collects or gathers OSINT. One CREATES OSINT. Also, there is no such thing as OSINT tools. All ‘tools’ are by assumption open source. OSINT is a methodology, a process, not an object. Almost all tools available today in the digital world, whether free or fee-based, can be used to collect OSINF in one way or the other. Using the phrase OSINT as an adjective does not mean something specific and does not make the tool more special or something.

Want to read more about OSINT or how to design your OSINT production capability? See the OSINT Bibliography I compiled over the years at htttp://bib.opensourceintelligence.biz

Want to learn more about OSINT training? Try http://www.opensourceintelligence.biz

#OSINT #OSINTtraining