The Future of OSINT
With just a name and an email address, an open source analyst can likely discover the hometown, employer, and alma mater of most individuals with a smartphone.
03Dec
Charting the Dark Web: Utilizing Dark Web Communities
While the dark web certainly has more than its fair share of malicious users and sites, the community at large is quick to offer tips and tricks on how to stay private and protected.
25Nov
Leveraging Metadata to Identify Netflix Viewers’ Decisions
This case proves that the unencrypted elements of data provide a new managed attribution consideration; every file, post, and message that is published online can weaken or strengthen users’ digital fingerprint and behavioral footprint.
20Nov
What Threat Actors See: Managed Attribution Threat Modeling
My previous blog on threat modeling for managed attribution presented a basic framework for analyzing the MA solutions you might use to protect your online operations. In this post, I further analyze the kinds of information that could be visible to the various categories of threat actors.
06Nov
Understanding Threat Actors: MA Threat Modeling
Many entities could act as potential threats when you execute your online missions. Depending on the threat actor’s attitudes and capabilities, the severity of these threats can vary.
23Oct
Managing Your Attribution: Nobody, Anybody, or Somebody
When you are trying to operate online, it may seem obvious that you need an alias; the question is, what kind? In this blog, I am going to share with you my framework for the four forms of online identity.
22Oct
Click Bait: Tracking Links and Your Managed Attribution
Tracking links are helpful to improve your marketing campaign or increase traffic to your website. But they can also have serious implications for your managed attribution—whether you click on them or you create them.
22Oct
VPNs and Your Managed Attribution: Nsight Series
One of the reasons that people flock to VPNs, or virtual private networks, is to appear "anonymous" to their ISP. However, as we have already discussed with our managed attribution paper, online anonymity is a myth. Instead, users need to manage their digital fingerprint and behavioral footprint to operate online without giving away...
09Oct
Profile Pictures on Social Media: Operational Risks
The internet has become an incredibly visual medium. Faces are everywhere online, particularly in social media. But, if you are trying to go online under an alias, faces can create a major problem.
02Oct
Dangers of Bitcoin for MA: Risks to Undercover Operations
Bitcoin could actually put you at risk of exposing your alias. But with the proper precautions and rigorous OPSEC, your mission objectives remain feasible, even while manipulating bitcoin.