Share this page!

nixintel Profile picture
Twitter logo
Mar 9 26 tweets 6 min read
"There's No Such Thing As Open Source Intelligence"

Apart from the clickbait title, what are the key takeaways from this article by a serving US Navy Intel officer?

The tone is very different to other recent military takes on #OSINT.

A thread (1/n)

tandfonline.com/doi/abs/10.108…
The author argues that OSINT is distinct from other INT sources (SIGINT, HUMINT, IMINT etc) because it is defined by how accessible it is ("publicly available",) rather than the nature of the source (signals, human, images etc).

2/n
The impact of this confusing taxonomy is that OSINT becomes a "junk drawer" of ill-defined types of information.

Unlike other INTs, the source type is vague and unclear.

3/n
The author also questions just how truly "publicly available" OS is if one does not have the expertise to access it e.g. data in foreign languages, or on the dark web, or behind a paywall.

(I find this a bizarre take - requiring skill to access != unavailable)

4/n
Since in the author's view OSINT is far too broadly defined, it is impossible really hire or train someone to work in OSINT effectively because the array of skills required is too vast.

5/n
The author is critical of his peers in the CIA and DHS for hiring people who specialise in OSINT for this reason, yet acknowledges that their work is made possible by making their tasks remits more specific

(well, of course... 🤷‍♂️)

6/n
TLDR: "OSINT" makes homogenous what should be highly specialised.

(This feels like a straw man, since most OSINT roles are usually within a sub specialism in any case, as are the DHS/CIA roles he cites.)

7/n
The author attributes (blames?) the rise of OSINT to the increase in the data generated by the web in the 1990s, but he notes the term as been in use since at least the 1960s and the concept is older than that - it was just never a separate "INT".

8/n
Despite these early references, the use of the term "OSINT" generally tracks the rise of the web.

He notes that orgs like @Bellingcat and @RUSI_org have shown OS capabilities that previously only existed in government.

9/n
The author argues that the reliance on OSINT causes reliability issues, since analysts may not thoroughly evaluate their sources in the way they might in traditional forms of INT.

10/n
(This is also a bizarre argument against OSINT as a discipline. Poor verification and vetting of sources depends on the skill (or lack of) of the analyst and the processes they apply, it is not inherent to OSINT itself.)

11/n
As an example of the "confusion" caused by OSINT he cites footage of a sunk Russian ship shared on social media after a Ukr missile strike. Is this OSINT, IMINT, or SOCMINT?

12/n
(This is a weak argument for strict taxonomy. It's hard to see how the INT labelling applied to this footage would determine its overall utility in the intelligence process.)

13/n
To answer the final question "What Is To Be Done With OSINT?" (!) the author suggests reverting to traditional intel labels. If it's a picture, it's IMINT, if it's a human source, it's HUMINT, and so on.

14/n
The author seems to believe that since analysts are trained to weigh and evaluate these traditional INT forms, putting "OSINT" back into these boxes will alleviate issues around verification quality.

15/n
And there are most definitely verification and labelling issues with OSINT. I have moaned before about the pernicious rise of BULLSHINT:

threadreaderapp.com/thread/1522694…

16/n
But the root cause is not open source intelligence, it is the lack of any kind of verification or analytical process. Dilettantism can be a problem in public OSINT at least.

17/n
So what are the actionable takeaways of the journal article?

Well, there aren't really too many.

Unless you do OSINT in an environment where source corroboration and verification are not routine, in which case the fault is with you and not OSINT 😀

18/n
The conclusion is here but I find it unsatisfactory. If open source info is not analysed and evaluated on the way to becoming intelligence, these are failings of the org and individuals. It does not preclude open source from the intel process.

19/n
Fortunately the US intel community takes a more progressive view of OSINT. In Dec 2022 the CIA appointed Randy Nixon as the new head of the OSE (Open Source Enterprise) in order to improve the agency's capabilities in this field.

executivegov.com/2022/12/randy-…

20/n
In contrast to the original article, it seems military intel leaders cannot get enough of #OSINT.

This recent speech by the UK's Gen Hockenhull highlights a completely different point of view...

21/n
gov.uk/government/spe…
Some key takeaways from Gen Hockenhull's assessment of the recent impact of OSINT on the Ukr-Rus conflict:

- Exploiting all available information is a long tradition in intel. Technology has now scaled the volume and pace.

22/n
Bias is a problem - but the way to counter this is with better diagnostics and analysis.

(Note: dealt with by better analysis, not abolishing the discipline(!))

23/n
Digital intelligence capability now comes from commercial services, not necessarily traditional intel sources e.g. AI brings greater speed.

"Whoever learns fastest is going to win"

24/n
There have been six key impacts from OSINT in the war so far:

1) Social media and commercial satellite provided insight into RU deployments. These were available for all to see and interpret.

25/n (continued in next thread >)
Continues here:

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with nixintel

nixintel Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @nixintel

nixintel Profile picture
Mar 9
Thread continued from here 👇
Second impact of OSINT is it's ability to shift public confidence. The OSINT community is quick to expose Russian lies e..g. re: troop movements.

26/n
Third: OSINT has been able to challenge and rebut Russian false flag and propaganda claims. It has limited the effectiveness of Russian info ops.

27/n
Read 10 tweets
nixintel Profile picture
May 6, 2022
BULLSHINT is alive and well.

If you have gaps in your intelligence picture, it is ok to say "I don't know" or "I need more data to form a conclusion".

It is never acceptable to fill the gaps with speculation and call it intelligence. 🧵 1/
All forms of intelligence, including #OSINT, involve assessment, evaluation and analysis.

There are a few different models, but they mostly look somthing like this:

2/
You plan, collect raw information, process it, analyse it, and then finally disseminate it for action. Always with the overall mission in mind.

Good analysis and evaluation is what turns raw information into actionable intelligence. 3/
Read 21 tweets
nixintel Profile picture
Mar 22, 2022
Another very different true story from intelligence history.

It's certainly the most disgusting act of intel gathering I've ever heard of.

Here's how poor opsec and the careless toilet habits of Soviet soldiers became a reliable source of intel for NATO in the Cold War... 1/
After WW2 Germany was divided into Allied and Russian occupation zones.

Mistrust and paranoia between the two sides was rife and each was afraid of the other side launching a surprise attack on the other... 2/
To counter this, each side agreed to allowing a military mission from the opposing side to be stationed on their territory and observe military exercises.

That way it would be impossible for NATO/Soviet forces to prepare for an attack without being observed by the other. 3/
Read 18 tweets
nixintel Profile picture
Mar 21, 2022
I've been reading up on the history of OSINT recently (although it wasn't always called "OSINT" of course...).

I found an interesting early example of image-based intelligence going back to WW2.

These days we'd call it "crowdsourced"... 1/
In 1942 the allies were struggling for reliable images of locations in Nazi-occupied Europe. These were needed to plan bombing raids and operations like D-Day.

The allies had reconnaissance planes, but they were limited by range and weather, and were often shot down. 2/
So in 1942 the head of British intelligence, Admiral Godfrey, put out an appeal on BBC radio for listeners to send in photographs and postcards they had from mainland Europe, especially if the area was of military interest. 3/
Read 5 tweets
nixintel Profile picture
Feb 22, 2022
Reality check on why sanctions on Russia will also have a detrimental impact on the West:

telegraph.co.uk/business/2022/…

(behind paywall, so summarised below)...
1) Russia has its own digital payment system, Mir, which will mitigate the economic impact of removal from SWIFT.

2) Note that Russia would regard SWIFT removal as equivalent to a declaration of war in the event it was implemented: nytimes.com/2022/01/31/us/…
3) Russia supplies 43% of the world's Palladium, which is essential for the electronics industry.

4) It controls 90% of the world's neon, which is required for microchip production (lasers that etch chips use neon).
Read 9 tweets
nixintel Profile picture
Oct 4, 2021
Last week a key ransomware threat actor was arrested in Kiev, Ukraine.

I wondered if it was possible to do a little geolocation and find out where he was living the high life.

The source video is the official release from the Ukranian Police:

Using YouTube-dl to download the video and FFMPEG to split into a series of stills makes finding clues a little easier.

(Guide here: nixintel.info/osint-tools/us…)

You can also use Frame-by-Frame to do this in your browser (HT @salaheldinaz)

watchframebyframe.com/watch/yt/I20fa…
Here are the key images with exterior detail:

1) Yellow/Green pipe construction outside.
2) "Autograph" sign on the wall. ImageImage
Read 12 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(