So You Want to Do that OSINT Thing Part II
Kevin Kiptum won the Chicago Marathon in a time of 2:00:35
Kevin Kiptum is the greatest marathoner of all time
I heard Kevin Kiptum starts racing before the gun goes off[1]
You hear people talk about the smell test or sixth sense or “after so many searches, I just know.” The truth is, you don’t. You just get better at figuring out accuracy, authority, legitimacy.
When we last spoke, I tossed a lot at you without getting to my point. You want to be an OSINTer and want some actionable intelligence that will help you do it better. Instead, I gave theoretical. Looked at intelligence via the dictionary . Will we make it today? Will you be a better OSINTer after reading this?
Can I digress? In the weeks or so since I conceived my initial post and now this, ostensibly more useful one, the word OSINT has leaped from the pages of LinkedIn profiles to screens of CNN . And it is just that opportunity to weigh in on world events – that resonates with more than a few of you wannabe OSINTers. I got none of that. We are not going to analyze crater pics let alone geotag or review metadata. There is obviously a role for that kind of OSINT, and there is even application for things like satellite imagery in business research and forensic accounting. I will say that the ideas, the theories, presented below, apply whether you pull an article from the New York Times website or look up images on EarthCam. The world I understand, however, and the world I imagine most of you inhabit, relies on different tools, solves different problems.
If you want to be an OSINTer you cannot find data. You must look at data and find what it means. Let’s see if I can show you some examples of how to do that.
I, What is It Good For
As I went on last post, the “I”, really the “INT” in OSINT stands for intelligence. Open source intelligence: the how – open-sources; the what – intelligence. Intelligence has two distinct yet complementary meanings: analysis and secrets. OSINT is using open-sources to reveal something that perhaps was meant to be secret. More likely, it is just the process for making something, someone, an event, an incident, a person, a company, more clear. Mixing together data paint to create a picture. That process of getting clarity is analysis, and the better you can render that picture, the more your picture looks like an Estes rather than a Pollack, the better it becomes “intelligence.”
Accurate, Authoritative, Legitimate
Put another way, your intelligence is better when it is accurate, authoritative, and legitimate. Your picture is sharper, clearer, and more detailed when your sources are accurate, authoritative, and legitimate. Accurate and authoritative are understandable. Accurate covers facts, truth; authority covers credibility, trust. What does legitimate mean? Legitimate means the source itself asserts its right to provide information. Redfin and Zillow are legitimate sources for real estate information, regardless of the accuracy of their market estimates. We talked about D&B last week, and I firmly contended that Duns was, is, a legitimate source for business information. You arrive at intelligence when you decide your information is, or is not, accurate, authoritative, and legitimate. In background research, the primary difference between information and intelligence is whether the “name match” finding, is in fact the person being researched. That’s accurate, authoritative, and legitimate.
Take the three statements above. Our OSINT project is to assist a sports gambler bet on the forthcoming Boston Marathon. Our googling has produced these three data points in assessing whether we should put our money on Mr. Kiptum to win his next race. All three data points: his prior performance, his reputation, his integrity, matter. Double down?
Kevin Kiptum won the Chicago Marathon in a time of 2:00:35
This seems entirely accurate, authoritative, and legitimate. At least in the sense that those are provable, definitive facts. What can be questioned – where did the information come from? I happened to take it from the Chicago Marathon website. What if it came from a Chicago Tribune article the next day? What if the time came from a reporter on the scene who looked up as Kiptum broke the tape at the finish line. These factors influence how you asses accuracy, authority, legitimacy.
Kevin Kiptum is the greatest marathoner of all time
Is this accurate? It is accurate to say Kiptum has run the fastest marathon ever; that Kiptum is the only person to ever run a marathon in under two hours and one minute. Does that make him the greatest? Do these factors matter – the course, the conditions, the competition? Are these legitimate questions?
Who said it? “Greatest” is a loaded word. There are reasons why something can be great, but it is also a conclusion. Who made the conclusion? How much does he or she know about marathoning? When Roger Ebert says Casablanca is great, does that mean more to you than when your uncle told you it sucked?
I heard Kevin Kiptum starts racing before the gun goes off*
Big if true. Of course, Kiptum blew away the world record – he leaves early! [THIS HYPOTHETICAL IS FOR EXAMPLE PURPOSES ONLY!]: to dig down, get more than data, intelligence, our searches included social media. There we found Twitter, I mean X, user @harrierharry. @harrierharry has over 10,000 X followers. His followers include other runners but also the official accounts of international marathons. @harrierharry’s feed includes several pictures of him crossing finish lines of marathons. Two days after the Chicago Marathon ended, @harrierharry posted his allegation.
Which is this, accurate, authentic, or legitimate?
Now Make It Intelligence
I’m coming to the conclusion that it’s hard to teach OSINT in 1,000 words or less. I graduated law school, so I faced down the Socratic method. I believe that if you think about these questions, you will find the answers and be better suited to make it intelligence. On the other hand, what did I call it last week – gobbledygook. There is open-source material to help. Google “CRAP” or “CRAAP Test” and you will see a short but good infographic on evaluating sources. This page talks about understanding legitimate sources. The P in the CRAP Test, purpose, matters much. Understand the purpose behind a data source and you’re 90 percent towards transforming it to intelligence. You hear people talk about the smell test or sixth sense or “after so many searches, I just know.” The truth is, you don’t. You just get better at figuring out accuracy, authority, legitimacy.
[1] FOR EXAMPLE PURPOSES ONLY!!!!