Where there are doers, there are watchers – OSINT


Within Propastop’s, picture game it is appropriate to take a look at seeking more general information from public sources and sharing tips for doing this sort of analysis.

US General Anthony Zinni has said that 80% of needed information comes from public sources rather than intelligence reports. He added that if you know what to look for, the intelligence from such sources would increase by 16% as well as intelligence methods were able to provide only 4% of the information needed.

Over the recent years and above all since the handling of Ukraine and Syria by Russia, the gathering of information from open sources has come to the attention of the public and conclusions made based on them or the rejection of Russian false examples.

The most significant and most noteworthy is the story of the Malaysian Airlines MH17 shooting down reporting story created by Elliot Higgins. The Bellingcat group of amateur analysts gathered around Higgins has been able to compile by finding and analyzing photos from public sources, details of the rocket’s trajectory route, origin as well as other details of the rocket associating it with Russia.

Higgins and his team have been able to provide irrefutable proof of Russia’s actions from public sources (social media, blogs, websites etc.) which can be re-verified by anyone.

Along with Bellingcat, the Atlantic Council’s Digital Research Laboratory DFRLab, led by Ben Nimmo and his colleagues is also at the forefront of attention. Propastop has also published translated articles from this group previously.

The group called OSINT an abbreviation for (open source intelligence) is having a winning run. Thanks to the activities of Higgins and his colleagues, it is becoming apparent to the public the amount of information available on the internet. What is a worthless photo to one can be important in proving an analysis to another.

By collecting, analyzing and drawing on the findings on the internet, both groups have turned around false claims on various warfare and military activities.

Everything starts with Bellincat’s and DFRLab’s examples of false claims for which the teams start collecting evidence. Here social media and people’s vanity are indispensable sources. Gradually photos, videos tweets and posts that have been placed on private accounts for purely entertainment purposes start to accumulate. For OSINT researchers however this material is pure gold. This is how they get results on an event. The location and time of the event are determined and from there only the issue for the information accusation is to get a clear indication of sequence, time and parties involved in the events.

Moreover, all of this only from public sources, accessible to everyone and voluntarily uploaded.

Of all of the Estonian OSINT, method uses most successful stories the best-known story is the one that also received the Bonnier prize, which was based on an analysis of public data highlighted the stealing of votes during the Reform Party’s internal election.

Bellingcat has started to compile a chart of all kinds of working tools and details to look out for.

Below is a brief overview of the categories included in the chart:

Maps, satellite imagery and „street view“ applications – are important tools with which you can locate a photo based on details in the photo. Solutions are available from satellite imagery to street picture photo banks.

Location – Based Searches – A wealth of services have been created that will allow you to find the location of where the photos were taken simply by searching

Photo, video and metadata – many tools for reading and analyzing metadata in photos and videos. If the photos have been uploaded directly from a mobile phone and GPS was turned on at the moment the picture was taken, this information will usually be written as a photo file and location recognition is child’s play.

Social Media Information Analysis Tools – Allows you to gather information in social media. Whether it is a name, phone number, email or the ability to download uploaded video.

Twitter analysis tools – Twitter, as an important information exchange environment that has even been used in warfare, deserves separate analytical tools. The tools allow you to analyze information on a location basis, as well as allowing building grid charts and more.

YouTube tools – are still the main environment for video distribution, whose various tools allow you to for example search for uploaded videos by location, analyze video history etc.

Means of Transport – Various tools that show the movements of aircraft, ships, trains and other means of transport and their history.

Time and place – a separate category where there are few tools but they are extremely effective assistants for the time of photos or videos, if it is not clear from the file when the photo was taken. For example, the tool called Suncalc allows for analysis of shadows and the location to determine where the photo was taken.

The remaining tools help to collect, analyze, process information for the simplest possible interpretation and presentation.

Below are some examples of analyzes that are worth considering concerning the acquisition of technology.

Israel Strikes Iranian Targets in Syria

Data and Defense: The Case of Strava

MH17 – The Open Source Investigation Three Years Later

Propastop’s blog has an ongoing picture game where the location of the vehicle in the photo must be identified. You can read the discussion on possible solutions from the blog’s Facebook account and on June 28, we will publish the editor’s thoughts on how to solve the task.


Graphics: an extract from the Bellingcat document. Photo: Mia M H/Flickr/CC