09 March 2007

OSINT: If Intelligence were a baseball game...

What is Open Source Intelligence (OSINT)? Why is it important to your security and safety? How can you really understand how it is the same or different than other types of intelligence? Let's use this clever baseball analogy from Robert Steele:

If Intelligence were a baseball game....

IMINT takes a pciture every day or so, trying to discern whose winning from sporadic snap-shots at different times of day, different angles of look.

SIGINT trys to bug the dug-out and discern how the game is going from comments by the players

HUMINT tries to recruit the batter, find out where he thinks he is going to hit the ball, and send a spy out to catch it if it ends up there.

MASINT tries to smell the player's armpits and the arc of the ball from leather secretly treated beforehand.

OSINT gives everyone in the audience a baseball glove, and counts the ball out if anyone in the stands catches the ball.

What's the point? OSINT is not a substitute for spies, satellites, or secrecy. It simply takes all the low-hanging fruit off the table so the secret sources and methods can focus. Put simply, OSINT changes the rules of the game--eliminates all the "home runs" by the enemy that need not occur if we harness the distributed intelligence of the audience--and allows the secret sources and methods to focus more carefully on what's left inside the playing field.

So what? Open source intelligence is available to everyone at the touch of a button, Google and others. Intelligent bots troll the net in search of its target. Looking for the answer to the algorithim created to answer the question posed by it's designer. When it finds what it is looking for it brings it home to the clandestine machine with Petabytes of RAID.

The people behind the question look for a pattern. The question or hypothesis is there to accomplish an important task. To find some relevance in a vast sea of zeros and ones beyond the human brains capability to grasp. No one person owns it and has the ability to keep it secret, forever. Somehow, someone will put this information into the open. Then it becomes OSINT.

The race isn't about keeping information safe from being stolen or revealed to others. It's about something else:

Jeff Jonas, the chief scientist and distinguished engineer at IBM’s entity analytic solutions group, has developed a means of sharing corporate data without revealing what that data contains.

This technology, called anonymization, effectively "shreds" information, making it possible for companies to share information about their customers with governments or other companies without giving away any personal data. Over time, Jonas believes companies will increasingly use anonymization to defend their data, and corporate well-being, from competitors and identity thieves.

This story to be continued.

No comments:

Post a Comment