Watch when Jack Rhysider of Darknet Diaries shares his amazement at what hackers will do “for a free burrito,” or the moment Rob Fuller, a red team and CTI director, says what we’re all thinking on security awareness training. From journalists to OSINT investigators to dark web experts, here are some of the best moments we shared with guests last season.
[music plays]
AUBREY BYRON
Welcome to Needlestack, the podcast for professional online research. I'm Aubrey, a producer on the show.
SHANNON RAGAN
And I'm Shannon Reagan, fellow producer. Producer on Needlestack.
AUBREY BYRON
And welcome to season two.
SHANNON RAGAN
We made it, guys.
AUBREY BYRON
We have a very exciting lineup of guests and topics for the new season. We're going to have Matt and Jeff back in the recording studio to walk you through some subjects like the deep, deep, dark web and all the aspects of amateur OSINT.
SHANNON RAGAN
But first, we wanted to take a look back at our first season, our inaugural season, our newborn season, and look at some of our favorite moments, moments that you might have missed even if you are a regular listener. Also, if this is your first time tuning into the show, welcome. We're happy to have you. And this is a good way to catch up on what type of topics we cover in our episodes and the fantastic guest roster that you can come to expect from Needlestack. So without further ado, this is the best of our inaugural season of Needle Stack.
AUBREY BYRON
So thinking back to all the great guests we had on the first season, what kind of moments stand out to you? Shannon?
SHANNON RAGAN
So many. What a charming year. I think obviously the biggest one that we were downright shocked to have on our show and that he was just so easy to work with and a delight to talk to was the host of Darknet Diaries, Jack Rhysider. Very interesting guy. Obviously, he is obsessed with the dark net and the stories that come out of it. His episode was some of those stories and a lot about his just process of kind of reaching out to people on the dark net, either that live there and breathe there, or the people that are using it as a resource, as some of our listeners might be. So, yeah, Jack was a fascinating guest. I think my favorite moment and most memorable moment from his episode was him telling a story of what people will do for a free burrito. So, yeah, I think we have the clip of that. And that's all the setup I'm going to do. I won't spoil the free burrito.
JACK RHYSIDER
I always think it's interesting that people go through a lot of steps just to get, like, a free burrito or free pizza, right? So there's all these accounts for sale and stuff. You can get a Netflix account. You can get a Chipotle account. You can get a Hilton Honors account and say, yeah, I'll buy that from you for a couple of bucks. And then that's tied to somebody's actual Chipotle account, right. So you pop it into your phone and now you can order burrito and get it sent to you or whatever. And yeah, I mean, this is always interesting to me just to see these little these little things that people are going for out there. But I mean, that can scale up, right? You can get that Hilton's Honors Account and try to get a free stay out of Hilton because you're using someone else's account to get into that room and stuff. But that's getting more risky now, and that's surprising me, too. You would actually go and stay in one thing, getting a burrito delivered to your neighbor's house and then going and standing there and waiting and say, yeah, thanks for bringing it.
JACK RHYSIDER
But it's another thing actually going to use fake, fraudulent hotel account and actually stay there the night. That's just causing something bad. Something bad is going to happen from that.
AUBREY BYRON
Yeah. So this is fascinating to me, too, because I think it's something I wouldn't have realized and relates to something that Jack says earlier in that episode, which is you'd be surprised how many hackers are just like, bored middle schoolers.
SHANNON RAGAN
Oh, yeah, for sure. Yeah. And that it goes it could actually be a gift to researchers of, like, all the other stupid things that they're willing to do on the Internet that people might this is talking about stolen credentials, but that sometimes even Criminal masterminds take the path of least resistance. They reuse user names. They reuse email addresses and other identifying details across different platforms. And so if you start to recognize those things, it can aid future investigations or kind of crack the case and give you better Pivot points.
AUBREY BYRON
And criminal activity aside, I'm always like, what is the over under on this? How much did you pay for the stolen account for an $8 burrito? That's working out?
SHANNON RAGAN
Actually, to be fair, I think it might be $8 for, like, $100 or something. It can't be related.
SHANNON RAGAN
Yeah.
SHANNON RAGAN
They're breaking even, at least on the burrito and especially on the hotel stay. I forgot that that was the crux of what people will do. And oh, my God.
SHANNON RAGAN
It would be.
SHANNON RAGAN
A sleepless night in a stolen hotel room. The authorities are on the other side of the door at all times. So, yeah, obviously Jack has just a ton of great stories. It was fun to chat with him, and you should obviously check out his show if you have not listened to Darknet Diaries already.
AUBREY BYRON
Absolutely.
SHANNON RAGAN
So that's mine. My first one of many. What was one of your memorable moments?
AUBREY BYRON
I think one of my favorite moments from last season is when Rob Fuller, who's a director of Red Teams and CTI, started talking about how much he hates security awareness training.
SHANNON RAGAN
Yes.
AUBREY BYRON
First, let's just go ahead and play that clip.
ROB FULLER
You were getting me very close to a soapbox. I don't know if you want to be on.
JEFF PHILLIPS
Step on up, Rob.
ROB FULLER
I don't believe in security awareness training. I think that it is not their job to be a security professional. They're a forklift driver. They're a finance person. They're an HR representative. I don't believe that users should know what a phishing email looks like. I think that we as security professionals need to do a better job at making it so that they can click whatever they want and it won't do anything. I agree. And my pet peeve, actually, I think it's okay to give them training. Here are some bad things that can happen. But what really rubs me the wrong way is when you try to instruct users to don't click a suspicious link. I've seen that probably thousands of times in my career. That guidance given out by SOCs and security professionals. Right. Tell your users, don't click a suspicious link. What the heck? Do they know what looks suspicious? If it was suspicious, they probably wouldn't click it anyway. So it's really unhelpful advice that many times professionals give folks. Agreed.
JEFF PHILLIPS
As the non practitioner here, I'll echo that, that it's not often super helpful.
ROB FULLER
To me to click. Yeah. It's also really bad to fault them for it, too. Like, oh, you click our test email or test phishing security awareness thing. Now you have to go through 4 hours of and you know what they're going to do with that, right? Like everyone on the planet, I think HR is the only people who actually go through their own training and maybe not even then, but everyone's going to cook next. US. As a red team at a previous company, we found that you could just do a slash certificate at the end for our corporate training and it would just finish the training for you.
MATT ASHBURN
That's great.
ROB FULLER
No one does corporate training the way that it's intended. So why do we expect the security awareness one to be different?
AUBREY BYRON
I love this moment because I think it's not every day that someone that's high up in security agrees with the users.
SHANNON RAGAN
Yes. Is this really benefiting us? Anyone? It's a good point to bring up. Obviously it's a good point to bring up. Rob was on as talking about building a good team and a good structure for researchers that look into threat intelligence, how to get them to do their best job, and just other things that Sox and threat intelligence teams get distracted by. I think there's a silver bullet of or there's this perception of the silver bullet. It's like if only the user could be perfect, which is never going to happen, which is why we have security training. That it's a good idea and the spirit of it is good, but oh my God, it just goes off the rails with minimal returns so many times.
AUBREY BYRON
Yeah. And his kind of whole argument is just have better security.
SHANNON RAGAN
That's true. Yeah. Don't leave it up to chance. Don't leave it up to decision and behavior. Just make it foolproof in any way that you can. I'm triggered on my next clip because I use the word silver bullet, which reminds me of the Brecht Castel episode. So Brecht is an investigative journalist, I believe, in Belgium and also an OSINT researcher. So he was on as part of our fact checking Sprint that talked to a lot of journalists and people countering disinformation and performing fact checks and using OSINT to do that. He was on to talk about the intersection of journalism and OSINT. And we always ask for tips and tricks. We asked for advice and words of wisdom and he was saying that essentially there is no silver bullet, there is no great tool all of the time other than the researchers persistence and creativity. And I thought that was just really great advice. Not to say that there aren't good tools out there, but you will need to use any number of them and any combination of them for whatever your task at hand is. You'll just need to keep digging. And if you get stuck, you need to get creative in how to unstick yourself.
SHANNON RAGAN
So let's, let Brecht say that.
MATT ASHBURN
What are some of the tips or techniques that you want to leave with the audience today?
BRECHT CASTEL
Well, mostly people are asking for specific new tools. Well, I'm going to disappoint you. I will not give you one of the latest tools. If you want to stay up to date, I would recommend the newsletter week in OSINT. I think it's a great weekly update of the newest kit on the block. For me, OSINT is all about creativity and persistence and creativity. I mean, combining a lot of sources, combining a lot of techniques, looking for new ways to, to find something. For example, now I'm fact checking a video of Chinese troops entering Ukraine. That's the claim they make. And we see Chinese vehicles. If I can prove that this video was recorded somewhere else in Russia, close to Vladivostok, that's good proof. If it's not possible, I can also look for another way to prove it. For example, if I find the number plates of these vehicles and I find other videos, and I can geolocate these videos so that's, for example, a creative way of thinking, how can I fact check this? Another thing is persistence. Sometimes people are like, how can you find this? It's impossible. Well, it took me a few days.
BRECHT CASTEL
It's hard work. Sometimes if I cannot sleep, I get up and I search a few hours and sometimes then I find the location of a video or a picture. So persistent and creativity are key, and you just learn it by doing it. Just start and you get better day by day. I think I'll be a better OSINT investigator in one year from now than I'm today, that's for sure.
AUBREY BYRON
I love this moment because I think that like in anything else and research, anybody who's trying to tell you an easy, quick solution, it's usually not going to work.
SHANNON RAGAN
Right? Yeah. There are no shortcuts in research, especially, I think one of the really fun, quite frankly, thing to talk about with all of these people performing fact checks and countering disinformation and misinformation is that so much of how something is presented the context around it is what gets manipulated or what gets co opted for the poster's benefit. A video or an image might be the video itself isn't doctored, but the context in which it's posted is now serving a different purpose from what it was originally captured for. So I thought that was really interesting to just kind of put on your creative hat, think about the mindset of why someone would post this, what are their motivations, kind of looking into the profile as much as the content itself and really just digging around and getting creative. Like all of the fact checkers on that sprint were of that spirit and just had lots of good tips, I think, for researchers, but also just as responsible, like citizens of the Internet. So I love talking to all of them.
AUBREY BYRON
Yeah, that was a great series.
SHANNON RAGAN
Before we move on, I also just wanted to say Brecht has some great Twitter game period, but also some great oath tips and really walks you through threads on Twitter of how he performed fact checks or different types of oath research in just like a really nice play by play fashion. So if you're looking for some how to, for instances, go check those out, he's just a great guy to follow. Yeah. So he's at Brecht Castel on Twitter. Check it out.
AUBREY BYRON
One of my other favorite guests this season, who I think I could just listen to, talk.
SHANNON RAGAN
Pleasing voice.
AUBREY BYRON
Well, what a fascinating person was the author and investigative journalist Eileen Ormsby, who joined us for our Dark Web series. And one of the best moments, I think, from her episode, the whole thing is great, was when she talked about why she just was pretty sure that she could call the bluff of a hitman.
SHANNON RAGAN
Yeah, reasonably confident. I would have to be. Absolutely. But she's a gutsy lady for sure and does some really fasting research on the Dark Web and very up close and personal research on the Dark Web with the actors there.
AUBREY BYRON
Yes, absolutely. And in this clip, she'll tell you why when you think about it, just a service for hitman doesn't really make sense.
SHANNON RAGAN
Critical thinking skills apply.
AUBREY BYRON
So here's that clip.
EILEEN ORMSBY
Well, other than the hitman wanting to kill me, but that was okay because what happened there was there's always been hitman sites on the Dark Web and I've always been 100% certain that they are fake. And there's a very basic reason for this. The only things that it's really viable to sell on the Dark Web are things that are easily transferable and things that have repeat custom. So hiring a hitman is not an easily transferable thing. It is a personal service. Someone has to go out and carry out the murder. And not only that, you're more likely than not only to want one hit, there's not many people that want hit after hit after hit, so it's not a repeat servicing. So once you've paid a hitman in cryptocurrency who you don't know. You don't know who this person is or where they are. What possible incentive do they have to carry out the hit? There is no incentive to do that. You're not going to come back and be a repeat customer like the drug buyers. And so I was 100% certain that they were all fake.
SHANNON RAGAN
What a woman. What a story. And I think Eileen has been interviewed in lots of articles. She's written a ton of books. I think in another article that she was saying that she actually was going to meet up with this person that is based Mafia. And they were like, yeah, no, I'm full of shit, basically.
AUBREY BYRON
She continued to discuss with him, like, why he was doing what he was doing
SHANNON RAGAN
Touch the investigative spirits. Like, we'll keep pressing, keep finding out more. It's great.
AUBREY BYRON
And oddly, in a way, these purported hitman committing fraud toward these people who want to kill their wives or whatever it is thereafter taking all their money is kind of, in a way, preventing them from doing it.
SHANNON RAGAN
It's an odd public service. It's an odd way to help your fellow woman kind. So I was listening recently to another episode with Michael James from Oscar Curious, and he was talking about this need on the dark web, especially on dark Web Marketplaces where people are actually buying things and giving up money. Nobody trusts anybody there. So you have to kind of tout the quality of your service, your customer service, that you'll have reviews, and it's just this bizarro, upside down yelp of the world. But again, that's all the more means that you can get information because these shops kind of have to be established. There's a lot more information around them if they are heavily used. So you don't want them to be heavily used, but there is more information for researchers to find out more.
AUBREY BYRON
So what else do you have on your list of clips from last year?
SHANNON RAGAN
On my list of faves needlestack favorites, friend of the show AJ Nash. AJ was also on as part of our SOC CTI series of episodes where we did like, just keep coming back to the people. Like, how do you make a conducive environment for researchers to do well? So a lot of it focused on how to build the right team, how to hire for roles, how to create the hierarchy of that team within the organization. AJ has a lot of thoughts on this and has written articles on kind of reorganizing the reporting strategy and executive alignment of all of this. It's very interesting and I think he has a lot of good reasoning behind it. So in this clip, I just wanted to play the gist of some of that. I think he breaks down really well from the individual level and then kind of getting into the team and process level of how to build a good intelligence organization. This is for threat intelligence, but I think just applies more broadly as well.
AJ NASH
I warn people or I caution people against trying to find unicorns. You might. I've worked with a couple I've worked with a couple of folks who can go all the way from the far end of the dark Web, all the way through malware analysis and the technical analysis and open source and all source and right finished products that can go to the executives. They are so few and far between, though more often than not, you're going to end up with a mix. We have organizations that are set up with, say, a collections organization versus an analysis and reporting organization. And then even with those, you may have subsets. Collections may have human intelligence versus tactical intelligence. Human intelligence probably goes in the deep and dark web, maybe directly integrates or directly associates themselves with adversaries using sock puppets. Not to be confused with Matt's issues with socks, but you've got that and then you got the technical collection, right, bringing in the IOCs and all the technical components, right? And then folks who can actually take those pieces and build the puzzle. Again, there are people who do both sides, but more often than not, you're heavy technical folks.
AJ NASH
They're not a huge fan of writing in pros. Most of them write bullets if they write anything. Most of them write code. But they'll write you some bullets, they'll throw it over and they'll hear you do something with it. On the other side, you'll have the people who build the puzzles. Listen, give enough pieces to the right person, they can build the puzzle, tell the story, put it in pros, make sense of it, draw conclusions, apply analytic tradecraft, and then have enough technical knowledge to go back and talk to the technical expert and say, hey, can you double check this? Make sure I capture everything correctly. Did I get the data flow? Do I understand what you gave me? So most organizations are successful, tend to work in that fashion where you don't try to have 20 people who can all do the same thing. You say, let's get the people who are specialized and focused on things they do best. To me, the things that matter most really are aptitude and attitude. You do have to be able to work well together. Brilliant jerks are absolutely useless to organizations.
SHANNON RAGAN
So, yeah, so he's saying, beware of the unicorn, beware of the brilliant jerk or genius jerk. I forget quite how he puts it. Brilliant jerk, yes. Jerk with a good memory, maybe. But yeah, no matter what you're doing, this is going to be done by humans that not everyone is going to have the absolutely perfect set of skills and how important in terms of intelligence that writing is. I think. In other parts of this episode he talks about how he uses former journalists, especially as the industry of journalism is freeing up a lot of people. Intel organizations might want to pick them up to write intelligence products because it's one thing to collect the information, but you actually have to convey it in a way that is meaningful and useful to the people that need to act on it. So being able to communicate well is just something that really stood out in his episode and has appeared in other spaces, especially the fact checking episode as well. Having both those technical and slightly softer skills of good communication is really key.
AUBREY BYRON
Yeah, I love this moment because, I mean, for one, when it comes to CTI, AJ Nash has had a ton of success both in government and private sector. So if you're going to listen to someone, he's a good one.
SHANNON RAGAN
Walk all the paths.
AUBREY BYRON
But also, I think this just applies generally to building a team, being a culture fit and being someone that works well and not trying to spread everyone thin over lots of different expertise that can apply to any industry really.
SHANNON RAGAN
Don't want to set yourself up for failure.
AUBREY BYRON
But speaking of journalists, another great moment from last season was when we had Nina Lamparski of AFP and talking about running the fact checking team in Africa. And we asked her kind of how traditional journalists and some of these amateur OSINT researchers interact, which is something I think fascinating to me in particular, because I came from journalism. And I was surprised by her response that it was more positive, actually, than I was expecting. And she was like, yeah, I appreciate these accounts.
SHANNON RAGAN
Yeah, I think there's like, at a surface level, it feels like shots fired or like that there's some toe stepping going on, but I think in reality it's much more collaborative than it seems. I remember when I was reading the We Are Bellingcat book, which is also one of our episodes and was my favorite moment because I read the whole book from season one. But Elliott Higgins was saying that, you know, it's really negligent of of journalists to ignore OSINT and the people doing this work and that specialize, it in it, and that you don't necessarily have to be good at both. You don't have to be a good journalist and in a good OSINT or there are people that are good at one or the other and they can work together and that's the reality of it. So I think all of the kind of oped comments on it seem a little more harsh than things really are on the ground.
AUBREY BYRON
Absolutely. So let's go ahead and play that clip.
MATT ASHBURN
And one of the major world topics right now, obviously, is the conflict in Ukraine. And we've seen a marked increase in the attention given to amateur sleuths and researchers out there on the Internet. Lots of really incredible information that we really haven't had that level of visibility before in a conflict like this. So it's pretty interesting to see. I'm wondering, as a journalist. What's your relationship or view of these amateur or independent researchers? Is there a place for them in your work, or is there a different view on that?
NINA LAMPARSKI
No, I think there's definitely a place for them. As you point out, I think a lot of amateur researchers, especially for the Ukraine conflict, for example, they are military hardware experts. They take an interest in it. Some of them are ex army. Others have an intelligence security intelligence background. I mean, I work with that in the same way that I work with any source. I never take just one source for granted. I would not run anything that unless it's an AFP correspondent. I think, generally speaking, we definitely look at more than two or three sources. But yeah, I guess the better ones end up having quite a good reputation. I certainly follow Oson experts online. We had a lot of Ukraine disinformation Africa. There's a very strong, in some countries, a very strong anti NATO sentiment. So they take a strong and then pro Putin sentiment as well. So we saw an astonishing amount of this information, and some of that definitely involve like, images of weaponry and so on. And so then you have to kind of go and look. You do look at what amateur researchers do, but as I said, I think it's just kind of you have to just follow your gut and make sure that we say don't trust anyone.
NINA LAMPARSKI
But if you have like two or three sources and they all kind of match up and you kind of can cross reference it with your own reporters on the ground, then there's a pretty good chance, and with other experts, like renowned experts, and there's a pretty good chance that it's true. So it's all part of a bigger ecosystem. I wouldn't just rely on one person, but I definitely think that it's great to have them for sure.
AUBREY BYRON
Yea, I like this too, because, I mean, she's a journalist. You have to fact check things. She specifically works in fact checking. So she's like, I'm not just going to take at Joe Schmont account without a grain of salt. But what I think it's helpful for is tips, especially when some of the more traditional accounts, or well regarded places like Bellingcat, they can't cover everything. So you might have a bandwidth issue where only this random center on Twitter has time to look into these images. But if you can back that up with either your own research or a few other sources, then it's a great place to get tips for journalists who are also sort of time strapped off.
SHANNON RAGAN
So much of the work is corroboration. We keep coming back to the theme over and over and over again with all of our guests that information is not intelligence. It's not just getting a bit of information. It's not just getting a lot of information. It's analyzing that in connection with each other. Do these things fit together? Does something stand out as the oddball? But it's not really that intelligence product until you can piece it together in a meaningful way.
AUBREY BYRON
Before we wrap up, do you have one more moment you want to highlight from last season?
SHANNON RAGAN
I have ten more. Aubrey no, I have one more. I can stick to one more. But it is kind of like I think these are two different moments in the episode, but I think they go nicely together. So with the magic of editing, I'll share. So this is from our episode with Michael James, who we came to through the OSINT Curious Project, which is a fabulous resource with a podcast of its own and a huge website of they have like, these ten minute tips videos. They have blogs and trainings and just lots and lots and lots of good information for anybody who is OSINT curious or who is OSINT bona fide and OSINT professional. Michael is obviously a super knowledgeable researcher, but he says that he even goes back to their ten minute tips from time to time just because you're not doing the same type of research every day. And so I think that also goes to the crux of his advice in this clip that I want to play, is that it's important to forget about silver bullets, forget about magic tools. Any tool could be right for the right mission. So keep the mission in mind, not the tool.
SHANNON RAGAN
Don't get distracted by the technology and remember your trade craft. So here's the clip from Michael.
MICHAEL JAMES
We really want to go through and open it up to more than just the traditional norms as well, right? Like, everyone knows Google, if you have a problem, you Google it, and that's fantastic. But a lot of stuff that you're leaving on the table by not checking Bing, by not checking Yandex, by not checking other geo specific search engines or social media search engines that are specific to a country or a region, there's a lot of in depth information you can get from that. And so we're there to go through and expand upon that and then also maybe knock down some of the other things that are just information gathering versus actual intelligence. The thing with open source intelligence is that you gather the information, which is a large part of it, but you actually have to go through and consider and consult that information to make sure that it's actually tangible and it's answering a question for whatever your stakeholder, your client or your mission set actually is. So it's very important to go through and lead with why is it important as opposed to what tool going to use, because that's not OSINT.
MATT ASHBURN
But yeah, absolutely. That's very true. And something I've said many times on this podcast in real life as well. Huge difference between information and intelligence or data and intelligence. Right. You have to apply that analytic rigor to get from information and. Data to a finished intel project.
AUBREY BYRON
And here's the second clip.
MATT ASHBURN
Can you give us an example or tell us a little bit about one of the more successful investigations that you've conducted?
MICHAEL JAMES
Sure, I think so. We have a lot of scrapers in regards to paste bin type sites and things like that or whatever where people are constantly advertising. One of the ones that we went to and we were launching investigations from for the National Childhood Protection Task Force was trafficking. There were a lot of ads out there for human trafficking and some of them are bogus and that's the reason why you look at them, right. You want to go through and vet for legitimacy in regards to other links you can go through and provide and make sure that if there is something to be found, that it's found and then disseminated to law enforcement or the appropriate legal organization. Right. So when we start scraping these kind of platforms and they start leaving identifying markers like WhatsApp numbers Proton accounts for email usernames, where they post on several different sites or even the different pay spins, we're able to go through and take that information and enumerate that in regards to anything you would do with classic OSINT trade work, right?
MICHAEL JAMES
So username analysis pivoting from social media sites to social media site backtracking in regards to historical views from the Way Back machine. The thing about Dark Web and Deep Web analysis is that it seems very abrupt and scary. But the thing that you have to understand this is with any technology, as long as your focus and your core tenants, as long as you know what your tradecraft is and you had to pivot from one piece of information into another, that's all you're really doing and the technology is just a means of delivery, right. So as long as you stick to your standard trade craft and you're able to go through and take a username and run it through what's my name app that Micah Hoffman developed a long time ago. If you take an email address and you're able to go through and put it through iPadOS tool and you're able to go through and find out other platforms that's been registered or the services that maybe they register for that stuff, that's all going to go through and get you that much further into defining what verified information you can get. In that case that we were talking about with the trafficking, we were able to go through and link it to a LinkedIn profile that was actually selling themselves as immigration services when it really was a human trafficking situation.
MICHAEL JAMES
And they were maliciously advertising to people to go through and get out of these war torn countries in bad situations and then literally enslaving them in regards to death that they didn't know they were doing all while having. This shiny front on LinkedIn to go through an advertise and get endorsements from people and really kind of make it a very bad situation for these people.
SHANNON RAGAN
So, yeah, there were a couple of instances in the show where Michael walks through the types of investigation and he does get into, these are the tools that I use for this one. This is how I was able to pivot off of different information, but that really not coming at it from a tool. First mindset, I think, is what he was really trying to get at. There was another clip from that show. I could have pulled ten clips from Michaels, to be fair, that he talks about after he's going through one of these case studies of his investigation, that there's all these different tools and different steps in the process. And then we uncovered this information which led us to this, that and the other that he mentions. It's not a smoking gun all the time, but the more that you can layer in these artifacts, the better. And that the more you start to specialize in a certain type of research, investigating certain types of adversaries or groups or for different industries or types of threats, et cetera, you as a researcher will gain historical knowledge and you'll become more efficient and more savvy in terms of, oh, I've seen that type of information before.
SHANNON RAGAN
Literally, I've seen that username before, and you'll be able to kind of move through your investigations better and at a faster pace.
AUBREY BYRON
Yeah, that whole episode was just like chalk full of great advice. He's such a knowledgeable guy, and was like, spouting off great information at this Gilmore Girls rate that had me scrambling to take notes.
SHANNON RAGAN
Oh, my God, yea
AUBREY BYRON
but I love in that first clip he gets into, it feels like everyone uses Google, but if you look at the statistics, even like 9% or whatever it is of being users of overall Internet users, if that's like four and a half billion, whatever the latest number is, that's not chump change. 9% of four and a half billion is a lot of people. And so I've taken classes on that just as far as like, SEO, but from a researcher perspective as well, you should not discount other search engines.
SHANNON RAGAN
Yeah, don't hate on Bing
AUBREY BYRON
or Yahoo.
AUBREY BYRON
I guess, but he also gets into a little bit of trafficking and researching those really hard subjects. Which actually leads me to our final clip from a great episode we did with Welton changing Chang, who founded an AI that tracks hate speech on alternative social media sites, and Welton talks about he's someone with he'll get into in this clip, but a military background. He's not adverse to hard subjects, but even so, it can really get to you. And so if we have anybody in the audience, especially investigating CCM, things like that, this is a great piece of advice from Welton.
WELTON CHANG
Self care You should be cognizant of your own mental state as you wade through some of this content, especially the more toxic stuff that's out there. And if any of your audience deals with things like child sexual abuse, material things that are happening on the Dark Web, it can be greatly affecting over time. And I'm a father of two. I've unfortunately had the experience of having gone overseas twice when I was in the army and at Dia, two tours in Iraq, and I consider myself to be a fairly mentally strong person. But even some of the content that we continue to observe, it can be affecting emotionally. So just having an understanding of where your own mental state is at is super important. And then I think whether or not I can sleep well at night, a big part of that is just for your audience to know that the techniques that they apply to some of their work can be turned back onto them. As we've gotten more popular as a company, and as we've gotten more public about our activities, we've seen threats come our way, and so we've taken countermeasures to eliminate our own data from places like data Brokerages and try to maintain a firewall between some of the company activities in our own personal lives, right.
AUBREY BYRON
Always great advice for investigators, especially if you're really heads down whether, again, whether that's CSAM or the war in Ukraine, if you're really flooded with terrible imagery and subject matter, always take a minute.
SHANNON RAGAN
Yeah. There are tools out there to kind of limit your exposure, especially to images, as you search. If you're just kind of looking at the context around them or you're sharing this information with people that are not prepared to see that type of content, you can basically, literally block it out rather than try to do so in your mind after the fact. I think Eileen said this, too. There are things that you can't unsee, especially on the Dark Web. Oh, my God. Take care of yourself and keep that in mind.
AUBREY BYRON
Yeah. The blur tool is an important one.
SHANNON RAGAN
Yeah.
AUBREY BYRON
And on that happy note yeah.
SHANNON RAGAN
Let's end on a positive note with mental trauma.
AUBREY BYRON
We could have picked 100 more great moments from season one. And you can catch up on all of those episodes on our website at. Authenticate. Commeadowstack. That's authentic with the number eight. Be sure to tune in next week. We'll be back discussing OSINT in all of its various forms.
SHANNON RAGAN
Here's to a great season two. Yay. Cheers.
