6 Things You Should Never Do With a Burner Phone

I get a lot of questions about burner phones. What kind to buy, how to buy, where to buy. The problem is, people go buy them and then use them improperly—completely defeating the purpose.

There is most definitely a right and a wrong way to use a burner phone. We’ll talk about 6 things that you should never, ever, under any circumstances do with your burner. In fact, if you have one and you have EVER done any of these things, you can assume that anything you talked about or did while it was in your possession is already known by your adversary.

1. Buy your burner phone anywhere you normally are.

This one doesn’t necessarily deal with usage, but it’s necessary to mention. If your idea of tradecraft is going to the Wal-Mart 5 miles from your house instead of the Target that’s 2 miles from your house, then please slap yourself for me. Don’t buy it near your work, your home, don’t buy it at the gas station you normally go to, the quickie mart where you get your smokes at 10pm, or anywhere else you ever go to. In fact, it’s also a good idea to not go in your own car. Don’t do anything you normally do, don’t stop anywhere you normally stop, and whatever you do, don’t take your regular phone with you. Have a cover story just in case. Always have a cover.

2. Put all your contacts in your burner.

It might seem like common sense, but you’d be surprised at how many people go out of their way to purchase one “correctly,” and then immediately put their new phone side by side with their old one so they can put all their contacts in it. Or even worse, they simply log into their cloud account and download their contacts backup. I should not have to explain how beyond moronic this is. Burner phones are not for chatting people up. They’re for coordination, passing short bursts of time-sensitive information, etc. In other words, you use them if you have to, and only to speak to another burner phone.

3. Install all your regular apps.

Pay very close attention to these words from Grugq:

Just 4 apps are enough to reidentify users 95% of the time. A complete list of installed apps is unique for 99%.

Your burner phone is not your personal phone. Say that out loud to yourself until you understand it. Your burner has one purpose, and one purpose only. Don’t install Wickr on it and sign in with your regular username. Don’t install Candy Crush on it because that’s how you kill time with your regular phone. Don’t install that one app you can’t do without. Your burner is not your personal phone.

Read the rest at Patrick Henry Society. When you’re done, take a look at the Groundrod Primer class coming up. You need it.

LastPass Unsafe: Easy Attack Gives Access to Anyone

Do you use LastPass? Might want to rethink that.

Unless, of course, you don’t mind someone getting all of your passwords.

Judging by how people are with their digital security, what are the odds that your LastPass master password is the same password as a whole bunch of your other stuff…?

 

SHTF Intelligence Course

Sam Culper of Forward Observer Magazine is teaching a SHTF Intelligence course in Spokane, WA in mid-March. If you haven’t taken this class yet, you need to–and if you’re one of the folks who have been asking us for an intelligence class in the Spokane area, we’ll simply point you in Sam’s direction for this one. He’s one of the best out there for this particular topic; he literally wrote the book on it. Here’s a taste of what you’ll be learning:

– threat identification
– threat analysis
– understanding the threat environment and you
– understanding the community security mission
– community security strategies
– the Intelligence Cycle
– how to gather intelligence information (specific for your locale)
– how to analyze incoming intelligence information
– how to set up a community intelligence section
– the fundamental tasks and responsibilities of the intelligence section
– Intelligence Preparation of the Battlefield & Community
– Area Assessments

There’s a lot more information on the FOMag website. If you want to know what’s really going on around you, if you truly want to understand the threats we face, and if you want to learn how to effectively deal with community intelligence then you need this course. Don’t wait until SHTF to care about this stuff—you need to understand SHTF Intelligence NOW.

As an added bonus, you can help out TOWR’s mission as well by attending! Sam has agreed to donate to TOWR for any students who we send to his course. So, go learn some critical skills AND let him know we sent you, so you can help us bring you more classes as well, such as the Groundrod Primer class in just a few weeks!

 

6 More of the Best Tools for OSINT Research

BLMThere are a ridiculous amount of tools out there for intelligence. Some are better than others, and if you’re just getting into OSINT research, the last thing you want to do is have to dig through all of them to find the best ones, or the ones that are easy enough for you to start using out of the box. That’s where we come in.

Here’s the TOWR Guide for 6 OSINT Research tools – a list and handy infographic you can come back and refer to over and over. Take a look at the tools below and see what you think!

SocialMention

SocialMention is a tool that does exactly what you’d think. It searches across all manner of social media for mentions of a specific search term. What makes it interesting is that it gives far more than just a list of results. Here’s a small snippet of a search for “blacklivesmatter.” Keep in mind these are partial results.

As you can see, SocialMention keeps track of everything from how often the term is mentioned to the context and feeling it’s mentioned in. This helps take a temperature, so to speak, of the social media culture on that particular topic. It also offers everything from who, specifically, is talking about it to where they’re talking. It’s a great way to get a quick pulse on a keyword or phrase.

AddictOMaticAddict

Along the same lines of SocialMention is AddictOMatic. This tool pulls information from a host of search engines and different sites on a topic and aggregates them all for you. Keeping our search on “blacklivesmatter” we see the following sources are available for search all at once.  It’s not foolproof, and it’ll miss some results, but in terms of a quick and dirty search it’ll get you started.

SocialSearcher

hashtagsAnother great social media tool is SocialSearcher. It’s more complete than AddictOMatic and offers results from a different set of sites. SocialSearcher’s real power, however, is in the time and keyword analysis features. It shows not only where people are talking about your search term, but when. In addition, it offers related search terms. We see here that when we search for “blacklivesmatter” we also get related terms listed such as “blackchristmas” and even “#Black lives matter,” so you can even catch the results from people who don’t understand hashtags. 😉 You’ll notice that some of the terms showing have nothing to do with our search term; this is also normal. It shows what the people who talk about “blacklivesmatter” also talk about.

CheckUserNames

checkCheckUserNames is a very powerful search engine. You plug in a username, and then watch as it searches across 250 different websites to see where that username has an account. If you’re ‘hunting’ someone, and they use the same username across several websites (many people do), then you can find all the places where they frequent.

Obviously this requires some work. In the example (which is a tiny snip from the results), I used the username “patriot1”. The chances of the same person being patriot1 across the internet are next to zero. If you have someone whose username is their first and last name, or something specific to them, your chances of doing a successful search go up significantly. Once you have the list, you can go to each site and glean whatever bits about themselves they’ve left in their various profiles. It’s tedious and time-consuming, but then again, a lot of OSINT research is. Good thing the results can be so worth it.

Carrot2

carrotCarrot2 is a visualization search engine. It offers search results collated into lists, foam trees, or circles (shown here).  The nice thing is that it includes links from places like PubMed, Put, and even image engines. If you’re doing an image search and want to be able to grab related topics without having to perform 50 different searches, this engine is very good. There’s also a desktop version.

One Million Tweet Map

tweetThe last tool we’ll look at today is the One Million Tweet Map. Twitter, being real-time, is a great place to find out what’s going on RIGHT NOW. This site lets you pop in a search term or hashtag, and then shows you where the tweets are coming from on that topic. Since it’s also real-time (you can change that to pull from a timeframe up to 6 hours) it lets you stay up to date on a specific event or trend. In our example, this shows the clusters of tweets using the #blacklivesmatter hashtag from only the last 2 minutes. This can give you an idea when things start trending, or if an event is starting to ramp up.

 

These are only six of the many tools available. We’ll add more in later guides. For now, try them out and perform your own searches. Use them to pull information about your own AO, or about your nearest metro area, or even about people you need to find out about.

Subscribe to TOWR in the box below to keep informed of new guides, tools, and resources for privacy, security and intelligence.

Download our infographic here!

6 Tools for OSINT Research - TOWR Guide

 

EchoSec: Easy Geofencing for OSINT

Geofencing, as a function within OSINT research, is the creation of a virtual “fenced” geographical area that allows for the collection of information within that area.

One of the most important skills a partisan needs to have is the ability to collect and analyze open source intelligence, or OSINT. In fact, the importance of knowing the who, what, where, when, and why of everything going on in your area of operations cannot be overstated. When it comes to the where part of the equation, geofencing is an invaluable tool.

What is Geofencing?

Geofencing, as a function within OSINT research, is the creation of a virtual “fenced” geographical area that allows for the collection of information within that area. Basically, you draw a shape around an area on a map, and then pull information from within that “fenced” area. OSIRA explains it thusly:

This fence line, now effectively a form of box, can now be used to search for specific objects inside the enclosed area, or identify when specific objects move into or out of the enclosed area. Other capabilities include being able to be set up the box as passive (observing something at a later date), monitored (seeing something has it happened), or automated (receiving a notice that something has happened). As examples, it can be used by security personnel to identify when an electronic device carried by a person enters a specific area; it can be used by marketeers to send a potential customer advertising when that customer is in close proximity to a specific retail outlet; or, it can be used during sports events to track the positions of tagged athletes in the competition area.

You can easily see the use for our purposes—especially if you’re involved in Intelligence Preparation of the Community like you should be (read Sam Culper’s book NOW, if you haven’t). There are tools for creating geofences and collecting information within them. For this article, we’ll focus on one specific free service available.

How Can I Get Started Geofencing?

With Echosec, you simply put a location into the map, draw the area you'd like to pull from, and boom...social media data starts rolling in.

 

Echosec is a geofencing service that allows you to choose an area around a point on a map, and search social media posts, images, and other data within that area. You simply put a location into the map, draw the area you’d like to pull from, and boom…social media data starts rolling in. Granted, you’ll get a lot of inane information that has nothing to do with what you’re searching. That’s part of the process—filtering out what you don’t need, and finding the nuggets that you do. Some of the things you can find in a search like this:

  • Posts from law enforcement and first responders about events in the area, upgrades to equipment, notable arrests and raids
  • Reports of gang activity, often posted by gang members themselves
  • Image intelligence
  • Changes to city ordinances, notices of meetings and political events
  • Information regarding infrastructure changes, additions, or problems
  • Information on illnesses spreading in the area (from people posting about being sick, oddly enough!)
  • You can even get a sense of spreading civil unrest, or general attitudes of various demographics within the area. If you live in an area where there’s recently been a police shooting, for instance, social media posts can give you an idea of how the populace is reacting.

There are a hundred other uses for tools like Echosec; just use your imagination. It’s easy to use, free, and a valuable tool in your arsenal of intelligence collection. (Note: The free version is, understandably, limited. If you choose to upgrade to the Pro version, you’ll have a far bigger field to research within but it’ll cost you $89 per month.) By the way…when you see how many photos of people’s kids, homes, and personal details are easily obtainable by anyone, you might rethink that next Facebook post about your little cherubs.

We’ll be going over this and other tools in an upcoming class. Stay tuned for details!

Have you used Echosec? Do you prefer another geofencing tool? Let us know in the comments!