If you want to spontaneously commence open source intelligence gathering, you probably already have all the stuff you need.
Your smartphone, your old tablet or that ancient laptop that has been sitting in the press gathering dust – they will all probably be enough to start dabbling in online information acquisition.
The ad hoc attitude however is not advised, and for good reasons, ranging from your own digital privacy to security of your devices.
I recommend not carrying out any OSINT activities on your day to day computer or smartphone that you regularly use for accessing your own social media accounts, online shopping, emails, etc. A degree of separation between your private life and your online investigator activities is not only a sign of professionalism, but also protects you from unintentionally compromising your true identity and alerting your targets.
A dedicated OSINT machine
A tablet or a smartphone is OK, but a laptop or a PC will work infinitely better because they are so much more open to customisation.
It is perfectly fine to re-purpose your old laptop as a dedicated OSINT computer.
Before starting anything it is good practice to wipe the entire hard drive to ensure complete removal of any private user information.
The next step, especially when dealing with an older computer, is to replace the operating system. In this case there are many advantages to replacing Windows with Linux, such as availability of various distributions, ability to customise and the lower impact on hardware.
A better option in my opinion is to use a dedicated OSINT machine with virtualisation.
Virtualisation is a process of using real hardware to create a virtual version of another computer’s operating system. It allows a user to run simulated, multiple environments of virtual machines, which can access online resources or interact with other computers as if they were real hardware.
For this process however, you will need a more powerful PC, capable of running smoothly its own operations, along with the virtualisation software. I would recommend the following specs:
- a 16-core CPU
- 16GB of RAM
- a 500GB hard drive
The most accessible (and free!) virtualisation software is probably Oracle VM Virtual Box. Using this software you can theoretically run as many virtual machines as you like, obviously within the limitations of your host’s hardware.
An example of a virtual environment is shown below:
A live USB
Another option is to use a live USB in order to boot up an independent operating system using the hardware of another computer.
A user can carry their preferred operating system, applications, configuration, and personal files with them and use any machine with active USB ports to boot up the OS image from a live USB (sometimes also referred to as “disposable OS”).
The most popular live USB distribution, heavily focused on privacy and anonymity, is TAILS (The Amnesic Incognito Live System).
By default, TAILS does not leave any traces on any computer it uses to boot up. The only resources used by Tails is a computer’s RAM, which is automatically erased when the computer is shut down.
Additionally, any outgoing Internet connections are forced to go through TOR for enhanced online privacy. TOR is a broad subject that probably deserves its own separate mention. A very well written, comprehensive introduction to TOR can be found here.
That’s it for now. The next part of Osint Me setup will focus on the software and some online open source intel tools.