This week’s debrief is with Sector035, a versatile OSINT expert from the Netherlands. He specialises in many aspects of open source research, from geolocation and chronolocation to web infrastructure and digital OSINT.
He also curates the Week in OSINT newsletter where every week he distils interesting content from the people in the industry.
What is your motivation for making the OSINT community contributions the way you do?
Back in 2018 I noticed that a lot of information was shared on Twitter, where I spent, and still spend, a lot of my time. And even though it’s easy to search Twitter for interesting information, I noticed that a lot of nice tips and tricks were lost for a lot of people.
After I started following a lot of interesting people, I started collecting these tips, and started a Medium blog, sharing these snippets of information. From there it grew into a weekly newsletter, mostly because of all the positive feedback I received.
Recently the OSINT community was outraged after a story from Missouri, US emerged where a journalist pressed F12 to view HTML source code of a state department website and reported finding social security numbers exposed there. He was threatened with prosecution. What do you think about this?
I saw that story, and it’s actually ridiculous that the state department doesn’t have enough technical information on how things like this work. The source code of the web page is being sent to your browser, and rendered for our convenience.
But the fact is, the web server sent out all this information itself, without any trickery, hacking, script injections or anything else that might be deemed illegal. The information that was received was simply viewed, with a standard feature of a web browser, making the threat of prosecution a fruitless undertaking.