History of OSINT
17 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

When did the practice of OSINT start?

As early as World War

What was the main purpose of the Foreign Broadcast Information Service (FBIS) of US?

To monitor sources of publicly broadcasted news related to troops operations

What type of information did the FBIS primarily focus on?

Publicly broadcasted news related to troops operations

What is the significance of World War in the history of OSINT?

<p>It marks the beginning of the practice of OSINT</p> Signup and view all the answers

What is the main characteristic of the information monitored by the FBIS?

<p>It was publicly available</p> Signup and view all the answers

What is the first step to be taken when a device is found at a crime scene?

<p>Take a picture of the location of the device</p> Signup and view all the answers

What is the purpose of enabling Airplane mode on a device during evidence preservation?

<p>To disable Wi-Fi and Bluetooth settings</p> Signup and view all the answers

What is the purpose of removing the SIM card and memory card from a device?

<p>To prevent data transmission or deletion</p> Signup and view all the answers

What is the function of a Faraday Box in device preservation?

<p>It jams all signals received by the device</p> Signup and view all the answers

What is the purpose of taking pictures of all sides of the device and its defects?

<p>To document the device's physical condition and any defects</p> Signup and view all the answers

Why is it necessary to ask the owner for their lock screen password?

<p>To unlock the device and access its contents</p> Signup and view all the answers

What are the three main scopes in digital forensics?

<p>Identifying, Acquiring a copy, and Preserving</p> Signup and view all the answers

What is the Locard's exchange principle?

<p>The principle states that when a criminal comes into contact with a crime scene, they will always leave traces of their presence behind.</p> Signup and view all the answers

What is the purpose of a Search Warrant under the CPC 2010?

<p>To authorize the Police Officer (PO) to access, seize, and acquire digital devices and data related to a crime.</p> Signup and view all the answers

What is the role of Interpol in digital forensics?

<p>Interpol facilitates international cooperation in sharing crime-related information and issuing notices to member countries.</p> Signup and view all the answers

What is the significance of the Chain of Custody in digital forensics?

<p>It ensures the integrity and admissibility of digital evidence by documenting every step of the handling process.</p> Signup and view all the answers

What is the purpose of the Preparation phase in digital forensics?

<p>To curate a plan for handling digital evidence, listing necessary items to collect, and ensuring the integrity of the investigation.</p> Signup and view all the answers

Study Notes

Origins of OSINT

  • The practice of Open-Source Intelligence (OSINT) dates back to World War era
  • The Foreign Broadcast Information Service (FBIS) of the United States monitored publicly broadcasted news related to troops operations, marking an early instance of OSINT
  • The FBIS surveillance focused on sources of publicly available news broadcasts

Digital Forensics Process

  • Collection -> Examination -> Analysis -> Reporting: the 4 main stages of digital forensics
  • 3 main scopes:
    • Identifying
    • Acquiring a copy
    • Preserving

Rules of Evidence

  • Authentic: relevant to the crime
  • Admissible: preserved in a forensically sound manner, valid in court
  • Believable: examiner can explain clearly and concisely
  • Reliable: forensically sound methods and tools used
  • Complete: clear, complete, and reflects the entire incident in court

Locard's Exchange Principle

  • Always leaving traces of their doings at the crime scene
  • Locard: director of the first crime laboratory

Search and Seizure Warrants

  • PO & AP can: have access to computers used in arrestable offences, prevent others from gaining access, acquire a copy of the device, and prevent suspects from wiping data
  • Seizure Warrants: PO can seize/prohibit disposal of devices if used in an alleged crime, constitutes evidence of crime, or used during the crime
  • Antor Piller order: for civil cases, including disputes between companies, neighbours, breach of contracts, and mistreatment of employees

Interpol

  • If there is an international runaway or unidentified bodies, Singapore contacts Interpol to issue notices to other member countries to share crime-related information
  • Interpol Notices:
    • Red: arrest wanted person to be prosecuted or serve a sentence
    • Orange: suspects that may display serious threats and harm to the public
    • Purple: obtain information about a suspect's modus operandi, objects, devices
    • Black: information about unidentified bodies
    • Yellow: locate whereabouts of people, especially minors, or people who can't identify themselves
    • Blue: obtain additional information about suspects
    • Green: suspects that may display possible threats to public

Preparation

  • Curate a plan to ensure handling of digital evidence
  • List necessary items to collect:
    • Mobile Acquisition Software
    • Hardware equipment
    • Storage media
    • Documentation (Chain of custody)

Chain of Custody

  • People involved in handling
  • Date/Time of every handover
  • Physical condition of object

Identification

  • Surveying: determine electronic devices potentially used as evidence
  • 1st P: identify devices with running apps
  • 2nd P: identify devices that are on
  • 3rd P: delegate PO to question suspects, e.g. most used devices

Preservation

  • When device is on [CRIME SCENE]:
    • Take a picture of the location of the device
    • Ask owner for lockscreen password (alphanumeric, patterns)
    • Unlock device
    • Enable Airplane mode
    • Disable Wi-Fi and Bluetooth settings
    • Remove SIM card
    • Take pictures of running apps
    • Disable face recognition
    • Switch off device
    • Take pictures of the device (close-up on defects, at least 6 shots)
  • When device is off [CRIME SCENE]:
    • Take a picture of the location of the device
    • Remove battery [for older phones]
    • Remove memory card
    • Remove SIM card
    • Ask owner for lock screen password
    • Take pictures of all sides of the device

AT LAB

  • On mobile phone in Faraday Box:
    • Unlock mobile phone with given password
    • Enable Airplane mode
    • Disable Wi-Fi
    • Disable Bluetooth

Faraday Box

  • Jams all signals received by device
  • Easy release latch -> tight RF seal
  • Built-in conductive gloves for operating touch screens
  • USB outlet
  • AC power strip: 4 universal power outlets & 4 USB outlets
  • Dual-sided shielded filter with 2 USB ports, 1 AC port & 1 RJ45 ethernet port
  • Angled windows on top for viewing devices

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Description

Learn about the origins of Open-Source Intelligence (OSINT) and how it started during World War with the Foreign Broadcast Information Service (FBIS) monitoring publicly broadcasted news related to troop operations.

More Like This

Use Quizgecko on...
Browser
Open
Browser
Browser