Channelling Privacy

Elio Grieco


Channelling Privacy: Maintaining Privacy in the Age of OSINT


A talk originally prepared for the SouthWest Cyber Security Forum, October 3, 2022 meeting.

Slides available at:


We’re entering the golden age of OSINT as social technologies, remote sensing, and data engineering become pervasive.

Keeping your information private is getting harder.


Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.

—Edward Snowden

Nothing to Hide

Information Asymmetry

Information asymmetry is enables those with more information to manipulate those with less to great effect.

Looks can be Deceiving

Just because it doesn’t look intimidating doesn’t mean that it’s not incredibly dangerous.

Bolton Strid

Bolton Strid

What appears to be a small stream one could easily jump across hides unfathomable depths of around 65 meters.


The information you leak can and will be used against you.

—Elio Grieco

Everyone is a target

  1. Low value info in bulk is valuable
  2. Sometimes you are the secondary target
  3. Data enrichment and Attack chaining
  4. As attacks get easier/automated more people are targeted
  5. Data can become more valuable with time

Information is More Valuable in Bulk

  • No one is terribly interested in the info of a single person.
  • Selling access to large numbers of people is profitable.
  • Phone number and address lookup services.

Information is More Valuable Over Time

  • Historical DNS records
  • Housing info over time
  • Employment/credit history
  • If a person becomes famous, their old info suddenly becomes much more interesting.

Secondary Targets

Sometimes you aren’t the target, but merely a stepping stone on the way to the true target.

Data Enrichment

Multiple information sources can be combined to enrich data and give a more complete overall picture.

Open Source Intelligence (OSINT)

Intelligence that can be collected from publicly shared and available data.

OSINT Sources

Any publicly available data source

  • Social media: people frequently over-share
  • Public records: housing, taxes, DNS records
  • Publicly available corporate info and records
  • Data brokers (not OSINT proper)


OSINT Collections

Potential Information Leaks

  1. Hidden metadata
  2. Incomplete redaction
  3. Re-correlation (individual and at scale)
  4. Stylometry and Bayesian analysis
  5. Side Channels

1. Hidden Metadata

  • EXIF data in images
  • ID3 tags in audio
  • Printer dots on paper
  • Checksums and Error Correcting Codes
  • Digital watermarks
  • Pattern based file naming (digital cameras)

2. Incomplete Redaction

Did you actually remove the info?

  • Layered file formats
  • Hiding structured data
  • Drawing a box over text in a layered file format does not remove the data.
  • “Track Changes” in MS Word keeps old information around.
  • Other hidden fields and metadata.

3. Re-correlation of “anonymized data”

Data has a unique “shape” and can thus be fit back togeher like the pieces of a puzzle.

Only You, Your Doctor, and Many Others May Know

Imagery Analysis

Even with just the picture and no additional data, there are ways of matching landmarks in the picture to determine where it was taken.

Matching Landmarks

LinkedIn showed me this photo because they work with someone I know.

They mentioned the name of the mountain in the picture. Even without EXIF data I was able to find out their exact address.

Re-correlating a picture by matching landmarks

Automated Imagery Analysis

The Follower: Using ML/AI to match Instagram photos with open imagery.

4. Stylometry

The analysis of writing styles to determine authorship e.g. word frequency, adjacency, punctuation, misspellings, etc.

Side Channels & Remote Sensing

There are lots of ways to get data from systems without actually attacking the security of the system.

The Water Cooler

  • Shoulder surfing and eavesdropping are the oldest and easiest side channels
  • Most people are pretty careless when discussing important matters
  • Restaurants, break rooms, anywhere people gather can be troves of info

Technological Side Channels

Remote Sensing Technologies

Mobile Sensors: Drones and IoT

Even sensors that can only read info from nearby, can now be remotely accessed or moved into proximity via a drone.

How can this data be (ab)used?

With Information Comes Power

  • Information allows intentional action.
  • The more information available, the more successful the action can be.

Knowing Where to Find You

Knowing Your Weaknesses

AI Impersonation Attacks

How easy is it for some in Russia/China/India to pretend to be you, or pretend to be a client, and send very convincing fake instructions?

Deep Fakes

Lyre Bird