This is my research blog
In here you will find some examples of articles and reports I have published. You can also find more on my social media platforms where I regularly small findings and larger pieces of research.
Dear X, your staff passwords, numbers & confidential data is on Google – a report on searching and ethics
TL;DR Identification of privacy exposure of publicly available emails for password reset departments, universities, government departments and private communications. Issue is widespread. I have spent the past month notifying universities and non-government groups affected. I recently found a data leak through a Google search string which gave results of information that should probably not be public. The results included information in private emails such as password reset emails, login details, non-disclosure agreements, attachments and emails marked “confidential” from[...]
How I Scrape and Analyse Twitter Networks [Case Study]
This 'how-to' report is to assist those conducting research on information operations or performing a network analysis on Twitter. It may also be useful to those seeking to hunt bots, track automation, capture breaking events or learn how to scrape data. Because many have asked about this from varying pockets of the world, I have made sure all of the resources in this analysis are free. I have broken this research down into three sections. They are based[...]
Finding McAfee: Geolocation & Imagery Analysis [Case Study]
Identifying past, current, and possible future locations through the geolocation and chronolocation of media provided by a specific user. This case study is based on a challenge from well-known entrepreneur, John McAfee, to show how relative geolocation of two points on a chronological timeline can give a likely path and possible locations in between. To do this, two geographical points will be used, categorised by day, to geolocate a photo that was taken between those two points. This[...]
When in doubt, use image reverse search — the case of the crypto sockpuppet and the innocent TV presenter
Sock accounts are used by bitcoin scammers as a way to establish authenticity on social media platforms. A sockpuppet is an identity managed by a human operator, with the purpose to deceive a target audience. In this case, its purpose is to scam bitcoin investors by luring them into investment services. If you are at all familiar with digital influence, you may be aware of sockpuppets used en-masse to ‘push’ social agendas. For the purpose of this report,[...]
Tracing a dark web service on the blockchain [Case Study]
Cryptocurrency crimes and scams are inevitable, and there’s no place better than the dark web with the added anonymity. However, not only is it easy to identify the relationship between certain sites, but there are also a number of ‘digital fingerprints’ an onion site can leave behind. In this case study, we take a look at: How to identify the link between onion sites (the dark web)How to identify the relationship between two bitcoin addressesHow to trace addresses to a registered exchange[...]
Boko Haram’s systematic destruction and displacement of Nigerian communities — a Google Earth case study
Villages, towns and dense areas have been burnt, destroyed, and completely levelled in northern Nigeria as the country continues its fight against the Boko Haram insurgency. Using Google Earth’s history function, we can view how landscapes change over years, as well as study developments in infrastructure and refugee movement through conflict areas. For the northern region of Nigeria, the landscape tells a grim tale. In Nigeria’s Borno State, what was once a thriving and culturally rich area, is now a[...]