are you running your video out of here? Yeah, I've got I just haven't done it yet, but I was just gonna plug this into my computer. Oh, okay, does that work? No, that's fine.
Just want to make sure you connected Do you have any videos replaying nobody yeah
there we go. And we are recording audio using Yeah, yeah that sounds good cool
so how do we get
that was like I'm hoping people get there I'm just thinking I'm here
because
I Morning up Guys
I was here earlier a bit here yeah
you research
morning day you no
special
to see you Everybody see ya take care
talking about
interest
wasn't it
Hi I'm Mike Oh, that was sending these out, which is the terrorism Liaison Office. And so here is the PDF attachment in that email. This is just a list of local protests coming up and it includes things like taking any for change, no evali Police violent protests with social justice and peace and wellness Ron. So blue weeks is full of documents like this. And the book shows you exactly how you can go about finding them and understanding their context. There's also a section on using some open source investigation software called Alif, which is made by OCCRP In addition to social networks, and then the following messages were that's it, we're done, they will take away our last joys. That was right when the US and Europe started imposing economic sanctions against Russia. And Russia started censoring access to Twitter and Facebook. And then there was a bunch of rumors that Pornhub will block access to Russian users. But they never did. It was fake news. And here's some reporting that I did for the intercept, just on all of these KonTiki chat logs from immediately after the war in Ukraine started so the book teaches you how to take like incomprehensible looking data and make it possible for you to read it and understand it and then report on it like this. And I want to show just one more one final example before I get into the email dumps. So when the anti democracy activists stormed the Capitol on January 2, to try to keep Trump in power after he lost the election, they recorded the entire event on their phones and uploaded videos of it to social media in real time. Many of the uploaded videos people uploaded to a far right social network called parlor and a lot of those videos include GPS coordinates, so after the January 6 attack, Amazon AWS, which was hosting parlor, told parlor that it was kicking them off the service because it violated their terms of service and they refuse to moderate content that incited violence before they were kicked off. A hacktivist went and scraped 32 terabytes of videos, which was about a million videos from parlare and then worked with distributed denial of secrets to make sure that all these videos to get published. And I'm going to talk a little bit more about distributed denial of secrets in a minute. But this screenshot shows metadata from one of the videos and you can see it was filmed on January 6 2021. And it includes GPS coordinates that if you look them up that's in Washington, DC. And so using this metadata you can learn a lot about the videos uploaded directly. And here's an example of a script that you would write if you follow along with a book. It's a Python script. And basically it's it's pretty short and it just loops through the million videos, picking out videos that were filmed on January 6, that were in Washington DC, and then it saves it in a format that you can import into Google Earth so that you can In Trump's second impeachment inquiry. So there's a lot more examples like that throughout the book. The whole book is just scattered with stuff like this. But I'm going to cut it short because I want to make sure that there's enough time to actually start analyzing some email dumps. But before we start that I need to introduce Distributed Denial of secrets or DDoS secrets. It's a US nonprofit that was founded by Mr. Bast in 2018. It's sort of like WikiLeaks, but it's a collective run by Anti Fascist people who are mostly queer and it doesn't have anyone like Julian Assange involved. And I've been an advisor to them for a few years and I report on datasets that they publish all the time. My book heavily cites them, like most of the data sets that you download throughout it, you you download from them. The website is DDoS secrets.com. And they also have a newsletter DDoS secrets.substack.com, which is useful because they post an update whenever they publish new datasets, so it's a good way of knowing when there's a new week laptop right now if you could just watch. So let's get started. So here are the three email dumps that you'll be downloading. So Nibiru is a tiny island country in the Pacific with a population of about 10,000. But it hosts abuse written offshore detention centers that the Australian government uses to hold immigrants and asylum seekers. Now, this is. Here's the three data sets and here's all the instructions you need to keep going but yeah so doing it on a cloud server and This is from the like Russian Internet censorship office. And the reason why I picked out this one is because there's this file called DDoS secrets dot pdf and so
sorry, it's internet as being very slow for some reason
well, I'll go ahead and show you so I'm going to download the attachment but not actually upload it or not actually open it, I mean, so I'll download it. And then it's in my downloads. So I'll open it using danger zone. So, Danger Zone basically, you open a file with it. And yeah, you can say move the original document to an unsafe directory. So you remember not open that open the safe version after converting and if you want to, you can OCR it to see you have a text layer. And basically what this does is it's kind of the digital equivalent of taking a document and then inside of a little Gotta do this, but you can upload it to virustotal.com, which will scan it with a bunch of antivirus software, it's not guaranteed to find anything but there's a, if it doesn't find anything, there's a much higher chance that it's safe. And another thing you could do is actually upload it to Google Drive and then view it in your web browser and Google Drive, instead of opening it in like the preview app or Adobe Acrobat or whatever. But yeah this documents specifically is about. I don't know I don't speak for us.
SAP is there's a Thunderbird add on called Import Export tools Ng, which is a really useful Thunderbird add on so normally you would install it from so normally what you would do is you would click here and you would go to add ons and themes and you go to Extensions and then search for the essentially one Import Export tools ng but like a week and a half ago or two weeks ago or something there was just a new big version of Thunderbird released and the plugin this add on doesn't work for it yet. Like if you look at any version of Thunderbird there's the version basically, I've been emailing the developer of this add on and this is what you have to deal with with open source software. And in a few weeks it shall be available the new version should be up but for now it's not up so sorry the internet's very slow but for now. You to use it you need to use the beta version of it so if you want to install this now, you can get it from from here you go to github.com/thunder Nast slash Import Export tools Ng and then you click on this master branch and switch to the 14 point 0.0 Well
basically, you go to the V 14 point 0.0 branch and then there's the folder SPI beta and then the latest beta version. I actually already have it downloaded. So I'll just grab it from from there. It's just so I could show you how it works but when you have better internet you click the settings, install add on from file. And then I think yeah, I have a copy of it here. So here's the add on that that I downloaded and then add okay. And yeah, so yeah, so if you do manage to load this and you get to here, you can click this to download it. But or you can wait a few weeks and it'll just be in the add ons. Okay, so now that I have it, I have Import Export holes and then there's also when you right click on folders, there's this whole menu item here. So see what's next And then you can just start searching and this will you could search for unread starred. Yeah. So I'm going to search for Lionell Yeah, this guy So like once you import this, you can start playing around with it and reading and inserting it. But I'll go ahead and show you how to do the inbox email, which is the Oathkeepers. So we'll make a new folder for Oathkeepers. And then in here, import export tools ng just because this is a different format. And actually, I can show you what the Oathkeepers data looks like first. So the Oathkeepers data, you can ignore this EML folder. It's basically these two files were actually like chat logs that I haven't looked through and they're in JSON format and I need to spend some time figuring out how to look through them. But Oathkeepers dot SPD, this is the these are the Mbox files. So each one of these files is basically a different folder full of email. And if you wanted to, like look at it, and so all of the like GA is the GA chapter of the Oathkeepers. And so if you want to see what the Mbox file actually looks like
Right after Gen what's folder with
But yeah, so here's okay support. So this was the Oathkeepers support email. And we look at the dates. So I'm not sure why but these dates start after January 6, but a lot of these there's a lot of emails like this. But I found like several emails of people basically
Okay
let's see. The one that I had took a screenshot of in the book is
Yeah, that's fine. There were I found a handful of emails that are like this that basically like the, the Oathkeepers had sent out bulk emails like this to their mailing list and then there's harddrive change to the Heritage Foundation and then here's backup dot psd and then I could run read PST dash e
subdirectory Heritage Foundation personal folders and then here we go. And so in this case this was actually this employee worked in like the major giving part of Heritage Foundation, but this was their personal email account.
yes
But let me show you so this is gonna run Docker compose up. So this is starting, let me make this smaller. This is starting the LFS server running on my computer and I can show you some of the stuff that Allah has for finding connections. Like I mean really multigo is a really great tool, but I don't know every data set is going to be somewhat different and and I think that a lot of times what I do is I just sit there like looking at every folder trying to understand how it's organized, like looking at here let me actually just show you lf because it does have some cool features that help with us. So I actually canceled the imports that were like so Heritage Foundation finished all the way but Oathkeepers in our police force were like 70% done each and I cancelled them this morning. So it's not it's not complete. But if you click on this, you can see the years the emails are going. And so yeah, most of the time actually, what I do is I look at the most recent stuff first, and then also the oldest stuff and then I can see the date range. And so in this case, I looked at this for me, this email is between 2020 and 2022. But then you could also see like the most common email addresses listed and and other information and so like number two is Klenda Blake and who is this? If no idea but you can click on it and start reading some emails. But yeah, like I think that when you're actually doing this sort of stuff, it makes sense. There's a lot of different ways you got started but it makes sense to just like take notes to as you're doing it and then figure out like where you want to drill in next. Yeah. Anybody else have any questions?
I will go ahead and search for Stewart roads. So when I'm searching for Stewart roads, it's searching through all the datasets but it only found references and the Oathkeepers and only in 2021 but that's because that's the that's where the Oathkeepers data is from. And this is what it looks like to view emails and Alif.
Actually yeah, and Elif also lets you do stuff like it sees all of the people who are also mentioned in this email. So yeah, if I click this name, I can see the other places. Oh, I guess so. I'll have figured out that this is a person and this is their email address. And if you click on this person, this is an email that they've sent. There's things like that. But yeah, I guess I guess that's it, and we're out of time. So
Oh, yeah. And there's a coupon code for q&a, if you wanted to preorder it and feel free to like, look, look through the book. I've been working on it for like two years. I'm very excited about it.
You use all of these tools. I mean, they all seem somewhat liquid. As I mentioned, you're using them all. Yeah.
