Gordon Farrer

I've put together a beginner's intro to the Open Source Intel field for my #FCnV journalism students. In the #OSINT community spirit of sharing, I offer it to everyone to use and share. Feedback/suggested additions welcome. Hope it's useful. docs.google.com/document/d/1wn… Sources follow

@yesitsmyaccount Faramir and his men captured Gollum when he followed Frodo and Sam to Ithilien and lurked by the Forbidden Pool eating their fish. But they didn’t “hunt” him. Who hunted for him?

Why would you hunt for Gollum? He’s so fucking ugly and annoying. And he’s almost fully nude

@epieos @navlys__ @chesscom In Epstein’s real mugshot there’s no height scale behind him.

♟️ What’s wrong with this @chesscom account linked to #JeffreyEpstein’s email address? The #Epstein case is a unique one in the world of investigations. Since the files were released, the entire world has been conducting its own inquiry, rushing headlong into false evidence, AI-generated content, trolls… 🔎 So we decided to search Jeffrey Epstein’s public #Gmail address (jeevacation@gmail.com) into the commercial version of @epieos. Our teams found dozens and dozens of social media accounts and website registrations connected to this address, along with numerous details and exclusive information. ⚠️ BUT this is exactly the kind of #investigation, with an overwhelming amount of data, where the role of the #OSINT analyst becomes crucial. We noticed that his email address was used on several sites around the world AFTER HIS DEATH. This type of result, without the experience of an analyst, can lead to many distortions and conspiracy theories that could slow the case down and lead to the wrong conclusions. So, have you figured out what’s wrong with his @chesscom account?

@Marie17cf Is there verified evidence of complicity/action behind this alleged connection or is this just speculation? Piling up egs of “suspicious” “coincidences” and “questions” about what “really” happened — without authentic proof of involvement — is how conspiracy thinking works.

Did this man just link an account from the Epstein Files to Charlie Kirk death? 🚨🚨🚨🚨🚨 Charlie Kirk's Audit would have broke open the Delaware shell company. The same shell company used to pay Epstein for "business" . Why is this important? Its the same account that purchased Egyptian planes, security team (replaced 48 hours before Kirk's death) were funded from when Charlie Kirk was assassinated. 2 of the BIG 6 from the Epstein Files were the masterminds of all the security planning the day Kirk died. ITS ALL CONNECTED

@SpeakWithDeeDee I don’t doubt the more recent link you cite, but tracing a “plan” back to 1896 feels a lot like the kind of “evidence” that underpins so many antisemitic conspiracy theories. It’s the sort of thing A1ex J0nes does.

@grok @PacosWave @SpeakWithDeeDee This painting is in the files?

@PacosWave @SpeakWithDeeDee This artwork is a painting by Maria Farmer, an Epstein survivor, from redacted file EFTA01652467 in the released Epstein documents. It depicts a figure resembling Jes Staley with JP Morgan elements, tied to the 2010 "Snow White" emails.

Classic moments in Australian journalism #73: instagram.com/reel/DLtmfoZu-…

@Mishi_2210 63

What's the answer..?? 99.9% will fail

The Pika OSINT Toolbox I already wrote about it a few months ago, but since then a lot of new stuff has been added to the list, and it now has not only a repository but also a website pikaosint.pages.dev #osint #socmint #geoint

Off topic: Any other #adhd folk have a habit of buying lottery tickets but never checking to see if they’ve won anything? I’ve done that for years. For all I know I’m a millionaire many times over while living on the income of a low-level academic. 🙄🤷🏻

@DanLinnaeus Russ!a, too. Also Ir@n. And we can see how effective it has been.

Peoples Liberation Army scholars explain China's whole-of-society cognitive warfare doctrine: "Effectiveness Mechanisms and Strategic Selection in Cognitive Domain Operations” (Yuanlai & Xi, 2022) A complete English translation of a 2022 article from the PLA's Ideological and Theoretical Front journal was recently released on X by @a_logical_man. It is authored by two scholars from the National Defense University's Political Academy, Yu Yuanlai and Chen Xi, and funded by China's National Social Science Fund under a military science project on cognitive domain operations (CDO) in media spaces. The piece titled "Effectiveness Mechanisms and Strategic Selection in Cognitive Domain Operations” positions CDO as a sophisticated evolution of psychological warfare, drawing heavily from Kahneman’s theories, Tversky’s heuristics and biases, and research and information‑theoretic concepts (overload/entropy), not to build resilience, but to weaponize cognitive vulnerabilities. It emphasizes non-kinetic strategies like meme propagation, algorithmic manipulation, and echo chambers to disrupt enemy decision-making, foster cognitive biases, and achieve strategic dominance without direct combat. This piece exemplifies China's doctrinal shift amid broader military reforms post-2015 under the Central Military Commission and Xi Jinping’s call for “informatized” and “intelligentized” warfighting capabilities. The PLA now integrates AI, big data, and social sciences into hybrid operations evolving from broader PLA concepts like China’s 2003 "three warfares" doctrine (public opinion, psychological, and legal), adopting human cognition itself as a battlespace akin to physical, information, and cyber domains. The authors situate China’s approaches within the context of Western doctrines, such as U.S. multi-domain operations (MDO) and NATO's cognitive warfare frameworks, but with a distinctly offensive, bias-exploiting focus rooted in Sun Tzu's "subduing the enemy without fighting." Two features of the source are especially valuable analytically and warrant foregrounding: the five‑step sequence figure that operationalizes how attention capture, framing, and algorithmic curation lead to echo‑chamber‑driven bias amplification and reinforcement (Chinese original, Figure 2, p. 6), and the “chemical reaction” model triad that maps content/tech/interaction to reagent/fuel/catalyst roles (Chinese original, Figure 3, p. 8). Both improve traceability from doctrine to practice and support measurement concepts for target‑audience effects and battle damage assessment in the cognitive domain. Conceptual Evolution and Theoretical Foundations Yuanlai and Xi trace CDO from U.S. origins in network-centric warfare (2001 DoD report) to a global "hot research area," distinguishing it from traditional psychological operations (PsyOps) by its emphasis on inducing cognitive biases rather than mere persuasion. Biases like confirmation bias, affect heuristics, clustering illusions, and labeling effects are weaponized to create "cognitive cocoons" and echo chambers, reducing rational thinking under emotional pressure. Critically, the authors position this as a paradigm shift in irregular and hybrid warfare, where cognitive dominance precedes kinetic action. In great power competition CDO lowers escalation thresholds by enabling "gray zone" operations—subtle manipulations that erode adversary cohesion without triggering conventional responses. Implications This underscores both the need for, and the challenges involved in, integrating behavioral sciences into doctrinal multidomain joint targeting cycles, inclusive of whole-of-society battle damage assessments. On the one hand, to counter such broad, state-scale, non-linear threats, Western security responses need to effectively find, fix, finish, exploit, analyze, and disseminate (F3EAD counter-network exploitation) Chinese influence operations. On the other, the asymmetries in capabilities and enabling legal environments are starkly favorable to China. Effectiveness Mechanisms and Implementation The core logic of Cognitive Domain Operations (CDO) is what the authors describe as “reverse cognitive science”—the deliberate exploitation of mental shortcuts (heuristics) to induce cognitive biases, using information as the primary weapon. This approach closely parallels what Western analysts refer to as “reflexive control”—the manipulation of an adversary’s perception and decision-making processes. To explain this mechanism, the article introduces a five-step process modeled on a chemical reaction analogy, emphasizing the reactive and interactive nature of CDO design. The formula for the reaction is driven by a triad of operational elements: information content as reactants, technology as fuel and user interaction as catalysts. Within this reactive framework, the five steps of implementation are: 1.Attract Attention 2.Imply Reference (framing) 3.Induce Reactions (via echo chambers) 4.Timely Intervention (data manipulation) 5.Supervise Satisfaction (reinforcement through interaction) The sought after end effects: cognitive distortion (reaction) and behavioral shift (outcome). The authors deliberately adopt this chemical metaphor to highlight the PLA’s view of CDO as a reactive, systemically engineered process—one in which each component interacts predictably to produce targeted cognitive and behavioral outcomes. Their modeling is depicted in Figure 2 (steps) and Figure 3 (reagent/accelerant/catalyst), Chinese original. Implications This "chemical reaction model" highlights vulnerabilities in open societies, where information overload amplifies biases while societal political will drives civilian decision makers in security and foreign policy formulation. From a realist IR lens, it enables state actors to destabilize rivals internally, as in Clausewitz's emphasis on breaking enemy will. It dovetails Soviet disinformation doctrine and Russian adaptations as seen in Ukraine, but scales via AI and Chinese state resources. Democracies are forced to prioritize cognitive resilience—at minimum through media literacy and algorithmic transparency, more maximally through offensive counter network operations and legislative actions—to mitigate "information aggression," as RAND terms it. Strategic Selections and Tools Strategies include meme control for viral stereotypes, frame setting for consensus-building, image manipulation for cognitive cocoons, customized attacks via big data profiling, soft infiltration (cultural/emotional resonance), and technological empowerment (AI, deepfakes, algorithms). The authors cite U.S. tactics highlighting anti-China narratives and discuss historical cases like WWII cultural conquests. Implication Hybrid warfare models like the Gerasimov Doctrine blend soft and hard power to achieve "victory without fighting." In Sino-U.S. rivalry, this informs PLA tactics like South China Sea info ops or Taiwan Strait gray-zone activities, using platforms like Weibo or TikTok analogs for global reach. Analytically, it reveals a deterrence gap: kinetic superiority may be undermined by broad-scale cognitive erosion. Security strategies should integrate "cognitive MDO," per U.S. Army doctrine, with alliances like AUKUS focusing on joint info-defense and tech standards to counter PLA's AI-driven advantages. Broader Geopolitical and Ethical Dimensions The piece warns of escalating cognitive arms races, with future battles over "intelligent power/dominance" amid disinformation virality and platform dominance. It critiques Western biases on fronts such as "democracy vs. authoritarianism" while advocating PLA adaptations to intelligent communication. In sum, this PLA article illuminates cognitive warfare as a force multiplier in modern security dynamics, prioritizing mind over matter. It calls for proactive countermeasures in liberal states, emphasizing interdisciplinary approaches (IR, psychology, tech) to safeguard against manipulation in an era of intelligentized conflict and whole-of-society targeing doctrine. Implications CDO reshapes identities and norms, with the aim of fragmenting alliances (NATO cohesion via echo chambers). Ethically, it blurs civilian-military lines, raising IHL concerns over "neurohacking" or deepfakes. Within the context of multipolar agendas, this could fuel proxy conflicts, where cognitive ops amplify polarization. Thus, policymakers must invest in "cognitive security" architectures. It is unclear from an open source vantage point to what extent such programs are being pursued. What is visible is that even as Europe has seen a resurgence of disinformation task forces, the U.S. has long dismantled its global narrative shaping capabilities post-Iron Curtain and suffered what appear to be a series of false starts. With the decommissioning of the USIA in 1999, and now the dismantling of the U.S. Global Engagement Center, its successor, the Counter Foreign Information Manipulation and Interference mission, and crucially, the Foreign Malign Influence Center special mission under ODNI, institutional shifts in U.S. counter-disinformation architectures reinforce the urgency of acknowledging a diminished resilience baseline. The Global Engagement Center (GEC) ceased operations on December 23, 2024, when its congressional authorization lapsed. The Department of State confirmed that it was closed and its functions were to be subsumed into other public diplomacy elements. On April 16, 2025, Secretary of State Marco Rubio announced the full disbandment of the successor office—Counter Foreign Information Manipulation and Interference (R/FIMI, formerly rebranded from GEC)—accusing it of censorship and cost overruns. Parallel to that, the Office of the Director of National Intelligence (ODNI) has moved to dismantle the Foreign Malign Influence Center (FMIC). On August 20, 2025, DNI Tulsi Gabbard announced that FMIC’s core analytic and coordination functions would be absorbed into other IC elements, effectively ending its independent status. This follows congressional direction in the FY 2026 Intelligence Authorization Act mandating termination or transfer of FMIC’s mission within approximately 455 days. These whole-of-government response frameworks are critical for preserving strategic stability, yet, these developments underscore a paradox: the adversary’s doctrine is evolving rapidly even as core U.S. institutional counter-disinformation capacity appears to be scaling back, increasing the vulnerability of open societies to cognitive domain intrusion. However, overreach is easy here: currently, the SECURE Act provides the most encouraging sign of an offensive U.S. response to these emerging threat vectors. While it reflects an aggressive Cold War era counter network posture, it appears to leave whole-of-society defense measures largely unaddressed. What is not altogether clear is the extent to which counter measures are already operational... Analytic Payoffs & Counter Measures The PLA’s doctrinal publications clarifiy an opportunity for U.S. security planners seeking to develop grounded response frameworks to China’s influence operations. Moving from their conceptual abstractions into a policy-tested, operational design framework for a CDO counter-metric model, requires alignment with U.S. base-level security and defense doctrine. Attention as a measurable variable An explict takeaway for countermeasure design involves treating “attention” as a quantifiable domain variable and operationalizing it through telemetry and social-media analytics that already exist both in platform specific and in DoD and DHS programs: velocity of topic emergence, sustained dwell-time per cognitive object, and cross-domain contagion rate (shares per unique user). At the government level these are measurable, reportable indicators under a standard joint intelligence preparation (JIPOE) process. This converts “attention capture” from a theoretical concern to a measurable effect akin to ISR signal intensity. “Timely intervention” as an observable event signature. Rather than index trending-list spikes in the abstract, the PLA's own methodological disclosures prompt counter tracking of discrete cross-platform synchronization events—the milliseconds-to-minutes latency between initial stimulus (meme drop, narrative injection, and so forth) and secondary amplification (retweet bursts, comment floods). These can be modeled as decision-cycle interference points comparable to OODA compression. The empirical output can be molded into a “decision-loop distortion index,” useful for BDA-style (battle damage assessment) review of cognitive operations. Content/tech/interaction triad as an actionable matrix. The “reagent/fuel/catalyst” analogy translates operationally into a three-column targeting and mitigation schema. Content: target the information layer (fact-checking, inoculation campaigns). Technology: target the delivery mechanism (algorithmic throttling, friction insertion, demotion of adversarial clusters). Interaction: target the social feedback loop (bot disruption, identity validation, conversational counter-injection). Each column produces indicators of effect that can be empirically monitored—for instance, engagement reciprocity ratios, echo-chamber closure rates, and entropy reduction metrics—forming a basis for a “whole-of-society BDA”. Closing This is merely a proof of concept treatment, aimed at stimulating a line of inquiry. A policy-ready version of such schematic response approaches needs to bridge the PLA model’s theoretical rigor with the U.S. doctrine’s requirement for measurable effects, verifiable feedback, and lawful counter-operations. It must define how to measure, instrument, and respond in real-world cognitive battlespace management and it must prove targeting effectiveness. Functionally equivalent methods already exist and are operational across platforms, but they are heterogeneous in capability, purpose, legal footing, and effect measurement. Corporations and quasi-state information eco-systems now are the laboratories for live cognitive-domain operations—whether in content moderation, narrative enforcement, or machine-learning-driven attention management. X Safety's October 7 announcement underscores what may be a hybridized approach already operationalizing such response frameworks (x.com/Safety/status/…). In July 2025, xAI, the AI company founded by Elon Musk, secured a significant contract with the U.S. Department of Defense (DoD) through its Chief Digital and Artificial Intelligence Office (CDAO). This deal, valued at up to $200 million, positions xAI alongside major competitors like OpenAI, Anthropic, and Google in providing advanced AI capabilities for national security purposes. The contract is part of a broader DoD initiative to accelerate the adoption of "frontier AI" technologies, focusing on agentic AI workflows—systems that can autonomously perform tasks across various mission areas, such as predictive analytics, operational simulations, and threat detection. —— Full paper English translation: x.com/a_logical_man/… Corrections 1. The second author’s given name is 茜, commonly romanized “Xi,” but appears as Chen Qian in the supplied translation. 2. “Cognitive domain intellectual property.” The Chinese text says “未来争夺认知域智权的较量将更为激烈,” which refers to contestation over cognitive/intelligent “rights” or dominance, not “intellectual property.” “智权” (zhìquán) literally means “intelligent power,” “intelligent authority,” or “intelligent dominance”. This is conflated in the translation with the unrelated legal term “知识产权” (intellectual property).

Bluesky tip To get a higher quality version of an image posted on #bluesky: Right-click image > open in new tab. In the URL: 1. Replace "feed_thumbnail" w "feed_fullsize" 2. Replace "@jpeg" w "@png" Voila. #OSINT #OSINTtips #imagesearch #RIS #geolocation #blueskytips

That was a lot of work. Out now: Guide to Detecting Al-Generated Content. Guess what, it's free thanks to @gijn : gijn.org/resource/guide…

@schachin @adamscochran The reflection matches fine.

@adamscochran The people on the stairs don't match unless there's a different set of stairs that mirror can reflect

1/13 More proof of a Trump health cover-up: -Trump leaves WH again this morning, mouth agape. -Not allowed to speak with reporters. Then it gets weirder... Like full-on AI gaslighting kinda weird...!

@MtarfaL @sentdefender If many people are falling for/sharing misinformation it’s the duty of the rest of us to point it out to them. That can take time but this is a really easy one. When no one challenges misinformation it stands as true. Truth is as important as ever; defend it to the end!

Doesn’t matter, the fact it’s going around with more people retweeting and commenting tells you an awful lot. It tells you that the truth isn’t as important as we would want it to be, the optics should have been foreseen by those going over en-mass and that the battle isn’t just in Ukraine. Soon some MSM titles will pick it up, Trump will giggle and so will Putin. This is the power of social media. A simple strap line “waiting outside the headmaster’s office” etc. will go with it - damage done.

This image is going around claiming to show European leaders waiting to meet with President Trump at the White House, except it doesn’t and has very clearly been made by AI.

@bayer_julia Mieze Katz (singing Buntes Konfetti), probably followed by Björn Dixgård (they seem to have been the only two on the bill that night).

Welcome to @quiztime and it’s #MondayQuiz 🎤 That evening I saw two different singers. 1. Who is singing in the video? 2. Who came on stage after her? 📮reply just to me with an answer 🤝 reply to all for collaboration 🌈have fun

@cyb_detective @DarknessGate Using Whoxy to find subdomains + other (different) domains an owner has registered is also v useful. So are its search by name and search by email options. I can spend hours using these functions & exploring what I find. 👍🏻👍🏻👍🏻 to Whoxy

@cyb_detective @DarknessGate I’ve found Whoxy esp useful. Site owners now usually hide their ID behind a co. registrant. If the domain has been around for a while, use Whoxy hist’l search to find the first regsnt. Many times I’ve found name/contact details for the site bc ppl were less careful then. more/

Unmasking website ownership using OSINT Guide by @DarknessGate: - Investigating website history - How to perform WHOIS lookup - Hosting company - Reverse IP search - Reverse Google analytics ID - Website source code - Inspect associated email addresses authentic8.com/blog/unmasking…

MUST-WATCH Great segment re “AI slop” permeating every nook of internet (Last Week Tonight, 23/6) Clips: youtube.com/shorts/wtqAxN6… youtube.com/shorts/V6dNsmp… This crap has annoyed me for yonks. Used to reply “Don’t post AI crap” whenever I saw it Now I reply #noaislop Hoping it trends

No replies to this tweet. Was the question too difficult? ;})

The slides were not public. Does Google spy on the private use of its tools? Is this an automated or human-driven process? Thoughts, please. #censorship #googlecensorship

This week Google removed access to the slides. We now get the following msg: “We’re sorry. You can’t access this item because it is in violation of our Terms of Service.” No warning, no explanation. Why? What is the violation? Also, how? /more

@Google just censored an assessment in my fact checking course in which students are asked to investigate flyers containing links to dubious claims about 5G, vaccines, climate, fluoride etc (see screen shots) The content is/was presented in a #googleslides doc /more