Sunday 24 April 2016

Orcadian OSGEOINT Exercises

In late 2011 and early 2012, I found myself stuck in a back office in an unnamed Middle Eastern country, bored out of my skull due to a dearth of assignments, but nonetheless required to put in long days at a desk. I ended up spending some of that time acquainting myself with websites pertaining to Orkney. Based on some of those discoveries, I decided to try to combine satellite imagery with available ground photography to identify the location of the Howar Farm on North Ronaldsay. I used one descriptive line...
"Walk along North Ronaldsay's prettiest beach, Nouster Bay, to Howar farm[.] From the Pier or the Bird Observatory it's 30 minutes brisk walk along the sandy bay. Longer if you dawdle to enjoy it."
... and two photos (the headers to this page and this page) as my guides. Below is a montage combining those two images with two aerial images.


The inset, zoomed out image shows the vantage points of the two ground images using white and grey chevrons, the grey chevron being replicated on the lower image. Aside from that, the colored arrows correlate the various elements of each photo for comparison. Here are a few things to note:

  • Note the two skylights in the barn denoted by the green arrows, and the difference in height between the differently colored roofs of that building.
  • Note the skylight/vent in both images denoted by the grey arrow.
  • Note the point at which the out building denoted by the beige arrows narrows.
  • Note the greenhouse, which appears transparent from above, denoted by the purple arrows.

    I went through a similar process to identify The Ruah at the Green Farm on Eday, but they've since updated their website, so I can't take you through that process as well. All that said, it's been really great practice in open source imagery analysis.
  • Tuesday 19 April 2016

    Operation Cassandra

    A couple of years ago, I blogged about Operation Irene, my effort to turn an old laptop into an "open source geospatial intelligence platform". This post is sort of like that... Sort of.

    Let's review.

    I worked a variety of jobs between 2006 and 2012, and really wanted to get into some sort of foreign policy analysis gig, but couldn't seem to break through. Between 2010 and 2012, I saved a ton of money (assisted in large part by a contracting gig in the Persian Gulf) and then spent fifteen months getting my master's degree in Scotland, where I graduated with distinction with an MSc in Strategic Studies (of the International Relations variety). (That's Scottish for "at the top of my class".) Despite this, and some other sweet credentials, it took me ten months of job applications and five interviews, tops, to get hired into basically the same job I was doing in 2010. I relocated to my current digs with the intent of eventually transferring or getting hired into something more commensurate with my background.

    Fast forward nearly two years, and that plan has yet to pan out. I haven't gotten to the point of giving up on ever doing something related to strategy, but it appears that the foreseeable future shall be spent in information technology. So, in 2016, I need to shore those skills up so that I can poise myself to either get promoted here, or else generate opportunities to leave. Truth be told, if I'm going to be locked into IT work, I don't really feel the need to shackle myself to this particular locale. I need to open up some maneuvering room.

    So, what to do? Well, the magic bullet seems to be the Certified Information Systems Security Professional certification from (ISC)². I think it may require a couple of other certifications to get me up to the point of being ready to test for it - the CAP and the repeatedly aforementioned PSP, to name but two. I've decided that I need to create some opportunities for hands on experiences on my own home network in order to force some of the more complex concepts to make more sense.

    And thus, operation Cassandra, which is like Operation Irene ratcheted up to eleven.

    I'm still making final tweaks to the overall plan, but I have it divided into five phases. In Phase 1, I'll be getting my existing equipment sorted. That means basic maintenance on my existing (more-or-less) twin laptops, and tightening up the settings on my home networking gear. Phase 2 will involve organizing my information, to include determining and then loading a "Hitchhiker's Guide" load on my original Kindle Fire. Phase 3 will focus on getting a bit smarter about home network engineering.

    The initial phases get me ready for the heavy lifting in Phases 4 and 5. Phase 4 will involve setting up a home enterprise network composed of a set of four or five Raspberry Pi 3 boards configured as servers, and accompanying peripherals. I'm tentatively planning to figure out how to build a web server, a file server, a firewall and intrusion detection system, a GIS server, and potentially something involving shortwave radio. Phase 5 will involve using that home network, and particularly that GIS server, to learn QGIS. In addition to all of the hands-on training, I'd like to accompany the whole thing with the requisite documentation involved in the National Institute of Standars and Technology's Risk Management Framework, which is the federally mandated (and industry standard) framework for establishing, authorizing, and maintaining secure information systems. When all's said and done, I'll include the documentation, via the web and file servers.

    If I can pull it all off, I'll have hopefully picked up some actual skills to accompany my existing theoretical understanding of some of these technologies; produced some functional work samples; and made some progress toward some of my personal and professional goals. It'll also get me started in the GIS field, in which I may pursue some formal certifications in the next couple of years.

    I have a lot of work ahead of me. I'll try to chronicle each phase for the blog as I'm able.