Concurrent with the small unit ISR (intelligence, surveillance & reconnaissance) influence operations tradecraft that’s been the focus of this Substack there’s been a parallel effort called Tool Time. These are in-depth posts on technology that mostly speak to those who are either “Linux curious” or already actual users. These are mostly videos about various aspects of what’s needed to move around safely while maintaining situational awareness.

They’ve never been promoted with emails nor do I mention them via LinkedIn. They just lurk in their own section and occasionally get mentioned in IIB posts. Since its the holidays and some of you are uncomfortable with free time, here’s a summary of what’s in Tool Time.

1. Starter Workstation for $200 - you can get a ten year old HP workstation that will utterly crush a $2,000 gaming system when it comes to virtualization.

2. Storage & Virtualization Using ZFS - there are a dozen file systems you could use with Linux, but ZFS is the armored workhorse you need.

3. Get Started With Hunchly - an introduction to an excellent web investigation recorder that only costs $103/year if you use the SAVE20% coupon.

4. Maltego Intro - 32 minutes of me talking about how to use the Maltego link analysis package, which I’ve been using as a paid customer since 2012.

5. Using Maltego On A Domain - an introduction to digging into domain infrastructure.

6. Using BuiltWith And Threat Intel On A Domain - BuiltWith is cool, Threat Intel low keys sucks compared to the predecessor product, RiskIQ.

7. Install Dropbox On Linux - New groups I encounter tend to have fallen into the Google Docs/Drive trap. This is OK for editing, but just terrible for multiplatform and/or multi-account file sharing. You use Dropbox just once, you’ll never go back.

8. Inoreader’s Very Best Feature - I’m mildly autistic and I absolutely can not stand gratuitous noise/motion in my environment. Inoreader respects my need for “sense defense”.

9. Adopt A Terminal Multiplexer - this one is just for those who will run remote servers at some point in their career.

10. New Burner Phone - a Google Voice number and a VPN stopped working as the launch point for a new persona several years ago. Get used to the idea you’re going to buy burner phones and use them in a specific fashion if you expect to move around safely.

11. Burner Phone, Beater Laptop - that ancient laptop in your closet, refreshed with a smooth Linux distro like Ubuntu Budgie, is the perfect companion for that new burner phone.

12. Cell Phone Hotspot &Tethering - this used to cost a fortune and generally it sucked. The market has changed and a lowly $30/month AT&T account does a good job for either hotspot or tethering.

13. Actual Maltego Link Analysis - you can do a LOT of useful stuff even with the free Maltego Community Edition.

14. Relay Your Signal Calls - the Signal communications app requires that you give up a phone number, but it will work with Google Voice. There was a minor panic over it leaking your IP address …

15. Operations Technical - IIB got put on the back burner because everybody decided to act badly all at once in the hard cyber realm, and I got dragged back into doing work I haven’t done much in this century.

16. OpenCVE, Vulnerable Box, Tethered Phones - I track vulnerabilities for stuff I use with OpenCVE, which got me digging into VirtualBox, and thinking about tethering phones as bridged interfaces.

17. Kali Linux Might Be For You - this distro is chock full of preinstalled security tools. It annoys the hell out of me every time I use it, but I’m an experienced Linux maintainer. If you’re new, it might be the training wheels distro you need to get started.

18. Life at 128kbps - I ran a burner dry doing OS updates on a virtual machine. If I’d simply taken the time to set up a proxy service on my desktop first I wouldn’t have this trouble. This is simple, pointed directions on what to do in this area.

19. Hunchly 2.4.2 Upgrade - the best web investigation recorder just got an update.

There are also two deeply technical posts in IIB that straddle the line between there and Tool Time.

1. The Shape Of Cyberspace - covers the natural divisions of the internet, which do not match the city/state/nation jurisdiction boundaries of the physical world we know.

2. Internet Underworld - there are overlays to the public internet that are meant to protect the privacy of those using the system. This post is something for an officer or NCO in a small ISR unit that has to support others as they try to move around safely.

There are a lot of “operations technical” tradecraft resources out there that I don’t feel the need to duplicate wholesale. The problem is that a lot of them are written by individuals with advanced apprentice to journeyman skills, and they are full of unspoken assumptions about the capabilities of those who might read them. When I write about this area I try really hard to recall the things that stumped me when I was getting started with the tool set in question and I put the suggestions in context. Taking in the whole of the field is a life’s work, but getting up to speed on the things I suggest only requires a little elbow grease from the willing.

Like the first month of IIB “boot camp” that preceded the fourth quarter exploration of The Online Operations Kill Chain, there are a couple other largely technical tracks that we could tackle in the first quarter of 2024. There are situational awareness duties that require more technology than I’ve mentioned here. That will entail having at least a small budget and I’m sensitive to the needs of those who do not. I have Wordpress CMS maintenance duties and I could see some value in a dual track building/defending vs. attributing web sites effort.

The rest of the year will be me finishing the last few phases of The Online Operations Kill Chain and tying up loose ends. Perhaps the sensible tracks for first quarter of next year could come from this set:

• TOOKC is a top level platform defender’s document and small ISR units have some parallel needs, but maybe we need a doctrine all our own. I’m a credential free nobody with a Ph.D. in this area from the school of hard knocks, so it’s not clear how to even promote it, let alone turning that into a monetizable career builder, which is something I have to think about to some degree.

• Supporting small groups that are bound to an organization that has them doing analytical work is tough if you want to make changes. Working with volunteers is an order of magnitude more difficult, because you’re constantly coaxing, hand holding, and the most you can do is suggest things, there’s no policy and enforcement thereof. Like the bifurcation of free social media presence & tools vs. first step buy yourself a burner & pay for subscriptions, maybe this area is about to professionalize in a manner similar to Estonia’s Küberkaitseliit.

And with that I recognize I’ve begun to digress AND ramble, so I’ll just excuse myself for the moment.