OSINT Toolbox Talk: Investigating Reddit and Google user accounts and analysing YouTube comments

OSINT Tool Review

Masquerading your online activity with Chaff

Masquerading your online activity with Chaff Masquerading your online activity with Chaff https://chrome.google.com/webstore/detail/chaff/jgjhamliocfhehbocekgcddfjpgdjnje/related
Chaff: Masquerading your online activity

Link to tool: https://chrome.google.com/webstore/detail/chaff/jgjhamliocfhehbocekgcddfjpgdjnje/related

For the more Operational Security (OPSEC) aware Digital Investigators and OSINT Analysts, ‘Chaff’ is an effective Google Chrome-based extension that can add a layer of security through obscurity towards a digital investigation. Chaff’s is designed to make your network activity data less useful and deceive packet sniffers that may be monitoring your browsing behaviour. It does this by creating ‘fake’ network traffic within a single Google Chrome browser and redirect across various web pages. Essentially, this makes your internet browsing activity look less specific and disguise your activity amongst automatically-generated page visits.

Understandably, there may be concerns with regards to Chaff’s behaviour and the range of websites that it will redirect to. For added assurance, users can define the seed URLs for the extension to visit and also allow users to select one or more search engines that Chaff should use when searching for random phrases. The range of search engines includes Duck Duck Go, Google, Bing and Yahoo.

Additionally, users can direct Chaff to loop through bookmarks – this is relatively useful for Digital Investigators as they can build a range of seed URLs that appear more deceptively convincing rather than being completely random. Lastly, users can fine-tune the extension’s behaviour to match their browsing behaviour. The tuning capabilities that Chaff offers include:

  • Altering the browsing speed by applying a maximum time between clicks
  • Adjusting the length of search phrases which are based on existing phrases found from seed sources
  • Set the maximum page load timeout – the time that Chaff will wait for a page to load
  • Applying the site depth by specifying the maximum number of pages that Chaff will visit on a particular seed URL during a single session
  • Set the total depth of a single Chaff session

For what it is and the capabilities it provides, Chaff is quite an effective tool that Digital Investigators and OSINT Analysts may consider should they need to apply an additional layer of security to their investigations. Whilst it can be argued that any digital investigations environment should have been prepared to an extent that significantly minimises the threat from packet sniffing; it may be the case that investigations taking place in lesser-secure environments will benefit from the capabilities that Chaff provides.

Author

Joseph Jones is a former British military intelligence operator and former National Crime Agency intelligence officer with more than 16 years of intelligence-gathering and investigative experience

Joseph Jones | Founder of OS2INT and Director of Capability Development at Paliscope

Joseph Jones is a former British military intelligence operator and former National Crime Agency intelligence officer with more than 16 years of intelligence-gathering and investigative experience. He holds a BSc (Hons) Intelligence and Cyber Security from Staffordshire University and is also an external expert for the European Union Agency for Law Enforcement Training (CEPOL), the European Border and Coast Guard Agency (FRONTEX), the European Union Agency for Cybersecurity (ENISA) and Expertise France.

Let's talk today Are you ready to begin discussing our range of training and capability development solutions?

Contact Us
or Learn More