J

Jason Wilson

an independent journalist in north america

Three improvements I made to my professional practice this year, Part 1

2020 wasn't great! I personally haven't had anything close to the worst of it. I'm healthy(ish), nourished, and sheltered from the elements. What's more, I was fortunate enough to get enough work, enough resources, and enough support to keep walking the crooked path of freelance journalism.

Indeed, the circumstances of this year gave me the space and time to significantly change my own methods of work, or develop some skills I was already working on. I believe those changes were for the better. I have talked (ad nauseum, perhaps) to those I know well about some of these changes, but I have not explained them systematically to anyone, not even to myself.

You can think about this post as my 2020 version of the "best of" lists that so many of my fellow freelancers posted this year, just as I have done in the past. Thefre are three parts (they all require a little explanation). I am going with this one first because I contains story plugs, and thus hews to the freelancer's December ritual.

I hope that spelling them out might be useful to others, even if it is an example of what not to do. Holler at me on Twitter or email me on jason@jasonwilson.media if you want to talk more about it all.

1. Open Source Intelligence

Do you remember in 2019 when a bunch of journalists got laid off, and 4chan whipped up0 a trolling campaign telling journalists to "learn to code"? People really should be careful what they wish for.

This year I really worked hard on improving my chops and my methodological rigour when it comes ot the use of opewn source intelligence techniqyues. I think the stories I have linked to at the end show how these techniques can be helpful.

The concept of Open Source Intelligence comes from the world of national security, where it is necessary to distinguish certain kinds of information gathering from more covert means. In practice, it often involves scouring the Internet for information that persons or organizations of interest have left lying around, intentionally or otherwise.

The concept, and the discipline, has been expanded and adapted by practitioners in law enforcement and cybersecurity. In the latter case, in particular, it has given rise to an ecology of software tools and techniques, many of which are free and open source, for getting information of all kinds from social media, websites, images and video, the so-called "deep web" (which should be distinguished from another source, the "dark web"), and more.

With some simple command line tools, I can download the entire history of a Twitter account, the contents of an instagram feed, or an email address's history of being caught up in data breaches. There are frameworks and even entire operating systems devoted to or optimised for OSINT. (To get nerdy: I use a lot of tools from the BlackArch repository on my Arch-based Manjaro Linux OS)

Using some of these tools does involve getting under the hood of your computer somewhat - certainly more than you are generally expected to in most J School courses. . One upside of not being able to leave the house is that I have had long stretches of uninterrupted time in the home office to do just that.

For some, OSINT is more of a hobby than a job. Amateur practitioners have made their own contribution by being much more open and collaborative in sharing tips and techniques on a range of blogs, podcasts and more. OSINT has now become somewhat more than a cottage industry: alongside the free stuff there are expensive tools and packages, and it is also now possible to be a certified OSINT investigator.

There are many OSINT "influencers", some of whom like Michael Bazzell, offer training and very interesting how-to books.

Increasingly, activists also use these techniques very skilfully, including in identifying extremists in their communities.

Given all of this, it is amazing to me that this discipline - at least as a set of tools and techniques assembled into a consistent methodology - has not made more inroads into journalism! It's true that specialist outlets like Bellingcat have offered an example that some media outlets have made moves to follow. And I am aware of many colleagues who make excellent use of these techniques in their reporting, even if they don't call it open source intelligence.

OSINT techniques can be employed at minimal cost, are often spectacularly effective, already have well established methods and tools, and are eminently teachable. Although some schools (Stanford is one) do teach some of this under various guisies, it ought to be more thoroughly incorporated into the tradecraft of investigative journalism, starting at the level of journalism education.

So for my boast-list I picked out five stories that I wrote or co-wrote that used tools and techniques derived from the OSINT world to carry out open source investigations:

1. Revealed: the true identity of the leader of an American neo-Nazi terror group

Guardian US

I used OSINT all along in this story that identified Rinaldo Nazzaro as the founder of The Base. But one crucial reporting sequence would have been impossible without OSINT. A reverse image search on Yandex using public photos of "Norman Spear" yielded a Russian ad for English lessons with a photo that looked like the same guy. I ran a phone number from that ad through a tool that accesses data from third-party caller ID services. In Cyrillic characters, it yielded two names, one of which, "Ron", matched the name I already had from public records reporting for The Base's leader: Rinaldo or "Ron" Nazzaro. It also prompted me to use the other name - his wife's - plus a cyrillic transliteration of Nazzaro in a Yandex search. This in turn yielded a third-party archive of Nazzaro's wife's since-deleted page on Russian social media site, VKontakte. That page contained photos from family holidays, domestic life, and even photos of the pair's wedding. At that point, I had multiple, reinforcing forms of confirmation of his identity.

2. The Boogaloo Movement Is Not What You Think

Bellingcat With Robert Evans

This was a kind of companion piece to another investigation Robert and I did together which revealed the links between a then-prominent anti-lockdown protest group, American Revolution 2.0, and various far right figures, including their web designer, who was the then-proprietor of mymilitia.com, and the web designer and administrator for a neo-Nazi record label's site. That initial story established the relationship between Chad Embrey and a wide range of sites by analysing documents from mymilitia.com that I obtained by using asite:mymilitia.com filetype:pdf search string on Google, selecting for the maximum number of results per page, and quickly downloading the results with the 'downthemall' browser extension. Embrey's ownership and management of a range of sites was established by analyzing DNS and whois information.

In this expanded sequel, there were few flashy tricks. We did use various 4chan archives and pushshift.io for historical Reddit searches, but really this was mostly about a long-term, thorough exploration of the emergence of the boogaloo subculture online. It may be the most-cited piece I have been involved in writing.

3. The Base: Exporting Accelerationist Terror

SPLC Hatewatch

Sometimes it is tempting to think of open source investigation as being composed of tricky stuff: extraordinary feats of geolocation, or the use of an obscure tool to find the key email address, IP address, or phone number. But it is also important to properly process and manage the resources we have. I will offer details on this at some other time, but this story was possible because I was able to turn some leaked screenshots into searchable PDFs with OCR, cross reference them with voice-to-text transcriptions, and further compare them with other leaked social media materials. All of this involved getting familiar with some command line tools and applying them consistently to a well maintained repository of materials.

4. Coronavirus-driven CO2 shortage threatens US food and water supply, officials say

Guardian US

Fellow freelancers will recall that there was a time in Q2 in which only Coronavirus-related stories were saleable, and I wrote my share. This one is a favorite because it came from the most basic, and in many ways most effective form of open source investigation, one that I call "aggressive googling", and most refer to as "Google dorks". Every week, I spend some time putting in some long search strings to see what comes up. As I recall, this one was something like:

filetype:"xls | xlsx | doc | docx | ppt | pptx | pdf" inurl:"gov | org" "coronavirus | covid-19" "sitrep | situation report"

Or some iteration thereon.

I then time-limited the results to the previous week or month using Google's Tools button. Multiple copies of a report showed up which offered many details, including the effects of a supply squeeze on CO2. The rest of the reporting process simply sought expert, industry and government comment on the issue at hand.

Revealed: Trump-linked consultant tied to Facebook pages warning election will cause civil war

Guardian US

This story started with a tip, though the tipster thought that they were passing on something else altogether. No spectacular tricks - indeed it is a good example of a method starting to get bedded down as standard operating procedure. I can still pull up screenshots and mhtml files from Facebook pages and websites associated with the Pozzarros, who ran a formidable fake news network until Facebook acted on their pages following this story. I always document everything in this way! I was able to confirm some elements by looking at the DNS records of their website, and I find and preserve historical DNS records for every domain that a story might intersect with. I used Crowdtangle to assess the impact and reach of the Porrazzos sites, and I think traffic and reach is one measure of newsworthiness.

I think it reflects the mindset that I had fully taken on by the end of the Trump era: social media is not some adjunct to politics, political organizing, and radicalization: it is the main arena for these activities, especially on the right.

How to help journalists (and yourself) by preserving online materials

As I write, I'm preparing for a large, contentious pair of rallies in Portland, Oregon.

I'll be on the ground, some of you will be watching it online. You may see something that you wish to preserve, and pass on to journalists. But online materials have a habit of disappearing, especially if they contain incriminating or discrediting content.

Here's a tip sheet on how to preserve online materials with tools and very brief comments, in a way that helps us report on these events.

The first thing to say tis that these are tools for desktop/laptop users. Mobile is tricker, and not ideal for preserving content beyond simple screenshot (further discussion of those below). If all you can preserve is a mobile screenshot, it sure is better than nothing! But we would need to find other ways of authenticating that information. (Not because we suspect you, in particular, are fibbing, but because screenshots are easily faked, and this is the way journalism has to work).

Second thing to say is you should prioritize staying safe online: use a high quality VPN, use encrypted email, use an encrypted note-taking app like Standard Notes, use 2 factor authentication, use a password manager, use encrypted cloud storage, encrypt your hard drive.

To save time, follow the recommendations and go through the checklist at Think Privacy.

If you preserve something make notes - record the date and time, any relevant URLs, who produced the content, and how you found it.

For video, the best thing to use is the free, open source tool, youtube-dl, which will allow you to download videos from YouTube, Facebook, and tons of other sites. It's a command line tool but as this tutorial shows, it's very easy to use, and very powerful.

For convenience on Twitter, there is a browser extension called Twitter media downloader for Chrome (and other Chromium based browsers) ands Firefox.

Another browser extension called downthemall will download all of the files on a web page, including images and PDFs - you can specify which files to download.

We get a lot of screenshots, which is great. But screenshots will generally need further verification, because they're easily faked. A tool like FireShot will capture additional context ((time, date, url) that a cropped screenshot done with your systems native tool (print screen or shift+alt+4) will not.

Even better than screenshots are archives, whose underlying technology means that they would pretty much stand up in court. We'll still need to try to confirm anything you give us in other ways, but archiving content with dedicated services creates a record that is extremely compelling.

There's a one-click browser extension, The Archiver, that will immediately save what you're looking at to the two major archiving services - archive.is and the Wayback Machine.

Archives are the gold standard of proof for us. Just remember a few things:

  • Wayback will not preserve stuff from Twitter or Facebook - archive.is will.
  • They can show a video was published on YouTube (itself important) but you should also download the video itself, which may not be playable on an archive site
  • Remember to copy and record the URLs of the archived pages from the archive site, so you can find the material later.

Feel free to reach out to me, or another journalist, but try to remember that a big rally day is very busy, and we may not respond immediately. If what your seeing is an emergency or a danger to human safety or human life, contact law enforcement first.

If you've already got a reasonable safety setup, it shouldn't take more than several minutes to get set up.

Take good care out there.

Writing and reading

Today I have a news feature out in The Guardian, which describes the changing dynamics in Portland's protests. Far right protesters, and right-on-left political violence, have once again emerged on the city's streets.

Interesting, inspiring, or troubling things I read this week (in no particular order):

Welcome

Welcome to my new website.

Incredibly, despite a quarter century online, this is the first time I have had my own website functioning on my own domain.

The reasons for that aren't as important as the reason I have decided to make a change in 2020: I am utterly dissatisfied, and intermittently horrified, by the mainstream services that many people use to maintain a presence online, and to perform sensitive work.

My discomfort arises from a mounting concern for the privacy and security of myself and the people I communicate with—especially the sources who take risks to pass on information to me.

The dominant companies offering social media platforms, email, or professional networking platforms cannot guarantee the privacy of their users. For the most part they don’t even pretend to.

Their businesses are either wholly or partly based on harvesting and selling our data to third parties. In addition, reporting (including some of mine) has shown how freely those companies will hand over user data to state agencies.

I cannot think of any reason why I should trust them, or those companies on lower tiers of the industry who are hoping to emulate them. I'd rather go with organizations that don't ask for or expect my trust.

__

There are other considerations. Among them:

  1. I do not believe that the platforms many of us use every day are economically, socially, technologically, or ecologically sustainable.
  2. I want as much control as I can manage to attain over my online interactions, my work, and the face I present to the world.
  3. As a journalist and a human being, I no longer want to be confined to someone else’s proprietary ecosystem. At the moment, I am in the middle of a long overdue breakup with Apple, Inc., but it would be a waste to make that effort only to lurch into the arms of, say, Google. I'd like to get rid of Google, too. I don't want to be at the mercy of platform owners.

Like many people, I have nursed these misgivings for a long time. Only relatively recently have I begun taking decisive action with one goal in mind: ensuring that my whole workflow is only visible to me, and parts of it only to those people I explicitly choose to share it with.

Moving to this site is part of an experiment in becoming an “independent journalist” in a sense that is much deeper and more thoroughgoing than “someone who doesn't have a staff job”.

Independence means owning one’s practice, which in turn means limiting dependence on anyone else’s technological, institutional, or commercial ecosystem.

I've been discovering that it's never been easier, or cheaper, to put together an independent infrastructure.

__

This site, then, has two main purposes.

First, the permanent pages linked to at the top of the site give you what you need to get in touch with me, whether you want to pass on tips or hire me.

For everybody who might need it, my contact information is on this site.

Those pages have other information about me. For clients, I also have a clips portfolio you can look over. If you want more general information about me, look no further.

Second, I'll use the blog at the front of the site as a venue for thinking through an ethos and a practice of independence in a time of overlapping crises and enormous opportunities.

__

Here's where I at in those thoughts right now.

The public interest demands journalism investigating the multiple, interlinked crises that are currrently convulsing the world. But newsrooms, staff jobs, and the whole structure of what used to be the news business are all disappearing, in many cases forever.

Nevertheless, I am convinced that all is not lost—far from it. The schematics of a model for sustainable, independent journalism have never been clearer.

  • The barriers to entry into the practice of gathering and publishing news have never been lower. We can make them even lower through the considered and intelligent use of technology.
  • Destabilized media institutions are often less concerned with professional hierarchies and gatekeeping, and more open to contributions from independent journalists.
  • It is easier than ever for journalists to establish direct relationships with their readers, including relationships of reader support.
  • Free and open source software—from computer operating systems, to text and audiovisual editing programs, to tools which allow deep investigation using digital methods—can support a low cost, adaptable, sustainable, and exceptionally effective model of investigative practice for any independent journalists who apply themselves to learning their use.
  • The democratization of encryption means that independents can operate with a higher degree of security than ever before.

On this blog i will start filling those outlines in. the list above encompasses the topics you're likely to read about here.

__

How does this fit in with my other activities?

I am primarily a working journalist. The clips show work on topics like right wing extremism, conservative media, policing and the security state, contentious street protests, and some more general news, features, and commentary.

They also show a long and pretty close relationship with The Guardian.

I am not staff there, but I hope to continue to publish there as often as they will have me.

But I publish in other outlets as well, and I am also involved in another experiment in independent journalism with my friend, Corey Pein. (More details about all of this is on my About page.)

This blog sits alongside all of that work. It is, perhaps, a slight return to my past as a journalism and communications educator in Australian universities.

I'll write more on this soon, but as long as a decade ago, I was dissatisfied with a model of journalism education which was, in my view, little more than outsourced newsroom training for an industry which was already looking wobbly. We shouldn't have focused so much on newsroom training in 2010. In 2020 it looks like a species of madness.

I promise never to assume here that there is a home awaiting any of us in a newsroom.

__

Some housekeeping:

  1. The site as it is hosted by the Listed blogging platform offered with Standard Notes, a very fine program which is at the heart of my writing system.1

    You’ll notice the site is pretty bare bones. There is in fact no “back end” - the site in its entirety is generated from a number of plain text files written in the Markdown protocol. What you see is pretty much what you get.

    There are no images, no hotlinks, no files. That is because it is designed to last. Standard Notes’s commitment to longevity is itselt encouraging, but if they fell over tomorrow I could easily migrate everything to another host, or a very lightweight self-hosted site.

    Most importsntly, though, Standard Notes doesn't ask me to trust them. The service is premised on offering users a service where "all your data... is encrypted anywhere you don't control".

  2. There are many ways to keep up with what’s happening here, should you wish to.

    If you like newsletters, Listed allows you to subscribe to this site via email. You'll only ever get an email when I post. I won't make promises about cadence, but it will not be frequent enough to feel like spam. I won't share your email address with anyone, ever.

    You can also get an RSS feed on the subscription page, and I will post links to new posts her on my Twitter feed.

    The commenting system here is not of the familiar, instantaneous kind. Listed has a "Guestbook" where you can submit comments that are private by default, and which I can later make public on the Guestbook page. We'll see how this goes.

    EDIT Decided against the guestbook, just @ me

  3. Lots of journalists are currently trying to get income streams through newsletters. That's fine, and I am happy that it is working for some people. But I will not be doing that here. All content on the site will be free. I may adapt some of it for commercial purposes later, but you can ignore the solicitation for donations at the Guest Book. Here, I am off the clock.


  1. I will explain this odd term in an imminent post 

New Story at Guardian US - Blueleaks and Google

I have a new story at The Guardian's US edition today about some Google material I pulled from the #Blueleaks trove.

A little-known investigative unit inside search giant Google regularly forwarded detailed personal information on the company’s users to members of a counter-terrorist fusion center in California’s Bay Area, according to leaked documents reviewed by the Guardian.

But checking the documents against Google’s platforms reveals that in some cases Google did not necessarily ban the users they reported to the authorities, and some still have accounts on YouTube, Gmail and other services.

The users were often threatening violence or otherwise expressing extremist views, often associated with the far right.

The documents come from the so-called “Blueleaks” trove, which hackers acquired from the servers of a hosting company in Texas which had been used by several law enforcement agencies. It contains hundreds of thousands of documents from more than 200 agencies, dated between 1996 and June 2020.

Go read it at the site, and stay tuned.