"Robin Sage" via Facebook
She was young, sexy and her credentials were stellar, but Robin Sage was no lady.
An internet security pro used the phony profile of a 25-year-old cybergeek as a honeypot to punk execs at the NSA, DOD and Military Intelligence groups.
Scammers posing as soldiers have used dating sites to dupe lonely-hearted women, but the so-called “Robin Sage Experiment” proves soldiers can be duped too.
One Army Ranger who friended Sage inadvertently exposed his coordinates in Afghanistan through uploaded war zone photos with embedded location data.
“If she was a terrorist, you would know where different [troops’] locations were,” Thomas Ryan, the white hat hacker behind Sage told IT security mag “Dark Reading.”
The Ranger should have known better. Robin Sage is the name of the final phase of special forces training before becoming a Green Beret.
The goal, said Ryan, was to determine how well social networking sites could be used to conduct covert intelligence-gathering.
A Facebook profile set up for the sensual MIT grad and “cyber threat analyst” featured photos of her in a sexy bikini and thigh-high socks.
It worked. The vast majority of her online friends were men.
“The big takeaway is not to befriend anybody unless you really know who they are,” Ryan said.
[via Computer World, Dark Reading, Washington Times and Center for Investigative Reporting]
4 Comments
Hey Joe,
That was fun.
ARe you going over to Iraq or Afghan. any time soon?
Why would a Ranger know about a training exercise in an ENTIRELY different program/school? That was a pretty dumb statement to have included in the article.
Trust me if you are a Ranger you know what Robin Sage is. Yes it is in a different program but even regular soldiers in non combat units know what it is. So i think it is dumb to say that a Ranger does not know what that is.
it also needs to be commented on that spouses have a bad tendency to post their soldiers whereabouts, movements and compromising photos on their facebook accounts……cmon people do you REALLY beleive that this is “private” networking????