A word of #OPSEC @theguardian

Published on March 7, 2022 by

Earlier today at 11:24 The Guardian Journalist Shaun Walker posted the security procedure and the security token used to pass makeshift checkpoints in Ukraine related to the Russian Ukrainian war:


This is a reminder to journalists – and the public – to take OPSEC (operations security) seriously and not endanger people on the ground.

Posting a security token – whether digital (cookies, passwords, keys) or physical is endangering the people this very security token tries to protect.

Above tweet was also posted on the current live ticker about the Russian Ukraine war on theguardian.com (it has been removed since).


Mistakes can happen. Mr. Walker deleted the post after many Twitter users pointed out the mistake. However, there is a lack of accountability. Mr. Walker writes:

  • “a day of angry Twitter replies”
  • “I don’t really see how posting this […] compromises security in any way”
  • “too exhausted to deal with scrolling through abuse”
  • “some people need to get a grip about what is a security risk and what isn’t”

The problem with the statement “how posting this without location compromises security” is the same as when people declare “it is just an XSS vulnerability”. In real world attacks, vulnerabilities (and password/information disclosures) are often used in connection (chained) with other vulnerabilities to form an actual attack.

In this particular case other tweets could reveal the location, or perhaps the posted picture could reveal the geo-location via EXIF data. Public reports already revealed that some Russian soldiers (saboteurs) pretend to be Ukrainian ones including the use of their uniform and vehicles.

Revealing the security details and tokens of checkpoints of an active warzone is certainly not smart, has little journalistic value (if any at all) and The Guardian should know better.

Related articles

List of buckets

Published on May 5, 2022 by

At Intelligence X we categorize data sources into buckets. Buckets can be used as filters and to broadly identify the source of individual search results. For example, the bucket “Darknet Tor” indicates the result origins from some a Tor hidden service (.onion domain) and was collected by our Tor crawler. Buckets have human readable names

Adding support for new top-level domains

Published on April 6, 2022 by

We just added support for an additional 152 top-level domains (TLDs), increasing the support to 511 TLDs in total. Support means that you can search for those domains across intelx.io and APIs, and internally that our backend supports processing them. While you can start searching for them immediately, it will take some time until our

Newsletter 2022-03-01

Published on March 1, 2022 by

We stand with Ukraine 🇺🇦 Intelligence X commends the brave Ukrainian soldiers. 🇺🇦 Free access for the Ukrainian Government We have whitelisted the domain gov.ua – all accounts signed up on intelx.io with that email ending have full access to 100 billion records. This includes access to our Identity Portal which allows users to quickly

Search the blog: