> There are even a few DoE employed HN users here who know their areas of expertise and comment right up to the point where they shut up (an often shut down | change accounts)
It seems like one could pretty easily build a database and track online commenters that are government affiliated. I've seen several on reddit from various three letter agencies (see r/TSA, r/1811, r/securityclearance, r/cbpoapplicant/). They usually try to self-limit what they share, but inevitably say things that aren't approved to be public.
If you gathered a database of posts across these forums, it would be easier to reconstruct info across different sources. Regularly scraping the site and flagging whatever gets deleted by the mods to read is also a good strategy, as they do often remove posts for being too sensitive.
You could also identify patterns of content they engaged with that resulted in information disclosure. For example, there used to be a CBP officer on Reddit that had offered on at least one occasion to look up someone's PASSID in their internal systems because their GE application had gotten stuck in processing. Someone could make a similar post to solicit them to "help" them with a similar situation as a means of info gathering.
As you said, what they don't share is often informative as well. For example, someone asked that account what it meant when the officer said they "had three BTPs" and sent them to secondary; his response was that it was too sensitive to disclose. I can't find the term in any public docs, so the existence of this procedure itself is info that could be valuable to a threat actor. They could also just try posting about the same thing until someone different reveals slightly more info.
These internal acronyms can also be used as a shibboleth when posting to subconsciously make people more comfortable sharing info in response. If the term is internal, and you ask a question to a "fellow employee" online, they may disclose things that they think you already know. You can find a lot of info about the systems they use in public PIA/SORN notices. Unclassified codenames can also be used as a Google search tactic to uncover content posted by insiders and filtering out news articles and other public results.
Even detailed descriptions of agency procedures by the public is valuable, if summarized and put into a database. Inevitably, things are overheard or observed each time one interacts with security forces. Everything from their facial expression, how much they are typing, etc. can reveal how you are perceived. On Chinese social media, for example, there is a lot of discussion of US immigration procedures and which ports/offices are perceived as most strict. One could run statistics based on others posts about visa and entry denials to identify weaknesses and reconstruct non-public procedures.
For example, this thread discusses a TSA procedure I saw myself: https://old.reddit.com/r/tsa/comments/14l1ca1/what_is_the_bo.... One respondent says it is sensitive, and another tries to deflect the question by saying it is to "weight down light things" while also admitting it "distinguishes the bag for the X-ray operator."
It's pretty obvious that the "paper weight" (the code name which someone helpfully shared) contains the image of a prohibited item (or a known pattern) to test that the X-ray operator is paying attention; the tray was sent to secondary but not actually searched beyond removing the object.
This comment (https://www.reddit.com/r/tsa/comments/1clxfn8/comment/l2wox2...) indirectly confirms that TSA does collaborate with law enforcement to help forfeit cash which was the subject of a recent lawsuit by the Institute for Justice, by saying "there was no need to notify anyone because they traveling domestically," implying that they do notify LE if international.
Does the TSA officially work with local law enforcement? I am not sure about their policy, but many TSA staff want local law enforcement jobs. As such, TSA staff will do whatever they preceive as favor to local law enforcement to gain "preceived" advantage from local law enforcement in future hiring "you scratch my back, I will get yours" type situation and mentality. Problematically, the favor depends on the customs and courtesies of the location. Overall, this leads to what a previous poster described as a "win" for point counting congresspeople while leaving society less safe and vulnerable to self interest of a TSA staffer for personal gain.
It seems like one could pretty easily build a database and track online commenters that are government affiliated. I've seen several on reddit from various three letter agencies (see r/TSA, r/1811, r/securityclearance, r/cbpoapplicant/). They usually try to self-limit what they share, but inevitably say things that aren't approved to be public.
If you gathered a database of posts across these forums, it would be easier to reconstruct info across different sources. Regularly scraping the site and flagging whatever gets deleted by the mods to read is also a good strategy, as they do often remove posts for being too sensitive.
You could also identify patterns of content they engaged with that resulted in information disclosure. For example, there used to be a CBP officer on Reddit that had offered on at least one occasion to look up someone's PASSID in their internal systems because their GE application had gotten stuck in processing. Someone could make a similar post to solicit them to "help" them with a similar situation as a means of info gathering.
As you said, what they don't share is often informative as well. For example, someone asked that account what it meant when the officer said they "had three BTPs" and sent them to secondary; his response was that it was too sensitive to disclose. I can't find the term in any public docs, so the existence of this procedure itself is info that could be valuable to a threat actor. They could also just try posting about the same thing until someone different reveals slightly more info.
These internal acronyms can also be used as a shibboleth when posting to subconsciously make people more comfortable sharing info in response. If the term is internal, and you ask a question to a "fellow employee" online, they may disclose things that they think you already know. You can find a lot of info about the systems they use in public PIA/SORN notices. Unclassified codenames can also be used as a Google search tactic to uncover content posted by insiders and filtering out news articles and other public results.
For example, this Quizlet user is easily searchable given the plethora of military acronyms, and contains information about the location of wiring inside a naval facility and the structure of classified satellite networks: https://quizlet.com/578117055/tcf-specific-flash-cards/ , https://quizlet.com/414907821/eiws-study-guide-here-it-is-bo..., https://quizlet.com/463959814/scif-flash-cards/.
Now Google some of those terms and find more Quizlets: https://quizlet.com/593984066/osi-308-odin-sphere-enclaves-f..., https://quizlet.com/595864454/transport-layers-flash-cards/.
This one has info about hidden security features on a USAF ID badge authorizing access to parked aircraft (logo mistakes and base name spelled with 1 for L): https://quizlet.com/763351519/response-force-member-knowledg....
Even detailed descriptions of agency procedures by the public is valuable, if summarized and put into a database. Inevitably, things are overheard or observed each time one interacts with security forces. Everything from their facial expression, how much they are typing, etc. can reveal how you are perceived. On Chinese social media, for example, there is a lot of discussion of US immigration procedures and which ports/offices are perceived as most strict. One could run statistics based on others posts about visa and entry denials to identify weaknesses and reconstruct non-public procedures.
For example, this thread discusses a TSA procedure I saw myself: https://old.reddit.com/r/tsa/comments/14l1ca1/what_is_the_bo.... One respondent says it is sensitive, and another tries to deflect the question by saying it is to "weight down light things" while also admitting it "distinguishes the bag for the X-ray operator."
It's pretty obvious that the "paper weight" (the code name which someone helpfully shared) contains the image of a prohibited item (or a known pattern) to test that the X-ray operator is paying attention; the tray was sent to secondary but not actually searched beyond removing the object.
This comment (https://www.reddit.com/r/tsa/comments/1clxfn8/comment/l2wox2...) indirectly confirms that TSA does collaborate with law enforcement to help forfeit cash which was the subject of a recent lawsuit by the Institute for Justice, by saying "there was no need to notify anyone because they traveling domestically," implying that they do notify LE if international.