add images

opsecmistakes/index.md

@@ -46,6 +46,8 @@ A simple example:
 
 ### What bad OPSEC looks like
 
+![smugglers](smugglers.jpg)
+
 The quicker you are identified, the quicker your other lines of defense must come into play.
 If you are a novice in clandestine ops, it is likely that you still have stuff to learn in
 order to be safe. If your activities are quickly identified, that's even less time available to you
@@ -61,10 +63,15 @@ to actually get better at survival.
 
 
 ## Identification
+
+![radar dish](detection.jpg)
+
 After initial detection, your adversary will start collecting data to identify you. This will be traces you left during operations.
 
 ### What good OPSEC looks like
 
+![checklist](checklist.jpg)
+
 Standardized Operating procedures for your organization providing a framework for:
 
 - general operations
@@ -83,6 +90,8 @@ Standardized Operating procedures for your organization providing a framework fo
 
 ### What bad OPSEC looks lile
 
+![cabincr3w](cabincr3w.jpg)
+
 In 2012, Ochoa, a member of the hacktivist group CabinCr3w (an offshoot of Anonymous), conducted unauthorized intrusions into U.S. law enforcement websites. He defaced these sites and published personal information of police officers, including phone numbers and home addresses, as part of an operation dubbed "Operation Pig Roast."
 
 Critical Mistake: Ochoa posted a photograph on one of the defaced websites showing a woman holding a sign with a message mocking law enforcement.
@@ -95,6 +104,10 @@ The photo's metadata contained GPS coordinates, which led authorities to identif
 - He was charged with unauthorized access of a computer and, in June 2012, pleaded guilty to the charges. Ochoa was sentenced to 27 months in federal prison and ordered to pay restitution.
 
 ## Neutralization
+
+
+![swat](swat.jpg)
+
 That's when it's time to start running. If your adversary has gathered enough data to actively start neutralizing your operation you need to be prepared for it.
 Such preparation has two required components:
 
@@ -130,6 +143,8 @@ OPSEC works, even for the scum of the earth: 9.5% neutralization rate after bein
 
 #### What bad OPSEC looks like
 
+![lulzsec](lulzsec.jpg)
+
 Now let's have a look at Lulzsec. We have pretty much every OPSEC mistake rolled into one burrito of disappointment. We will use the analysis framework we've worked with so far
 
 LulzSec (Lulz Security) was a high-profile hacker group active in 2011, known for brazen cyberattacks on corporations, governments, and media.
@@ -160,6 +175,8 @@ By mid-2012, most core members were arrested and charged.
 
 # Threat Modeling: choosing the right tool for the job
 
+![threat modeling](threat_model.jpg)
+
 We now have a simple framework (detection, identification, neutralization), that's actually called an attack cycle model. This will help us think our OPSEC prosedures in a way that is methodical and grounded in rationality.
 
 
@@ -183,6 +200,8 @@ The more powerful and well-funded the adversary, the more dangerous it is (State
 ### Quick Example
 Alice wants to organize a protest against Evil Corp evil practicies of experimenting broccoli based diets on kittens. Evil Corp has been known to intimidate would-be protesters by hiring private detectives and thugs.
 
+![evil corp logo](ecorp.png)
+
 #### Evil Corp threat model
 - goals
   - preventing  disruption of their operations by protestors
@@ -222,6 +241,7 @@ Armed with her risk analysis, Alice's now knows which assets are most likely to
 - Encryption on her laptop, automatic shutdown if someone grabs it
 - Hardening of the email server
 
+![stop sign](stop.jpg)
 
 ## Know when to stop
 Why isn't she preparing for a large scale hacking campaign against her identities, followed with a 0 day barrage of all her servers and a complete compromise of her household appliances down to the lowliest airtag?