Escolar Documentos
Profissional Documentos
Cultura Documentos
Two-Factor Authentication
!Something you know, plus something you have
Passwords
! Dont use a common password ! Avoid words in the dictionary ! Use two-factor authentication !Consider password management tools like 1Password
Phishing
!By far the most common attack against journalists (or
maybe anyone)
! Relies on getting the user to visit a site under false premises
page
AP Phishing Email
Phishing
! Becoming increasingly sophisticated ! Spear phishing = selected targets, personalized messages
Threat Modeling
! What do I want to keep private?
! Messages, locations, identities, networks, etc.
corporations, etc.
accidents
gets killed
File metadata
Secure Storage
!Were assuming you have some data you want to protect ! Documents, notes, photos, interviews, video, etc. !But also: stored passwords, information about your
OTR
! Not an app ! A protocol for encrypted communication, supported by several apps. ! Does not hide your identity! ! Many chat programs can speak OTR ! Confusing and important ! Google Chats off the record option does not use OTR ! Google can read your messages
Solution: Fingerprints
Encrypted message is like a sealed envelope. Anyone can still read the address (metadata)
Torproject.org
Mobile Security
! Your phone ! Is a location tracking device ! Contains all your contacts ! Is used for every form of communication ! Stores a lot of information
Silent Circle
! Commercial service ! Secure mobile calls, video, texts ! Can hand prepaid cards to sources
Legal Security
!In the U.S., the Privacy Protection Act prevents police from
Resources
Committee to Protect Journalists information security guide
http://www.cpj.org/reports/2012/04/information-security.php
Jen Valentinos Encryption and Operational Security for Journalists Hacks/Hackers presentation
https://gist.github.com/vaguity/6594731 http://www.cjr.org/behind_the_news/hacks_hackers_security_for_jou.php?page=all