Information Security for Journalists: Part 2

Information security begins from the awareness of possible threats. And in journalistic work, the loss of information often jeopardizes not only the journalist, but also his sources and other persons

Basic security principles, which allow journalists and activists to protect information, require not a one-time introduction but an ever-deepening of the subject.

Since it’s difficult for a person to get used to security conditions immediately, they undoubtedly make life more complicated. In addition, security requires regular updating of knowledge, since various evildoers also do everything to bypass barriers. For this reason, let’s continue the work we’ve already begun

We’ve already spoken about the fact that when accessing a public WiFi connection, you should use VPN, which will allow you to hide your connection from a third party. But if the authenticity of the person accessing the connection needs to be completely hidden, you can adopt more extreme measures.

Among them is the most anonymous browser today, Tor, which allows not only your identity, but also all your online activities to be kept secret. Tor is so difficult to crack that France is even considering banning this system, justifying the move, naturally, as an anti-terrorism measure.

The Tor browser is available for all desktop operating systems. In addition, it also works with Android smartphones. If you post something using Tor, people following you won’t know where you went or what you did. The use of this browser also allowed media outlets to securely accept electronic submissions: SecureDrop.

If a media outlet uses this system, a source sending documents to a journalist will remain unidentified — even if law enforcement confiscates the entire arsenal of compute equipment and tries to find the source. WikiLeaks as well as several other well-known media (The Guardian, Forbes, The Washington Post, and so on) use this encrypted system.

Maintaining confidentiality implies not only being anonymous online, but also the opportunity to completely remove sensitive information (with which, for example, a journalist’s source can be identified). A computer or phone user should be aware that deleting information (sending it to the trash) doesn’t remove it from the device.

Information can be easily retrieved from the device, memory card, or phone. That’s why numerous programs exist: one of the most widespread is Recuva

Whoever has at least once recovered his files will understand how dangerous not fully deleted information is. You don’t have to picture a spy movie, where secret services hunt for information. Picture a simple situation: a journalist sells his old computer and buys a new one. He simply deletes his files from his old computer. But the buyer half an hour later recovers them and possesses highly sensitive information.

The same thing applies to phones, which often contain even more insecure information. In order to completely delete information so that it’s irrecoverable, you need to use, for example, Eraser (for desktop computers). This allows you to delete specific files so that they  can no longer be retrieved. There are many programs for phones; for example, iShredder for Android

Nevertheless, information security begins from the awareness of possible threats. And in journalistic work, the loss of information often jeopardizes not only the journalist, but also his sources and other persons. 

Samvel Martirosyan

The views expressed in the column are those of the author's and do not necessarily reflect the views of Media.am.

Add new comment

Comments by Media.am readers become public after moderation. We urge our readers not to leave anonymous comments. It’s always nice to know with whom one is speaking.

We do not publish comments that contain profanities, non-normative lexicon, personal attacks or threats. We do not publish comments that spread hate.

Leave a Reply

Your email address will not be published. Required fields are marked *