Tag Archives: security

The 10 most-read posts (and one page) on the Online Journalism Blog in 2014

ojb post frequency 2014

The last 2 months of 2014 saw a return to regular blogging after some quiet periods earlier in the year

2014 was the 10th anniversary of the Online Journalism Blog, so I thought I’d better begin keeping track of what each year’s most-read posts were.

In 2014 the overriding themes for this blog were programming for journalists, web security, and social media optimisation. Here are the most-read posts of the year, plus one surprisingly popular new page with some background and updates. Continue reading

This Christmas, encrypt your emails and make the haystack bigger

Why should journalists be interested in web security? You may not fear your social media accounts being hacked by propagandists, your email hacked by companies you write about, or your phone records being seen by police, but there is another good reason for adopting security measures.

“Anonymity loves company,” security researcher Ross Anderson reminded attendees at this month’s Logan Symposium on secrecy, surveillance and censorship. “You can only hide in a crowd.”

In other words, the more people who use encryption in their email, or other security measures, the less unusual it becomes.

And the more widespread these practices are, the harder it is for the contents of messages to be used to identify whistleblowers – whether that is with journalists, charities, or even whistleblowing services (remember that only the message is encrypted, not the identity of the sender or recipient).

So if you have some spare time over the festive period, why not get yourself set up with an email client like Thunderbird with a plugin like Enigmail, and get started.

How The Cambodia Daily went HTTPS to protect its readers – guest post

Last month The Cambodia Daily announced it was going HTTPS. In a guest post for OJB Joshua Wilwohl explains why they decided to go secure, and how they did it. (Disclosure: Joshua is a student of mine on the MA in Online Journalism by distance learning at Birmingham City University).

During the past year, The Cambodia Daily has witnessed an increase in government interest in monitoring the Internet.

This week, the newspaper revealed a government plan to inspect the network equipment, billing and data files of mobile phone operators and internet service providers.

Government officials argued this was to help with investigations into crime committed over Voice Over Internet Protocol, or VoIP.

But computer crime experts said the Government’s planned tactics could also be used to monitor people’s phone calls and Internet data. As one expert said: Continue reading

“Don’t be afraid: keep them afraid” and other notes from the Logan Symposium on surveillance’s first day

Don't be afraid. But keep them afraid.

Seymour’s parting advice to young journalists: maintain a watchdog role and hold power to account

On Friday I was at the Logan Symposium on secrecy, surveillance and censorship, an event which, as is often the case with these things, managed to be inspiring, terrifying, and confusing in equal measure.

Notably, Director of the Centre for Investigative Journalism Gavin MacFadyen opened the day by talking about investigative journalists and hackers together.

It is common to hear attacks on journalists mentioned at these events, but rare to hear an old-fashioned hack like MacFadyen also talk about the “growing number of hackers being imprisoned”, while noting the commonalities of a desire for a free press, free speech, and “a free internet”. Continue reading

The Government wants to know where you were online, when. Why journalists should be cautious

 

tor https infographic

The EFF have an interactive graphic which shows you what information can be grabbed when you’re using Tor or HTTPS

Home secretary Theresa May wants to be able to connect IP addresses (which identify machines) with users (those using it at that particular time).

In a nutshell this means being able to identify whether you were in a particular place at a particular time – only the ‘place’ in question happens to be virtual: a website.

Now clearly this is aimed at identifying terrorists and paedophiles. But then so was RIPA, a law which has been used to spy on journalists and intimidate staff who speak to them and to “pull reporters’ phone records in every single leak inquiry in the last ten years“, including all calls to the Sun’s newsdesk and by their political editor in one inquiry.

In recent weeks we have heard about prison officials monitoring confidential phonecalls between MPs and prisoners, and between lawyers and their clients. Continue reading

Watch: why every publisher should switch to HTTPS (and you should too)

This video, from this year’s Google I/O conference, is one of the best explanations I’ve seen on HTTPS with regard to publishers.

It’s worth watching for five minutes or so to get an insight into why HTTPS is so important not just in protecting users, but also in protecting your own reputation.

HTTPS protects users because it prevents others from seeing what sites they visited before and after yours, and what pages they’re looking at on your site.

Imagine a whistleblower checking your site or profile out, or indeed one of your own journalists visiting it using hotel or coffee shop wifi, and you have an idea what I mean.

But HTTPS also prevents hackers from impersonating your site in order to collect user data. I imagine most publishers will be more concerned with their customers than their sources.

For journalists who suddenly realise that their web browsing is public information, I recommend the browser plugin HTTPS Everywhere, which turns on HTTPS by default (where sites support it) in Chrome, Firefox, Firefox on Android, or Opera.