Tag Archives: encryption

Got a new laptop? Here’s how to maintain your privacy from the start

When you get a new laptop – with no cookies on it! – it’s a great opportunity to start afresh and protect your privacy online by default. As I recently got a new laptop here’s what I did as I set it up…

Start from scratch – no importing of settings/applications

Many laptop setup wizards offer the option to import applications, documents or other elements from your existing laptop. I didn’t do this, partly because I didn’t want to bloat my new laptop with anything that wasn’t necessary (and if you use cloud storage then you can download from there anyway), but largely because I wanted to check the settings of each application as I went – this is much easier to do if you’re installing them.

Browsers – install them all

I use at least four different browsers: Safari, Chrome, Firefox and Opera. (You might also want to install Tor for particular use cases, although I’m not going to cover it here).

It’s useful to have different browsers partly because they offer different functionality, but also because it allows you to separate different activities. For example: Continue reading

Advertisements

Guardian profiles routinely link to PGP keys – why aren’t other news orgs doing this?

guardian-profile

What a pleasant surprise to visit a profile page on The Guardian website and see a big, prominent link to the member of staff’s public key. Is this routine? It seems it is: an advanced search for profile pages mentioning “public key” brings up over 1000 results. Continue reading

How one journalist found hidden code in a Google report and turned it into a story

right to be forgotten analysis

The story found that most requests were made by private individuals, not politicians or criminals. Image: The Guardian

Sylvia Tippmann wasn’t looking for a story. In fact, she was working on a way that Google could improve the way that it handled ‘right to be forgotten‘ processes, when she stumbled across some information that she suspected the search giant hadn’t intended to make public.

Two weeks ago The Guardian in the UK and Correct!v in Germany published the story of the leaked data, which was then widely picked up by the business and technology press: Google had accidentally revealed details on hundreds of thousands of ‘right to be forgotten’ requests, providing a rare insight into the controversial law and raising concerns over the corporation’s role in judging requests.

But it was the way that Tippmann stumbled across the story that fascinated me: a combination of tech savvy, a desire to speed up work processes, and a strong nose for news that often characterise data journalists’ reporting. So I wanted to tell it here. Continue reading

This Christmas, encrypt your emails and make the haystack bigger

Why should journalists be interested in web security? You may not fear your social media accounts being hacked by propagandists, your email hacked by companies you write about, or your phone records being seen by police, but there is another good reason for adopting security measures.

“Anonymity loves company,” security researcher Ross Anderson reminded attendees at this month’s Logan Symposium on secrecy, surveillance and censorship. “You can only hide in a crowd.”

In other words, the more people who use encryption in their email, or other security measures, the less unusual it becomes.

And the more widespread these practices are, the harder it is for the contents of messages to be used to identify whistleblowers – whether that is with journalists, charities, or even whistleblowing services (remember that only the message is encrypted, not the identity of the sender or recipient).

So if you have some spare time over the festive period, why not get yourself set up with an email client like Thunderbird with a plugin like Enigmail, and get started.

Web security for journalists – takeaway tips and review

Web security for journalists - book cover

Early in Alan Pearce‘s book on web security, Deep Web for Journalists, a series of statistics appears that tell a striking story about the spread of surveillance in just one country.

199 is the first: the number of data mining programs in the US in 2004 when 16 Federal agencies were “on the look-out for suspicious activity”.

Just six years later there were 1,200 government agencies working on domestic intelligence programs, and 1,900 private companies working on domestic intelligence programs in the same year.

As a result of this spread there are, notes Pearce, 4.8m people with security clearance “that allows them to access all kinds of personal information”. 1.4m have Top Secret clearance.

But the most sobering figure comes at the end: 1,600 – the number of names added to the FBI’s terrorism watchlist each day.

Predictive policing

This is the world of predictive policing that a modern journalist must operate in: where browsing protesters’ websites, making particular searches, or mentioning certain keywords in your emails or tweets can put you on a watchlist, or even a no-fly list. An environment where it is increasingly difficult to protect your sources – or indeed for sources to trust you.

Alan Pearce’s book attempts to map this world – and outline the myriad techniques to avoid compromising your sources. Continue reading