12 top tech security tips for journos to follow in 2013

email article email article print article print article tip @techmeme

Online security

There are a lot of places where journalists aren’t really welcome and there are plenty of people out there looking to find chinks in any news hound’s armour. Rapid advances in technology have only made it easier to find and exploit those weaknesses.

Even the most tech-savvy journos are at risk. Just ask Wired reporter Mat Honan. Last year Honan’s Google, Twitter, and Apple ID accounts were all broken into, allowing the hackers to remotely erase all the data on his iPhone, iPad, and MacBook. All this happened because Amazon displayed a portion of his credit card number, which Apple used to release information.

Because Honan is a tech journalist, the information gathered by the hackers was used to make his life very difficult. But if he’d been an investigative journalist going after a violent criminal syndicate (with access to the same information), things could have been much worse. A similar hack could, theoretically, have provided access to the contact details of confidential sources putting lives at risk.

In Hanon’s case, the impact of incident could have been lessened by simply using two-factor authentication. There are however other risks faced by journalists but there are also other solutions. Nico Sell, the co-founder of massive hacker gathering DEF CON, has listed 13 top pieces of security advice that every journo should bear in mind as they go about their business this year.

1. Protect your anonymous sources

Do not add important people to your contacts on your phone or computer; find a safe place to keep this information. Sometimes an old school notebook in a safe is still the best way to go. Sell also advocates using anonymous forms of communication because email, texts and cellphones are easily traced.

2. Save your contacts

Be careful what apps you download. Look closely at the company behind the app and the privacy policy. Do not import your address book without careful consideration. This applies just as much to general members of the public as it does to journalists.

3. Watch out for metadata

Clear meta data (GPS locations, device ID, original photo) from pictures using photo editing software before you share or publish online. This information can be used against you and your sources.

4. Beware of public Wi-Fi

Crunch-time at the airport? Do not use public Wi-Fi networks unless your messages and passwords are encrypted. It is easy for others to see what you are viewing and sending online.

5. Avoid public USB charging devices

These devices might be handy if your battery’s about to go flat but they can quickly pull all data from smartphones. Rather travel with a charged emergency top up charger at all times.

6. Talk in code

When on deadline, be sure your sources are safe — by encrypting your messages. Do not communicate with sources on an unprotected phone, email, or SMS channel. According to Sell, unencrypted messages are easy to accessible to even inexperienced hackers.

7. Turn off

The volume and sophistication of attacks on journalists’ digital data is increasing at what Sell says is “an alarming rate”. To protect your sources and content, turn off file-sharing and wireless capabilities when not in use and ensure that confidential communications remain secure.

8. Keep your devices close and password protected

Do not let phones, computers or tablets out of sight, even for a moment, especially at the airport security line. It only takes a second for someone to download all the info off your phone or scoop a valuable lead from your inbox.

9. Create a password strategy

Be sure to keep all of your accounts secure and within your control. Create and use a password strategy to ensure that confidential emails containing breaking news are not compromised. A few ideas you can use in your strategy include:

  • Using a pattern on the keyword instead of words from the dictionary.
  • Rotate this pattern regularly. Change your passwords after each conference.
  • Use a unique password for each important account.
  • Be careful when selecting password hints or security questions as the answers can often be easily guessed using information you’ve posted to social sites.
  • Do not send passwords in clear text.

10. Use different devices

Always use designated devices for different activities. Again, this applies equally to journalists and non-journalists alike. Be sure to keep personal and professional communications separate. If you’re going to be at a conference, for instance, be sure to keep work information to specific devices to limit vulnerability to malware and cookies. Unprotected information can be easily obtained and released online — compromising your story and your sources.

11. Pick your ATM

Be careful withdrawing cash. Avoid using unprotected ATM machines while traveling. Look for bank-sponsored or guarded machines for assurance and accountability.

12. Shield RFIDs

Whenever possible, keep your RFID credit cards, keys and IDs at home or in a special wallet. In some countries, they can be legally scanned from over 200 feet away. If you absolutely have to move around with them, don’t advertise their existence.

email article email article print article print article

Most popular articles

Topics for this article

[ advertising enquiries ]

Share
  • BURN MEDIA TV

    WATCH THE LATEST EPISODE NOW
    Latest Episode
    Data woes? Here are 6 data saving tips for your smartphone

MORE HEADLINES

news

VIEW MORE

interviews

VIEW MORE

future trends

VIEW MORE

entrepreneurship

VIEW MORE

social media

VIEW MORE

facebook

VIEW MORE

twitter

VIEW MORE

google

VIEW MORE

advertising & marketing

VIEW MORE

online media

VIEW MORE

design

VIEW MORE

mobile

VIEW MORE

More in Online journalism

Pageview journalism: economic reality or capitulation to pop culture whims?

Read More »