By Alan Pearce
Being a journalist in 2013 is more dangerous than it ever was. In addition to the usual threats, beatings, murders and war casualties we are now being actively targeted online by intelligence agencies and law enforcement.
These days it is not just journalists working in repressive regimes that need worry. Increasingly, outwardly-democratic governments are tightening control over the Internet and those who use it.
Journalists are prime targets. They have contact with politicians and activists, they have their finger on the pulse and they are capable of causing all kinds of trouble both to governments and to corporations. If they become interested in you, they will monitor all your online activities and read your email. They will see who your contacts are and they will start to monitor them, too.
Knowing how to protect yourself online is just as important as knowing your law or how to operate in a hostile environment. Yet, surprisingly, most journalists leave themselves wide open.
Start researching sensitive subjects or visiting extremist websites and a tracking device will quickly be planted in your computer to follow you around and report back. It is all too easy for an algorithm to misconstrue your browsing activities and for alarm bells to be set off.
Intelligence agencies and law enforcement use malware which they send to people in spoof emails, allowing agents to take control of smartphones and computers, intercepting Skype calls, turning on web cameras and recording keystrokes.
Cybercriminals use the same techniques, drawing people to a webpage where malware will automatically plant itself in the computer, known as a “drive-by download”.
Within hours of the Boston marathon bombing, the spammers were sending out emails seemingly from CNN which sent users to compromised sites. Both fans and journalists are regularly sucked in with the reported deaths of celebrities or by looming sex scandals.
The push by law enforcement and surveillance agencies to monitor all we do has led to a counter-revolution. The Internet has evolved and so has its counter-surveillance tools. Here are ten tips to tighten security:
1. Build Defences: malicious email attachments and dodgy redirects can be pre-empted with a good anti-virus program. Use a combination of standalone security software with one firewall, one or two anti-virus programs, and one or two anti-spyware program, plus dedicated anti-Trojan software.
2. Browser: Mozilla Firefox allows you to switch between regular and private browsing and comes with a range of security add-ons, such as HTTPS Finder which provides a reasonable guarantee that you are communicating with the intended website and not an imposter. Do Not Track Me stops trackers from following you around.
3. Wear a Mask: a Virtual Private Network (VPN) is effectively a “secret tunnel” where all your on-line activities are screened. Free versions include FreeVPN and ProXPN. For mobile devices, Hotspot Shield encrypts all traffic and allows you to view banned content and access Twitter and Facebook mobile if their services are ever blocked locally.
4. Lock Router: change the administrator password for the home or office wireless router. Hackers can look-up the manufacturer’s default password and easily break in, intercepting everything you send and receive.
5. Password: when choosing a password, avoid words in the dictionary and select a memorable phrase like I Like Lots Of Vinegar On My Fish And Chips which can be written as ILLOVOMFAC. Add to this numbers and non-alphanumeric characters and a mix of upper and lower case.
6. Secret Messages: iOS iMessage uses secure end-to-end encryption and “cannot be intercepted regardless of the cell phone service provider,” according to a US Drug Enforcement Agency internal memo. For Android users there is Secret SMS which encrypts messages between users and hides them.
7. Scramble Calls: Silent Phone allows you to make secure encrypted phone calls over any network – 3G, 4G and WiFi and works on smartphones and tablets.
8. Concealed Carry: remove sensitive data and contacts from your personal devices and store them on a USB thumb drive or SD card. Also install a browser and shredder so you can access any Internet-ready computer, then encrypt the entire drive.
9. Hiding Data: if you need to smuggle sensitive news footage out of a country, you can hide it inside a music track on an iPod or smartphone using a steganography program. You can also embed documents inside photos and other digital files.
10. Deep Web: down in the Deep Web you can stay out of sight and make it seriously difficult for any adversary to locate you by accessing one of the ‘hidden networks’. The most user-friendly is Tor, a dark world of anonymity where people communicate secretly and securely away from the attention of governments and corporations. Not for the faint-hearted.
‘Deep for Web Journalists: Comms, Counter-Surveillance, Search’ by Alan Pearce “should be compelling reading for all journalists” says Jim Boumelha, President of the International Federation of Journalists in his foreword to the book, which is published by DeepWebGuides.com.