Hi everyone, I’m at Mozfest 2016. This post is a summary of what I have learned about digital security. It’s based on a presentation by Matthew Mitchell, Martin Shelton and Mike Tigas with help from Sequoia McDowell .
Why encryption?
- Protect communications between you and others
- Stop advertising networks from mining your conversations for ad targeting data
- Stop network middlemen from spying on you
- Make it harder for the govt to spy on you
- Support others who need protection
- Basic Privacy
How to choose your tools?
There are many different kinds of encryption. Some are better implemented than others. You need to understand what motivations the organisations may have, or the motivations of the governments of the countries in which the organisations are base. Some good options:
- Use two factor authentification: http://twofactorauth.org
- Encrypt your hard disks on all your devices: Iphone: http://support.apple.com/en-us/
- For Encrypted Mobile Chat and Calls: Signal https://whispersystems.org/)
- For Video Chat: Jiitsi http://meet.jit.si
- For logging in to website safely (e.g if you want to do research anonymously):
- Use Tor Browser http://www.torproject.org/projects/torbrowser.html.en
- Use password managers: 1pass word http://1password.com, Dashlane https://dashlane.com or Padlock http://padlock.io (only available for Chrome + iOs/Android
Some useful concepts and practices:
- Verification: being sure that the person with whom you are communicating is who they say they are.
- Types of threats (“threat models”): Who am I afraid of and what would happen if this information got out? IS it the competition, people or organisations that are after your information? Random hackers that want to use your twitter account for hacking attacks.
- Content vs. Metadata: What did you say v.s Who spoke to whom, when and for how long? Where did the communcation come from? (e.g Via IP address)
More for more information and easy to follow, step by step instructions you can download this document Introduction to Digital Security for Journalists Handout (MozFest 2016) - Google Docs or ask the presenters Martin (http://twitter.com/shelton ) Matthew (http://twitter.com/gemiini) Tigas (http://twitter.com/mtigas )