![]() Use of certain privacy tools can be illegal. Practising robust InfoSec, during a specific project.ĭespite the fact that the pervasive surveillance of law-abidingĬitizens almost certainly contravenes international human rights laws, You at all times, to using a second-hand, cash-bought, laptop and Protection strategies range from simply keeping your laptop or phone on If your system is hacked, or otherwise vulnerable, your efforts may beįutile, as your encryption can be circumvented without any need to breakĭepending on your risk level and the sophistication of your adversary, Unbreakable encryption, or use the strongest conceivable passwords, but Your security and/or encryption methods will only be effective ifĮach level of your system is secure. Understand InfoSec in theory, and to always continue learning about The threats will change, with time, but so too will the technologiesĪvailable to protect journalists and citizens. Risks and/or the risks incurred by our communication? Instructible for my sources and colleagues, in light of their evaluated What defence strategies are practical, safe, effective, and What defence strategies are practical, safe, and effective in light of your evaluated risks? What risks arise from passive surveillance? How extensive are the tools used in passive surveillance? What risks could arise, for you and those you communicate/work with, from a targeted attack? How likely is your potential attacker to use their available tools against you? What tools might your potential attackers possess? Who could your adversaries or potential attackers be? Some basic questions you may wish to ask yourself when threat modelling for your InfoSec strategies are: Their InfoSec, whilst aware of the risks, to meet other practicalĭemands in their work, whereas some users practise sophisticated InfoSecĪbove their perceived need because they find it practically doable. You may also want to factor in practicalities: some users may compromise Therefore, it is down to you to perform a personal risk assessment andĭesign an appropriate defensive response during the course of reading Where and to whom they apply or the efficacy of our defences. Is entirely secret, we rarely confidently know the exact threats when, Since attack technologies are always changing and much of their use Please have a look at more recent tutorials, for example – you can also get in touch with me here. The original handbook can be downloaded here: īe careful! This handbook is now several years old and many sections may be severely outdated. Authors: Arjen Kamphuis & Silkie Carlo, shortened by Katrin Rönicke & Marie Gutbub for the ShShMob16 workshop organized by the Bundeszentrale für politische Bildung and n-ost in Odessa. This handbook is based on “Information Security for Journalists” from the Logan Handbook Series Commissioned by the Centre for Investigative Journalism.
0 Comments
Leave a Reply. |