NOTE: The contents of this post won’t come as a shock to any of you tech geeks well-versed in crytography, but for the rest of us trying to stay afloat in the digital world, it’s just good to know.
Today I had the unique opportunity to have my mind blown in the form of four brain-numbing hours–all in the name of online security.
Reporters Without Borders, a group based in France dedicated to monitoring global press freedom, held training sessions at Columbia University’s J-school to help familarize journalists with an array of basic digital security tools.
The session couldn’t have come at a better time. While reports of illegal and legal hacking have been as old as the Internet, companies like Facebook and Apple have only started to publicly address their vulnerabilities. And the issue has hit home with the press in a recent string of attacks on both the Times and the Post.
Hackers are also no longer relegated to the rogue wonder-teen, they’re government-supported, ex-military types, or private, professional firms. Leon Panetta sounded the alarm (albeit, late) last year in an ultimatum of sorts, but he isn’t too far off. The veil of digital security is just that, a veil.
Today’s crash course focused on the security differences in Internet connections (VPN, TOR networks, etc) as well as preventative measures like encryption, which protects digital material by encoding it. The content of the encrypted material can only be deciphered with a key of some sort–usually a password.
You can encrypt emails, USB drives, computer hard drives, and operating systems. Third-party software like TrueCrypt allow you to set up encryption keys to go beyond the password you enter on a Macbook at start-up.
Encrypting your computer’s hard drive can be particularly helpful if you’re working with sensitive information or just want to ensure that things like contact information and reporting notes are thoroughly protected from prying eyes whenever you’re using public wifi networks or just don’t want to be eavesdropped on.
Then there’s also the option of creating a hidden volume within your computer’s already encrypted hard drive. Sort of like a vault within a vault (this was when things started to get Inception-y).
Why do this? Well, for one, hacking is a terrible, terrifying experience. Example? This guy. FYI, the victim was a tech writer for Gizmodo who got hacked simply because the hacker liked his Twitter handle so much (@mat), that he decided to take it. Lesson learned? For starters, use Google’s two-step authentication.
Nothing I’m working on right now is a smoking gun of any sort, but today’s session made me wonder just how many journalists are taking the extra steps when it comes to ensuring their digital security. Basic things like activating your computer’s firewall can be easily overlooked (in our session of mostly Mac-users, it was startling to see how many of us, including myself, simply hadn’t turned our built-in firewalls on).
I’m not a tech whiz by any means, so I have yet to fully absorb what it means to be digitally saavy, but it’s nice to know that there are tools (free!) to make the all-too-real threat a little less scary (sort of).