“Good Surveillance Can’t Be Detected”

Maintaining cyber security can be easy. For journalists, it is essential, says Grégoire Pouget. These are the apps and software you need.


Digital security has become a prime concern for reporters across the globe, especially those working on sensitive issues that might rile the political powers that be.

We can see CCTV cameras on the street, but we can’t see malicious code and surveillance software on our devices. We depend on the web to do our work. The internet is simultaneously our greatest tool and our greatest liability.

Grégoire Pouget, head New Media desk of the Reporters Without Borders (RSF) speaks to Blink’s Kyla Woods about RSF’s new Digital Safety Workshop and techniques that journalists can use to improve their cyber security.


Kyla Woods (KW): What events prompted RSF to introduce digital security workshops?

Grégoire Pouget (GP): In 2005, RSF released a report titled ‘Enemies of the Internet’. This report detailed the alarming threat of online surveillance and forms of cyber-censorship in all countries. At this point, RSF decided to introduce internships to aid in facilitating awareness about these issues.

We have changed our approach to cyber security. In 2011, we knew that censorship was a large online problem. Consequently, we took action and began training media professionals. However, we soon realized that data protection and surveillance was the biggest online threat.

Even now, we believe that surveillance and different forms of censorship are two threats that are equally imposed.

KW: Does Reporters Without Borders provide a series of different cyber security trainings?

GP: Reporters Without Borders hosts a three to four-day Cyber Security Workshop with journalists all over the world. We have an in-house training session that usually lasts half a day.

We keep all our resources for cyber security on the ‘Digital Security’ part of our website, which is in both English and French. We also have other readily accessible online resources featured on our blog.

Gregoire Poulet at the RSF’s Cyber Security Workshop.

At the Cyber Security Workshop, we explain the fundamentals of digital security. RSF provides the basics of privacy protection, threats and net surfing. We provide tools like VPN (Virtual Private Network), which is an Internet encrypted tunnel between your computer and a VPN server. We use another tool; Tor, free software and an open network that helps you defend against a form of network surveillance. The Tor website details the full program.

KW: What do you teach in these workshops?

GP: We teach the security basics, like privatizing your data so that people can’t access it. We provide tools that act as an electronic safe, like TrueCrypt, and aid in clearing your history and cleaning up your Internet browser, such as Eraser. We touch on the management of data, the process of backing up your hard drive, GPS and Internet threats.

Then comes the more interesting stuff that is crypto for dummies. These tools are very easy to install. CryptoCat, for example, is a useful app that allows you to securely chat with your friends either on a browser or mobile phone. Another is Malivelope, which enables the exchange of encrypted emails following the OpenPGP encryption standard. We also introduce participants to programs that hide your online presence, such as a VPN.

Generally, we design our program three days before hand, as we want it to accommodate to the students needs.

Screengrab: Map of RSF’s 2014 World Press Freedom Index. The annual reports charts the rises and falls in journalists’ freedoms, and spotlights the negative impact of conflicts on freedom of information and its protagonists.

KW: How does an individual know if their cyber-security is jeopardized?

GP: The problem is that good surveillance can’t be detected. Most journalists suspect surveillance because there is a noise when they call someone, or the battery of their cell phone has an issue where it cannot last longer than half a day. There are times when it is blatantly obvious like when a journalist receives a phone call explaining that someone/somewhere knows that you have been working on a certain subject.

Unfortunately, a breach of cyber security is not something that is easily proven, but it is something that you can sometimes sense. RSF has developed a strategy to counteract this, which is when we provide training, whether in Pakistan or Afghanistan, we scan journalists’ hard drives.

KW: Does it find specific spyware?

GP: Yes, and this is the only way to find proof that someone has been under surveillance. When we begin the workshop, we use a software released by Amnesty International called Detekt, to scan someone’s hard drive and see if a spyware called Kingfisher was used on their computer.

KW: How do you keep up to date with the advancements in surveillance technology? How do you learn about the advancements?

GP: Firstly, we undertake extensive online research. Secondly, we try to stay up to date by networking with hackers around the world and attending events such as Chaos Computer Club.

KW: Do you have any security advice for freelance journalists and photojournalists?

GP: Be cautious. You do not need to use fancy cryptography tools — stick to the basics. This means regularly updating your operating system, updating your software, using an antivirus, and no use of cracked operating systems.

If you can, and you are interested in this kind of thing, we strongly advise people to use free and open source software. At the same time be concerned about your physical security.


Recommended Resources

RSF Online Survival Kit

Building Digital Security for Journalism (PDF)

The International Women’s Media Foundation has just developed Reporta, a new security app which sends alert messages and photo/video if there is a potential risk, and an SOS button to push a distress message to the journalist’s designated contacts before the app shuts down to prevent unwanted access.

The IWMF is running a 6-week pilot program this summer to see how it works in the field and make it better. It will be FREE for freelancers, and could be a great resource for people without institutional security backup. It comes in Arabic, English, French, Hebrew and Spanish for iPhone and Android. If people want to participate, email Cassie Clark at cclark@iwmf.org


Biographies

Grégoire Pouget worked for 10 years as an editor, web designer and developer before joining Reporters Without Borders. After having worked as head of the IT department, he joined the new media office where he leads projects on data security and the circumvention of censorship on the net. Follow him on Twitter.

Kyla Woods works as a freelance writer specializing in current affairs, photography, and design. Her work has appeared in Long Cours, Le Figaro, Le Point, This is the What, and Foam Magazine. She writes regularly for Musée Magazine, Peril Magazine. Originally from Melbourne, Australia, Kyla is based in New York.