http://www.nytimes.com/2011/10/27/opinion/without-computer-security-sources-secrets-arent-safe-with-journalists.html By CHRISTOPHER SOGHOIAN The Opinion Pages The New York Times October 26, 2011 Washington -- BRAVE journalists have defied court orders and have even been jailed rather than compromise their ethical duty to protect sources. But as governments increasingly record their citizens’ every communication - even wiretapping journalists and searching their computers - the safety of anonymous sources will depend not only on journalists’ ethics, but on their computer skills. Sadly, operational computer security is still not taught in most journalism schools, and poor data security practices remain widespread in news organizations. Confidential information is sent over regular phone lines and via text messages and e-mail, all of which are easy to intercept. Few journalists use secure-communication tools, even ones that are widely available and easy to use. Government officials often attempt to get journalists to reveal their sources by obtaining subpoenas and compelling testimony and the required telecommunications records. But sometimes that’s not even necessary, because sources have already been exposed by their own lax communications. And then there is illicit monitoring — I believe that American journalists should assume that their communications are being monitored by their government — and possibly other governments as well. As an expert on privacy and government surveillance, I regularly speak with journalists at major news organizations, here and abroad. Of the hundreds of conversations I’ve had with journalists over the past few years, I can count on one hand the number who mentioned using some kind of intercept-resistant encrypted communication tools. Even when journalists try to do the right thing, they still make dangerous mistakes, like relying on Skype. Skype is slightly more secure than phones but is by no means safe from snooping -- which can be done with commercially available interception software. [...] _____________________________________________________ Subscribe to InfoSec News - www.infosecnews.org http://www.infosecnews.org/mailman/listinfo/isnReceived on Thu Oct 27 2011 - 22:32:05 PDT
This archive was generated by hypermail 2.2.0 : Thu Oct 27 2011 - 22:36:55 PDT