[ISN] When Secrets Aren˘t Safe With Journalists

From: InfoSec News <alerts_at_private>
Date: Fri, 28 Oct 2011 00:32:05 -0500 (CDT)
http://www.nytimes.com/2011/10/27/opinion/without-computer-security-sources-secrets-arent-safe-with-journalists.html

By CHRISTOPHER SOGHOIAN
The Opinion Pages
The New York Times
October 26, 2011

Washington -- BRAVE journalists have defied court orders and have even 
been jailed rather than compromise their ethical duty to protect 
sources. But as governments increasingly record their citizens’ every 
communication - even wiretapping journalists and searching their 
computers - the safety of anonymous sources will depend not only on 
journalists’ ethics, but on their computer skills.

Sadly, operational computer security is still not taught in most 
journalism schools, and poor data security practices remain widespread 
in news organizations. Confidential information is sent over regular 
phone lines and via text messages and e-mail, all of which are easy to 
intercept. Few journalists use secure-communication tools, even ones 
that are widely available and easy to use.

Government officials often attempt to get journalists to reveal their 
sources by obtaining subpoenas and compelling testimony and the required 
telecommunications records. But sometimes that’s not even necessary, 
because sources have already been exposed by their own lax 
communications. And then there is illicit monitoring — I believe that 
American journalists should assume that their communications are being 
monitored by their government — and possibly other governments as well.

As an expert on privacy and government surveillance, I regularly speak 
with journalists at major news organizations, here and abroad. Of the 
hundreds of conversations I’ve had with journalists over the past few 
years, I can count on one hand the number who mentioned using some kind 
of intercept-resistant encrypted communication tools.

Even when journalists try to do the right thing, they still make 
dangerous mistakes, like relying on Skype. Skype is slightly more secure 
than phones but is by no means safe from snooping -- which can be done 
with commercially available interception software.

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Received on Thu Oct 27 2011 - 22:32:05 PDT

This archive was generated by hypermail 2.2.0 : Thu Oct 27 2011 - 22:36:55 PDT