2 minutes on: Keeping the chill off journalism

Share this article:
2 minutes on: Keeping the chill off journalism
2 minutes on: Keeping the chill off journalism

It's long been known that governments across the world are far more capable and equipped to acquire digital information about their desired targets than the latter are at protecting it. 

This isn't a scenario reserved for some tyrannical government in a faraway place, either. And it scales to the media, as well. In May, the Associated Press revealed that the U.S. Department of Justice (DoJ) secretly obtained records for more than 20 phone lines used by the AP and its journalists over a 60-day period in early 2012. Days later, an even more shocking DoJ probe was uncovered, this one involving access badge, email and phone surveillance of James Rosen, Fox News' chief Washington correspondent. 

The purpose of journalism, as intrepid war reporter Jeremy Scahill has said, is two-fold: Give voice to the voiceless and hold the powerful accountable for their actions. To accomplish this, the craft relies on whistleblowers, leakers and tipsters – and the promise that they can be protected. Without them, some of the most important stories ever told would never have seen the light of day. 

In today's network-connected world, operational security, or OpSec, is more critical than ever, but typically isn't taught in journalism school. As we learned from Woodward and Bernstein, arguably the safest way for information to be exchanged among reporter and source is in person, but this method often is not practical. 

That's why The New Yorker, coincidentally just as the AP spying scandal broke, released “Strongbox,” an encrypted online dropbox co-created by the late Aaron Swartz. It relies on underlying, open-source code known as DeadDrop and uses the Tor network, so sources can ensure they remain anonymous and untraceable when communicating with the magazine – and without any worry that a major service provider, like Google or AT&T, will be subpoenaed for records. Other media outlets are sure to follow suit.

“Readers and sources have long sent documents to the magazine and its reporters, from letters of complaint to classified papers,” explained senior editor Amy Davidson in an article announcing the technology. “But, over the years, it's also become easier to trace the senders, even when they don't want to be found. Strongbox addresses that; as it's set up, even we won't be able to figure out where files sent to us come from. If anyone asks us, we won't be able to tell them.”

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in 2 Minutes On

Sign up to our newsletters

TOP COMMENTS

More in 2 Minutes On

Best practices for removing admin rights: A step-by-step approach

Careful control of administrator rights in the very foundation of IT Security. Allowing admin rights exposes a dangerous security risk, creating an easy entry point for advanced persistent threats, zero-day attacks and sophisticated malware.

Mobile-derived credentials

It's more than a trend. Mobile devices are becoming the new enterprise desktop. But mobile devices require the same security considerations to access corporate intranets or securely sending and receiving email.

Catching up to the insider

Catching up to the insider

Have effective changes been instituted to protect organizations from other Snowdens or negligent employees?