Articles

Projects walkthroughs, tool teardowns, interviews, and more.

Articles tagged: security

  1. Introducing the Field Guide to Security Training in the Newsroom

    By Amanda Hickman, Kevin O’Gorman, and Ryan Pitts

    Posted on

    A practical, collaboratively written guide that everyone in newsrooms can use.

  2. Shields Up: In the Face of Supply Chain Attacks, Stay the Course

    By Martin Shelton

    Posted on

    Everything you need to know about supply chain attacks, a kind of security breach that targets trusted distribution channels for delivering software and hardware.

  3. Shields Up: Using Signal Without Giving Your Phone Number

    By Martin Shelton

    Posted on

    Encrypted messaging apps like Signal, as well as WhatsApp and Viber, use your phone number as your main username. This means that if I want to chat with someone on these apps, I have to give them my phone number. But we may have many reasons—both practical and principled—not to share our number with someone. These digits are personal.

  4. Shields Up: Get Your Malware Shots

    By Martin Shelton

    Posted on

    Malware lets an unauthorized third party access or take control of your device. In practice, it’s become a catch-all term for a huge variety of malicious software. That could include software that hijacks computing resources, lets an attacker monitor your screen, keystrokes,microphone, or effectively turns your device into an expensive brick.

  5. How to Lose Friends and Anger Journalists with PGP

    By Martin Shelton

    Posted on

    All the reasons that journalists should look beyond PGP for sending encrypted messages.

  6. Why My Motto as a Security Journalist Is “Assume Breach”

    By J.M. Porup

    Posted on

    The network is hostile. We now live next door to every sociopathic intelligence agency, corrupt police force, and mafia hacker on the planet. In such a world, we have no guarantees and few guidelines, but “assume breach” will help you stake out an improved security posture.

  7. Training Colleagues on Digital Security? We’ve Got Your Back

    By Ryan Pitts

    Posted on

    Security has felt like a topic we ought to address for a while now, and we were thrilled to partner with BuzzFeed Open Lab this month on a convening designed to improve security knowledge and practice in newsrooms everywhere.culture and technology, so we hope you’ll help us keep this guide up to date.

  8. A Guide to Practical Paranoia

    By Stephen Lovell

    Posted on

    In most cases, before we lose either privacy or control, the first thing we lose is our paranoia.

  9. Harlo Holmes on Newsroom Security in 2017

    By Harlo Holmes and Erin Kissane

    Posted on

    Harlo Holmes is a media scholar, software programmer, and activist who leads digital security work for the Freedom of the Press Foundation, the organization co-founded by Daniel Ellsberg and Trevor Timm in 2012 to fund and protect adversarial investigative journalism. Holmes has long been a contributor to the open source mobile security collective The Guardian Project, and was a founding member of the DeepLab cyberfeminist collective. In 2014, Holmes was a Knight-Mozilla Fellow at the New York Times.

  10. Welcome to Security Week

    By Erin Kissane

    Posted on

    When the conversation in nerd-journalism concentrates around a particular topic, we sometimes assemble a theme week on Source to help collect the loose threads and encourage journalists (and designers and developers and data analysts) to document their related work. Sometimes they’re excuses for robotic fun, and other times a catalyst for difficult but necessary culture conversations. A Security Week in 2017, though, is a no-brainer.

  11. Protecting Your Sources When Releasing Sensitive Documents

    By Ted Han and Quinn Norton

    Posted on

    Critical advice for protecting sources when releasing sensitive documents.

  12. Wanted: Security Pitches

    By Erin Kissane and Lindsay Muscato

    Posted on

    Next month on Source, we’re running a week of pieces focused on security for journalists and news organizations—our first-ever Security Week.

  13. Two-Factor Authentication for Newsrooms

    By Martin Shelton

    Posted on

    Passwords are the brittle wall that keep unwanted visitors out of your accounts. Breaches can hit anyone, but as frequent targets with sensitive sources, work, and personal information at risk, reporters should take extra care. When it comes to account protection, two-factor authentication is one of the most effective defenses available.

  14. Shields Up: Developing Security Skepticism

    By Martin Shelton

    Posted on

    A little fear can motivate us to take action. But as consumers of security news, even the most well-intentioned reporting can scare us into paralysis—or worse, encourage us to adopt behaviors that promote a false sense of security.

  15. Shields Up: You Are Worthy of a Data Breach

    By Martin Shelton

    Posted on

    You know what’s the biggest security threat to journalists? Modesty.

  16. Opening Secure Channels for Confidential Tips

    By Martin Shelton

    Posted on

    To make it easier for tipsters to share sensitive information, a growing number of news organizations are launching resources for confidential tips. This short guide will describe some basics around how to think about security on behalf of your sources before thinking about tools and practices.

  17. Digital Self-Defense for Journalists: An Introduction

    By Martin Shelton

    Posted on

    Digital self-defense is becoming an important part of the journalistic toolkit. Beyond risks to everyone’s digital lives—webcam hacking, email breaches, identity theft—people who work in newsrooms have even more at stake. Newsrooms are some of the biggest targets in the world for state-sponsored digital attacks, as well as more routine threats. Here’s how to build stronger roadblocks, making it harder for others to access our data without consent.

  18. Security for Journalists, Part Two: Threat Modeling

    By Jonathan Stray

    Posted on

    Jonathan Stray on how to protect yourself, your sources, and your scoop on sensitive stories

  19. Security for Journalists, Part One: The Basics

    By Jonathan Stray

    Posted on

    Jonathan Stray on what every single person in your news org should be doing to secure the newsroom.

  20. What Heartbleed Means for Newsroom Technology

    By Mike Tigas

    Posted on

    If your websites have SSL enabled (when users log in, for example), or if you use VPN software to secure your network, or if you run your own mail servers, your newsroom might be affected by Heartbleed. Here’s what to do next.

Current page