How to get started using the U.S. journalism school security curriculum, a community project of Freedom of the Press Foundation.

Topics covered in this module: An introduction to threat modeling, authentication safety, device safety with full-disk encryption and password practices, safer browsing, and communication security.

Topics covered by this module: Why digital security is relevant to contemporary newsrooms, and what topics are covered broadly during the course. (Note that you will not use this module if you are not conducting an extended course on this topic.)

Topics covered in this module: An introduction to the concept of analyzing risk, and selecting an appropriate defensive strategy in response.

Topics covered in this module: Harassment tactics (e.g., calling SWAT teams to victims' homes; digital attacks on accounts), doxxing approaches (e.g., gathering publicly-available information), information gathering tools (e.g., data brokers), and data removal services (e.g., Abine DeleteMe).

Topics covered in this module: What data about peoples' activities is visible on the web and phone networks, who gets access, and under what circumstances.

Topics covered in this module: Types of user data available to U.S. law enforcement through legal requests to technology firms, the thresholds of evidence required for such requests to be considered valid in courts, and techniques for investigating the legal vulnerability of communication and file storage services.

Topics covered in this module: An introduction to security properties of communication channels (e.g., metadata versus encryption of content), and how they apply to several tools commonly used by U.S. newsrooms (e.g., Signal, WhatsApp, emails, PGP emails, SecureDrop).

Topics covered in this module: Legal and privacy considerations in cloud services, and tools for minimizing risk (e.g., Tresorit).

Topics covered in this module: An introduction to IP addresses, Virtual Private Networks, the Tor network, Tor hidden services, and cell phone location.

Topics covered in this module: An introduction to phishing attacks and password stuffing, as well as two-factor authentication tools and resources to aid in their use.

Topics covered in this module: Why password reuse is a threat, and how to use a password manager.

Topics covered in this module: Techniques for extracting information, underlying psychological principles, popular underlying software, and defensive tactics.

Topics covered in this module: Common techniques and channels for distributing malware (e.g., through malicious attachments), common functions (e.g., surveillance; monetary gain), and mitigation techniques (e.g., opening in rendering tools, as opposed to executing files).

Topics covered in this module: Information observers can extract from files (e.g., file metadata revealing content in a file), as well as risk minimization techniques, such as metadata removal.

Topics covered in this module: Full disk encryption, strong password protection.

Topics covered in this module: Technology used by law enforcement agencies for gathering information through photos (e.g., license plate readers, facial recognition), videos (e.g., "smart" street lights, body-worn cameras, Amazon Ring), audio (e.g., gunshot detectors) phone networks (e.g., via cell-site simulators), and analytics tools (e.g. predictive policing, video analytics software).

Topics covered in this module: Known U.S. intelligence surveillance capabilities (e.g., bulk copying of web traffic, monitoring of call records), abuses of power, and circumstances under which data may be gathered for foreign intelligence surveillance.

Topics covered in this module: How to conduct an analysis of the likelihood of an investigation, and risk minimization. The module also introduces data practices that may compromise source confidentiality based on previous public investigations; in particular, communication from work and inappropriate channels, workplace network and file-based logging, and other forensic techniques (e.g., analyzing printer dots and details in photos).