This short module opens with a video of a social engineering professional showing off her skills, then moving on to some psychological principles and tactics underlying social engineering approaches. Next, it includes a brief activity asking students to a consider how a social engineer might get their credit card number. …
This module opens with an introduction to common attacks on online accounts, and the need for two-factor authentication. It then moves on to a few activities having students investigate the security of their own passwords, and where they might set up two-factor authentication for their primary email provider. It closes …
This module opens by walking through examples of targeted harassment, followed by a self-doxxing activity, an activity to opt-out of a data broker service, and discussion time. Because some students may have personal experience with harassment and doxxing on the web, if this class environment feels safe enough to do …
Threat modeling is foundational to thinking through security broadly, and we therefore introduce it before several other more technical topics. We first encourage the use of physical metaphors (e.g., choosing how and where to lock a bicycle) before introducing digital applications to help beginners understand how they may already create …
This module begins with a walkthrough of a few examples of legal requests that have affected news organizations' communications, with emphasis on the underlying authorities and how they might apply more broadly. In the latter half of the lecture, instructors may ask students to investigate a transparency report for a …
This section is intended to quickly introduce chat safety considerations through some examples of tip channels currently supported by newsrooms, followed by discussion time, and finally, hands-on installation of the Signal app. Students may need time to troubleshoot, so we encourage pairing students, and being prepared to help students if …
This module briefly opens with an introduction to the lack of end-to-end encryption in standard cloud and backup services, and closes with an activity to send the instructor a password-protected file over Tresorit Send, an end-to-end encrypted service.Note the Keybase homework assignment will require instructors to sign up for …
Because the behavior of telecommunications networks and the internet is so foundational to realistic threat modeling, this section should be used before any subsequent discussion of chat tools designed to protect network-level communication like Signal, or tools that encrypt and tunnel traffic, such as VPNs, or Tor. This section opens …
This module should be short, introducing the problem with a video, and open a discussion with students about full disk encryption and strong password protection.PrerequisitesThreat modelingEstimated time20 minutesObjectivesUpon successful completion of this lesson, students will be able to analyze the risks associated with device …
This short module opens with an introduction to the problem space (password reuse), followed by introducing password managers, and optionally having students install one and sign up for an email with a randomized password.PrerequisitesThreat modeling(Good to know) Authentication - Part 1Estimated time20-25 minutes (35-40 minutes …
Join Freedom of the Press Foundation and Center for Investigative Journalism for a free eight week digital security course.
Also available in Spanish.
At the close of 2019 in Wuhan, China, local doctor Li Wenliang began to notice an uptick in patients experiencing flu-like symptoms, many reportedly feeling ill after visiting the Huanan seafood market. Concerned about the possibility of a SARS-like outbreak, he shared his observations with his medical school alumni group …
Freedom of the Press Foundation recently released a report detailing a record number of arrests throughout 2020 based on comprehensive data gathered by the U.S. Press Freedom Tracker, a project in collaboration with the Committee to Protect Journalists.Harlo Holmes, Olivia Martin, David Huerta, and Martin …
The environment in the U.S. surrounding digital security threats to journalists is evolving. What should journalists do to better protect themselves, sources, and colleagues from escalating digital security threats?
While there is now little evidence of U.S. election malfeasance, there's still so much more we can do.
How journalists can safely make the most of their confidential tip pages.
Learn about the security, privacy, and anti-abuse measures of the BigBlueButton video chat platform.
BitLocker To Go is part of the larger BitLocker suite of encryption tools available in Windows 11 Pro, Enterprise, and Education. Unfortunately, it is not available on Windows 11 Home edition, which is the version most Windows computers ship with. However, it is possible to pay for an upgrade to a version that does support it, like Windows 11 Pro. Although BitLocker itself can be used to encrypt your computer’s entire hard drive, you can also use the BitLocker To Go feature to encrypt separate external drives with a strong passphrase, which we’ll cover in this guide.
It's time to rethink your privacy on Slack.
Freedom of the Press Foundation's Digital Security Training intern speaks to the experience of deploying Signal in his student newsroom.
Learn about how to tighten your home Wi-Fi router's security settings.
Learn about the security, privacy, and anti-abuse measures of the Microsoft Teams video chat platform.
Learn about the security, privacy, and anti-abuse measures of the Slack video chat platform.
Learn how to blur faces in photos with Signal, the encrypted messaging app.
Join our email list to stay up to date on the issues and learn how you can help protect journalists and sources everywhere.
