Aumenta la seguridad de tu WhatsApp
También disponible en inglés.
Signal, the secure messaging app: A guide for beginners
Also available in Spanish.
How journalists can work from home securely
Both the newsroom and individual journalists must make some changes to work from home securely.
Choosing a password manager
Also available in Spanish.
Passkeys: Passwordless logins for beginners
One of the most common ways people get hacked is through phishing — when an attacker impersonates a trusted website to trick you into entering your credentials. But what if you never had to type in a password? Passwordless logins — known as passkeys — reduce your risk by enabling …
From Tik to Tok: Security considerations for newsrooms using TikTok
By the end of 2021, TikTok reached one billion monthly users, becoming one of the most popular social media platforms globally. In the United States, the platform was one of the few that significantly increased its share of users who said they regularly use the platform to get their …
How technology is changing the harassment of journalists — and what newsrooms can do about it
A study of mob censorship of journalists, and how media organizations and platforms are responding.
Taking care with source security when reporting on abortion
What journalists can do to better manage digital security for sources when reporting on abortion.
To protect your sources, protect your address book
Source protection is a paramount concern for journalists in every beat. Platforms like SecureDrop and apps like Signal allow you the ability to securely and privately speak with whistleblowers to break important stories. Beyond protecting the confidentiality of these conversations, however, is the concern for the metadata, or data about data, that identifies who you’ve been talking to.
So you want a second Signal account
If you use Signal, the secure messaging app, you may have thought about getting a second account. The good news is you don’t need another phone plan to use a second Signal account, and you may be able to set it up on a range of devices.We’ll walk …
How secure are journalists’ favorite transcription tools?
Journalistic work often depends on transcription services for creating written logs of recorded audio to assist in research, caption videos, and publish interviews. But uploading audio to a transcription service means giving a copy of that — sometimes sensitive — recording over to a company
Filmmakers, take action: A new digital security resource and free digital security clinic
Today, we're launching an interactive digital security platform and free clinic for filmmakers.
What journalists should know about detecting and mitigating Pegasus spyware
At Freedom of the Press Foundation, we assist journalists on their digital security habits to help them work more safely and sustainably. So we take it a little personally when private spyware companies are actively making journalists less safe by selling their services to repressive governments. We are now learning …
Journalism’s treacherous relationship with email
In journalistic work, email introduces needless risk. But it's also tough to avoid. We must think through when and how to switch to different channels.
New research: Why don’t more J-schools teach digital security?
How do most U.S. journalism schools instruct on digital security? Our research suggests there's a long way to go.
Keybase for beginners
When working together online, chat tools like Slack are useful, but allow the service provider to read your messages. Keybase simplifies the process of sharing files and having conversations securely.Keybase is end-to-end encrypted, meaning that only you and your conversational partners can read the messages and files you …
README: Overview and getting started
We're thrilled that you are reading this, because it means you're taking a step toward equipping your students to protect themselves and the people around them, while they work on the web. We put together this README to let you know what's in the curriculum, how it all fits together, …
Module: File safety
This module begins with a short discussion about information hidden in files, and the potential risks tied to file metadata. It follows with a short exercise to have students find the file metadata embedded in a photo, followed by discussion of risk minimization.PrerequisitesThreat modeling(Good to know) Malware …
Module: Law enforcement surveillance tech
This section on surveillance tools used by law enforcement is discussion focused, and intends to get students to think critically about the relationship between surveillance, privacy, and transparency. It begins with lecture canvassing a variety of law enforcement surveillance technology, based on research from from the Electronic Frontier Foundation. Afterward, …
Module: Threat modeling
Threat modeling is foundational to thinking through security broadly, and we therefore introduce it before several other more technical topics. We first encourage the use of physical metaphors (e.g., choosing how and where to lock a bicycle) before introducing digital applications to help beginners understand how they may already create …
Module: Device protection
This module should be short, introducing the problem with a video, and open a discussion with students about full disk encryption and strong password protection.PrerequisitesThreat modelingEstimated time20 minutesObjectivesUpon successful completion of this lesson, students will be able to analyze the risks associated with device …
Module: Digital security 101
This module will not provide an exhaustive look at this topic, but will instead provide the starting point for students to know how to investigate their digital security questions as needed.This lecture and activities will briefly introduce several foundational topics on digital security, including the basics of threat modeling, …
Module: Targeted harassment and doxxing
This module opens by walking through examples of targeted harassment, followed by a self-doxxing activity, an activity to opt-out of a data broker service, and discussion time. Because some students may have personal experience with harassment and doxxing on the web, if this class environment feels safe enough to do …
Module: Internet and telecommunication security
Because the behavior of telecommunications networks and the internet is so foundational to realistic threat modeling, this section should be used before any subsequent discussion of chat tools designed to protect network-level communication like Signal, or tools that encrypt and tunnel traffic, such as VPNs, or Tor. This section opens …
Module: Authentication (Part 2)
This short module opens with an introduction to the problem space (password reuse), followed by introducing password managers, and optionally having students install one and sign up for an email with a randomized password.PrerequisitesThreat modeling(Good to know) Authentication - Part 1Estimated time20-25 minutes (35-40 minutes …
