Hello again!
It’s Martin, deputy director of digital security at Freedom of the Press Foundation (FPF), with our regular update on the U.S. Journalism School Digital Security Curriculum.
What a decade this past month has been. Before we jump into our updates, here’s some good news: Feb. 27 is Student Press Freedom Day. Here at FPF, our U.S. Press Freedom Tracker team documents violations of journalists’ rights, including student journalists. In 2024 alone, the Tracker documented more than 20 press freedom aggressions upon student journalists. Nearly all were connected to coverage of pro-Palestinian student protests. The data are freely available here. Might be good fodder for a class project!
J-school security curriculum update
- We’ve redesigned our website! It looks slick, so please do check it out. Unfortunately, this update also broke some links on our J-school curriculum that did not redirect correctly, namely links to prerequisites for each module. We’ve updated each module to address this issue. Link rot is real, so help us to keep materials up to date by reaching out if any of our links break.
Highlights from digital security in the news
- The Chinese startup DeepSeek made the news in January for less expensive, yet potent AI models that rival that of OpenAI, the developer of ChatGPT. With the newfound scrutiny, researchers at security firm Wiz found an unsecured database containing “a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” Read more: https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak
- While most courts have moved in the opposite direction, the U.S. Court of Appeals for the District of Columbia Circuit recently ruled that when law enforcement compels someone to unlock their device with their fingerprint, it is a violation of the U.S. Constitution. We will be watching how this ruling is implemented and how it may be applied elsewhere. Read more: https://www.techdirt.com/2025/01/24/dc-appeals-court-compelling-fingerprint-production-to-unlock-phones-violates-fifth-amendment/
Suggested modules: Device protection, Law enforcement surveillance tech - WhatsApp reports disrupting a spyware attack targeting roughly 90 users, including members of civil society and journalists. The attacks relied on malicious PDFs sent through group chats. WhatsApp says it has pushed a security update to address this particular attack. Read more:https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/
Suggested modules: Chat safety, Malware
What we’re reading
- When lawmakers threatened to have TikTok removed from major U.S. app stores, users began downloading a variety of alternative Chinese social apps, including Xiaohongshu, also known as RedNote. We’re reading a report from The Citizen Lab detailing some of the security issues in RedNote, for example, unencrypted connections that would allow network-level surveillance of users’ activities. If you want to nerd out, give it a read.
As always, let me and our team know how you’re using the curriculum, what’s useful, and how it can be improved! Feel free to respond to this email or [email protected].
Thanks so much,
Martin
--
Martin Shelton
Deputy Director of Digital Security
Freedom of the Press Foundation
