Event: Digital Security Training of Trainers (Aug. 30, 2022)
Description: This 90-minute webinar builds off the foundational concepts in FPF’s Digital Security 101 training. "Becoming a Champion of Digital Security" will better prepare viewers to champion digital security in their own communities.
You may be the most technologically-savvy person in your family, an outspoken advocate for better security at your workplace, or always informing your friends of the latest hacker news — this training will discuss ways to take that expertise and passion to the next level.
This discussion provides a deeper dive into threat modeling using personas and case studies to understand different actors and motivations. It will also examine the five concepts every trainer must know:
- Encryption works
- Credentials/account security
- Social media privacy
- Mobile basics of app permissions and full disk encryption
- Understanding cloud concerns
See below for a comprehensive follow-up which includes questions to answer, dynamics to consider, and tons of links and resources.
Risk assessment: Questions to ask yourself
- Assets: What do I have to protect?
- Adversary: From whom?
- Resources: What resources does my adversary have?
- Likelihood: What is the likelihood my adversary will target me?
- Your resources: How far will I go to protect my assets?
Risk assessment: Thinking about your assets in tiers
- What’s important to me personally?
- What’s important to my team at work?
- What’s safe to bring when traveling?
- What would present a great loss if I lost it forever?
Account security: Password managers and 2FA
Account security checklist
- Use complex, long, and unique passwords on every account
- Use a password manager to create and store your unique passwords
- Recommendations: 1Password, Bitwarden
- Enable two-factor authentication on all your accounts
- Recommendations: Google Authenticator, Authy
- Store your 2FA recovery codes in your password manager entry
- Check and see if your accounts have been part of a data breach
- Change any compromised or reused logins using your password manager
Password managers:
“1Password for beginners,” Martin Shelton
Two-factor authentication:
Get started with 2FA —
“Two-factor authentication for beginners,” Martin Shelton
Social media ideal settings:
“Social Media Privacy and Security Checklists,” Kristin Kozinski and Neena Kapur (via New York Times Open)
Network privacy, risky research
- Browser security: Ideal settings, extensions, HTTPS Everywhere
- Privacy Badger
- uBlock origin
- VPNs: “An in-depth guide to choosing a VPN,” David Huerta
Mobile security and privacy
- Mobile: General “Your smartphone and you: A handbook to modern mobile maintenance,” Martin Shelton
- Messenger apps for text-based messages and Voice call platforms: “Locking down Signal,” Martin Shelton
- “Phishing prevention and email hygiene,” Harlo Holmes
- “Phishing in the time of COVID-19,” Daly Barnett & Soraya Okuda, EFF
Find the tools we discussed:
- 1Password: https://1password.com/
- Bitwarden: https://bitwarden.com
- Signal: https://signal.org/
- Tor Browser: https://www.torproject.org/
- Keybase: https://keybase.io/
- Wire: https://wire.com/en/
- Protonmail: https://protonmail.com/
- Mailvelope: https://www.mailvelope.com/en
- Jitsi Meet: https://meet.jit.si/
- Tresorit: https://tresorit.com/
Disclaimer: These resources should not be assumed to be evergreen; they may require updates over time.
Event: Digital Security 101 Training (June 30, 2022)
Description: This 90-minute training will provide the starting point for you to know how to investigate your digital security questions as needed. It will introduce foundational topics on digital security, including the basics of:
- threat modeling
- online account protections
- device safety with full-disk encryption and password practices
- safer browsing
- communication security
This training mentioned several links, tools, and services that can help harden your privacy and information online.
Explore the J-School Curriculum module.
Resources for follow-up:
Learn to randomize passwords
Check for two-factor authentication
- VPNs: Wirecutter's Best VPN List
- More VPNs: An In-Depth Guide to Choosing a VPN
- Adblockers: uBlock Origin and Ghostery
- Upgrade those connections with HTTPS Everywhere
- Our guide to locking down Signal
- Our training resources page, for all of this and more
Event: Daniel Ellsberg speaks with Trevor Timm on World Press Freedom Day (May 3, 2022)
Description: Daniel Ellsberg spoke with Freedom of the Press Foundation (FPF) on leaks, government secrecy, and press freedom on World Press Freedom Day. In light of the U.S. Supreme Court draft opinion leak, Ellsberg discusses the possible reactions of the state and ramifications for power with this historic event. The hour-long conversation with FPF’s Trevor Timm discusses the Pentagon Papers, Julian Assange, U.S. nuclear policy, Edward Snowden, and the long history of government secret-keeping and lying.
About the panelists: Daniel Ellsberg co-founded FPF. He is best known as the whistleblower who gave the Pentagon Papers to The New York Times in 1971. Ellsberg passed away on June 16, 2023.
Trevor Timm is a co-founder and the executive director of FPF. He is a journalist, activist, and legal analyst. Read more about our co-founders and the rest of FPF here.
If you have any questions about these webinars or FPF’s work in general, please email us at [email protected]. Learn all the ways to support FPF at https://freedom.press/donate/.