By Yue Yu
Kevin Collier from BuzzFeed News, Neena Kapur from the New York Times and Margot Williams from The Intercept shared experiences and tips at the CAR Conference on constructing a secure workstation while pursuing sensitive leads.
Collier talked briefly about the history of hackers working with journalists to produce big stories and getting jailed in the end. Although it doesn't completely wipe out the existence of hackers, Collier said, it creates a chilling effect on them.
Skepticism is necessary when working with hackers, Collier said. He shared his experience reaching out to a hacker named “Guccifer 2.0” who claimed he had sensitive information from the Democratic National Committee. Guccifer 2.0 was later identified as a persona created by Russian intelligence.
Treat hackers the same way you treat every source, Collier said, and ask them for technical details about how exactly they got the information they are sharing with you. Even if you don’t speak the language of data, getting help from a media-friendly expert would be helpful, he said.
Kapur, an information security analyst for the New York Times, offered tips for reporters to set up secure workstations and protect personal data.
A security breach is serious because it could compromise devices, personal data and source identity, and could create misunderstanding for government agencies, Kapur said. One way to reduce the risk is to use a separate device for research, she said. Using MiFi at a coffee shop, using gift cards for purchases and using encrypted USBs are all ways to minimize the risk of being hacked.
Setting up separate and inconspicuous accounts with a complex password can also help, Kapur said. Burner phones, VPNs and browsers that generate random IP addresses and allow anonymous login also increase the security of a work environment.
Williams elaborated on safe searching and using secure browsers. The tools she has used on her research computer include:
Yue Yu is a journalism student at the University of Missouri.