Tag Archives: leak

Cracking the code: Workshop gives journalists a crash course in encryption

  • TestBed's Aaron Rinehart lectures to seminar attendees prior to the hands-on portion of the day on April 3, 2015. (Jennifer-Leigh Oprihory/MEDILL NSJI)

WASHINGTON — The minds behind TestBed, Inc., a Virginia-based IT consulting firm specializing in IT planning, analytics, testing, prototyping and business advice for the public and private sectors, gave journalists a crash course in digital safety and encryption techniques at an April 3 seminar in Washington.

The daylong event, “Cyber Security Skill Workshop for Journalists: Sending Secure Email,” was co-sponsored by the Medill National Security Journalism Initiative and the Military Reporters & Editors Association, and held in the Medill Washington newsroom.

The seminar began with an introductory lecture on cybersecurity basics and common misconceptions about online privacy and security. Security-related superstitions, such as the idea that browsing in so-called “incognito” or “invisible” modes will keep your digital whereabouts truly hidden, were promptly dispelled.

TestBed’s Aaron Rinehart and David Reese then transformed the event into a hands-on lesson in PGP – an acronym for “Pretty Good Privacy” – as well as understanding other aspects of digital fingerprints (including how to create a public key, how to register it in the Massachusetts Institute of Technology’s PGP directory so that you are more widely contactable by those in the encryption know and how to revoke (or deactivate) a key for security reasons.

The program also included a brief introduction to the Tor network, a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. Tor, originally developed by the U.S. Navy, hides the route taken from a computer’s IP address to its eventual browsing destination.

Learn how Tor works via Medill reporter William Hicks’ helpful primer and infographic here.

When asked for the top three lessons he hoped attendees would take away from the event, Rinehart emphasized the importance of “good key management,” or not sharing your private PGP key with anyone, operating “under good security practices”(such as updating software and antivirus programs) and making email encryption a regular habit.

“Don’t compromise convenience for security,” Rinehart said in a post-workshop interview. “Try to make this something you can use everyday.”

The event drew a mix of reporters, security experts and students, which included military veterans and defense journalists.

Northwestern University in Qatar journalism student James Zachary Hollo attended the event to research encryption resources available for foreign correspondents and to report on the workshop for the Ground Truth Project in Boston, where he is currently completing his Junior Residency.

Hollo said the seminar gave him a better understanding of how to use PGP.

“I had sort of experimented with it before I came here, but this gave me a much better and deeper understanding of it, and I got to sort of refine my ability to use it more,” he said.

Hollo said he was surprised that many attendees came from military service or military reporting backgrounds, since, in his view, “one of the blowbacks against the NSA story [involving whistleblower Edward Snowden] was that it’s like reporting is like betraying your country.”

 

Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Whistleblowing in the FBI: problems lie deeper than confusing legal boundaries

WASHINGTON — Former FBI agent Michael German thought the agency had the information it needed to see the 9/11 terrorist attacks coming. In the aftermath of the attack, German reported a cover-up of a failed counterterrorism investigation that infringed upon people’s civil liberties in unprecedented ways.

Yet when German raised these concerns, the Department of Justice inspector general failed to investigate, he said. He also said the IG Office failed to protect him from official retaliation within the FBI, including possible surveillance, resulting in the 16-year veteran resigning in 2004.

“I tried to challenge the system from within, but they don’t like that,” German said in an interview with the American Civil Liberties Union. “They made it very uncomfortable so I finally realized it was time to work on the outside.”

German’s case became one of the most visible examples of the challenges facing whistleblowers in the intelligence community. In addition to a legal framework that makes it incredibly difficult for whistleblowers to come forward, a more subtle influence lurks beneath the surface: a culture that views whistleblowers as traitors, not reformers.

A new report by the Government Accountability Office released last Thursday found that, despite recent efforts to extend whistleblower protections to FBI employees, they remain exposed to retaliation for reporting wrongdoing.

Under the Whistleblower Protection Act of 1989, federal employees are generally protected from retaliation for reporting wrongdoing, entitling them to pursue legal recourse should they face retribution. However, FBI employees were excluded from these protections, and in 1998 the Department of Justice established separate guidelines that were meant to protect whistleblowers within the agency.

Yet the guidelines permitting FBI agents to disclose wrongdoing are unclear, according to the GAO report. For example, FBI employees must report wrongdoing only to a handful of designated officials. As a result, more than half of the 62 cases reviewed by the GAO were dismissed without review.

According Steven L. Katz, formerly counsel to the Senate Committee on Governmental Affairs and an expert on federal whistleblowing law, those in the FBI face much deeper issues than simply unclear legal guidelines. Instead, intelligence agents are a part of a culture that targets whistleblowers and punishes their behavior.

“When someone raises concerns, do you throw them overboard, or do you sit down with them and thank them?” he said. “The FBI throws them overboard.”

Katz argued that the GAO report fails to reflect the human aspect of the FBI in making it difficult for whistleblowers to come forward, focusing instead solely on the regulations that govern whistleblowing activities.

“The agencies are full of people, not just processes,” Katz said. “It’s the people who screw up because the laws look perfect on the books.”

According to Katz, other government agencies have faced similar problems with whistleblower culture. Last year, a series of attempted break-ins at the White House prompted Secret Service Director Julia Pierson to resign. A report released after the incident found that the Secret Service was “too insular,” ignoring the warning signs made plain by the attacks.

“In the agencies where you have a law enforcement culture, where power is might, people tend to transfer that culture of enforcement that’s outward facing inwards,” he said.

In 2012, President Barack Obama released Presidential Policy Directive 19, which established whistleblowing protection for those in the intelligence community. Elements of the directive were codified under the Intelligence Authorization Act for FY2014, but the guidelines of the directive aren’t permanent and can be easily reversed by a different president.

The result adds up to a climate that, while improving in some key ways, remains hostile to the act of whistleblowing. In an organization that possesses some of the nation’s most important classified information, the threat to the success of the FBI is intimately tied to the future of the country itself, as the 9/11 attacks demonstrated.

“You want the FBI to be effective, and so to help them be more effective you’d expect them to have better protection against retaliation from reporting problems,” said David Maurer, director for GAO’s homeland security and justice department. “It’s ironic that they have less whistleblower protection than the rest of the government.”

Tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , ,