With an annual budget of $100-$200, journalists in Ukraine have a problem with their computing equipment. Each journalist needs a mobile phone and, if they want to work away from the office PC, a laptop. Financial restrictions mean that little attention is given to licensing, security and privacy or quality. Privacy and security risks are huge but some journalists have no perception of this at all. Fortunately it doesn’t take much to improve the level of online literacy with some basic training and organisations like the Deutsche Welle Akademie are able to provide it. I joined DW in Ukraine for two weeks in November to give some training and I learned that the new range of low-cost, lightweight Windows laptops are going to help these journalists a lot, despite Chromebooks being better for privacy and security in some situations.
With the unstable political situation in the east of Ukraine and a media that is still skewed towards state and oligarch control it’s a struggle for independent journalists but these freedom-fighters exist and are absolutely passionate about their cause and are working very hard indeed. The pace of news is high and when there’s a limited amount of human resource there’s limited time for security practices such as two-stage encryption or Windows updates. The aim of our training was to highlight the risks, provide knowledge, answer questions and to provide a set of free tools that help to improve security and privacy.
Over the course of two weeks we trained 20, mostly young, journalists and bloggers that have no choice but to work online. Social media accounts, online sharing and collaboration tools and even mobile networks owned by the very country they are at conflict with form part of their workflow every minute of the day. Personal and work lives cross-over in response to 24/7 breaking news and journalists often expose the locations of their families and friends.
See Stopfake.org – an example of a project that Ukranian journalists, bloggers and social media experts have put together to expose what they believe are lies coming from eastern sources.
We saw large numbers of Windows XP installations, mostly on old netbooks, Torrented from an unknown source with disabled firewalls and no updates. The simple passwords in use can be cracked in seconds using a USB install drive and most journalists aren’t even aware of the risks associated with working over an unencrypted network. They aren’t aware that phone location is logged, that DNS servers can be false, that anyone can set up a WiFi hotspot and call it “press-free” and that default privacy settings on many social networks can leave you exposed.
Windows is the operating system of choice for journalists in Ukraine. It runs all the tools they need (and they use a lot of software packages) and it’s easily available (and ‘free’) either on pre-low-cost notebooks, via downloads or even in shops. Google is also central to their work and they have no problem trusting their data to a U.S. country which is seen as a lower risk than Russian-based services. We saw classic journalists ‘penning’ their articles on Google Documents and collaborating with colleagues before the text was sent for a multimedia work-over in other departments. Google Talk is common and Android phones, especially with dual-SIM costing around 200-Euro off-contract, are necessary. Some use Android tablets in trying to stay productive out of the office. Facebook is taking over from Russian-owned ‘kids social network’ VK, largely because of the revolution that was started just over a year ago by a Facebook post and a distrust of the Russian internet services. Google Plus is used but is not regarded as important as Facebook when it comes to news. Because of the amount of fake news, propaganda and mischievous kids a typical day for a Ukrainian journalist includes a lot of Google-based research. Drive is used for data storage. The only part of the process that Google doesn’t play a part in is the content hosting. For that there are in-house systems, WordPress and Joomla CMS’ These hosted services are constantly under attack from hackers and DDOS traffic though and content can disappear for weeks. Once content has reached the web, keeping it online is one of the most expensive parts of the process.
Low-Cost Chromebooks secure but too simple.
Windows is complex and there’s no doubt that most people don’t really understand what happens when you connect a laptop to a free Wifi hotspot. Words like ‘firewall’ are new to many and even some of the IT-literate journalists don’t understand that the Internet is a bit more than just a URL in a browser. Updates are too time-consuming on slow connections with 4-year old netbooks and backing up a hard drive is something that only geeks do. What’s needed is more simplicity and as I went through the two weeks the Chromebook and low-cost Windows 8 laptop I had with me were being compared. Google docs over a public WiFi? The Chromebook wins. Editing a video segment? Windows. Online research? Chromebook. Document collaboration? Chromebook. Storing and editing photographs? Windows. The Chromebook was the clear winner in online security with no virus, firewall and update worries and the 60-second PowerWash perfect for cross-border activities but when it comes to multimedia – critical for the modern journalist – it’s not even close to being the perfect solution. Chromebooks can’t even be a second-laptop solution because, well, there’s not enough money for a second laptop. Cheap Windows laptops will continue to be the best choice for these journalists and where cost is a big issue laptops like the $200 Acer E11-111, ASUS X205 and HP Stream 11 are perfect because they come with online storage, Secure Boot, and a license that allows those critical updates to flow. They’re able to run Microsoft Office (seen as important by the journalists we spoke to) and are able to manage photo collections and provide offline editing of videos. We discussed ‘richer’ Linux-based systems with the journalists but again there seems to be a resistance to ‘re-learning’ and a perception that the required apps are either not available or incompatible with other systems and processes. For some, Ubuntu is enough though so perhaps there’s space for a journo-focused Linux distro in the Linux world.
Top 5 computing security and privacy tips
After two weeks of training we had talked about everything from HTTPS to TOR and built-up a 5-page list of links, tips and techniques. Not everything was relevant though, often due to complexity so here’s a list of just 5 steps that we felt would really improve security and privacy with the minimum of effort. In a follow-up article I’ll outline a complete blueprint for a secure and private journalist but in the meantime, check to see if you’ve got this list covered.
- A BIOS password stops USB booting by Windows password cracking tools – Booting alternative operating systems via USB on a PC is a quick way to crack Windows passwords and in many cases access most of a users passwords via password saving in Chrome. A BIOS password is simple but very effective way of preventing this.
- Install Windows Updates (disable ‘additional’ updates to save time), Enable Windows Defender, Enable Windows Firewall. – Operating systems all have vulnerabilities and the only way to reduce the number of vulnerabilities is to patch operating systems with security updates.
- For better protection add 3rd-party anti-virus and install CCleaner and SpyBot. Windows Defender anti-virus might be a lot better than having no virus protection but it’s one of the worst A/V solutions for protection. Consider a third party solution (there are some free ones) and install a few ‘cleaner’ programs that run once a week.
- Add the HTTPS Everywhere and Privacy Badger plugin to your browser. (Chrome recommended. Internet Explorer not recommended.) To increase provacy and security always use an encrypted browser connection using HTTPS. The HTTPS Everywhere plugin will help to auto-switch from unencrypted to encrypted connections. Privacy Badger will reduce the number of tracking cookies that are installed on your PC and thus reduce a tracking company building a profile of your internet usage. It may also stop bad scripts from running. A third plugin, Zenmate, will add an encrypted private network tunnel for non-encrypted web connections and will hide your source IP address from web servers.
- Use different passwords on different systems and services. If one of your passwords get hacked it will, within minutes, be used to test for access to other accounts you may own. At least seperate work from personal accounts.
- Additional tip for journalists with smartphones: Remove unwanted programs and use a cheap non-smartphone as a personal phone rather than a dual-SIM phone, especially at home location.