European Federation of Journalists

Digital safety tips for journalists covering the Baku 2015 European Games


The International Federation of Journalists (IFJ) and the European Federation of Journalists (EFJ) have warned that journalists covering the Baku 2015 European Games may be subject to surveillance by the Azeri security services if they trespass the limits and boundaries fixed by their official accreditation to cover other issues than the Baku 2015 European Games. Alan Pearce, a journalist and author specialising in cyber-security and counter-surveillance, provides some top tips and spy-proof measures on how to keep your activities to yourself.  

BEFORE YOU GO

Clear out all your devices, removing personal details and contacts, and replace the SD card in your phone. Store anything sensitive on a spare card or USB drive.

Install open-source anti-spyware and anti-malware on all devices. For Android users, AVG Mobilation is a free app that protects against viruses, malware and spyware. It also identifies unsecure device settings; ensures contacts, bookmarks and text messages are secure; checks media files for malicious software and security threats; guards against phishing; and offers anti-theft protection. Lookout protects iOS and Android devices from unsecure Wi-Fi networks, malicious apps, fraudulent links, etc.

ONCE THERE

As soon as you arrive at the airport, they may want to take your digital devices away for inspection. Generally, you should never let your mobile devices out of your sight and this includes leaving them unattended in hotel rooms. It is very easy to scan the memory or plant malware inside.

With laptops and tablets, place a sticker over any opening parts so you can see if the device has been tampered with. Better still, apply a coating of glitter nail polish and then take a photo of it with your smartphone. The glitter in the polish provides a unique pattern that cannot be replicated and which can later be compared to the photo. Additionally, be sure to thoroughly run an anti-spyware programme on the device as soon as possible after recovery.

As soon as they have your details, they will begin tracking you around the venue. To avoid this, turn off Geotagging and GPS location and switch on Airplane Mode. This will make their job harder. If you are meeting anybody, and would rather they didn’t know, remove the battery from your phone because they can still listen in even when it’s turned off. If you have an iPhone and can’t take the battery out, leave it behind – but not anywhere they can find it.

If they are handing out free sim cards, be sure to bring along an older, non-smart phone and install the card in that. Use this phone to receive updates and calls from the Games’ organisers.

And be careful of the messages you receive on your regular smartphone. Never open attachments or click on links if you are suspicious. To avoid infection via email, disable HTML in your email programme via the Settings tab. Be aware of social media posts and emails with enticing links, many of which are often shortened so you don’t know where you are heading. Short URLs can be enlarged at LongURL.org.

When connecting to the 3G network or Wi-Fi, employ a VPN (Virtual Private Network) to prevent tracking and to mask your activities from eavesdroppers.Hotspot Shield is a good free, option which also allows you to view banned content and access Twitter and Facebook mobile if their services are blocked locally. A popular and fast paid-for option is VrprVPN.

  • Put a security code on your devices in addition to the SIM code and engage the auto-locking feature.
  • Add an HTTPS enforcer to your browser, such as HTTPS Finder orHTTPS Everywhere, to safeguard your browsing.
  • Disable network connections and switch off bridging connections. Do not broadcast the Bluetooth device name and disable automated peer-to-peer Wi-Fi connections.
  • Avoid connecting personal devices to other computers. And be very cautious of free charging points.
  • Watch for unauthorised billing, unusual text messages, rapidly-depleting battery and unexpected warmth of the device.

AT THE MEDIA CENTRE

If accessing the computers at the Media Center, take extra care. A safer way to use these computers is via a USB thumb drive installed with the Tor-Firefox browser that will take you directly onto the Deep Web and mask your activities and communications from anyone listening in.

A dialogue box to the drive will open as soon as the device is slipped into a computer. Select Start Tor Browser and you will leave no helpful trace of your web journey on the machine and no one should be able to track you. If you need to bypass administration restrictions, install FreeOTFE Explorer on the USB drive and you should be able to get into most machines.

USEFUL APPS

Scramble Calls —Silent Phone for Android and iOS provides HD quality securely-encrypted phone/video communication over any network. A free alternative is Jitsi, an open-source encrypted VoIP service for audio/video and chat that works on any operating system.

Secret Messenger — Secret SMS for iOS will encrypt messages between users and hide them. Perzo is a new encrypted messaging system for all devices from the people who brought you Skype. There is also TextSecure for Android.

Secret Image — Secret Video Recorder Pro for Android and iOS allows you to seemingly switch off the smartphone while continuing to film. Secret Camerafor iOS allows you to take photos discretely with no shutter sound, preview or immediate playback, while the Mobile Hidden Camera does the same for Android. ReconBot for Android and iOS is a stealth video recorder that displays a black screen while it records and includes remote view so you can watch the recording live via a web link.

Secret Audio — there is Secret Audio Recording for Android and Spy Recorder for iOS which can also automatically record when you enter certain locations that you set with Google Maps.

Record Calls — Top Secret Call Recorder for Android and Call Log Pro for iOS.

Remove Image Data — if you want to upload images that cannot be traced back, you need to remove or alter the EXIF data which most modern cameras implant in the image to give GPS location and other details. Options for Android include the ExifEraser and ExifRemover for iOS.

Go Deep Web — you can take your smartphone onto the Tor Hidden Network and keep everything off-radar using apps for Android and iOS with access to both Deep and Surface Webs, plus PM and email without being monitored or blocked. Check the Settings and switch off JavaScript to improve security.

If accessing the computers at the Media Center, take extra care. A safer way to use these computers is via a USB thumb drive installed with the Tor-Firefox browser that will take you directly onto the Deep Web and mask your activities and communications from anyone listening in.

A dialogue box to the drive will open as soon as the device is slipped into a computer. Select Start Tor Browser and you will leave no helpful trace of your web journey on the machine and no one should be able to track you. If you need to bypass administration restrictions, install FreeOTFE Explorer on the USB drive and you should be able to get into most machines.

Also install:  

KeePass Portable — portable version of the KeePass Password Safe. Securely carry your email, Internet and other passwords.

Notepad Portable Text Editor — Notepad text editor with support for multiple languages.

VLC Media Player Portable — portable version of the popular VLC player.

IrfanView Portable — graphic viewer for Windows. View pictures, vector graphics, animated images, movies, icon files, etc.

GIMP Portable — Windows image editor.

Sumatra PDF Portable — lightweight PDF viewer.

Eraser Portable — securely delete files and data.

For more information and tips on digital security, read also Cyber security training for journalists: Tips and tricks to keep your communications safe.

(photo credit: TOBIAS SCHWARZ / AFP)

 

ABOUT THE AUTHOR   Alan Pearce is a journalist, broadcaster and the author of “Deep Web for Journalists: Comms, Counter-Surveillance, Search”. He has over 30 years’ experience in journalism. He also teaches cyber-security skills to journalists.  
Note: The views here are those of the author. They are meant to assist journalists covering the Baku 2015 European Games. The IFJ/EFJ holds no responsibility for any ensuing problems as a result of this advice. The author owns the copyright of this article.