/299$31c3-talk-6154

Hallo Du!
Bevor du loslegst den Talk zu transkribieren, sieh dir bitte noch einmal unseren Style Guide an: https://wiki.c3subtitles.de/de:styleguide. Solltest du Fragen haben, dann kannst du uns gerne direkt fragen oder unter https://webirc.hackint.org/#irc://hackint.org/#subtitles oder https://rocket.events.ccc.de/channel/subtitles erreichen.
Bitte vergiss nicht deinen Fortschritt im Fortschrittsbalken auf der Seite des Talks einzutragen.
Vielen Dank für dein Engagement!

Hey you!
Prior to transcribing, please look at your style guide: https://wiki.c3subtitles.de/en:styleguide. If you have some questions you can either ask us personally or write us at https://webirc.hackint.org/#irc://hackint.org/#subtitles or https://rocket.events.ccc.de/channel/subtitles .
Please don't forget to mark your progress in the progress bar at the talk's website.
Thank you very much for your commitment!

======================================================================

Thank you for the introduction. This is embarrassing. I need to fix my screen. OK. OK, that fixed, yes, OK. Computer scientists are excellent technology. OK, so this is a panel with so I am the least renowned person on the stage. So I'm going to introduce our lovely panelists and then I'll explain what we're doing here. So to my right is Julia Angwin, who is an awesome investigative journalist at ProPublica, which is a nonprofit investigative journalism organization. She has written a book about surveillance called Dragnet Nation. She used to be at the Wall Street Journal where she led a privacy investigative team. So she is awesome and super great to. Next, we have Jack Gillum, who is an investigative reporter at the AP, the Associated Press, and he focuses on technology and surveillance and government accountability. He spent the last year uncovering a U.S. government plan to overthrow Cuba using fake social media. So you may have heard about this story and to. And I think our last panelist needs no introduction here, but I'll do so anyway. Laura Poitras is a documentary filmmaker, a Pulitzer Prize winner, a Polk Award winner, an Oscar nominee for citizen for the film that we'll be showing right after this. And my role here, as it was explained, I live in the ivory tower and I pontificate about cryptography, so that would be my role here is to be the ivory tower cryptographer. So the genesis of this panel was I for some reason was at a bar a few months ago with Julia and we sort of introduced ourselves and she's like, I hate cryptographers. And I was like, why we're so harmless? And I mean, her explanation is basically that every time she talks to a cryptographer, they sound like this some long winded story about Alice and Bob that has no relationship to reality. And so and she started telling stories and I thought these stories were amazing. And also they sort of changed my idea of how sort of cryptography related to how journalists actually practice. So we decid
ed to organize something where we could have a conversation with the community about how cryptography and journalism interact. And this is sort of if you can think of this as Kiwa testing for you guys, that you have a bunch of sort of Kiwa testers who have done some things and they have some feedback for you. And maybe we can have a conversation. You can suggest some ideas for what they could be doing to secure themselves better, and they can give you some ideas of problems that they have that are not being solved. So that said, OK, let's let's do this. All right. So if you are thinking about journalists from the perspective of a, say, cryptography practitioner or like a security professional, you think, OK, what what is the task that a journalist is trying to accomplish? They need to communicate confidentially with their sources confidentially, meaning like some eavesdropper can't view the conversation that they're having. All right. Step number one. And Bob, install some crypto software. And I think the thing that we're trying to get at here is that, you know, Laura and Glenn had really an amazing source and Edward Snowden, I mean, just hang in the moon goldmine of a source, really great documents really uncovered a lot of government, you know, malfeasance. But maybe this is boring sounding and covering the federal bureaucracy that is Washington. But most of the time, it's a guy named Bob who's like five years away from retirement and just can't fucking take it anymore. And he wants to find a way to get you a document like, you know, a two page PDF that he barely knows how to print on the local printer, that he needs help from an assistant photocopying. And it's that sort of, you know, OPSEC involved there, because if he keeps putting out these documents, he's the same Bob who logs in from his work computer and goes, you hear that? You've got mail because he still uses AOL 15 years later. Like, those are the people that we deal with on a regular basis. And and it'
s the little breadcrumbs that they they want to impart to you. And so when you I guess we're going to start getting at is it when you then sit down and go, OK, so you're going to need to install GPG tools of using Windows Cleopatra, you're going to need to do or revocation like the minute they heard install revocation key, they're like, no, we're done. I mean, and that's and that's happened before. And then they take the easy way out. And that can lead to trouble, I think. Unfortunately, unfortunately, the easy way out is that they are unsafe, right, and so they so one of the challenges for journalists is that we are trying to keep our sources from making mistakes that will then hurt them and also hurt us, but more them often. And so, you know, all the time people send me things from their Gmail account at work on their work computer, thinking somehow that was some secret transmission and that their bosses will never find out. And and it's just unfortunate. So the thing is, what we're what we want to talk about is sort of how the bar is so much lower than you guys can maybe understand in terms of like what we're dealing with. And Edward Snowden obviously was like this perfect source who came fully encrypted and have yet to meet a source like that. I'm waiting. So one of the things I remember hearing about is that often sources don't even realize that their sources. Right. So this is this is one of the things this first date problem that Nadia and I were talking about at the bar was that, you know, you meet somebody in the course of your reporting and you're like, hey, let's get a drink. And maybe you even met them through writing something very innocuous. And then you're at a bar and you're like, so like, what do you think about setting up an encrypted channel? And they're like, what? And it's a little bit like asking for sex on the first date. You know, it's a little too much too soon. So I was telling Nadia this and that I think was probably the genesis for this p
anel was that line. So and I've done this right. And I've tried to convince people and they're like, this is I don't even actually know what you're talking about. Sometimes it's successful. You never know. But but a lot of times it's it's really a psychological problem. This person is thinking like they might help you because they want to make sure the story is correct or they just sort of want to provide you one fact, but they don't want to be thought of in their own mind as a source. I mean, I'd like to just say a couple of things, sort of from the journalist perspective or sort of our kind of progression of actually how we learn these tools. And so I went through a period where so I made a film in Iraq and then I was put on a watch list. So I knew that I had to sort of be careful, but I didn't really know what that meant. And so the film that I made after that, I made in Yemen and it was in Yemen and in Guantanamo, and I knew that, like, digital communication was not safe. So I was like sort of danger zone. And but I didn't know quite actually how to to to respond to that or how to sort of work around that. And and I was trying to get access at that point. I was trying to get access to a film crew, to Guantanamo and to film. And I had gone through the official channels. I won't try the front door and I just never got anywhere. I just sort of like delay, delay, delay. And then my name was on all the requests and that wasn't going anywhere. And then I was like, all right, I need to try the side door, you know, like, how can I get to Guantanamo through the side door, which was, you know, created like this sort of, you know, efforts to kind of like sever metadata, like have the person like I hired somebody to sort of be the person who sent in the letters and they called from their cell phone and not never from my office and did these kind of things to kind of, you know, not have a direct connection between me and these requests that were going in. And for for that wh
ole film, I really kind of almost resorted to like an analog way of working. Like, I I was sending grant applications, but I would never send any over email. I was like, everyone got a hard copy and these kinds of things. And it wasn't actually until, um, working on the film that I'm going to show later that I actually learned some tools and it wasn't that easy to actually find out what were the correct tools, because like, you know, you do a search and like a lot of things come back in terms of what is recommended. So it actually took quite a long time where I was working kind of in the dark, not knowing what tools I could trust to have anonymity and and security and to do the work that that I was doing. And then, you know, luckily I had some very good teachers. So what does work or does it say to you, is there anything that does work? Anything that doesn't work does does. It does work. I how do you mean? Like I mean, Jake, Jake Appelbaum and I are doing a talk tomorrow and we'll talk about some things in terms of Bitburg, so. So there's one last problem that I remember discussing about the difficulties of installing crypto software, which is that if you were at a bar, imagine you're at a bar and you pull out your phones, you're installing a software. All right, so one time I did manage to get someone convinced to do this on the first day at a bar, and I thought that an encrypted messaging app would probably be the easiest thing. A cell phone app. This is it was silent text at the time. And so I sat down with my source and I was like, this is going to be so much fun, which is this just like fun, you know, be like a fun way to communicate. And so so, you know, it's one of those things where sort of it takes a long time to download and then do a lot of verification, actually, that you have to do. So there was a verification key that like we had to exchange with each other and for some unknown reason, we just took an hour to do this. And by the end of it, we were both
sort of like covered in sweat and exhaustion and like it was a little like sex on the first date. And we were and, you know, the thing is that silent circle we were using it, it was really the early days and had just come out because it wasn't that much krypto that I felt like I couldn't ask this person to try to use GPG. So so we had these calls that it was like the 70s, you know, were like I would talk and then they'd be like a five second delay. And then she would reply and I realized that it was too painful. And we both kind of gave up using it after several months. And so but we gave it a really good try. And but it's just sitting at a bar trying to do this when you've had two glasses of wine and we probably weren't at our best for these tools. OK, so once Alice and Bob have successfully installed some crypto software, the next thing they do is exchange keys. This is one of the great things in the greatest developments in cryptography ever. Public key cryptography exchange keys. It solves the key management problem. And unfortunately, the reality of the key management problem today even still looks like this. So so my family, including a relatively named Nameless, likes to use, you know, the different search engines out there that are installed on a browser like Bing Jack, if you have you Bing this day. And I have no idea what she's saying. And these are the people who we are dealing with in Washington who have this rudimentary understanding and have their kids fix her iPhone or, you know, even younger people don't really understand this. So when you say the words open up terminal or open up the command line in windows, again, like we were saying earlier, I mean, that's when they sort of freeze. And part of this is and maybe maybe something that isn't correct me if I'm wrong, but in windows, you know, which I have to use for my work, Cleopatra, you can't, out of the gooey create a revocation key. So at least that I haven't been able to find. And so and that's
obviously a very critical part. If your laptop gets stolen or compromised or whatever, you need that revocation key and just even explain it. It's a very smart, you know, almost tech savvy coworkers are like, well, wait, what it needs to hyphens with the app. And it's just that that that complicated message, you know, for us, you know, it's maybe not that hard to describe the terminal and type of command and bash and be done with it. But it's that critical step that people tend to bypass. I think we're going to talk about the shortcuts that people take to when these things get hard beyond what they're what they're used to and not to our industry. You know, a lot of journalists are are Dundar busses or something. But, you know, we're set in our ways. I mean, where we spend 10, 20, 30 years, we know how to report a story, how to turn the screws on people, how to get the documents, how to file the public records request. And we're sort of been doing that, you know, chugging along for a long time. And all of a sudden, you know, you know, and particularly after the Snowden disclosures made us realize more than anything and after, you know, my colleagues at the AP to boot where their phone records were subpoenaed by the Justice Department, I mean, sometimes they really are out to get you. And, you know, this is this is this is critically serious. So it's, I think, trying to teach an old and young dog new tricks. And it's very difficult. I think also, I just want to confess, I don't have a vacation sorry, or a separate of key I've been meaning to. But honestly, I find it kind of challenging. I've taken me two years, three years of really working at using GPG, and I feel like I kind of have my little system duct taped together. And so and lest you think less of me, which I'm sure you do, I am probably the most tech savvy journalist in every newsroom I've been in. I grew up in Silicon Valley. I started programing and basic in fifth grade. I do actually have some credentials,
but I find this stuff incredibly challenging. Just one question, how many people in this room understand everything that's on the screen right now? Yes, we need more sources, like you said. How many of you guys understand everything that's on the screen right now? I'm the guy I went to the Linux users, groups, parties growing up and had no friends. So I understand this a little bit, but I loved it and I wouldn't change it for the world. But I, I think I understand it. That doesn't mean I succeed. OK, so once Alice and Bob have exchanged public keys, they need to verify the authenticity of these keys so they, Alice and Bob need to verify fingerprints. Laura, you should tell it like the best case scenario, right? Yeah, I don't know how many people Michael Lee, who works with me at The Intercept, wrote a lengthy piece about how he helped my initial contact with with Snowden. And what had happened was Snowden had tried for a while to get Glenn on encryption that didn't work. And then actually the way that Snowden found me is he emailed the Freedom of the Press Foundation, which is an organization that I'm on the board of and trying to get in touch with me and get my key. And I think also wanting to somewhat verify that the key that he got was was correct. And so then Michael sent me an email, an encrypted email and said, hey, some guy or some person who didn't know gender wants to get in touch with you. Can I give you a key? And I said, sure. And then he then emailed and we did a first exchange, his first email to me. It was to my true name account. It was at Gmail maybe. I don't think I said that before, but it was. And then actually. But that email has already been published, his email that he sent it to. So then so then he said something that was like certainly got my attention, which I think was that he was in the government and that he wanted to share information and that no matter what happened to him, the information should make its way to the American public. A
nd so that certainly got my attention. So then he asked me to create a new account, an anonymous account, and to contact him. He sent me a fresh as he sent he contacted me at a new email address with a fresh key, asked for one, and then he asked me to to figure out a way to to verify it. And he gave me some options. And one of them was to have someone tweet it. And so he he actually recommended that Mica tweet the fingerprint. So then I emailed the fingerprint to Mike and I said, Ted, hey, you know, I didn't say too much about the you know, the first email. I just said, you know, would you mind just putting this in your Twitter account? And and he did. And so that was how Snowden was able to verify my fingerprint. And that was, you know, a couple probably a week or two weeks after we started corresponding. And then we were sort of on an anonymous you know, both my communications were were severed from my true name, but I'm still using the same computer. And then the next email that I got after that one was the sort of holy shit email, which is when I realized that I really need to create sort of a real blockade between anything that was tied to my true identity and these communications. And that's when that I that I moved over to tale's to the tail's operating system. So thank you. If there are any tale's developers in that room. Thank you. And I can continue on a little bit on the story and then we can come back so so then so he actually snowed in and said, you know, for most security you should use tale's and I, I, I've known of it, but I wasn't using it at that time. And so but I did have a bit of a dilemma with it because I didn't really have confidence of how to verify this. The download the certificate. And and I actually was back in Berlin and I was a friend of a friend when one of the friends is in the in the room gave me the name of another person whose last name I actually never knew, who set up a tale's disk for me on a computer, which was a computer that
I purchased with cash in New York. So it was was nothing tied to my name in the correspondence from then on. So that's like above and beyond levels of verification and trust verification. And then you can I guess I'm going to play the part of the complete with one here. But I did the I thought one of my sources, I thought he verification in terms of numbers would be too hard. So we tried to do the shared secret on. I managed to get this person on our end and I thought that it would be really easy if we we didn't set up a shared secret in advance. I just thought we would be able to come up with one. So I said, when do we first meet and then or where where did we first meet? What location? And the person answered wrong. And then the person answered asked me a question of where we first met, and I answered it wrong that we had no idea where we had first met. So that didn't work. How many people in this room have had that problem? I feel better. All right. So now we've successfully verify the authenticity of our keys and our software. Step number four in a confidential communication is Alice and Bob actually initiate confidential communication with each other. You all understand why this entire talk is illustrated with CDs, slides, and even even at the AP, depending on which version of software you install, it either does inline PGP. It attaches it as an attachment or and you can't read them. And there's UTF to ASCII character conversions. And that's just among four people I work with. And that's, you know, it's yet another headache. I think we're not bagging on this entirely. I mean I mean, this the story, the Cuba story that that Nadia was mentioning, we used extensively when we did work in countries of, shall we say, aren't really very favorable toward the press. We used other tools, which I'm sure and talk about in the future, community voice communication tools like whisper systems, the signal. We use that quite a bit and it worked very well and other sort of tool
s. So so don't take away the impression that this is all garbage and we're throwing up our hands. It's just that your mileage may vary. But I mean, I guess I could just bring in, like, yet another sad story, so one time I was really proud because I was really getting like a good communication going with somebody. And then all of a sudden we started dropping plaintext. And basically it turned out that one of us had it set only to accept, OK, I'm going to get the technology wrong as MYM and PGP and one of us was not accepting this MYM. And so so the whole thing fell apart. And once again, I just felt like every time I think I've climbed some way up the mountain, it turns out I'm really just at base camp. I will confess that I have dropped plaintext with people on the stage and see. So, OK. I guess let's see, we can we can talk about once, once, once we've moved on from confidentiality, we've talked about this a little bit already of another property that journalists need with sources is anonymous communication. Laura was talking about anonymous, unthinkable communication. So what this looks like is, say the simplest case, even not using so much cryptography, is if you want an unthinkable thing. This is what Laura just did. She purchased a device with cash and then install software on it. So, Alice, our journalists might purchase a burner phone with cash, maybe install some encrypted communication applications on it, install all the contacts that they've been verified by her, and then say mail bob his special burner phone and then Bob can use his burner phone to securely communicate with Alice. This is this is straightforward. This is taking all of the responsibility for installation and verification away from Bob, our hapless source. So how does this work in practice? Yeah, so colleagues of mine actually think that this is a true burner phone, I it's not particularly when they do it on their phone, they tie it to their Apple ID and then make what they think are anonym
ous phone calls. This was sort of by accident that he put the slide in because that one used the burner actually is in the side burner. Had, as it's obvious, is an app where you can select an area code and for a certain amount of credits, create a phone number that, you know, masks or masquerades from that that area code. Well, that masquerades and they can call you back on it. And I remember once dealing with a former Washington official, we got a document how he's got some big payout from an organization and he wouldn't obviously pick up my Toyota. That's a Washington, D.C. area code. Phone number one, pick up a block number. Wouldn't do it. So I figured out where he lived in a rural in his rural state where he retired to. And I got that that area code and called him up and he called me and he answered in a tizzy because he thought, I swear to God, he thought I was the plumber who was running late to come fix it because he probably, like, picked up the phone, OK? And he's like, I just got done with a workout or are you still coming over at 10:00 AM like Mr. So-and-so, it's great to get you on the phone. We're preparing a story in an hour that says you did it. See, and like that's I think the only time that I mean, this is not a do not use this for anonymous communications. I mean, it's to basically I mean, in my my experience, it's to, you know, hit him with Erica that they think is friendly fire or is friendly. No. When it's not. So one time I bought a burner and did the sort of Alice and Bob thing you just laid out, and I sent it in the mail to my source, an executive at a company who is trying to share all sorts of damning information about his company. And we met in a cafe and I said, I'm going to be sending you a phone. And he agreed this was not a first date problem. We'd been talking for years. So he was willing to set up this encrypted channel. And and then I would call I would text nothing. No response. No response. I finally had to call me, like, what ar
e you doing with the burner phone is, oh, I never bring it anywhere with me and just leave it at home. So they never, you know, just like it didn't have enough room in his pockets. You one phone. And so, you know, once again I was like I would end up calling to tell him to go pick up the burner phone. And so that was a pointless exercise. And a burner thing is difficult, too. I mean, you know, particularly, you know, at least in the States. I mean, the stereotyping that's it's like you must be a drug dealer if you're getting a burner phone with cash and you really look like the I mean, I'm a journalist by training out of care, you know, I look like an odd duck for a living. And that's fine. I'm fine being the weird guy. But like, when you're there, the you know, the AT&T store, whatever your topping up your SIM card and you're like the guy pulling out wads of cash and you don't really want to give your driver's license because you don't really have to. And you're given a name that the guy knows is not your real name. And you're doing this weird dance. And just like it's just like it's like a terrible Christmas dinner, just like I just want to go home, just give me the thing and go. And you got to do that to fill it up. And it's, you know. So basically, we need to normalize the burner phone or something we don't have used for. Yeah, oh, yeah, all the time, I guess we heard Laura success story with tales. I mean, I don't think any of us could do our work without her. I mean. I mean, really. Yeah. I mean, I think we use it every day and and even for for people who don't understand, you know, DNS, all I do is I don't know why I use this website. I put them down. I go, you know, particularly since the AP has their own net block and, you know, you reverse look up that address, it says The Associated Press, you know, whatever. Thirty Third Street, New York, New York. And you go to IP chicken, dot com or whatever, like, look, you know, somebody who's monitoring a government
email or a government web server, you know, you're immediately tipping them off that you're hitting them. I mean, there's many uses for tor besides that, but just the little things that always seems to like they're grasping like, oh, they really know it's me. I'm like, yeah, they they know it's you. I mean, so actually Tale's is like the my favorite sort of success story. So with fellow journalists actually who don't who find all this other encryption difficult, I find that actually showing tales is easier because it's sort of this controlled environment. So I've had some success getting some colleagues to use tales because it's sort of simple. The idea is a little bit simpler. The idea you just have this separate machine that you just do this and it sort of all the box is built as a default to make you kind of make the right choices. And so it's probably my favorite tool. I think that sideways into sort of the last journalists task, which is keeping notes and data and of course from the perspective of the hapless cryptographer, this is easy. Alice wants to keep some notes. She encrypts the data to her private key. Nobody but her can decrypt it. So then, of course, situation No. One, collaboration with fellow journalists. I mean, there are times I'm just thinking of in recent memory, and we've had I mean, the AP is a global news organization where people all over the world and and, you know, you know, sometimes we need to communicate securely. And like I was talking about earlier and again, this is you know, this is no it's not malicious that people do this, but they you know, they're just so used to picking up the phone, using plain old telephone service and just dialing, you know, 011 the number, what have you. And I just remember, you know, coming close, wants to be on a call where people were calling in from, shall I say, hostile countries toward journalists and their sources. And we were all calling in using these unsecured lines. And then we all sort of reali
zed that what we were doing and it was, you know, it's like, you know, we all sort of realize, you know, oops, we left the backdoor up and I think the cat just got out and it's too late, but not quite because we didn't really we were about to, you know, we weren't going to say so. Confidential Source X lives on whatever street in Venezuela. You know, we didn't get to that point. But, you know, even even when we're sort of used to it, you know, after Snowden has sort of showed us that and the AP subpoenas it, you know, people really want your data. They will get access to it. And this is no laughing matter. I mean, and even, you know, people who do it all the time sometimes forget about it just by force of habit. And I think that's, you know, a problem. Obviously, we need to correct ourselves internally. But it's one of these things, actually. It's sort of like the mindset in journalists newsrooms is sort of is is outdated. So the sort of rule of thumb in a newsroom, most newsrooms would be if you're filing a story based on a confidential source, your editor and oftentimes the editors up the chain need to know the identity of that source. And that's a general practice. And the problem is your editor may be in another country. And so, you know, in at The Wall Street Journal, where I worked for 14 years, you know, sometimes like it just wasn't possible for the journalist to convey to the management in New York who the source was in a secure way. And sometimes before a story would run, that journalist would actually fly to New York to talk to the editors and say, this is the real story. You should publish it. And of course, that delays publication and is very expensive. And so it's it's just a challenge within the structure of newsrooms. Yeah. I mean, I certainly experienced this these kinds of problems working on on this story before right before going to Hong Kong. The Washington Post got very nervous and there were a bunch of lawyers that were making phone calls. The
y were all in the clear and they were sending emails about what was going on. And I mean, I really freaked out because it seemed to me this was the most risky time to to be having these kind of communications over anything electronic. Let me I want to say something about the sort of collecting of notes, because as a filmmaker, I mean, what I do is I actually usually, you know, filming. And so, I mean, one of the things that I would love if somebody could someday develop is if you can record video to an encrypted media. And so you don't have unencrypted media on you because that's pretty risky, depending on what situation, if you happen to be, for instance, filming a protest and you're not able to, you know, pull out an SD card in time. When I was in Hong Kong, I was I was concerned that we would be raided. And so every day I was backing up the media and putting it onto encrypted drives. But then I was had to physically, like, destroy the SD cards because I didn't want, you know, the raw footage to ever fall in anyone else's hands. And and it happens a lot when you have people who are working in, you know, whatever in protests in Egypt, for instance, if if they get your camera, they can get potentially get a lot of information if you can't get your media out in time and do something with it. So I think we're almost done here, so with the slides, so start preparing your questions and your answers to all of us, I think. Well, what Laura story just segued into the legal coercion problem that one of the big threats that journalists face is coercion from governments, either forceful or legal or any other way. Does our AP representative want to talk about the problems that the A.P. has faced? Yeah, I mean, just generally speaking, I mean, I think I mean, it's not I mean, it is a little bit of a hostile time and maybe that's understating it. I mean, for journalists, I mean and I apologize. I come from very American centric point of view because a Washington journalists. But
I mean, this is it's sort of conversely the most transparent administration in global history. But, you know, we were talking about M.C. catchers, the other, you know, an earlier panel. And, you know, this is the same meanwhile, government that turns around and tells my colleague and I found out that there's local law enforcement. They can't even release details about what the local police do. And, you know, it's very secretive about, you know, getting like when they got our phone records. You know, they're it's, you know, people even coming down to sources and sort of like the bottom line here, where, you know, why this matters so much is it's not the Segway into it's not just, you know, about the intelligence community here. It's not about, you know, a you know, an NSA contractor in Hawaii who dumps all the top secret classified documents is important as it is. I mean, these are people who work in state houses and companies. I mean, as as Julie was saying, you know, like a company that's crooked and and, you know, people lose their jobs for this. I mean, they lose their mortgages. They can't pay their bills. They can't feed their families. I mean, these are very real effects of talking to the press, just talking to us. And and I think we owe it to sources to do a better job at this. I mean, we have the tools at our disposal and with the help of the crypto community, I think we can you know, we really do it right and make this better so we can have better journalism and hold people accountable. It's so cliche to say, but that's the reason why we do what we do. And, you know, we can't just go back to a plain text world when encryption is clearly the next forefront. So. I just want to add one thing, which is that I I think that newsrooms I know that journalism is also under financial pressure, but I believe we have a moral obligation to invest more in these types of tools. Right. It's heartbreaking to me whenever I learn how few people support the tools that I use e
very day and how underfunded they are. And I personally try to donate, but I don't have I I'm a journalist, right? I'm not I'm not going to be able to pull this by myself. And but I think our newsrooms would be well served to see these tools as as central to our work and to invest in them. All right, last slide, the four questions, the last issue that a lot of you run into is crossing international borders. OK, well, yeah, I mean, it's no man's land. I mean, in terms of legal, I mean, you have no protection. And they and they they use it. I mean, the US government, when I say they and, you know, in my case, you know, it's over six years detained every time I return to the country. And, you know, they'd photocopied my books and threatened to take electronics. Many times they would stack them in a pile. And, you know, I would say that I was a journalist and would have long fights and they would say things like, well, you know, this will go much faster for you if you just give us your passwords. And that's, you know, that's not happening. And then they'd say, well, if you don't answer our questions, we'll find our answers on your electronics. You know, that was one of my favorite quotes. I mean, ultimately, I moved to Berlin because of this problem, because because of the project I was working on. I couldn't I didn't feel that I could protect the source material I had and cross the U.S. border. And so I started I was shooting and filming. And then I would leave footage outside of the country, back it up and then return home and did that for a while. And then once I needed to start editing, then I came to Berlin and started working there. So it really was, you know, created a huge problem for for me to be able to do the work in the U.S.. I think there's a question that we don't know how to answer. Is it safer to bring data across a border with your person or to send it electronically? Maybe the answer is just no. I mean, I think I think to a trusted, you know, second pa
rty would be probably the safest. If there are no more stories that our other panelists want to tell. Well, I mean, I haven't obviously left the country. I still live in New York, but I have for the past several years after one source called me and said, look, I know you're about to go on your annual trip to India. I go every year to visit my husband's family in India at Christmas time. And this person said, I just can't have your my name in your contact list if you're going to bring your phone across the border. And at that moment, I realized, oh, my God, I can't I can't bring anybody's name across in my contact list. So I realized I had to leave my phone behind and I have continued to leave my phone behind on every international trip and and also my computer. I have a what I call a zero data policy crossing borders, which, by the way, means I don't have anything right. So it's really inconvenient to come with no data. It means that I get less work done, I'm less productive. I bring a tale's machine and then I have some documents I might want to work on on a stick. But it's not a great and convenient way to do reporting. And my editors, despite, you know, supporting me, are really annoyed when I don't reply to their e-mails. All right, so I guess with that will open up for questions and answers from you. So before we start the questions, first of all, if anybody is leaving right now, please do so very quietly, take your trash with you. And also, it would be nice if you would not let any martyr bottles fall over. Thank you for the demonstration. And also, if you have free seats now, then please already try to defragment a bit like move inwards in your respective rows and make room on the sides. We will not let anybody inside this room yet before the next section, but basically the film is going to start. So doing the Q&A, please try to be a bit quieter than right now. A bit quiet, please. OK. So then, hey, let's start with microphone one. So if you're so much in the
focus of, uh, agencies and so on, like Laura, what do you do about endpoint security? Let's say you do everything correct with encryption, but now you have this AACAP device lying in your home and like, do you always carry it with you or do you sleep with it under your pillow? Or how do you make sure that it doesn't get bugged? I would never answer that question. OK, so would you have any advice for people who want to who have that problem? Like, I mean, what oh, how would they find out what they should do? I mean, obviously it's a question of threat model. Right. You know, and. I mean, you know, there I mean, I don't know if Sarah Harrison is here, I know she's giving a talk, but she's off. She carries a lot of computers with her. I mean, that's sometimes what we do there times when you carry a lot of computers with you. And I think that there are times, you know, where it depends where that might be more necessary than others, depending on what you're working on and or the political context in which you're working. So, I mean, obviously, I mean, what people will say is that if you never lose possession of it, it would be, you know, the sort of, you know, absolute secure recommendation. Thank you. Microphone to please. Hello. I was left with the impression that burner phones are viable option for informants. I would dispute that view as the problem. But the problem I see with burner phones is that in the data mining is very easy to identify a burner phone because like, let's say if we have a burner phone, there are two cases who travel with a burner phone, then you quickly identify a burner phone as a burner phone because of movement. Pattern is very similar or identical. You see like the same base stations. So you can identify not only that, you can identify which person has the burner phone. And because you know the identity of that person, you can identify that it's that person's burner phone. And even for the stationary case, for example, leave the burner phon
e at home, the burner phone has a very distinct communication pattern because you essentially just communicate to one person, which is extremely unusual. So together with the location in, you know, for example, OK, the person's living, let's say, in the radius of a kilometer or something, but you have these special phones that only talk to one person. So I don't think there is a good scenario for burner phone should be avoided. I would just say that on burner phones that it depends on your threat model. Right. For a state actor who can see the whole cell network, you're completely right. I wouldn't recommend burner phones, but I was using a burner phone in this particular instance for a corporate source. Right. And I don't think his company was going to be able to get the cell companies to give up that information. I wanted him just to not use his corporate paid cell phone, which is what he previously was using to talk to me. Right. So it depends on your threat model. For some people, a burner could be fine. OK, thanks. Thank you. So let's get a question from the Internet. Can you give the can you activate the microphone now it's activated. Hello? Well, there are a thousand questions on the IOC channel, and I hope it can at least relay a few of them. Well, a lot of them are going about training for journalists, like are there any journalism schools or universities that are teaching crypto as an obligatory. Yeah. Basic skill? Or what can a technical journalism journalist do to learn more of their fellow students into some crypto parties? And also. Yeah. How many days or weeks or years do it? Does a journalist in your experience, need to really also get the point of encryption or a secure communication to be also comfortable with it? So this is all about this huge field. I mean, I know journalism schools up to five years ago, like their prime technological feat, besides doing, as we would call beat reporting, was teaching people how to use Adobe Flash and like that, t
ick the box with like the technology that needed to be learned. And and again, maybe it's an old dog, new tricks thing. Or people have been in the business and they're like this crypto thing. I mean, those include journalism professors who never had to use this, never had to face this reality. I know Columbia University has a computational journalism track. I know there's been I'm not the expert on this. Maybe somebody else says, I know that this has been at least a discussion in, like the American journalism education community about, you know, it's not just the crypto to it's, you know, digital public records requests and analyzing, you know, big data, you know, how to pass through it. All these sorts of things that, you know, that that go beyond the, you know, notebook assisted reporting of days of yore. You know, and and I I'm sure that's a discussion somewhere. So I'm working with the Columbia Journalism School right now. Actually, I'm writing a chapter for their book that's coming out on what types of techniques journalists can use. And they are beefing up their crypto programs, but it's not mandatory. And the truth is that there's a lot of confusion out there about what are the best crypto tools. And there's one thing that's upsetting to me is that there are you know, every day I get an email from a new crypto program and some of them are not really as encrypted as they seem. And so I think there's a lot of confusion in the regular public about what they should use, which is why and you guys probably already know know all this, but essentially I did a ranking with F of crypto tools on seven criteria just to provide some sort of benchmark of what people might think we might consider actually safe. Thank you, so microphone three, please. Hello. Thank you very much for your talk. I want to raise a question about a power structure that was not part of the discussion so far. I once gave a party at a big Dutch News Corporation for the Dutch people in the office, an
d the journalists were super enthusiastic. They want to get started right away. And I said, OK, let's get started with installing Thor. And we are not allowed to do that on our machines. But luckily, there were some tech people and I was in the room and and we looked at them like, can you help them out? Can you give them permission? Is that we could, but we're not allowed because it's not part of our budget to install this and everything's actually closed down. And if we change anything, it will all fall together and looked kind of panicked. And then it turned out the management had to come in, but they were nowhere to be found. And that seemed and maybe you can relate to that in a lot of News Corp, there's this management layer that in the end needs to be like part of this whole transition into, like, secure communication. Yeah, yeah. That's a that's a really, really, really great question, because having worked for American news companies where they are cut to the bone, that is a very real concern. I mean, you have almost two parts I would say are two sort of issues. One is the money issue, because, you know, from an I mean, you know, from a newsroom point of view, we're like, well, it's a great source. Let's do it, you know, pay any cost, bear any burden. We're going to do it. But then they're like, no, we only have X amount for fiscal year, whatever. And by the way, our exchange mail servers are basically smoking. You can see one smoking. That's where the money has to go right now. The other one is to. Yeah, exactly. And that's the counterargument to that is it doesn't and it's not what they're used to. They're not used to doing this. And so at least that the success that we've had or I've had in some news organizations, others have either as well, is sort of the and now general investor Matt Waite used to be a reporter and Florida has this thing called demos, not memos like do this organic from the bottom up and sort of show how it works. Do you a test case, yo
u know, use free software, use TOR, you know, use the Tor browser, the IP checking thing that I was taught, whatever you want to use. And then people sort of have these little epiphanies like, oh, OK, that makes sense. And then that, you know, and I've seen it happen even very recently, it starts bubbling up to the top. You know, combined with the other news just in general about how, you know, the government is basically looking over our shoulder and, you know, ideally that starts to collide. And, you know, the selling point for them is like Tor, it's our tails, it's free. You know, the cost of a DVD. I'll I'll give you a ten on the house. Just download it, you know, and I think it's just just a different mindset that they're not used to, just like reporters are used to. Yeah. But also I mean, there's a problem with it departments in newsrooms being total control freaks and not letting anyone touch any machines. And that's just not about cost or or, you know, not understanding how it works. They're just, you know, not don't want anyone touching any machine. And they want to keep access to every machine that goes out of a newsroom. And that just needs to stop. I mean, I think I was at Democracy Now and and and Jake was trying to install Otara and someone's you know, he said, oh, you should have Otara so we can talk. And he started to install it and that kind of freaked out it person came into the room is like, what are you doing to this computer? So they were they were actually they were able to know that that was happening. That's sort of fucked up. And it'd be then why would you ever stop that? And it's funny because then people do the work arounds, right? Like I was in a news organization once where I, I couldn't it was locked down administratively. I could install anything. So I just brought in my home, my my whatever power about whatever it was at the time. And I installed it and they were so concerned about security, security, security. But then I just took th
e Ethernet cable and just bam right into the wall and got right onto the network. I'm like, OK, so like on one end we're concerned about security here, but I'm here. I can. It's no problem. OK, thank you. Another question from the Internet, please. Yeah. As I just touched the journalists, I now go to developers as the target group. So what tools would you need or would other journalists need that open source developers can develop and make better? And like what features are really most important to you to help you make your job? I think that actually investment in GPG itself would be great, because I love the fact of the public key infrastructure, the fact that you and your source don't have to don't have to know each other. Right. Because if you if somebody reaches out to you the way that Snowden reached out to Laura, he there was a way, even though it's clunky, it seems to me that that method of sort of overcoming that first date problem of finding somebody and verifying them in a public way is still sort of our best hope. Those are the sources that we want to attract to us, is somebody who just thinks they might want to share something. And if we could make that easier, I would be really in favor of that. I still use GBG much more than I use any other tool, despite my constant frustrations with it. Yeah, I mean, I would just echo again what Julia said earlier about tales and what and what a great device that is for us to do the work. Because what I found when I started doing the reporting then it wasn't just me who needed it. But then you have a circle of people who you're also reporting with that you have to bring up to speed. And you could actually, you know, I ended up making a lot of tale's disks and circulating them to people so that I had people in my circle that I needed to talk to and that was became, you know, relatively large. And to have a tool that actually is sending things by default with encryption that that you can just say, here's a computer, thi
s is how you find me, was the most valuable tool for doing this reporting. Thank you, so microphone four, please. Good. So I just wanted to make a couple of comments, positive comments about the use of burner phones. Ideally, both parties will have a burner phone that was bought in cash from a brand where you don't have to show I.D. and you don't have to deal with a human. In the US, these are track phones usually where you just go into a convenience store or something like that. You buy something in cash, you buy some minutes that you add onto there and that's that. OK, so ideally, as the first comment actually pointed out, is that if you're carrying these around all the time, the social graph, it becomes very easy because, you know, Julia's social graph calls she's making, where she's at, which cell tower she's hitting will match up identically with her burner phone. And that's absolutely not what you want. Ideally, you would want to have a set time where you have your battery into the phone and all other times it's off on both ends. So if you say, you know, Saturday from seven to nine every week, please put your battery in the phone. If I don't call, OK, if I do call, OK. And all of the times just keep it unplugged. And that's a really good way to ensure that, you know, hopefully you're both making calls outside of the house. So maybe it's even slightly less trackable. But also, if you're in a big city like New York, it doesn't necessarily matter. This is also what drug dealers do. You might recognize this method from there. I'm super excited to meet the source who's going to comply with those directions. Please put your battery on this phone from seven to nine on Saturday. I'm sure that person is out there. All right, another question from the Internet, please. Following up on this, like, what should it suicide do? What is the most sensible way to contact a journalist? And what, in your experience, are the typical and maybe most fatal mistakes they make? It's a
great question. You know, it depends on how secure you want to be. It's very difficult to make first contact without using the journalists existing email address. So you are going to have some or some known way to reach them. I actually advise people to use the postal mail. No return address. And I read my mail. I get it. I get a lot of mail. Most of it is an interesting, but some of it's really interesting. And then you can put a disposable email address in there or a phone number and I will reach out. I think it's an underestimated tool. Yeah, yeah, and you get you get I mean, I get letters all the time from that, all the time, but from people who do want to make that first contact, if I haven't already met them at a previous social occasion, I mean, again, this is very specific to Washington because everybody talks to everyone. But I mean, then they will send me a note and, you know, ask me in touch with them, I guess. We have time for two quick questions, so first, microphone one, please. Regarding the request for encrypted video, the Magic Lantern Project, which is a opensource firmware for the Canon SLR cameras, already supports RSA encryption of the still images, but not yet the video. But if you reach out to us, we'd be happy to talk about whether or not that's a possibility. That's fantastic. Thank you. Thank. OK, that was more of a comment and a question, but thank you. So microphone three, last question, please. As you mentioned, circulation problem and thank you. So what would you think of systems which basically allow you to set up a passphrase and encryption passwords, which are basically a fake one, which would make sure that are definitely unusable if you ever use it? Is it actually a good solution for the question issue? You mean that would destroy your data? Like if you get hand over this password, it would destroy everything? Is that what you're saying? Yeah. I mean, in the context of the UK, that would probably be something that because I think t
hey can hold you if you don't if you don't comply with that, it depends on the context. But I think that would, I think, be very valuable. I don't know if it's been done. Would you guys do such a thing? I would love to have such a thing. I think it's fun to have the idea of the escape handle like stop the train. Right. Because then also I would sort of feel maybe better about bringing my devices over the border if I could feel very confident that I could destroy it at a moment's notice. Was it Hillary Clinton advocating for like a kill switch, knowing what was there? There was a kill switch idea, but that was something else. Never mind. Yeah, I'm pretty sure if you've already had a legal demand, that would be a risk of contempt of court to use such a thing, right? Yeah. OK, then we're finished. Thank you very much. Give them again the warm applause.