Training Journalists in Istanbul

After meeting with SOCA in London, I traveled to Istanbul to teach local and foreign journalists how to use Tor and Tails to keep themselves, their colleagues, and their sources safe online. I also met with the team behind Zero Day, a documentary about all things Internet security, to talk about Tor and the work that I do.

I met with foreign journalists on the first day and local journalists the day after. Around 30 people attended in total, and each training session lasted just over two hours. My presentation covered threats, how you can protect your communication, local data, and external data, as well as how to use the Tor Browser Bundle and Tails. I gave out USB sticks with the Tor Browser Bundle, the short user manual, and the CPJ Journalist Security Guide. PC users were also given USB sticks with Tails.

Presentation

The feedback has been really positive from everyone who attended, and I have been told that those who were unable to attend have been given the material I handed out. There are some things that can be improved, however:

  • Tor does not prevent somebody watching your Internet traffic from learning that you’re using Tor. In some cases, the fact that you are using Tor and encrypting emails/chat/drives can be a red flag. I am not sure how to best address this in a presentation, other than just say that yes, it can be a red flag.
  • We talked about a few different risks, such as having your phone tapped, your email hacked, and your home or hotel room broken into. Having solid examples and stories helps a lot.
  • I introduced a lot of new technology in a short amount of time. Those who are not familiar with technology such as full disk encryption, GPG, and OTR, would benefit from a longer and more hands-on session.
  • The presentation included screenshots of encrypted email, encrypted chat, and the Tor Browser Bundle. Having a few videos that illustrate how it works, what the user sees, and what the new workflow is will make it easier to understand.
  • The presentation mentioned Bitlocker, FileVault, and TrueCrypt for full disk encryption, but did not go into details. I told everyone how to enable FileVault in OS X, and I should add these step-by-step instructions to the presentation.
  • Tor was originally designed, implemented, and deployed as a project of the U.S. Naval Research Laboratory. We also receive funding via U.S. government organizations. I covered this briefly in my presentation, but could have spent a bit more time talking about the Tor Project, Inc and why we are qualified to talk about Internet security and online anonymity.

Tails

I asked a few people to try out Tails and let me know if something was confusing, did not work, or could be improved:

  • Tails has very limited support for Apple hardware. 23 out of 30 attendees were Mac users. I tried booting Tails on my MacBook Air, but OS X was unable to find the USB stick.
  • I am used to the Tor Browser and was surprised to see that check.torproject.org was not the default home page.
  • Firefox will start automatically once you are connected to the Internet. Most users did not wait for the Tails website to load before entering another URL in the address bar. Users did not question if they were actually using Tor.
  • One user waited for the Tails website to load, saw the green download button and then asked if he needed to upgrade to a newer version. I wonder if there is a way to let users know which version they are currently using.
  • A few users seemed confused when Pidgin automatically connected to IRC. I wonder if it would be better to have that disabled by default, and instead take users through the process of setting up their own accounts.
  • One user tried the email client, skipped the part where you set up the mail servers, and tried to write an email. I wonder if there is a way to improve this, as most users expect the mail client to work just like the one they are used to in their normal operating system.
  • Tails uses a US keyboard layout by default. This can be confusing for anyone with a different keyboard layout. A few users mentioned that the tap-touchpad-to-click functionality did not work.
  • One user pointed out that there is no logout or shutdown option available when using Tails in Windows XP mode.
  • The shutdown process can look a bit scary for anyone who is not used to Linux, especially the part where it wipes the memory. A friendly splash-screen of some sort would be good.

Thanks to my wonderful hosts for providing me with a place to stay, great food, suggestions on what to see in Istanbul, and for organizing and hosting the training sessions.

this is so awesome. keep up the amazing work.

Sounds like a great couple of days, Runa. Thanks for the shout-out for the film. Great meeting you and having the chance to get you on film! Charles K.

You remark that Tails does not use check.torproject.org as its home page. It used too, but it changed in the most recent verrsion, 0.16. I believe that to be a serious mistake. Ask yourself, what is the one thing that you want to be absolutely certain of when you use Tor? Answer: that you are in fact using Tor and that it is working correctly. The change in Tails 0.16 to make tails.boum.org the home page is, I think, poorly thought out. Sure, I can check the check.torproject.org page; but having it as Home meant that I could check at the click of a button any time.

Tails 0.17, released Feb. 25th, has a link-to
https://check.torproject.org/
at the top of the home page

I agree that all journalists should know how to use GPG, Tor, Tails, I2P, Freenet, and Truecrypt.

I would rather you taught Kurdish journalists or activists instead of their Turkish counterparts! Even though many journalists do not advocate the oppressive Gov policies against the Kurdish minority, the Kurds are the ones that need anonymity...
https://www.nytimes.com/1992/09/02/opinion/l-turkey-conceals-its-oppression-of-kurds-914992.html
https://en.wikipedia.org/wiki/Kurds_in_Turkey
https://en.wikipedia.org/wiki/Human_rights_of_Kurdish_people_in_Turkey
https://en.wikipedia.org/wiki/Dersim_Massacre

Most if not all Turkish journalists have a strong loyalty to their so called Ottoman-Empire history and to this day deny all their atrocities against Kurds and Armenians. Nazi Germany paid for their crimes against the Jews, but the Turks still practice oppression to this day.

Just my 2 cents

> Tor does not prevent somebody watching your Internet traffic from learning that you’re using Tor. In some cases, the fact that you are using Tor and encrypting emails/chat/drives can be a red flag. I am not sure how to best address this in a presentation, other than just say that yes, it can be a red flag.

There are two answers.

The first answer is that a big component of Tor's safety comes from diversity of nearby users. Nowadays there are many tens of thousands of Tor users in Iran, so being a Tor user in Iran is really not that interesting. The reason it's safer is that *most* of those Tor users aren't dissidents. Most of them are just using Tor to get around the censorship of Facebook or some similar site. At the other extreme, if there's one person with a laptop in the Sudanese refugee camp, and somebody anonymously posts a blog post about the conditions there, Tor isn't going to do a great job at anonymizing her.

The second answer is that bridges, plus pluggable transports, can make it so somebody watching your Internet traffic doesn't realize that you're using Tor. This research area is not well-understood yet, so you shouldn't rely on it, but none the less it seems there's some protection there.

Oh, and I guess the third answer is "yes, it can be a red flag". Don't promise them more than we can promise them.

"The first answer is that a big component of Tor's safety comes from diversity of nearby users."

How "nearby"?

E.g., if one lives in a large city, is how nearby must there be a considerable number of other Tor users?

On the same street? Neighborhood? Parish?

Or is it sufficient merely that there are many Tor users within the city limits-- even if the next closest one may be mile or more away?

Regarding bridges:

1.) Perhaps someone can answer what seems to me like a glaringly obvious question but one which I have been unable to find an answer for (I have checked the official torproject.org pages on bridges and searched Google/StartPage).

When one connects through a bridge, what /does/ one's ISP see?

Surely they must see at least /something/ that appears different than ordinary, direct traffic, no?

2.) I wonder what you think of this comment by a Tails dev:
https://tails.boum.org/forum/Bridges_/#comment-77be7e487f1acbc47bb16ec397dcb9a2
in which two reasons are cited that make bridges "somewhat attractive for attackers".

Thanks to everyone who continues to make Tor a reality.

There are many Tor users for many different reasons, Tor is often used by activist and Occupy in the west as well as other countries. It is desirable with increasing "snoopers" and isp monitoring to hide Tor usage or attempt to like in Alpha 2.4.7 package.
Tails
1) It would be great if there was some bridging capability in Tails but with a erasing system on shut down they would have to fixed unless manually entered each time.
2) Tails installer from disc (clone\install) can be problematic resulting in usb cards needing to be re-formatted through disk management tools. Unbootin and lili are more reliable installers but no persistence.
3) Tales virtual machine or alternative? I have used vm tails for testing purposes only on a hips system. It is stated in tails docs about a possible alternative, a run within windows version in the future?
4) Mouse cursor\hand disappearing when on links
5)GIMP 2.6 has been replaced by version 2.8.4.

1.) "It would be great if there was some bridging capability in Tails"

There already is:
https://tails.boum.org/doc/first_steps/startup_options/bridge_mode/index.en.html

You just have to activate it at boot by adding "bridge" to the boot paramaters.

2.) Unetbootin is not supported, see:
https://tails.boum.org/forum/UNetbootin_Boot_Options__63__/#comment-045d2ae22b01d18d5e382ff9cc1e68df

"A Tails installed with UNetbootin is unsupported, and may have subtle differences with a "genuine" Tails system."

I looked this up, macs need GPT partition to boot off flash drives. They also don't use PC type bios, instead use OpenBoot from Sun.

I use rEDIt for bootmanager, still cannot boot Tails. (Ubuntu > 12.10 boots with minor problems.)
It is pain to run a linux distro on macs unfortunately.

Syndicate content Syndicate content