digital security

Tor at the Heart: Security in-a-Box

This is one of a series of periodic blog posts where we highlight other organizations and projects that rely on Tor, build on Tor, or are accomplishing their missions better because Tor exists. Please support the Tor Project! We're at the heart of Internet freedom.
Donate today!

Security in-a-Box

More than ten years ago, Tactical Tech and Front Line Defenders started providing digital security trainings for human rights defenders at risk around the world. Soon thereafter, they created Security in-a-Box to supplement those trainings and to support self-learning and peer-education among those defenders.

Security in-a-Box offers general advice and practical walkthroughs designed to help its users secure their digital information and communication by choosing the right software and integrating it into their daily lives.

Hands-on guides

Security in-a-Box offers a number of Tool Guides that explain step-by-step how to download, install, and use digital security tools on Linux, Windows, Mac OS X, and Android. Some of these guides that were recently updated in 11 languages include:

  • Tor Browser for anonymity and censorship circumvention (on Windows & Linux)
  • Signal for encrypted messaging and Voice-over-IP calls on Android
  • VeraCrypt for file encryption (on Windows & Linux)
  • Thunderbird and OpenPGP for email encryption (on Windows & Linux)
  • KeePassX for secure password management (on Windows & Linux)
  • Firefox with add-ons for more secure web browsing (on Windows & Linux)
  • Jitsi and OTR for encrypted instant messaging (on Windows & Linux)

Other Tool Guides cover setting up a Riseup email account, securing the Windows operating system, and protecting data when using social networking platforms (like Facebook and Twitter).

Security in-a-Box also includes a few community-specific toolkits that are tailored for LGBTI communities in The Middle-East and North Africa and Sub-Saharan Africa, for Environmental rights defenders and for Women human rights defenders.

Tips and Tactics

As digital security is a process that extends well beyond the adoption of specific tools, Security in-a-Box also offers Tactics Guides that propose new ways of thinking about security and recommend practices that might strengthen it. Some of these include:


Over the years, a community of digital security trainers, editors, translators, and privacy advocates has sprung up around Security in-a-Box. Many digital security trainers from Africa, Latin America, Central and Southeast Asia, Europe and North America rely on Security in-a-Box for their trainings and contribute to its development.

Thanks to the project’s community translators, Security in-a-Box is published in 17 different languages. Recently updated translations include: Arabic, Spanish, Farsi, French, Indonesian, Portuguese, Russian, Thai, Turkish, Vietnamese and Chinese. As a result, Security in-a-Box reaches well over a million people each year with advice on digital security, online privacy and censorship circumvention.

None of this would have been possible without the work of the software developers who create these tools in the first place, and to whom we are extremely grateful. Donate to the Tor Project today!

Written by Maria Xynou (Tactical Tech) and Wojtek Bogusz (Front Line Defenders)

Introduction to Digital Security With the CIJ

On Monday the 25th of March, the Centre for Investigative Journalism in London organized a free event where journalists could learn more about digital security. I was invited to speak about Tor, other speakers covered OTR, TrueCrypt, GPG, and mobile security.

The attendees were divided into five groups, and each speaker had 20-25 minutes with each group. I gave out USB sticks with the Tor Browser Bundle, the Pluggable Transports Bundle, the short user manual, and the 2012 annual report.

I talked a bit about the history of Tor and the Tor Project, discussed a few different threats, mentioned hidden services, listed a few examples of real world use, and helped everyone get the Tor Browser Bundle up and running. I did not have access to a projector or whiteboard, so I did my best to illustrate how Tor works by drawing boxes, arrows, blobs, and stick figures on a piece of paper.

A number of people asked if we had some sort of document or manual explaining all the topics covered at this event. I mentioned Security in a box and the FLOSS Manuals, but also pointed out that there is currently no single document available, that I am aware of, which explains all of these topics.

I have previously discussed creating such a document with the Rory Peck Trust, which is a London based organization that specializes in safety, security and professional development for freelance journalists. I mentioned this again when I met with them the day after the CIJ event, and I’m looking forward to seeing the end result in a few months.

Thanks to the Centre for Investigative Journalism for hosting the event and inviting me.

Syndicate content Syndicate content