Online Learning
This work was done in collaboration and the support of Transitions Online
Introduction
Computers and the Internet are all about information gathering, storage and exchange. Hence, the topic of security in the digital realm relates to the security of information and its communication. The Internet, in theory, provides everyone with an equal opportunity to access and disseminate information. Yet, as time has shown, this is not always the case. Governments and corporations realize the importance and value of controlling information flows, and of being able to decide when to restrict them. The security of information is further complicated by malicious individuals creating computer viruses and hacking into computer systems, often with no other motive than causing damage.
Confusion and complexity is heightened by the abundance of software, hardware and electronic devices built to interact with an increasingly sophisticated and complicated network. Users have to immerse themselves in concepts and technology that seem to be far removed from the real world. The security of your information, online identity and the privacy of your communications falls first and foremost upon your shoulders and requires comprehension of how the Internet and your computer actually work.
The Internet has profoundly changed social interaction and the dissemination of ideas and knowledge. Publication is no longer restricted by geographic or financial boundaries, and any citizen could become a journalist and reach a global audience.
This online training course has several objectives. It aims to educate and raise awareness to the technical aspects behind computer and Internet operations as a precursor to explaining inherent digital risks and vulnerabilities. Because it is virtually impossible to predict and describe in advance every security situation that one could encounter – the emphasis here is to provide enough background information and explanation of risks to make the user aware of the problem and able to make an educated and appropriate response. The other objective is to provide solutions to the most common security threats faced by journalists working in politically repressive countries, as well as links and references to software tools and manuals for further study and exploration of the subject.
Lesson 1 - The Internet and its Pitfalls
This chapter is a requirement to understanding other topics covered in Lesson 1 and throughout the Internet Security Course.
A distinction must be made between what we perceive as surveillance in the physical world – a person watching and shadowing your movements, and what occurs on the Internet.
Lesson 2 – Privacy! On the Internet?
The Internet is a network of networks passing data through numerous intermediary computers and routers. Data typically travels the Internet in a readable (insecure) format. Your search query on Google or your Yahoo email message is accessible to your local Internet service provider as well as the body monitoring the national telecommunications infrastructure. By default, there is no privacy in Internet communications and many become victims of random and targeted network surveillance and traffic analysis. There are however, certain steps and measures you can take, some easier than others, to ensure a level of privacy in your Internet communications.
The open - we can see everything that you send and receive - Internet could not become a powerful medium for business nor could it ensure a general users' expectation of privacy.
Instant messaging tools such as MSN Messenger and Yahoo Chat also use open channels for communicating your information. Everything you send or receive using these programs is liable to surveillance.
Lesson 3 – Goodbye Censorship!
Many countries around the world have installed software and underlying infrastructure that prevents Internet users within those countries from accessing certain websites and Internet services. Companies, schools and public libraries often use similar software to protect their employees, students and patrons from material that they consider distracting or harmful. This kind of filtering technology comes in a number of different forms. Some filters block a site based on its IP address, while others blacklist certain domain names or keywords contained in web pages or your search queries.
Regardless of what filtering methods are present, it is nearly always possible to evade them by relying on intermediary computers, outside your country, to reach blocked services for you. This process is often called censorship circumvention, or simply circumvention, and the intermediary computers are called proxies. Proxies, too, come in many different forms. Some Internet services such as RSS readers and online translators perform the function of a proxy without necessarily being created for circumvention. There are also especially dedicated proxy servers, virtual private networks multiple-proxy anonymity networks. It is difficult to say in advance which particular technique will work to bypass the censorship mechanisms in place in your country and it is worthwhile to be aware of several different methods. Each offers its own particular method for getting around restrictions, at the same time each method is vulnerable in its own way. This chapter describes the various ways to circumvent censorship and explains when these methods may or may not work.
Censoring the channel of dissemination can take place at two different moments within an information cycle. Pre-publication – when the original message is prevented from being disseminated. This includes self-censorship, legislation and editorial or managerial interference with material to be published or made available to the public. Post-publication – when the audience is prevented from accessing an existing message or content communicated to them. Primarily this involves access to Internet websites and online services, and will be explained and discussed in this module.
If you cannot go directly to a website because it is blocked by one of the methods discussed above, you will need to find a way around the obstruction. Many methods exist to circumvent the blocklists, which are only effective when a website is requested directly. If a third party is called to fetch a website for us, then these lists become irrelevant. For over a decade, netizens living in censored Internet environments have been using online translation and caching services to access a website indirectly. Others have relied on anonymisers, whose original intent was to conceal your identity from a website.
Lesson 4 - Digital information management
This section describes the technology and methods for managing your digital data. We will talk about preventing unauthorised access to your data, making sure that you do not lose important documents and we will discuss the correct procedures for destroying unwanted data as well as cleaning a computer of traces left behind from past working sessions. Secure data management should be on the top of your to-do list if you work with information that you do not want to lose or expose to an outside party. Once you have set-up the tools described in this chapter and assimilate the processes into your daily working routine, you will make a huge leap towards keeping your data private and secure.