[liberationtech] Mexico's most vulnerable reporters lack digital security skills

Tue Feb 26 20:47:51 PST 2013

That's incredible. I honestly did not know any of this. Drug lords in the
Middle East aren't half as terrifying.

With this kind of terrifying landscape, what accessible technology could
possibly secure the communications of Mexican journalists against not only
interception, but against their own future torture and other such
ancillary, surrounding threats that may be borne from using encryption?
This situation is so awful that we security people should add it to our
repertoire of absolutes ("will this survive NSA intervention?" "will this
survive Mexican drug cartel intervention?")

They really add to the threat landscape by being not only more unbridled
and omnipotent than a bad regime, but not even subject to the smallest
shred of responsibility in terms of governance and stability. Even the
worst governments still are.

 I don't know what on earth Mexican journalists are supposed to do when
confronted with such an absurd threat landscape.

NK

On Wed, Feb 27, 2013 at 1:42 AM, Ryan Gallagher <ryan at rjgallagher.co.uk>wrote:

> On 27 February 2013 00:01, Eva Galperin <eva at eff.org> wrote:
>
>> I'm not sure that I would support ranking drug cartels as a less
>> technologically sophisticated threat than the government in Mexico.
>>
>
> Very much agree, Eva. If I were working out of Mexico it would be under
> the assumption that the cartels could, if they really wanted to, obtain the
> same info that is available to law enforcement agencies and/or government
> officials via the use of surveillance tech.
>
> Mexico has a fairly sophisticated surveillance infrastructure. Since at
> least 2006 it has has apparently operated a Verint mass monitoring system
> that can intercept "virtually any wired, wireless or broadband
> communication network and service," and this system has since been upgraded
> with the help of the US government:
> http://www.nextgov.com/technology-news/2012/04/state-department-provide-mexican-security-agency-surveillance-apparatus/55490/
>
> Mexican authorities also have access to other tools, such as spy trojans:
> http://www.slate.com/blogs/future_tense/2012/08/03/surveillance_technology_in_mexico_s_drug_war_.html
>
> And as Bloomberg Businessweek reported in 2011: "Recent killings indicate
> the cartels are taking the new online tactics seriouslyband that the
> activists may have miscalculated in counting on nicknames and IP addresses
> for protection....the U.S. firm Stratfor and security experts in Mexico
> warned that, with so many government officials on the take, the cartels
> likely have access to the military-grade tracking technology used by the
> Mexican government. In at least one case, according to journalist Valdez,
> the Sinaloan cartel hired a hacker to hunt down a government informant."
> http://www.businessweek.com/magazine/mexicos-drug-war-takes-to-the-blogosphere-11092011.html#p2
>
> Best,
>
> Ryan
>
>
>> While there isn't a lot of evidence that drug cartels have used
>> technologically sophisticated means to track down anonymous/pseudonymous
>> bloggers and journalists, corruption is sufficiently widespread that if
>> my life depended on it, I would assume that the drug cartels could have
>> access to the same information that the government has through bribery
>> and threats.
>>
>> There are circumstances in which I would support the use of Cryptocat by
>> Mexican journalists (and it's certainly an improvement over sending
>> messages in the clear, which many Mexican journalists are doing) but
>> transmitting information which you would like to keep secret from drug
>> cartels is probably not one of them.
>>
>> ************************************************
>> Eva Galperin
>> Global Policy Analyst
>> Electronic Frontier Foundation
>> eva at eff.org
>> (415) 436-9333 ex. 111
>> ************************************************
>>
>> On 2/25/13 1:36 PM, Nadim Kobeissi wrote:
>> > Hi,
>> > At Cryptocat we are developing an easy to use instant messaging tool
>> that
>> > is available in 34 languages. It encrypts all of your conversations,
>> > preserves your privacy and works in your browser.
>> >
>> > If you are a Mexican journalist and your opponent is not highly skilled
>> in
>> > information technology intelligence (not a government, but a drug
>> cartel)
>> > then you should try Cryptocat. It does not leave a record of
>> conversations
>> > anywhere and does not transmit anything in the clear.
>> >
>> > Get Cryptocat here: https://crypto.cat
>> > Make sure to read the warnings on the site to get familiar with the
>> app's
>> > limitations.
>> >
>> >
>> > NK
>> >
>> >
>> > On Mon, Feb 25, 2013 at 10:13 PM, Brian Conley <
>> brianc at smallworldnews.tv>wrote:
>> >
>> >> Hi Kyle,
>> >>
>> >> I've been developing a tool called StoryMaker for journalists and
>> citizen
>> >> journalists.
>> >>
>> >> It's private/secure by design, so ideal for this use case.
>> >>
>> >>  There is a 10 lesson curriculum in mobile digital safety, and the app
>> >> itself that could all be translated into Spanish. Then perhaps the app
>> >> and/or curriculum might be used to educate and assist them in their
>> work?
>> >>
>> >> https://www.transifex.com/projects/p/storymaker/language/es/
>> >>
>> >> Resources 20-29 + 210 are the digital safety lessons.
>> >>
>> >> cheers
>> >>
>> >> brian
>> >>
>> >> On Mon, Feb 25, 2013 at 1:04 PM, Kyle Maxwell <krmaxwell at gmail.com>
>> wrote:
>> >>
>> >>> I'm curious how the infosec community, particularly those of us who
>> >>> speak and write Spanish, can assist in helping Mexican activists and
>> >>> journalists. I understand that a large portion of that community
>> >>> actively exchanges data on Twitter; any pointers would be appreciated.
>> >>>
>> >>> Feel free to contact me off-list if desired.
>> >>>
>> >>> On Mon, Feb 25, 2013 at 1:02 PM, G.W. Schulz <gwschulz30 at gmail.com>
>> >>> wrote:
>> >>>>> "Most Mexican journalists and bloggers reporting on highly sensitive
>> >>>>> topics (such as crime, corruption, violence and human rights issues)
>> >>> do not
>> >>>>> fully understand the risks and threats they face when they use
>> digital
>> >>> and
>> >>>>> mobile technology, even though the topics they cover make them even
>> >>> more
>> >>>>> vulnerable, a new survey by Freedom House and the International
>> Center
>> >>> for
>> >>>>> Journalists finds."
>> >>>>
>> >>>>
>> >>>>
>> >>>
>> http://ijnet.org/stories/mexicos-most-vulnerable-reporters-lack-digital-security-skills
>> >>>
>> >>>
>> >>> --
>> >>> Kyle Maxwell [krmaxwell at gmail.com]
>> >>> http://www.xwell.org
>> >>> Twitter: @kylemaxwell
>> >>> --
>> >>> Unsubscribe, change to digest, or change password at:
>> >>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >>>
>> >>
>> >>
>> >>
>> >> --
>> >>
>> >>
>> >>
>> >> Brian Conley
>> >>
>> >> Director, Small World News
>> >>
>> >> http://smallworldnews.tv
>> >>
>> >> m: 646.285.2046
>> >>
>> >> Skype: brianjoelconley
>> >>
>> >>
>> >>
>> >> --
>> >> Unsubscribe, change to digest, or change password at:
>> >> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> >>
>> >
>> >
>> >
>> > --
>> > Unsubscribe, change to digest, or change password at:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at companys at stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>

--
Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE