[liberationtech] Mexico's most vulnerable reporters lack digital security skills

Wed Feb 27 08:35:50 PST 2013

Drug Lords Celebrate the Drug War at the UN! 
https://www.youtube.com/watch?v=N7oF3N30rUc

Mexican Drug Lord Thanks the UN for 50 Years of Prohibition 
https://www.youtube.com/watch?v=v0p6d6lGTOk

On Wed, Feb 27, 2013 at 05:47:51AM +0100, Nadim Kobeissi wrote:
>    That's incredible. I honestly did not know any of this. Drug lords in the
>    Middle East aren't half as terrifying.
>    With this kind of terrifying landscape, what accessible technology could
>    possibly secure the communications of Mexican journalists against not only
>    interception, but against their own future torture and other such
>    ancillary, surrounding threats that may be borne from using encryption?
>    This situation is so awful that we security people should add it to our
>    repertoire of absolutes ("will this survive NSA intervention?" "will this
>    survive Mexican drug cartel intervention?")
>    They really add to the threat landscape by being not only more unbridled
>    and omnipotent than a bad regime, but not even subject to the smallest
>    shred of responsibility in terms of governance and stability. Even the
>    worst governments still are.
>    A I don't know what on earth Mexican journalists are supposed to do when
>    confronted with such an absurd threat landscape.
>    NK
> 
>    On Wed, Feb 27, 2013 at 1:42 AM, Ryan Gallagher <ryan at rjgallagher.co.uk>
>    wrote:
> 
>      On 27 February 2013 00:01, Eva Galperin <eva at eff.org> wrote:
> 
>        I'm not sure that I would support ranking drug cartels as a less
>        technologically sophisticated threat than the government in Mexico.
> 
>      Very much agree, Eva. If I were working out of Mexico it would be under
>      the assumption that the cartels could, if they really wanted to, obtain
>      the same info that is available to law enforcement agencies and/or
>      government officials via the use of surveillance tech.
> 
>      Mexico has a fairly sophisticated surveillance infrastructure. Since at
>      least 2006 it has has apparently operated a Verint mass monitoring
>      system that can intercept "virtually any wired, wireless or broadband
>      communication network and service," and this system has since been
>      upgraded with the help of the US government:
>      http://www.nextgov.com/technology-news/2012/04/state-department-provide-mexican-security-agency-surveillance-apparatus/55490/
> 
>      Mexican authorities also have access to other tools, such as spy
>      trojans:
>      http://www.slate.com/blogs/future_tense/2012/08/03/surveillance_technology_in_mexico_s_drug_war_.html
> 
>      And as Bloomberg Businessweek reported in 2011: "Recent killings
>      indicate the cartels are taking the new online tactics seriouslya**and
>      that the activists may have miscalculated in counting on nicknames and
>      IP addresses for protection....the U.S. firm Stratfor and security
>      experts in Mexico warned that, with so many government officials on the
>      take, the cartels likely have access to the military-grade tracking
>      technology used by the Mexican government. In at least one case,
>      according to journalist Valdez, the Sinaloan cartel hired a hacker to
>      hunt down a government informant."
>      http://www.businessweek.com/magazine/mexicos-drug-war-takes-to-the-blogosphere-11092011.html#p2
> 
>      Best,
> 
>      Ryan
>      A 
> 
>        While there isn't a lot of evidence that drug cartels have used
>        technologically sophisticated means to track down
>        anonymous/pseudonymous
>        bloggers and journalists, corruption is sufficiently widespread that
>        if
>        my life depended on it, I would assume that the drug cartels could
>        have
>        access to the same information that the government has through bribery
>        and threats.
> 
>        There are circumstances in which I would support the use of Cryptocat
>        by
>        Mexican journalists (and it's certainly an improvement over sending
>        messages in the clear, which many Mexican journalists are doing) but
>        transmitting information which you would like to keep secret from drug
>        cartels is probably not one of them.
> 
>        ************************************************
>        Eva Galperin
>        Global Policy Analyst
>        Electronic Frontier Foundation
>        eva at eff.org
>        (415) 436-9333A ex. 111
>        ************************************************
>        On 2/25/13 1:36 PM, Nadim Kobeissi wrote:
>        > Hi,
>        > At Cryptocat we are developing an easy to use instant messaging tool
>        that
>        > is available in 34 languages. It encrypts all of your conversations,
>        > preserves your privacy and works in your browser.
>        >
>        > If you are a Mexican journalist and your opponent is not highly
>        skilled in
>        > information technology intelligence (not a government, but a drug
>        cartel)
>        > then you should try Cryptocat. It does not leave a record of
>        conversations
>        > anywhere and does not transmit anything in the clear.
>        >
>        > Get Cryptocat here: https://crypto.cat
>        > Make sure to read the warnings on the site to get familiar with the
>        app's
>        > limitations.
>        >
>        >
>        > NK
>        >
>        >
>        > On Mon, Feb 25, 2013 at 10:13 PM, Brian Conley
>        <brianc at smallworldnews.tv>wrote:
>        >
>        >> Hi Kyle,
>        >>
>        >> I've been developing a tool called StoryMaker for journalists and
>        citizen
>        >> journalists.
>        >>
>        >> It's private/secure by design, so ideal for this use case.
>        >>
>        >> A There is a 10 lesson curriculum in mobile digital safety, and the
>        app
>        >> itself that could all be translated into Spanish. Then perhaps the
>        app
>        >> and/or curriculum might be used to educate and assist them in their
>        work?
>        >>
>        >> https://www.transifex.com/projects/p/storymaker/language/es/
>        >>
>        >> Resources 20-29 + 210 are the digital safety lessons.
>        >>
>        >> cheers
>        >>
>        >> brian
>        >>
>        >> On Mon, Feb 25, 2013 at 1:04 PM, Kyle Maxwell <krmaxwell at gmail.com>
>        wrote:
>        >>
>        >>> I'm curious how the infosec community, particularly those of us
>        who
>        >>> speak and write Spanish, can assist in helping Mexican activists
>        and
>        >>> journalists. I understand that a large portion of that community
>        >>> actively exchanges data on Twitter; any pointers would be
>        appreciated.
>        >>>
>        >>> Feel free to contact me off-list if desired.
>        >>>
>        >>> On Mon, Feb 25, 2013 at 1:02 PM, G.W. Schulz
>        <gwschulz30 at gmail.com>
>        >>> wrote:
>        >>>>> "Most Mexican journalists and bloggers reporting on highly
>        sensitive
>        >>>>> topics (such as crime, corruption, violence and human rights
>        issues)
>        >>> do not
>        >>>>> fully understand the risks and threats they face when they use
>        digital
>        >>> and
>        >>>>> mobile technology, even though the topics they cover make them
>        even
>        >>> more
>        >>>>> vulnerable, a new survey by Freedom House and the International
>        Center
>        >>> for
>        >>>>> Journalists finds."
>        >>>>
>        >>>>
>        >>>>
>        >>>
>        http://ijnet.org/stories/mexicos-most-vulnerable-reporters-lack-digital-security-skills
>        >>>
>        >>>
>        >>> --
>        >>> Kyle Maxwell [krmaxwell at gmail.com]
>        >>> http://www.xwell.org
>        >>> Twitter: @kylemaxwell
>        >>> --
>        >>> Unsubscribe, change to digest, or change password at:
>        >>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>        >>>
>        >>
>        >>
>        >>
>        >> --
>        >>
>        >>
>        >>
>        >> Brian Conley
>        >>
>        >> Director, Small World News
>        >>
>        >> http://smallworldnews.tv
>        >>
>        >> m: 646.285.2046
>        >>
>        >> Skype: brianjoelconley
>        >>
>        >>
>        >>
>        >> --
>        >> Unsubscribe, change to digest, or change password at:
>        >> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>        >>
>        >
>        >
>        >
>        > --
>        > Unsubscribe, change to digest, or change password at:
>        https://mailman.stanford.edu/mailman/listinfo/liberationtech
>        --
>        Too many emails? Unsubscribe, change to digest, or change password by
>        emailing moderator at companys at stanford.edu or changing your settings
>        at https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
>      --
>      Too many emails? Unsubscribe, change to digest, or change password by
>      emailing moderator at companys at stanford.edu or changing your settings at
>      https://mailman.stanford.edu/mailman/listinfo/liberationtech

> --
> Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

-- 
______________________________________________________________________________
[Pavol Luptak, Nethemba s.r.o.] [http://www.nethemba.com] [tel: +421905400542]