Dangerous Errors

Digital Security can be a complex thing. Especially if you think you’re doing something securely while the opposite is true. In this section, we take the most popular “dangerous errors” that we hear in our work – and explain how things really work.

“Encryption makes me invisible.”

“Encryption makes me suspicious.”

“The incognito mode of the browser makes me anonymous.”

“A VPN makes me invisible.”

“I don’t use Two Factor Authentication, because I don’t want to provide my phone number.”

“As a journalist, I don’t care about the data that Facebook and Google collect about me.”

“Journalists shouldn’t use Google, Facebook, Twitter (…)”

“To be secure, I switch off the internet on my smartphone.”

“Analogue phone calls are safer than internet calls.”

“A cloud is not safe.”

“Open Source is dangerous, because governments can see vulnerabilities.”

“Open Source” means that the code of a program is publicly available. Everybody can review it, search for vulnerabilities, and develop it further. The opposite is “Closed Source”, so that no one but the developer – e.g. a company developing an app – can review it.

The idea of “Open Source” is that a community controls itself by being completely transparent. Of course, malicious actors can be part of that community as well. For example, an intelligence agency could find vulnerabilities and exploit them instead of improving the code for everybody. But the more independent people review it, the less likely it is that the intelligence agency succeeds. The argument for “Open Source” for journalists is that they do not have to trust anybody that a service is safe, but could (theoretically) review it on their own.

Especially when it comes to very popular services that are constantly reviewed by a large community, “Open Source” can serve as an argument for journalists to trust a service that it really does what it claims to do.

RSF Helpdesk




030 609895330