The war in Ukraine has only reinforced that journalists using free communication apps could be vulnerable to interception by high-level state actors using sophisticated spyware such as Pegasus.
Reporters in the field need to feel confident their communications and sources are secure. Here are the features to look for on an encrypted phone to provide better protection than apps with a history of vulnerabilities.
Leading Encryption
Using an encrypted phone line is a necessary first line of defence, but not all encryption is of equal strength. Many free apps tout “end-to-end encryption,” but this isn’t necessarily the strongest encryption on the market.
If journalists connect with a platform that uses military-grade encryption, they are taking a step towards ensuring their security. But messages need to be encrypted in transit and at rest.
No Server Storage
Encryption usually stymies hackers, so they look for other ways to tap access confidential information. Weak server storage is a common entry point.
Look for a platform that only stores very basic information on a server, like a username, activation date, and expiry date. If the server stores pictures and text messages, it could be a major vulnerability that undermines the encryption and other security features.
No Third-Party Apps
Popular encrypted apps like WhatsApp or Signal pose security risks journalists need to avoid. Threema can be integrated into existing software applications, which can put you at risk of exposure to third-party threats. By the time you’ve downloaded these apps, you’ve accepted many permissions to access your sensitive data, more than you probably realize.
It’s impossible to know how the app or the company uses, stores, shares, or even sells this data once the app is on your phone. Third-party apps may store your personal information on their server, including GPS location, so another entity can intercept it and compromise your security.
Selling your sensitive data to other third parties is a routine business model for many app developers. Using a mobile platform designed to be incompatible with risky third-party apps protects your privacy and security from these threats.
Secondary Security Features
Journalists need security that goes above and beyond. The leading platforms have many features that protect phone data, no matter what situation arises.
If a journalist misplaces their phone or is the victim of theft, they can wipe its contents remotely. The owner can prevent the contents from being seen, even if the phone has vanished.
Journalists may have secretive text messages or pictures that can’t be released until it’s time to publish their work. Indeed, there may be a situation where repressive authorities demand that a journalist open their phone and show them what’s stored.
If this dangerous situation should arise, the tamper-proof feature allows journalists to enter a code that will erase its contents.
In a world in which misinformation can be weaponized, journalists need to keep safe and secure to perform their increasingly dangerous job. Look for a phone that meets the above criteria to mitigate risks to data exposure and personal safety. The world highly values the work journalists do. If you’re a journalist, you need to place an equally important priority on this essential tool of your trade.
