Encryption: Brief advice from Thomas Drake to journalists

[This content has not been independently verified. It was created from personal notes taken at the discussion ‘Whistleblowers in the surveillance state: Human rights’ digital background’ in Sydney on 4 August 2014.]



Broadcaster Quentin Dempster.


US whistleblower Thomas Drake, a former senior executive of the US National Security Agency

Edward Snowden’s US defence attorney Jesselyn Radack .


Question & Answer Session


Are there any programs-like 3mail or others-that you would suggest are actually safe for journalists to use, that are encrypted properly?


I always have to be careful when saying it is safe.

Part of the problem here is infrastructure. There are so many different ways infrastructure is really compromised.

Is there are reasonable expectation of privacy when doing email with PGP (Pretty Good Privacy)-as long as the implementation is correct-yes.

Are there reasonable expectations of privacy if you use TOR (the anonymising of your communication channels) with some constraints, yes.

Is OTR (Off the Record) essentially secured and anonymised instant messaging, yes, as long as implementation is secure.

That’s the rub here.

You can’t just look at this as one piece.  There is communication I do where I have to use a combination of proxies and virtual private networks but if you use a virtual private network you better make sure it’s not logging because there’s other metadata that can reveal who you are.


Print Friendly, PDF & Email