“200 journalists from 105 media and 26 countries have filed applications for visas to cover the election,” announced the foreign media chief in the culture and Islamic guidance ministry. Those allowed to enter the country will be subject to severe surveillance.
Let’s take a look at some basic protective measures.
* If possible, travel with a virgin computer. Ideally, you should completely reinstall your operating system (Window, OS X or Linux).
* If you need to take files with you on your computer, take only those that will be absolutely necessary while you are there and encrypt them using PGP or TrueCrypt, which is simpler to use.
* Update your operating system and, while you are there, don’t accept any updates even if Windows ask you to.
* Turn on your firewall (software that blocks unwanted incoming and outgoing connections, allowing your to ward off some kinds of intrusion).
* Install antivirus software and make sure it is updated with the latest virus definitions.
* Protect your computer and mobile phones with passwords. They will help to deny access to your work.
* Encrypt your hard drive. Protecting your computer and mobile phone with passwords is pointless if you do not also encrypt your entire hard disk. In Windows, use Bitlocker or TrueCrypt. In Apple Mac’s OS X, use FileVault (Preferences > System > Security).
* Install a VPN, which is an application that allows you to establish an encrypted communication tunnel between your computer and a server located outside the country. Using a VPN will make it extremely difficult to intercept your communications.
Measures to take while in Iran
* Good “electronic hygiene” should be practiced to avoid installing any malware on your computer:
* Don’t click on links sent by a stranger.
* Don’t download any software if you don’t know where it comes from.
* Don’t accept contact requests from strangers on social networks.
* Always identify the sender of an email before opening any attachments.
* When you connect to the Internet, always use your previously installed VPN.
* Secure your browsing by using the https protocol. It prevents your website passwords from being visible on the network.
* Don’t use Skype to sent sensitive information. The confidentiality of communication via Skype is not guaranteed and, because of its widespread use, Skype is the target of a great deal of malware.
* Encrypt your communications. Email is often intercepted in Iran. To guarantee the confidentiality of the messages you exchange with your editors, encrypt your emails with PGP or encrypt your chats with Pidgin and the OTR protocol.
* The sending of an encrypted email is visible on the network. Although the regime may not be able to access the content of an encrypted email, it may know who sent it and to whom it was sent. Take care when you send an encrypted email. Take account of the situation of the person you are emailing.
* Create one or two email addresses that are not associated with the media that you work for, and use only these addresses. As a result, your emails will be more discreet and will be more likely to pass unnoticed by the authorities.
* You can also send your emails to a specially-created email address, from which they can be removed by a trusted third party with password access and forwarded to their final destination from another email address. This will protect the identity of the recipients of your emails while you are inside Iran.
In the event of Internet cuts or drastic slowdowns
* Keep filming or writing and store your work on an encrypted USB flash drive (encrypted with TrueCrypt, for example). A USB stick is easier to conceal and carry than a computer.
* You can use a satellite connection to send your work but, be careful, because satellite transmissions are easily spotted. Don’t stay too long in the same place while transmitting files.
* Protect your phone with a password, if it has this feature. All SIM cards have a PIN installed by default. Change it and block access to your SIM card with this SIM code.
* If your phone uses the Android operating system, you can use the many applications created by the Guardian Project and Whispersys to encrypt your browsing, chats, SMS and voice messages.
* Turn off GPS in the apps that use it. But make sure that someone is kept abreast of your movements.
* If possible, don’t keep any browsing history. If you are in country that monitors mobile phones or if you think you are under close surveillance because of your activities, it is better not to use a mobile phone to communicate. Use face-to-face meetings instead.
* If you want to keep your phone with you even during sensitive meetings, remove the battery before going. Even without a SIM card, mobile phones send a lot of information (IMEI, IMSI or TMSI numbers and network cell) to nearby relay antennae that allows them to be located.
Source: Reporters Without Borders