My Most Popular 2014 Posts (For Other Sites)

I wrap up each year with the most popular posts I’ve written for any site without a paywall.

My Two Favorites

My favorite post of the year was actually a slideshow I put together for TakePart.com on seven healthcare innovations saving lives in the developing world. It was just such a treat to research and report on, especially a riveting 2AM Skype call with a source in Lahore, Pakistan. I was thrilled to draw attention to some of these technologies, and I got to work with Paul Tullis, who is a fantastic editor.

Another favorite post was a piece for Slate’s Future Tense blog called  FileVault 2: Mac Users’ Unsaved Files and Screenshots are Automatically Stored on iCloud. I came across the idea for this post after seeing technologists wondering on Twitter why there wasn’t more coverage on it. One of them, cryptographer Matthew Green, was the expert I interviewed. I never did get in touch with Apple, but it did speak with Business Insider’s Sam Colt.

There’s a third piece I really love, but it hasn’t been published yet, so mum’s the word…

The Best Video

This has nothing to do with content, but I just had to throw it in! My video of the year is one I took after some guy harassed me on the street on the way to my bachelorette party. His friend had a few things to say to him, and I managed to get it on video.

Writing About Content Marketing

I love linking to posts on Contently sites, because their editors I feel bring out the best in me and the topics I cover are interesting.  ‘Growth is Not a Hack':  7 Strategies for Building a Loyal Audience (Content Strategist) was one of Buffer’s top picks and did really well. It’s actually a panel from a Contently Summit I attended. Other Contently posts that spring to mind include the 7 Deadly Sins of Content Marketing, a piece on ways newsrooms can catch up with digital-savvy competitors (based on a report called “The Goat Must Be Fed,” coming out of Duke Reporters’ Lab), and an interview with Brian Clark.

I got to write about BP’s op-ed in Politico , and explained why I thought Patch 2.0 will fail again (both for The Content Strategist). For Ad Week, I profiled Peggy Conlon, and wrote about how some filmmakers and producers are fighting back against Latino stereotypes through stories.

I penned some posts for Copyblogger, including one on why too much emotional appeal in your copy can harm your credibility, one on how demonstrating authority can be a disaster, an admonition against sacrificing trust for short-term sales, and strategies for simplifying complex content while maintaining sophistication and nuance.

I also wrote a piece for the Content Strategist called Serious About Brand Publishing? Don’t Send a Copywriter to do a Trained Journalist’s Job, which inspired all sorts of heated reaction, including a nuanced post by Joel Klettke and a more abrasive rant (which was a very defensive strawman argument written by someone who I don’t think actually understood the original piece).

Last but not least, I wrote The Distance, Basecamp’s online magazine, for the Content Strategist, in a post titled Why Basecamp Just Launched an Online Magazine that Shuns Technology.

Quizzes Galore

You’ll have to forgive me for summarizing my year in inane quizzes. I actually learned quite a bit about myself in quizzes this year. I learned that my plant personality is dandelion passionflower slippery elm, and that if I were a mythical creature, I’d be an elf. My dream career, according to quizzes, is a writer (imagine that), and the classic author that is my soulmate is Anton Chekhov. In a past life, I hear, I was Emma Goldman. If I were a Star Wars character, I’d be Yoda. In Harry Potter, I’d be Dumbledore. In Game of Thrones, I’d be Arya and would die in a sword fight. I should live in Portland, and if I were an alcoholic beverage, I’d be a fine glass of wine. My 90s one-hit wonder is One of Us. Were I elected president, I’d be going to Mt. Rushmore. Good to know, ey? Well, now that you know all there is to know about me, we’ll move on to more links.

Freelance Writing about Freelance Writing

So meta. A few that stood out for me include  8 Jedi Mind Tricks for Freelancers (and Star Wars Nerds), some tips for creating videos that don’t put people to sleep, an interview with Dan Levitin, author of The Organized Mind, and reviewed the book itself. And for freelancers who are often quitting jobs, I wrote a guest blog post about dramatic emotional exits and destroyed reputations for crisis management consultant Melissa Agnes’ blog. Finally, I wrote about Beacon and crowdfunded journalism for Ebyline. I taught freelancers how to find sources and break stories using LinkedIn, and how to protect their sources in the age of surveillance (both for The Freelancer).

Apps and Tools and Tech and..

I love covering emerging tech. My favorite posts this past year included a piece on tech trends that will change content creation (based on Amy Webb’s talk at the ONA conference), an interview with Robert Hernandez about wearable tech and augmented reality (he almost makes Google Glass sound cool), a roundup of time-saving apps (and more time-saving tools) for VerticalResponse,and a list of apps and gadgets for journalists on the go for the Content Strategist. I also listed apps for collaborative editing for Ebyline, looked at the Copyblogger editorial team’s favorite apps and tools, and wrote a roundup of health and fitness apps for Men’s Journal.

Ligher Fare

I got to write about matcha and put together a slide show about hot dog variations for Made Man. The site also ran my interview with Shane Snow. And if you’re looking to improve your golf swing, look no further than my article for Experience Life.

And that’s that!

I want to get posts like this delivered to my inbox.

2014 Awards Nominees…and Looking for Judges!

220px-The_sun1I thought it’d be fun to round up a purely subjective list of what I consider the best in journalism: reporters who do their job and won’t take a no even in a world of PR politeness,  fiercely political (or just plain funny) parody/satire/comedy, whistleblowers or citizen reporters putting systemic change in their own hands, or even just people calling media out when appropriate.

This is an incomplete list based on what caught my attention throughout the year, along with nominations from Facebook friends. I am looking for volunteers to make additional nominations, as well as for judges. Since new media comes out every day, judging will not take place until January.

Here are the preliminary nominees, along with a list of nominees that were disqualified, either because the story is from before 2014, or because the link didn’t fit neatly into any one category.

Best whistleblower/citizen reporter

 Most badass reporter

FU, Media

Best parody/satire/humor: political

Best parody/satire/humor: non-political

Disqualified (not in 2014)

Disqualified (didn’t quite fit in a category)

I want to get posts like this delivered to my inbox.

Top 10 Posts in 2014

blue_star_backdropEach year, I do a wrap-up of the posts that are the most popular, based on page views and time spent reading. Here are this year’s winners, along with a little bit of information behind each post.

10. What I Learned From My Failed Crowdfunding Campaign goes into some details of my failed attempt to become a Beacon writer. Maybe one day I’ll try again…

9. The Elephant in the Room Episode 2: Metrics was a podcast episode in which I discussed metrics–and why some people are scared of them–with my good friend Sam Blake (may he rest in peace). Interestingly, more people viewed the post than actually listened to the podcast.

8. Be Your Own Freelance Hero actually started out as a pep talk to myself, since I felt that clients and editors aren’t really invested in freelancers’ long-term career development or professional goals. We have to do it ourselves…

7. Travel Hacking 101: How I Flew to New York for Five Bucks was a fun post I wrote about some of the things I learned from Chris Guillebeau and Stephanie Zito. I’ve since racked up even more miles I need to spend…

6. The Writing Process Blog Tour was a post where I answered a few questions about how I write, and tagged four other writers. I’m still waiting for Shane Snow and Sonia Simone to share theirs, but Holden Page and Gideon Walker happily played.

5. Review: Unconventional Guide to Freelancing was my review of an ebook I was actually quoted in, complete with an affiliate link. However, I was pretty honest about it.

4. Why You Should Stop “Building Relationships” was born out of frustration with the bad career advice of “networking” with the expectation of something in return. Looks like it resonated.

3. The Elephant in the Room Episode 1: Net Neutrality was the first episode of my podcast, featuring Bartees Cox. I was particularly excited about this because I was having trouble getting pitches on the topic accepted, so took matters into my own hands. Interestingly, more people viewed the post than listened to the podcast.

2. That Contently Summit Recap You Were Asking For was a rundown of what happened two summits ago (I missed the last one). I believe it was business journalist Michelle Rafter who originally asked for it.

1. Protecting Your Sources in the Age of Surveillance is a tool round-up. It was originally supposed to be a short blog post on the Freelancer, but the information got pretty granular and detailed, so I ended up posting the nitty gritty details on here. I’m actually really excited that this  made #1 on the list, since I spent a lot of time on it… If you’re interested in personal security online as well, I have a free PDF download for you…no email signup necessary.

I want to get posts like this delivered to my inbox.

2014 Year in Review

2013-Desktop-Background-Free-1024x640Each year, I follow in the footsteps of Chris Guillebeau, and complete an annual review. I look back at what went well and what went badly, and make some goals for the following year. In the spirit of transparency, I’ve been sharing the majority of my notes publicly. I think it’s important to be honest about the good and the bad, and hope that it will help others.

In the next week and a half, I’ll wrap up 2014 with lists of my most popular posts and projects, and some lighter fare like end-of-the-year lists and shoutouts. But for now, here’s my painfully transparent year in review, warts and all. I hope it helps you take a look back at your year and plan for the next.

What went well this year?

Okay, this year was pretty amazing. Here it is in 21 bullets:

  • First and foremost, I got married to the love of my life in July. (!!!) Wedding planning can be hectic, of course, but everything came together so nicely and we had a beautiful ceremony and reception. Then we spent an amazing week honeymooning in Alaska. We went hiking, got massages, stayed in boutique hotels and tiny cabins, floated down the Kenai, had some beers in Homer, and spotted saw Dall sheep, mountain goats, grizzly bears, and moose… as well as a million eagles. We also ate some of the best seafood in the world. I couldn’t be more happy.
  • I turned 35 and celebrated my 5th year of freelancing.
  • I moved from Minneapolis to Phoenix, with stops in Omaha, Denver/Boulder, and Albuquerque. Getting back to the Southwest has been a goal of mine, so I’m pretty thrilled to be here. And it was a treat to visit friends along the way.
  • I went to the Contently Summit in New York City, the Online News Association conference in Chicago, and a UPOD Academy in Los Angeles. I also visited San Diego with my husband, just for fun. It was great to meet up with so many people for drinks or coffee at each stop. I really enjoyed all the events, especially the ONA conference.
  • I gave two lightning talks, one Ignite talk in Minneapolis in defense of mediocrity, and one Ignite Afterhours talk in Phoenix on naked photos in the age of surveillance (AKA safer sexting).
  • I took an improv class and also learned how to pick locks.
  • I got a nice crash course in online security, and learned all about encryption, password managers, two-factor authentication, etc.
  • Using what I’d learned firsthand and tapping into other people’s expertise, I wrote an ebook (which is free!) on ways to stay safer online. I worked hard to make it organized and accessible, unlike much of the material I’d seen in the wild.
  • I also moved this site over to SSL, to give people a bit more privacy while browsing.
  • I wrote 156 posts or articles and had about 150 published (including a few stragglers from last year). I interviewed a total of 137 sources, and worked with around 37 editors or clients, for about 28 sites or magazines and a handful of brands. My favorite sites were Slate’s Future Tense, and TakePart (the online arm of Participant Media). I also enjoyed writing for the Content Strategist, the Freelancer, Men’s Journal, Men’s Fitness, Made Man, and Experience Life… and many others.
  • I am really proud of around 32 of the stories I did. And although it sometimes feels like friends and strangers alike all want to jump in and nitpick often subjective or minute aspects of posts, I’m pretty confident that there were no major factual errors in my work, though I did misspell Johns Hopkins in a big-name site.
  • I got a total of 34,339 shares for posts I wrote (yes, I track all this stuff in a geeky spreadsheet), and 29 journalists shared one or more of my posts this year. I also increased my income by 25 percent.
  • I took my first email-free, work-free vacation (for my honeymoon!), and am about to take a second week off for the holidays.
  • This year, I also walked away from a lot of clients and projects that were bad fits, which is something I’d never previously had the luxury of doing.
  • I started a podcast, the Elephant in the Room, and had some fabulous guests discussing interesting and sometimes controversial topics in five episodes (and hoping to post the sixth soon).
  • I threw a really fun all-girl party here in Phoenix, and lots of amazing women came to drink wine and play Cards Against Humanity.
  • We also hosted my in-laws for Thanksgiving, and my husband’s three best friends stayed here for a while. Love having visitors.
  • I managed to have a super-classy, non-trashy bachelorette party (spa day, dinner and sketch comedy and drinks), and have a blast anyway. Though I did somehow lose my car at one point…
  • My travel hacking went amazingly well.
  • I’m kicking butt at fantasy football.
  • I helped grow tons of veggies and herbs in a really awesome garden (which I had to give away when we moved).
  • I renamed the “lazy Susan” the “effective Susan.”

What didn’t go well?

This list is shorter, but the challenges run deep…

  • My very good friend Sam Blake committed suicide. This has been devastating for me, especially since we were so close and talked on chat almost every day (sometimes multiple times a day). I really, really miss him.
  • Somehow I ended up on someone’s bad side, and he/she sent me a nice batch of anonymous death and rape threat emails. This was followed by a lot of thinly veiled phishing attempts. Unfortunately, I didn’t handle the thing well (hello, Twitter meltdown!)–partially because I was dealing with Sam’s death at the same time. He would’ve been one of the first people I’d discussed it with. Stressful is an understatement.
  • I tried to get a group of people together for a birthday dinner at my favorite Thai place in Minneapolis, and everyone either no-showed without even canceling. This was really depressing and I spent about a month after that deliberately not talking to anyone socially–except for my husband, of course, and my friend Sam. It made me realize that–despite a group of friends I’m still in touch with–the Midwest isn’t a good fit for me. It is hard to live there without having grown up there like (almost) everyone else.
  • I had a failed crowdfunding campaign on Beacon, which was pretty depressing, especially since I would’ve lost money on the project I had outlined even if I had gotten enough subscribers.
  • I volunteered for the Nerdery’s Overnight Website Challenge, an event where teams of developers, designers, and sometimes copywriters work together to help nonprofit organizations redo their websites in a 24-hour marathon session. This was my second year at OWS, but didn’t go as smoothly as the first. Unfortunately, our new site never launched, nobody but me showed up to meet with our non-profit during the awards ceremony, and trying to resolve this after the fact went nowhere. It is hard to put a lot of time into a project that fizzles and ties because of one’s teammates/fellow volunteers, but there it is.
  • For the first time in years, I’ve been completely unmotivated as far as working out. I got my blue belt in BJJ at the end of 2013, and barely did BJJ in 2014. And for the first time in my life, I got on a weird weight loss rollercoaster–so I looked great for the wedding but gained all the weight back, and the some.
  • I had five posts killed and have three in purgatory. And even though I mentioned that I was proud of 32 of the posts I’ve written, that means I was ambivalent about 118 of them, or around 80 percent. I felt like a lot of the work I did was somewhat meaningless. A lot of the topics I had to write about, especially relating to marketing and SEO, just felt like I was adding more noise to the world. In some instances, I felt like it was edited in a way that detracted from my message or weakened the post (though this was subtle and not blatant, unlike past years). I had several editors who wouldn’t allow me to see final edits before a post went live, and though I walked away from these clients, it was still disappointing. In general, I felt like most e of the people I worked with this year didn’t care about my professional development–which makes sense as a freelancer. I know that I will need to find a way to address this going forward. I want to work with more people who will push me to improve and really challenge me.
  • I worked too much. Part of this was to save up money for the wedding, for moving, and so forth. At one point I literally made a list of neglected items (like going to the dentist) and it took me months to get to it. I didn’t have a lot of balance this year.
  • Although I had a lot of fun traveling, at conferences, etc. I have felt pretty lonely for good chunks of the year. I feel like there’s a big disconnect at times between many people who want to talk to me (often because they want introductions, etc.), and many of the people I want to talk to (who often don’t really want to talk to me and are busy trying to find higher status people they want to talk to). At times I feel that there is very little resonance, and I haven’t made the types of meaningful connections I’d like to make. Despite all of the connections I’ve made, it’s been a pretty lonely year.

What do I want in 2015?

It’s a little embarrassing, since many of these items were on my list last year to accomplish this year…but here they still are.

  • Work-wise, I want to do more investigative reporting and perhaps long-form pieces covering science and tech and even social movements. I want my work to make a real difference in the world…and I want it to be more personally challenging.
  • I have a book idea I’ve been nursing, which I want to consider pursuing.
  • I want to go through the available resources in some professional groups I’m in, and add “learn Python/Django” back to the list as well.
  • Updating this site is on the list as well, specifically the images on the right.
  • I’d like to find more like-minded people I respect to spend time with. I’ve been to a lot of events and meet-ups, but haven’t really met many people I resonate with to hang out with. Maybe another improv class? I’m also trying to find the best coworking place for me.
  • I’d like to do non-work things, such as reading fiction, and spend time outdoors. I am looking at two potential courses I’m interested in which have nothing to do with work..
  • I’m still working through a lot of decluttering madness.
  • My ongoing quest to become 100% debt-free is always on my mind. I made great strides in 2014, but am still looking forward to more.
  • The usual health goals: sleeping more, watching my diet, working out, maybe even finding a new BJJ gym. I really miss the physical fitness aspect of my life, and need to bake in more consistency.

Whether you share what’s on your plate for 2015 or keep it close to the chest, I hope you have the best year ever! Here’s to learning and growing and evolving as we move forward.

I want to get posts like this delivered to my inbox.

Reflecting on 5 Years of Freelancing

I’m reflecting on five years of freelancing today. A year ago, I wrote a reflection: Four Years of Freelancing: 20 Things I Learned the Hard Way.

I wrote about using good tools, taking time off, and making sure you get health insurance. I wrote about learning journalistic principles, looking at contracts, and negotiating higher pay. I wrote about finding anchor clients, diversification, and setting clear expectations and boundaries. I wrote about finding good conferences, helping other writers, and learning how to deal with rejection.

I even wrote about dealing with worst-case scenarios, and realizing that they usually aren’t career-ending.

This past year I’ve been reflecting quite a bit on worst-case scenarios. On articles that get sat on or killed. On sources that are misquoted because an unethical editor decides to tamper with them for linkbait. On editors that are simply incompetent, and add embarrassing headlines or misleading images, or sprinkle off-topic comments throughout a piece. On decision makers who won’t allow writers to review edited work before it goes live, or won’t make corrections even when they’re clearly called for.

There are scenarios that are worse than all those, though. The copywriter who wanted to work on screenplays but lost his way, distracted by the lure of riches. The would-be investigative reporter who gives up before anyone lets her write a meaty piece, instead succumbing to the endless offers of 600-800 word blog posts. And all the stories left uncovered because an ad manager somewhere wouldn’t approve a piece due to delicate negotiations (or in retaliation for stalled ones). No, this isn’t limited to brand journalism–it happens in old school newsrooms, too.

I could write paragraph after paragraph about how Basecamp changed my life (it did), or how all reporters should learn to use encryption and get a password manager (we should), or how ONA has the best conference of all time even though everyone’s glued on their computers and may not want to talk to you (YMMV, of course). But instead of yet another listicle, I think my biggest piece of advice for young freelancers is to set a goal that’s not purely monetary.

It’s not about the…

Anyone who says money doesn’t matter has never had to live without it. And my advice may be somewhat hypocritical, since I’m making twice as much annually as I did as a teacher (not including the hundreds of dollars I spent out-of-pocket on supplies), and am working far fewer hours. I have enjoyed a 14 to 30 percent raise each year I’ve worked,  and am projected to earn 232 percent of what I made the first year I started.

I don’t think making money as a freelancer is as difficult as people make it out to be.  Everyone needs content. Most people will pay double if they can put their name on your work. (I’ve been moving away from ghostwriting as of late, but the demand is definitely out there.) Money is easy. This is doubly true if you’re good. For every person who’s on a race to the bottom looking for Fiverr or Elance rates, there’s another who realizes he gets what he pays for, and is ready to invest in quality. The question is usually not “can I make money from my writing?” but “what kind of writing will I have to do this week in order to make money?” or, better yet–“will the work I accept this week solely for the money lead me off my path?”

Making money is the easy part, but making money doing work that you find personally meaningful, work that doesn’t force you to compromise your own integrity is difficult. Finding a good balance between work that’s interesting and fun and lighthearted and work that you feel truly passionate about is the hard part. (Most people need a bit of both.) Finding really awesome editors that will push you hard so you can continuously improve and learn from each project is difficult. Finding someone who will care about your professional development beyond the work that you do for them is nearly impossible.

I’ve been incredibly lucky in my short freelancing career. I’ve had some amazing editors, a handful of mentors, and the opportunity to cover some truly meaningful topics and even do a bit of investigative reporting. But somewhere along the line, I feel like I started seeing dollars and got a bit off track. This year, I’ve tried hard to correct course, giving up some lucrative projects in favor of ones I found more personally meaningful.

I got to write about BP’s op-ed in Politico,  and explained why I thought Patch 2.0 will fail again. I profiled Peggy Conlon, and wrote about how some filmmakers and producers are fighting back against Latino stereotypes through stories. I profiled Basecamp’s online magazine, and wrote a post for Slate’s Future Tense about Apple storing user’s unsaved files to the Cloud. In one of my favorite pieces for the year, I put together a slideshow for TakePart on health innovations changing the game in the developing world. I taught freelancers how to find sources and break stories using LinkedIn, and how to protect their sources in the age of surveillance.

When stories got killed or I couldn’t get assignments for them, or wanted more control over the final product, I took them to my own website. I have a super geeky roundup on encryption/anonymity tools on my own blog, put out a 20-page guide on staying safer online that is very accessible, and even started my own podcast when none of my editors would let me cover net neutrality.

The point of this isn’t to toot my own horn, but to say that if there’s one thing I’ve learned in year five of freelancing, it’s that even unpaid work that feels meaningful to me is better than high-paying work that is unfulfilling or at odds with my own sense of integrity. This isn’t to say that I only want to write hard-hitting long-form investigative articles for the most prestigious sites going forward, but I do think it’s easy to get sucked into focusing on pay at the risk of quality, integrity, or personal goals.

My freelance writing advice? Don’t let other people define what success should look like for you. Decide what it looks like for yourself.

Then run after that with all you’ve got.

I definitely will be.

I want to get posts like this delivered to my inbox.

Stuff I Wrote: November 2014

Writing Fountain penI only have about a dozen links to share with you, but it’s been a pretty busy month.

First off, I did an hour-long podcast with Holden Page to discuss all sorts of  media controversies and issues, so make sure to listen if you haven’t already. For some reason, few people have.

Also this month, I released the first version of a PDF on staying safer online. It was a months-long effort and has gotten over 100 downloads, which I’m thrilled about. I’m adding some revisions and getting it designed into a bonafide ebook, so stay tuned for that. The content is similar to what I posted on the blog, with some updates, and a better format.

On November 14, I gave a lightning talk on safe(r) sexting titled Naked Photos in the Age of Surveillance at Ignite Afterhours, which was a lot of fun. No video, of course, but I have been directing people to EFF’s secure messaging scorecard.

Oh, and I started playing with Storify again.

Last but not least, I moved this site over to SSL, so you can view it using https:// instead of http://. This encrypts your communication and makes your browsing a little more secure.

While I’m self promoting, I wanted to casually mention that I’m actively looking for writing opportunities that fit my particular interests (tech, science, political movements, long form writing, investigative reporting, etc.), and will make room for them in my schedule, so I wanted to throw that out there, too.

But I promised you a dozen links to posts I wrote this month, so here they are.

Tech

Writing

  • How to Protect Your Sources in the Age of Surveillance (The Freelancer) How freelance reporters can understand the landscape and take some basic security precautions, with thoughts from Freedom of the Press Foundation technologist Runa Sandvik and Access manager of tech policy and programs Michael Carbone. The technical portion of this piece is captured in a tool roundup.

Health

MMA

  • Beating the Odds: UFC 180 (Sherdog) My column on upsets at UFC 180, including Ricardo Lamas, Hector Urbina, Alejandro Perez and Marco Beltran.

Catch you next month with the last set of links to stuff I wrote in 2014!

I want to get posts like this delivered to my inbox.

Staying Safe(r) Online: What To Do When You’ve Pissed Off The Internet

6206667510_4132bdce02_zStaying Safe(r) Online

What to do when you’ve pissed off the internet (or at least a small corner of it)

Download this as a PDF: https://yaelwrites.com/wp-content/uploads/2014/11/saferonline.pdf

 

Being subjected to threats, unwanted contact, compromised accounts, hacked websites, or having sensitive information shared online is an awful experience. In the midst of this, it can be confusing to know how to react and which steps to take to protect yourself. You’re likely to get conflicting advice on whether to take incidents seriously or ignore them, and trying to get up to speed on online security strategies with limited technical knowledge can make an already stressful situation more overwhelming. It’s not always obvious who’s responsible for ongoing harassment or how many people are involved, and trying to address a threat with limited information can be difficult. Please remember that you are not alone. If you were, this guide wouldn’t be here. You will get through this.

While there are no cut-and-dried, right-or-wrong ways to react to these types of situations, this e-book outlines some steps you can take to improve your security, for you to choose from based on your unique situation, temperament, and politics. (Special thanks to Michael Carbone, Stefan Edwards, and several people who want to remain anonymous, for reviewing early copies of this e-book, and to Maartje Gorte for editing it.)

Before getting started, there are a few disclaimers I’d like to emphasize.

First of all, although there is a lot you can do to minimize your risk of harm, there are never any guarantees. As long as you’re aware of this limitation, however, taking a proactive approach can be empowering.

Second, although I will be delving into a lot of tools, the best tool you have is between your ears. Adopting a security mindset, which can include but is not limited to finding the right tools, is key.

Third, be aware that some of the steps you can take to protect yourself online may slow down your workflow a bit. For example, password managers (which we’ll discuss below) offer a measure of security and peace of mind, but also require you to take an extra step before logging into anything. Two-factor authentication (also discussed below) helps protect important accounts, but requires you to use verification codes sent to you by text message to log into those accounts. Sometimes, getting everything to work together will involve a few extra steps as well. For example, setting up two-step verification on Gmail on each of your devices takes some time, so you may not be able to check your email on your mobile phone or tablet right away.

Finally, I want to emphasize that you don’t have to do everything listed here. By determining what you’re most concerned about, you can prioritize the steps that are most important to you, and not spend too much time on issues that don’t matter to you as much. This can help you decide which time and workflow constraints are worthwhile. As your circumstances change, the decisions you make may change as well.

Again, please remember that you don’t have to try to do everything on this list all at once! Pick the section(s) that you think will be most beneficial to you, and start there.

This guide is a work in progress and obviously can’t cover every situation, but will hopefully provide a bit of clarity on the options and help you decide which steps you want to take. Remember that a lot of these steps can be taken ahead of time, before anything happens. That’s less stressful and more effective.

1. Your physical safety

If your fundamental concern is your physical well-being—because you’ve received credible threats or your home address has been compromised— here are some options.

  1. Consider staying with a friend until things blow over. This can provide peace of mind if you feel unsafe in your home.
  2. If you do need to stay in your home, consider installing a security camera with a motion detector—the kind that only records if movement is detected.
  3. Make sure you have good locks, ideally deadbolts, on all of your doors. Remember to lock them at all times, even when you’re just leaving for a short time. When you’re at home, it can be a good idea to lock the door or close blinds and windows.
  4. Consider varying your route to work and home, and either avoiding locations you normally frequent or making sure you are going with friends.
  5. Consider contacting the authorities. Even if you don’t decide to contact them right now, start documenting what is happening so that there is a paper trail in case things escalate. (You can take screenshots or use archive.today to do this.) You’ll want timestamps and URLs for screenshots you take of comments on social media, and full headers for emails, which include the email addresses of the sender and the recipient, timestamps, etc. If you do contact the authorities, you may want to have someone else there with you as an advocate, and to explain anything about the situation that you may not think to emphasize. Be aware that police response can be quite underwhelming
  6. If the threats that make you worry about your physical safety come from an online source, try to share information about the perpetrators with other people, because they may have additional information. Setting up a shared file is a good way to gather information that can help you narrow down the location of the people contacting you, and sometimes even determine who they are. Try to find out information such as screen names, phone numbers, and IP addresses (if available—they can be found in email headers, site logs, chat logs, etc.). Back up your records in case you’ll need them later.

2. Your location

[Read more…]

I want to get posts like this delivered to my inbox.

Elephant in the Room Episode 5: Media Matters

The podcast is back, and it’s an hour long this time!

podcastTopics and Show Notes

I’m experimenting with a slight format change for this episode. Instead of a half hour-long interview with an expert on their topic of expertise, I had Holden Page cohosting to discuss various topics surrounding media.

1. A short tribute to Sam Blake

2. When should freelance writers work for free or cheap?

3. SugarString banning coverage of net neutrality or NSA.

4. MMA writing and challenges of investigative journalism for freelance writers

5. We recommend…

Also!

Instead, read these:

The first 4 episodes

I think my hosting gets worse over time, so start at the beginning!

Episode 1: Net Neutrality with Bartees Cox
Episode 2: Metrics with Sam Blake
Episode 3: Age Dynamics with Holden Page
Episode 4: Aggression with Bridgett Hart and Arielle Hale

I want to get posts like this delivered to my inbox.

Protecting Your Sources In the Age of Surveillance: A Tool Roundup

If you’re a journalist, you’ve probably been privy to information that could put your sources at significant risk if it got in the wrong hands. I’ve written a post on The Freelancer with some basic tips on how to protect your in-person communications, but ran out of space to talk about the tools of the trade–patiently explained to me by Michael Carbone, Manager of Tech Policy and Programs at Access, Runa Sandvik, privacy and security researcher at Freedom of the Press, and a couple of other experts speaking on background.

You may want to start playing around with these tools now, as it’s best to get a handle on them before you actually need them. But before we delve into complex, high-tech tools, be aware that basic digital security measures should be in place. I’ll have a post within the next week or so on ways to make yourself safe(r) on line, whether you’re a journalist or not, but for now, here are some basics:

  • Make sure you use long, complex passwords, using a password manager such as 1Password or KeePass. (Memorizing your main password, not writing it down, and not using password hints is, of course, preferable… and think twice before )
  • Set up two-factor authentication, which can alert you to break-in attempts and make your data harder to compromise. You’ll have to use your password and type in a code texted to your cell phone when you log into programs with two-factor authentication set up.
  • Keep your software up-to-date, so that you’re not vulnerable to security issues that have been patched up in newer versions.
  • Try to stay on top of any concerning issues, such as Apple’s troubling default autosave settings (which I just wrote about for Slate’s Future Tense blog).
  • Be careful when clicking on links or opening attachments. You can view non-confidential attachments on Google Drive, or use Virus Total (now owned by Google) to scan links and attachments. Long URL expands shortened URLs for you so you’ll know what you’re clicking on.

Now that the basics are taken care of, let’s get to the fun stuff. Here are some tools you can pick and choose from to decrease the chances that your source’s identity will be compromised. 

Your invisibility cloak: Tor

What is it?

Tor is a robust anonymity network that protects your location and identity online by bouncing communications through multiple volunteer-staffed locations around the world. Originally developed for the U.S. Naval Research Academy to protect government communications, Tor was also famously used by whistleblower Ed Snowden to send information about PRISM to the Washington Post and the Guardian. Tor sometimes gets a bad rap because it’s been used as a tool to spam web forums or send anonymous hate mail, but it’s also been used by domestic violence survivors to avoid cyberstalking without needing to quit the internet cold turkey.

If you’re reporting from a country with internet restrictions, you can use Tor to access the websites that would otherwise be blocked. If you’re okay with giving away your identity but not your location, you can post on social media sites using the Tor browser.

Difficulty:

The Tor Browser is incredibly easy to use, and doesn’t even require that you install any software. The operating system Tails, which can be used while traveling, lets you use the internet anonymously and routes traffic through Tor. It requires a bit more technical know-how.

Limitations:

Obviously, logging into Facebook, a bank account, or an email account associated with your name reveals your identity.

  • Opening documents, enabling or installing browser plugins, checking into email and Facebook accounts using your real name, and using Torrent are a few other ways that your identity can be compromised.
  • In addition, your internet service provider or local network administrator can see that you’re using a Tor relay unless you take special members to try to hide it.
  • Another potential drawback is that some websites either block traffic coming from Tor, or do not allow comments from Tor users.
  • Tor and Tails have posted warnings detailing other potential vulnerabilities.

Making user identity and location for both journalists and sources is highly useful, and the fact that it requires limited technical knowledge makes Tor a no-brainer.

Your Dead Drop

securedrop_logo.png

SecureDrop is used by prominent publications and websites, including the New Yorker, Forbes, ProPublica, Intercept, the Washington Post and the Guardian.

Difficulty: SecureDrop is challenging to set up without some computer know-how, and it’s recommended that an organization has an IT professional or system administrator to maintain it.

Limitations:

  • Secure Drop needs two servers and an old laptop, so the cost is between $1000 and $3000.
  • As mentioned, having a computer professional on staff is recommended. (Another option that may be better for freelancers is OnionShare.)
  • It’s not impossible for an entity to break or hack into the news organization to seize the document.

Your decoder rings

Encrypted email

What it is: PGP stands for “pretty good privacy,” while GPG, an open-source version, is “Gnu Privacy Guard.” Both tools allow you to send and receive encrypted messages to people online, using their public key code. These messages look like a jumble of text to anyone unless you sent it to them, and they open it with their own special private key code. Even if you don’t want to encrypt a message, you can digitally sign an email, so that the recipient knows it wasn’t tampered with in transit.

Difficulty: Let’s just say that I definitely wouldn’t recommend trying to learn how to encrypt email while on deadline. Although it’s not hard to download and there are numerous tutorials online (like this one by opsec expert Tom Lowenthal), it can be challenging to get all of the components to work together with your email client. (GPG also doesn’t work with Yosemite, if you’re on a Mac, and it looks like they will begin charging for the service once it’s ready.)

I was lucky enough to make fast friends with someone who gave a presentation on the topic. Even with assistance, I made multiple juvenile errors, including hitting reply to an encrypted message (thereby unencrypting it), sending something unencrypted when I thought it was encrypted, and setting an expiration date a year sooner than I’d intended.

The email client Thunderbird offers a robust encryption plugin called Enigmail that is a little finicky but can simplify the process, and a new program called Mailpile looks promising, though it isn’t finished.

Limitations:

  • As mentioned, email encryption can be hard to learn, and both the user and the sender need to use it to communicate.
  • If your computer is stolen, encrypted messages may be compromised, depending on the strength of your computer’s password, since a few mail servers unencrypt messages and store them in unencrypted form.
  • If a key is lost and you are storing messages in encrypted form, the data is gone forever.
  • Email service limitations and other issues sometimes make it difficult to send large files using encryption. (They can be shared through thumb drives, Onionshare, or other file sharing sites.)
  • Sending encrypted emails does not hide information about who is emailing who, when, how often, and with what subject line.
  • Senders need each other’s public keys, which adds another step to the process. Some journalists link to their public key on their websites, and I’ve loaded mine up to my Twitter bio and linked to it in my email signature.

Encrypted chat

What it is: Off-The-Record (OTR) Messaging is a chat extension you can use to encrypt chat conversations. It can be used through the Tor browser to protect user location as well. It is used with other software, such as Adium for Mac or Pidgin for Windows.

Difficulty: OTR is incredibly easy to set up. If you are routing another chat program through OTR, you can see the encrypted conversations happening in that chat window. However, learning how to verify the identity of the person you’re speaking with proves to be a bit more challenging.

Limitations:

  • Both users need to use OTR in order for it to work.
  • Separate steps must be taken if you wish to verify the identity of the person you’re speaking with.
  • OTR does not support group chat, file transfers, or audio and video communication.
  • National security researchers may want to stick with Jitsi because OTR does have a few security concerns that those with high-level technical experience may be able to exploit.
  • OTR with Adium appears to be saving some messages in plain text. This needs to be disabled manually.

Encrypted phone calls and texts

Open Whisper Systems offers two Android tools, Redphone and TextSecure, for calls and texts. Apple users can use Signal on their iPhone to make encrypted phone calls.

In addition, a company called Silent Circle offers encrypted calling and texting, with plans ranging from $12.95 to $24.95 a month to call non-user numbers. Otherwise, you can call users for $9.95 a month.

Limitations:

  • Both users need to have Open Whisper Systems tools installed on their phone. Silent Circle allows its users to call or text those not using the services, but this obviously makes the calls less secure. Otherwise, both users need to pay for the service.
  • Since your phone number is attached to the tools, anonymity is not protected, and your cell phone tracks your location through cell tower signals as well as GPS systems. (It is possible to use Signal with an iPod, however.)
  • It’s always possible to trace GPS information from cell phones (or location from towers), and phones can be turned into listening devices.

Encrypted video chat

jitsi

 

 

 

Skype has a complicated security history both locally and internationally. In some cases, Google Hangouts can be used instead. Otherwise, Jitsi is a good alternative for secure video communication. It can be used for chat, as well, as an alternative to OTR. Jitsi is easy to set up and use, does not require any installation, and allow you to use current services you have set up, such as AIM, Google Talk, or Facebook chat.

Limitations:

  • Users need to be accessing Jitsi using the same chat program (i.e. AIM, Google Talk, or Facebook chat).
  • Account providers like Google or Facebook keep records of who is communicating and perhaps who they are communicating with. They can share this information with corporations and governments, even if the actual content is encrypted. (It’s possible to use programs like Ostel.co, but this takes a little more setup time.)
  • Jitsi requires you to install Java on your computer, but Java has many security problems of its own. If you don’t have Java installed already, and download it to use Jitsi, you may need to go through the added steps of disabling Java and its associated plugins from your computer.

Encrypting your hard drive

Say you’re covering border issues and your laptop is confiscated at the airport… or even that you misplace it at a conference. If anyone makes a copy of your hard drive, it’s best if the material on it is encrypted.

Using a full disk encryption service such as FileVault (for Mac), BitLocker(Windows) assures that the image of your hard drive will be scrambled. Most Linux providers allow you to encrypt the hard drive when you first install the service. If you are storing your data in the cloud, make sure to use a service, such as SpiderOak, that encrypts cloud backups.

Difficulty: Installing full disk encryption is incredibly easy, but encrypting cloud backups and especially sharing files through SpiderOak has a steep learning curve.

Drawbacks:

  • If you forget your password for any of these options, all of your files are lost.
  • SpiderOak is considerably more difficult to learn and use than its competitors (DropBox and Google Drive).
  • In addition, its features are less robust.

So there you have it—a wide selection of tools to choose from based on what your sources are able and willing to use, and what’s most appropriate for your specific situation. It may be worth picking just one to start messing around with before you really need to, so you’re not trying to install and master challenging tools on a deadline.

For more information, check out some of these links as well:

Privacy Tools: The Best Encrypted Messaging Programs (ProPublica)

The 7 Privacy Tools Essential to Make Snowden Documentary CitizenFour (EFF)

Surveillance Self-Defense (for journalists on the move) (EFF)

Also, check out EFF’s secure messaging scorecard.

I want to get posts like this delivered to my inbox.

Stuff I Wrote: October 2014

Writing Fountain penHappy Halloween!

Before I delve into the roundup of posts from the past month, I wanted to let you know that I’ll be doing a lightning talk at Ignite After Hours on November 14th. There’s a whole roundup of amazing speakers for this R-rated event, who’ll be presenting five-minute talks on everything from medical marijuana to sex trafficking to BDSM in mainstream media. I’ll be speaking on sexy photos in the age of surveillance, so if you’re in the Phoenix area and can manage to snag tickets in time, please come check it out.

I also wanted to thank everyone who reached out via email and on social media to offer support in the aftermath of Sam’s death. Rather than fixating on what we could have done differently, I’ve been trying my hardest to find strength in my memories. Your support and warm thoughts mean the world to me.

Without further ado, here are my posts from this past month.

Health & Fitness

Journalism

Tools

Social Media Marketing

MMA

  • TUF 20 Reports: 10/1, 10/22, 10/29 (MMA Torch) My weekly recaps of the Ultimate Fighter.

Coming Soon

Expect more posts about privacy and encryption next month, and maybe even a revival of the Elephant in the Room podcast. I’m also putting the finishing touches on an e-book about how to be a little bit safer online, so keep your eyes open!

I want to get posts like this delivered to my inbox.