White Papers

Thematic articles and short narrative research papers written by the ISC Project staff and partners examine core topics in information security and serve as a valuable resource to anybody seeking basic knowledge in this field. As we intend to expand our list of case studies, please contact us if you have a particular topic suggestion.

Hidden Dangers of Dating Apps – Considerations for Image and Phone Number Data

Dating websites and applications are increasingly popular as a way to meet people online. They provide a forum for interaction with individuals with like-minded interests as each site markets itself to specific communities. Most of these sites require a user to create a profile that includes interests, contact information, pictures, and personal preference information. Website users can then search the database of user profiles to find other users they would like to meet. Read More

ChatSecure Offers Easy-to-Use Mobile Instant Messaging with Built-In Protection on Multiple Levels

ChatSecure, an instant messaging utility for Android and iOS, recently introduced a new feature. For those familiar with the utility, it can be summed up in one sentence. “ChatSecure has made it really easy for users to set-up and use disposable instant messaging accounts with OTR encryption that can talk over Tor.” However, if this sentence leaves you puzzled, keep reading, and we’ll try to explain it. Here we go … Read More

Backup and Restore for the End User

In today’s world, information is one of civil society organizations’ most important outputs. Whether it is reports on human rights abuses, digital evidence of government wrongdoing, or a local copy of an email account, an unexpected loss of data carries severe consequences for the organization. This paper introduces an important concept that can mitigate the threat of information loss: a data backup. Read More

VPN and Tor

Virtual Private Networks (VPN) and Tor are tools that offer various degrees of encryption of online traffic. Both tools may also be used to circumvent filters that block content based on the network used for Internet access or physical location in the world. In order to make the best decision as to which tool to use, the capabilities of both must be understood. This document will help you make an educated decision and select the most appropriate tool. Read More

Basic IT Security Terminology

In order to understand digital security, one must first understand the terminology.  This document is the first in a series created by the ISC Project to provide basic definitions of words and phrases commonly used in the digital security field to describe systems, events, software, and hardware.  This paper defines three commonly misused digital security terms:  vulnerability, threat, and risk. These terms are fundamental to building an understanding of digital security field. Read More