Alternatively, investing in walkie-talkies that have encryption can be worth it as well, but unsure how legal they are around the world, think some countries put restrictions on those so you might have to acquire them while vacationing somewhere else.
It's mentioned in the body of the article, but get the feeling most people could miss it: Absolute best idea is to leave your "personal" phone at home! Either get a secondary (burner) phone with nothing useful on it and no real names, or skip out on the phone fully. If you do get a secondary phone, make sure it has a removable battery and keep it out from the phone until you arrive at location and as soon as you move, remove battery again.
Generally not allowed in many bands in the US. Motorola sells some AES walkies. They're really the only ones I know of, and they're very expensive.
1. Get a Google Pixel 9, 9 Pro, or 9 Pro XL smartphone (Cellebrite-proofn at time of writing). 2. Verify images & GOS. 3. Disable biometrics & wireless connections. 4. Memorize with Anki or your own head a new, NIST-compliant passphrase with ≥ 8+ words. 3. Get a cover for the smartphone. 4. Buy EMI tape and electrically insulating waterproof tape. 5. Tape the insides of the cover with EMI, layering it & govering the inner walls as well, no gaps (overlay two adjacent layer always, say ≥ 1 cm, if possible) 6. Add one layer of the other tape to insides of the cover 7. Story inside your underpants 24/7 powered off when you don't use it.
My setup is more secure than not having phone, a Qubes laptop, a 2G burner, or not having phone.
On iOS there are not many options for P2P w/o Internet (I assume that is what you meant - otherwise if you want P2P over Internet then there are some options although not really "truly" P2P of course - and of course if Internet is shut down or overwhelmed then it will be down). There's https://github.com/berty/berty (the last time I tried it was crashing incessantly but it might have improved). I do not know of anything else really (there might be few but I am not sure).
So yeah, they'd be able to say that "person A was at location B and later C", but not necessarily the way there or after/before those specific locations.
I agree that the safest is to assume they can definitely track you no matter what protocol/antenna you use, so you have to chose what moment it's OK to be tracked (like large groups).
I can't even get Bluetooth audio to work reliably in a crowded cafe, are you sure these other protocols would fare better?
As a denial of service attack?
You might ask what attending a large scale protest is intended to achieve and decide for yourself if the personal risks are worth it.
True. But keep in mind that demonstration size can have an impact.
Even just relatively large, not even a Million Man March.
For example, relevant to recent news magnifying vile Nazi-saluting imbecile demographics: They tried to pull that at an event in Boston in 2017, but tens of thousands of counter-demonstrators showed up. https://en.wikipedia.org/wiki/Boston_Free_Speech_Rally
We need more reminders that the US can be good people.
It supports strong encryption layer and over 1 km/mile per “hop” in most circumstances.
Designed originally for off grid, it’s very flexible and pretty polished.
Abstracts your phone into a UI. Has a whole ecosystem behind it. I’ve been using it for festivals and tracking my vehicles (high theft area) for years.
Very handy should infra not be available. Should be great for protests also :)
However...
The first rule of emergency communications is that if you can conceive of the need in the future, you need to practice using it now. Getting people to download the meshtastic app or figuring out a weird setting is a lot easier when you have working uncensored internet.
But yeah, in general if you take a phone just assume it's tracking you or at least making it possible for those with access to know you where there.
From a quick glance it looks like it‘s using static NodeIDs derived from the Bluetooth MAC address in the always unencrypted Packet Header.
So not only can you sniff these messages from far away at greatly simplified complexity when comparing to cellular communication, but also tie it to the hardware that you carry with you.
Mesh networks sure have its uses, but I‘d be wary of their offered privacy in the presence of adversaries you could be facing at protests!
They're far dumber than most people give them credit, unless you off a rich guy they just don't have the resources to even think about penetrating anything but cell networks.
The encryption is pretty good, they're not likely to break it any time soon. The device MACs are whatever, unless you go to protests then go wandering around an urban area with the same radios for an extended period of time they're not going to do shit about it. They would have to geolocate from the RF emission and that's difficult to do to an accuracy necessary to uniquely identify you. Further, LoRa is still a bit of a pain to work with outside of using vendor chips which don't have non-cooperative DF capability so we're in the realm of expensive custom solutions from an RF shop which is far more money than the feds are willing to spend to dragnet a couple people.
If you just want to talk to a few friends, don't bother with the default public mesh config, setup your own with encryption enabled.
Don't use longfast, use a higher speed setting if possible. Longfast will go 10km+ in optimal conditions and in a city environment, won't go any further than medfast.
Don't use the default radio channel, pick another one.
MAKE SURE ALL SYSTEMS ARE CONFIGURED IDENTICALLY - meshtastic is picky about all the radio settings being the same for bits to go through. It cannot figure out that the sender is using a faster/slower bitrate than you are so you will just get nothing. Do not attempt to use them until you've verified that all systems reliably send and receive messages in an uncontested environment. It's very easy to misconfigure meshtastic but once you do, fixing it in the field is going to be very difficult.
Tech advice for legal and illegal protests is pretty much diametrically opposite, and advice for countries like the United States is much different than for somewhere like Egypt.
It's complicated!
As pointed out elsewhere, the line between legal and illegal protest is very blurry and can shift rapidly; if anything, the only way to be sure you're not going to a protest that could eventually be classed as illegal is to never go to a protest, regardless of how pure your intentions are.
In other countries, protests are often organized by foreign entities. The organizers will have good opsec, but everyone else is just (metaphorically) cannon fodder as far as the organizers are concerned.
It's been this way for decades. The Soviet Union organized protests in other countries for pretty much its entire existence. The US helped the Polish anti-authoritarian Solidarity movement and several others.
I mean, that’s kind of a given even for the protests that are legitimate. They really only happen when people reach a point of no return, and the organizers are more likely to be fanatics in the first place.
> Please be aware of the legal consequences of these actions. Wiping your device or revoking online account access could lead to obstruction of justice or destruction of evidence charges in some jurisdictions.
This can be really serious. It is far better to never have/collect/obtain data in the first place.
You just don't even want to be at the "proving intent" stage.
If you had a function/service that just automatically wiped your device at intervals, regardless of where you were and what you were doing, that might be more defensible than wiping manually.
Best is if your device can't be locked and doesn't have any evidence of anything at all.
In Face ID, there's a setting that requires direct eye contact in order to open your phone. Highly recommend enabling this when feeling insecure about someone forcing you to open your phone (if it's not already on by default) because it means somebody forcing you to open your phone with Face ID can be easily defeated by simply closing your eyes. I tried this a number of times during the BLM protests, and I/nobody else could get my phone to unlock unless my eyes were open and looking right at it. So with Face ID, I think it's actually way more secure to have biometric authentication turned on, using this setting. The thumbprint stuff might be a good idea to avoid though.
(WARNING: This will make your phone pretty much impossible to unlock with your face if you're inebriated on anything. Ask me how I know. xD You should probably disable it after the protest.)
In contrast, "the device opened in response to the same fingerprint/face that the suspect has" is a form of world-evidence which doesn't infringe on your mind, much like "the key found in your pocket unlocked the safe."
Depending on your settings, this may also call 911 automatically, but that can be canceled.
>Signal has responded to 6 government requests since 2016, and in each case the only information they were able to provide was at most: ...
That is the all the information they claimed they had. We have no way to know what they actually collect. Briar runs P2P over Tor so they can't collect data, even if they should want to.
Whatever is used, an article like this should remind the potential protester to turn on disappearing messages with an appropriately short interval. The powers that be might use something like a Cellebrite box to get all your old messages by cracking the phone security.
That makes the common, dangerous, naive assumption that the implementation is secure. Correct, complete, secure implementations are very hard.
(It also assumes the design is secure, which is impossible to tell based on that limited information. P2P is not any more secure than over the Internet: In fact, it's easier to identify (there are only a few Briar P2P signals and near-infinite Internet signals - you've outed yourself), and if you mean local mesh P2P networking, that doesn't help at a protest, where the authorities also are present.)
In the more public app world, only Signal has done it well enough that experts trust it, and they have lots of free help from the expert security community.
If you're not technical, signal is hands down the best solution.
If you have a group that's going to something and you are willing to take some extra steps, something like matrix/briar/simplex/whatever setup with a self hosted instance provides you with the knowledge that all the infrastructure is under your control and that the feds just aren't going to have the time to sit down and figure out how this shit works.
The thing this thread is wildly missing the point on is unless you off a ceo or are a prolific organizer, the feds are systematic. They pick a set of techniques and technologies that cast the widest net possible with the money they have, then spend their time trying to nail people within that venn diagram. Yes, security through obscurity is not ideal in-and-of-itself, but combined with encryption and chaos, you can get much farther than using the same stuff everyone else has been using for a decade+. If you stay near the leading edge of tech the feds are a decade behind you, they still have years of threat briefing powerpoints to sit through before they can even think about implementing a countermeasure.
You could find 1000 CVEs in briar but if only a handful of of people at a demonstration are using it, the feds are still going to be sitting there beating their heads against signal because that's what they know how to do. If they ever find a single high severity CVE in signal, it's game over for everyone.
There are apps that uses accelerometer and gyroscopic sensors to detect if phone is snatched execute certain action based on this
Use app lock, so in case your phone is opened, apps will still be locked --> lock galley + filesExplorer(any) + settings + playstore + Browser(All installed) + Cloud/RemoteDrives(any) + Any syncing apps + Contacts + Email+messaging apps etc
(Hell all apps for utmost paranoia)
Use apps that remotely sync your phone specific folder/gallery every time new file is created (So when taking photos or recordinf something, if pbone got snatched, data is deleted + phone is broken or formattef/wiped against your will, your files have already synced to remote location so no worries
Snoopsnitch https://f-droid.org/en/packages/de.srlabs.snoopsnitch/
Stayput https://f-droid.org/en/packages/org.y20k.stayput/
plucklockex https://f-droid.org/en/packages/xyz.iridiumion.plucklockex/
Pixels (and soon other Android devices) have this functionality built-in: https://security.googleblog.com/2024/10/pixel-proactive-secu...
Otoh, the main function of protests is to get media attention, so if they don't get publicized there was basically no point unless they evolve into direct action.
If you're interested in this second point, read https://www.amazon.com/If-We-Burn-Protest-Revolution/dp/1541...
If you record police brutality, it doesn't do any good if the police come and smash your camera and then deny it. Being able to live stream or to live backup photos and video can be useful.
Also, many recent causes have used social media to provoke "big media" attention. The Arab Spring used social media to circumvent government crackdowns on communications and bring international attention. The #BringBackOurGirls hashtag was started locally after the Boko Haram kidnappings and incompetent government response and brought global pressure and resources.
Hard disagree. Public events are public events. My conclusion, based on experience at street protests, historic trends, and current political events, is that there have been significant actions by provocateurs over the past decade or more, and particularly in Portland in 2020. Taking and posting pictures of these people is an important act. It the internet age makes this tactic impossible, it will be a huge win.
The upside is nonexistent anyway: the state is photographing everyone at these events, so you taking an additional photo does not change the risk surface for anyone with regard to state retaliation.
(On the other hand, you’re also right that agent provocateurs are old COINTELPRO-era tactics used by the state and right wingers against protest movements.)
When it comes to tactics to keep yourself safe when protesting, there aren’t ultimately too many hard beliefs to be had, especially when the right are perfectly happy to collaborate with the state.
Maybe you’d argue that the second set of protesters are actually feds; I won’t argue the point because I prefer the first set of norms myself.
Other good reads on this include the end of protest, the end of the end of history, capitalist realism
Good tip! I didn't know about disabling 2G support on my phone.
There are basically no countermeasures. Which means freedom is truly at the discretion of the powerful, because once the government goes North Korea there is no going back.
I actually think the biggest threat to humanity in the Great Filter sense is authoritarianism, more than nuclear Armageddon, grey too, or super AI.
Nothing can stop by he centralization of power that AI provides to the powerful, and the fact the elite have been brazenly antidemocratic and anti- institutionalism in public and podcasting platform is this election cycle is frightening.
The social acceptance of defeatism and quitting is incredible - they couldn't have a more ideal opposition. You'll never win if you quit before you start. It's mass cowardice in the face of danger, with an excuse of course.
These seem like good practical steps.
GrapheneOS has duress pins (type it in, and the phone is wiped). It has secondary pins for biometric - the intent being that your real password is a long passphrase, and "quick " unlock is bio+pin.
I would add to this list some method of uploading video live to another service, in a way that the video can't be deleted via the phone. I know those exist for the express purpose of civil rights, I think the aclu has a list somewhere.
As well as the methods suggested, you could have full disk encryption and just have the phone switch off if it suspects any shenanigans. If you want, it could still boot into an OS, but it just denies knowing about the encrypted disk. Done right, the image itself could be difficult to discern from something like a corrupted video file.
> Your Risks at a Protest
In addition, your SIM (likely traceable to you, especially if you have it) will be auto-connecting to their temporary telecom system (i.e. Stingray [2]), where they can find out the following:
1. That you were nearby to the event.
2. A tonne of operations available via the modem [3].
3. If you speak to somebody locally (as part of the routing).
4. Shift your connection down to 2G/3G where it is easier to hack [4].
I think each person needs to consider their security model.
[1] https://pine64.org/devices/pinephone/
[2] https://en.wikipedia.org/wiki/Stingray_phone_tracker
[3] https://www.electronicsforu.com/special/cool-stuff-misc/gsm-...
[4] https://www.eff.org/deeplinks/2020/06/your-phone-vulnerable-...
https://www.404media.co/the-powerful-ai-tool-that-cops-or-st...
AI Photo Geolocation - https://news.ycombinator.com/item?id=40232755 - May 2024 (102 comments)
https://cellebrite.com/en/glossary/bfu-iphone-mobile-device-...
iOS is amazing insecurely to a determined law enforcement agency after the first unlock when you turn your phone on.
And a mitigation that Apple is doing.
https://lonelybrand.com/blog/iphones-operating-on-ios-18-1-w...
As far as having a strong pin to help protect you, it won’t protect you from rubber hose decryption.
I wonder why no one adds a „decoy pin“ which looks like it unlocks the device but secretly deletes sensitive data.
Probably, most people don’t see rubber hose cryptography as a real threat, and in most cases, they’re probably right.
I keep a few handsets around for apps I don't want on my daily driver (ex:food ordering, 2FA).
More in line with the article: For alternate cell/SMS service I have a RedPocket SIM. (note: I see now it's $45/yr on ebay. I'm paying less, prob grandfathered).
Not really. Old phones don't receive security patches and can be trivially unlocked to extract all relevant information. Sure, it might not have your nudes or bank login, but if you're using it to coordinate the protest that's plenty of incriminating evidence for the police.
>For alternate cell/SMS service I have a RedPocket SIM. (note: I see now it's $45/yr on ebay.
You have to be very careful with this, otherwise it's trivial to tie the phone/SIM back to you. Off the top of my head:
* the billing/shipping address used to order the SIM
* any payment information used to top-up the account
* location correlations with any other devices you own (for instance, if your burner phone pings the same towers as your primary phone for an extended period of time)
* using it for anything other than protests (eg. as a "burner" number when applying for jobs to avoid spam)
The Jan 6 insurrection is a good example of how difficult it is in a real world scenario to ID specific people in a large protest, and many of them got caught because they talked about it afterward on Facebook. If you are cell phone 2,347 on a spreadsheet of 33,422 phones and the number has no associated locational data, open source information, etc. you are way safer than bringing your regular phone, while not being an easy target and being able to communicate if you need to.
For a phone that was off until 2 hours ago and it's only login is the app they comm with, there don't seem to be a lot of meaningful risk vectors.
> and can be trivially unlocked to extract all relevant information.
The unlocker will maybe get one app login and 2 hours of location data.
> if you're using it to coordinate the protest that's plenty of incriminating evidence for the police.
It's one app login and 2 hours of location data. Most of that same info can be gleaned by directly observing the individual.
https://opsec.riotmedicine.net/downloads#mobile-phone-securi...
"Avoid External Storage"
They missed part with this. You could use external storage just for your current recording purposes so you can pop the SD card and take it with you if you think your phone will be taken.
Infact it's probably not the best idea to protest (in a crowd) anymore. The cops know how to kettle, and they have the tech edge. Activists need to think and act more asymmetrically.
Every security practice is a risk/reward. The measures being offered here are no-cost measures which can reduce the exposure of evidence to casual security / police.
I am not advocating for breaking the law. You have to understand that if a police person or a security guard violates your rights of free expression you may not get bailed out by the ACLU.
Mostly legal protests that got violently repressed by enforcement of unconstitutional laws in Quebec.
https://en.wikipedia.org/wiki/2010_G20_Toronto_summit_protes...
Same thing in Toronto.
Canada rates very high on democracy indexes. Even if you beat the charge in court you can still get arrested on bullshit in every country.
2) Authoritarians have been known to act illegally to solidify their power.
People can agree on what the law is, but they don't always agree on what is right. Sometimes a democratic government will zealously defend a law, war or principal that later generations of the same government will disavow.
first of all, where?
secondly, what has legality of protest got to do with privacy?
