Read on Twitter
Thread: how not to make it easy for cops when communicating online?
#BlackLivesMatter
#Pride #Protests #Activism #Antifascism 
#BlackLivesMatter
#Pride #Protests #Activism #Antifascism
Instead of using @discord to organize (proprietary, closed-source, centralized and unencrypted), @RiotChat ( http://riot.im ) built on Matrix, is libre, open-source, decentralized and end-to-end encrypted.
Similarly, rather than using #WhatsApp, #Messenger or @telegram please use @signalapp or @session_app ( #Session uses the same encryption protocol as #Signal but does not require a phone number to log in, is decentralized and #onion rooted).
Instead of using #GDrive and its apps, you can use http://mega.nz (50GB encrypted) and @framasoft tools. Rather than #GMail, go for @ProtonMail or @TutanotaTeam (can be used as a digital dead mailbox) or even http://guerrillamail.com .
When necessary (more often than you think), use a log-free #VPN ( @ProtonVPN, @mullvadnet, @airvpn) or even self-hosted (pay using $BTC or, even better, $XMR). Run @torproject if you need to, or even @Tails_live.
/!\\ VPN + #Tor = bad idea. Tor proxy if needed.
/!\\ VPN + #Tor = bad idea. Tor proxy if needed.
To encrypt your messages and files, you can use @gnupg. Avoid proprietary operating systems (i.e. OS X or Windows) or those that are partially proprietary (such as Ubuntu and its derivates).
Good #Linux distros for newbies: @openSUSE, @debian, @ManjaroLinux.
Good #Linux distros for newbies: @openSUSE, @debian, @ManjaroLinux.
Don't carry your phone with you when #protesting. Leave it at home but DO NOT SHUT IT DOWN or put it in airplane mode at unusual times: be careful with your routine. Install @CopperheadOS or @LineageAndroid on it if possible and encrypt your device.
Disable biometric recognition only, preferably opt for a complicated PIN. Don't give it to the cops, no matter what they tell you. You have the right to stay silent.
Lock your apps. Don't install random stuff, don't give random permissions/root access to apps.
Lock your apps. Don't install random stuff, don't give random permissions/root access to apps.
And of course, do not use Google (especially for sensitive searches). Use @torproject instead (or properly configured @firefox: http://privacytools.io/browsers/#about_config) and @DuckDuckGo or @startpage or @disconnectme. And keep your systems and softwares up to date.
If at all possible, do not communicate using computers (including phones) or electronic networks (including the phone network). Assume everything with a battery in it (or plugged into mains power) is bugged, recording you, and sending it to the cops, even when turned off.
Don't write down anything the police or other authorities could use.
Meet face-to-face with other activists and make sure you trust everyone present to turn off their computers and take out the batteries — or simply not to bring any device.
Meet face-to-face with other activists and make sure you trust everyone present to turn off their computers and take out the batteries — or simply not to bring any device.
Don't lean on E2EE, especially to secure info that could result in conviction or imprisonment. E2EE is great for protecting the public from mass surveillance but u have to assume that if cops target you, they have ways of making your computers rat you out: https://xkcd.com/538/
Also, comms software that uses #E2EE has to be built and used very carefully to avoid leaking #metadata. Cops have killed people based on metadata: https://www.techdirt.com/articles/20140511/06390427191/michael-hayden-gleefully-admits-we-kill-people-based-metadata.shtml
Softwares that are open source ( #FOSS) are not made by an enlightened elite but by random strangers, only some of whom support your cause(s), are trustworthy and/or can secure software competently.
Hence, avoid proprietary softwares as much as possible, because it's hard for anyone to check whether they’re spying on you. But do not assume that anything open source is not spying on you. Sometimes it is: https://gnu.org/philosophy/ubuntu-spyware.en.html
#Ubuntu #Spyware
#Ubuntu #Spyware
Read security advices from everywhere and cross references, eg: https://crimethinc.com/2004/11/01/what-is-security-culture
, https://archive.org/details/DigitalSecurityForActivists_439... Most importantly, be sceptical about advices from random strangers online — such as myself. :)
, https://archive.org/details/DigitalSecurityForActivists_439... Most importantly, be sceptical about advices from random strangers online — such as myself. :)
Be aware that I could be saying this to make myself sound more trustworthy, so you won't be as discerning about my advices. Don't fall for it. Social engineering is a much more common way of pwning activists than cracking their encryption.
Don't be paranoid, but be cautious.
Don't be paranoid, but be cautious.
Finally, know that authorities have much more effective ways of spying on you than technology. Sometimes a close friend (or even partner) with whom you’re doing activism works for the State, sometimes they’ll simply betray you and talk to the police when they’ll get caught.
