Surveillance Self-Defense Against the Trump Administration
On November 8th, 2016, Americans handed the U.S. presidency to a racist, xenophobic, authoritarian, climate-science-denying, misogynistic, revenge-obsessed ego-maniac — and with it control over a vast and all-too-unaccountable intelligence apparatus; and in a speech the end of October 2016, Trump promised to sue all of the women who have come forward with sexual assault accusations against him.
Trump has repeatedly shown utter disrespect for the rule of law. He doesn’t believe in freedom of religion. He advocates torture. He has said he’ll instruct his Justice Department to investigate Black Lives Matter activists, and it’s likely he’ll appoint Rudy Giuliani, of New York City’s racist and unconstitutional “stop-and-frisk” fame, as his attorney general to do the investigating. The New York Times also reports that “Mr. Trump still privately muses about all the ways he will punish his enemies after Election Day.”
With Trump eager to misuse his power and get revenge on his perceived enemies, it’s reasonable to conclude there will be a parallel increase in abuse of power in law enforcement and the intelligence community. Activists who put their bodies on the line trying to protect basic rights — freedom of religion, freedom of speech, civil rights, reproductive rights, voting rights, privacy rights — will face the brunt of it.
Thanks to 16 years of relentless and illegal expansion of executive power under Presidents Bush and Obama, Trump is about to have more tools of surveillance at his disposal than any tyrant ever has. Those preparing for the long fight ahead must protect themselves, even if doing so can be technically complicated.
The best approach varies from situation to situation, but here are some first steps that activists and other concerned citizens should take.
Encrypt Your Phone
If there is a risk you will be detained on the street, the best way to protect the information in your phone is to encrypt it, and require a strong password to unlock it. (Also, check out EFF’s detailed technical and legal advice for protecting your phone while protesting, and what to do if you get arrested at a protest.)
All iPhones are encrypted by default, but the encryption is only useful if you use it correctly. Make sure you set a long, random passcode — it should be at least 6 digits, and it should be 11 digits if you think an agency like the FBI may invest resources into breaking into it (see this article for details and rationale behind this iPhone passcode strategy). As inconvenient as it is, don’t use Apple’s fingerprint technology Touch ID to unlock your phone; law enforcement can force you to use your finger, but they can’t force you to give up your passcode.
If you use Android, go into your Settings app, navigate to the Security section, and encrypt your phone from there. Before you can encrypt your phone you need to set a strong pattern, numeric PIN, or password for unlocking it.
It may be annoying at first to have to type something complicated just to unlock your phone, but once you get started your muscle memory will quickly take over, and this is the only way to truly protect the data stored on your phone. And an important note: if you forget your passcode and can’t unlock your phone, there’s no way you will ever recover the data on it (that’s kind of the point of encryption), and you’ll have to factory reset your phone to keep using it. So when you first switch to a strong passcode, write it down on a piece of paper and keep it in your wallet until you’re sure you’ve committed it to memory, and then destroy the paper.
Ditch Your Phone At Sensitive Moments
Even if you take steps to secure your phone, you shouldn’t trust it too much. If you’re having an activist meeting where you might discuss secret plans, such as organizing nonviolent direct action, everyone should leave their phones somewhere outside of earshot of the meeting. If one phone has been hacked, it could be recording the entire conversation without anyone knowing.
And while phone are indispensable tools for organizing and secure communications, they unfortunately are also tracking devices. If you need to hide your location while you do especially high-risk work, such as whistleblowing, it might be better to leave your phone at home.
Switch from Facebook Groups To End-to-End Encrypted Groups
If you’re part of an activist organization or affinity group that has internal strategy and planning discussions over Facebook (or any other non-encrypted service), you should stop immediately. All of the members of your group, and everything that anyone posts to it, is just a legal request away from being used against you.
Instead, you should get everyone in your activist Facebook groups to switch to an end-to-end encrypted group-messaging app, such as Signal, WhatsApp, or Semaphor.
To create a Signal or WhatsApp group, you need to have the phone numbers of everyone in your group in your phone. Semaphor is kind of like an end-to-end encrypted version of Slack or HipChat — you need to create a new Semaphor team and invite everyone else to join it, and then within that team you can create different channels and send private messages.
All of the messages you send to groups of people using these apps will be end-to-end encrypted. No one, not even the app developers who have access to the servers these apps use, will be able to read the plaintext of your messages, except for the other members of your group.
But while the messages are encrypted, the list of members of the group might not be, and this is also important information to protect. WhatsApp and Semaphor might be able to hand over group membership information if the government comes knocking.
On the other hand, the developer of Signal, Open Whisper Systems, is way ahead of the game here. The one time they received a request for data about a Signal user, all they were technically able to hand over to the FBI was the account creation time and the last date that the user connected to the Signal server — they didn’t have the users’ contacts, they didn’t have a list of groups they were in or members of those groups. The company also successfully fought a gag order designed to keep them from publicizing the request. That said, Signal groups can be buggy, have scaling issues when groups get too big, and at the moment there are far fewer people using Signal than there are using WhatsApp.
If you’re using Signal, you might also be interested in these Signal security tips — most of the information is current, but there are some recent features that are not covered, including “safety numbers” now used to verify the privacy of your conversations, disappearing messages, and desktop support for iPhone users.
Also, be careful who you trust. The FBI has a long history of recruiting informants to spy on activists. Since law enforcement can’t spy on your group conversations by asking these companies to hand over your messages, like they can with Facebook groups, their next easiest move is to infiltrate your group.
Prioritize Security When Building Activist Sites
A lot of activists set up web-based forums to communicate. If you’re responsible for setting such a forum up, make sure you take special care to secure it. Always make sure you use the latest version of the software that powers your website, as well as any plugins you’re using, and apply security updates promptly.
Turn on the web encryption technology HTTPS, and follow all of the best practices like strong cipher suites and HTTP Strict Transport Security. The certificate authority Let’s Encrypt makes this simple and free. Refuse to use forums on websites that still use HTTP, since the U.S. government spies on everything you post to those, including your password, when you log in, and makes it searchable in databases like XKEYSCORE.
Even with HTTPS, your group can still be spied on. At the very least, the government can see exactly which people are visiting your website. You might consider making this much more difficult by taking your website off the open internet completely and making it only accessible as a Tor onion service. Everyone in your group will need to use Tor Browser to access it, but this will make eavesdropping on you, or even realizing that you’re part of a group, much more difficult. The activist tech collective Riseup has published a best practices guide for running Tor onion services.
Secure Your Accounts and Computer
Improve your password habits: Use strong passwords, use a password manager so you can use a unique password for each site without having to memorize them all, and turn on two-factor authentication for applications that support it.
Turn on full disk encryption: If someone gets physical access to your computer and you aren’t using disk encryption, they can very easily steal all of your files. It doesn’t matter if you have a good password or not because they can simply remove your hard drive to access all of your data. Follow these instructions for encrypting your laptop in Windows, Mac OS X, and Linux.
Install all updates promptly: Updates fix security bugs, so every day you haven’t installed them is a day you’re vulnerable to attack. People all too quickly dismiss windows that tell them their software is out-of-date — don’t ignore these. Update all of your software, and it will be much, much harder for anyone to hack you.
Use virtual machines to compartmentalize: You can get hacked by installing the wrong program or opening the wrong email attachment, and if that happens the attacker can access all of your files, log your keystrokes, take screenshots, and even listen to your microphone and watch through your webcam. It’s possible to isolate the most risky files and programs from other parts of your computer using technology called virtual machines. This article explains how to use them.
Use Qubes To Protect Your Computer
If your activism involves handling secrets — planning nonviolent direct action campaigns, gathering evidence for a lawsuit, trafficking in leaked documents — and it’s conceivable that you might be targeted by the FBI, CIA, or NSA, you should be using the open source operating system called Qubes.
Qubes is not the simplest to switch to if you’re coming from Windows or a Mac, but if you have secrets to protect it’s absolutely worth it. With Qubes, you can compartmentalize your computer to work exactly as you want, so that if one part of it gets hacked, the rest of it remains secure. Here are some of the things you can do with Qubes but that you can’t do with Windows, Mac OS X, or normal Linux distributions:
– It’s the only operating system that can protect you from vulnerabilities in your computer’s drivers and from malicious USB sticks that you plug into your computer.
– With Qubes you can easily open any untrustworthy document, such as all of your email attachments, using “disposable VMs,” or virtual machines. If the document contains malicious software, the software will be contained, and it will be completely gone as soon as you close the window.
– You can convert PDF files to “trusted PDF” files, which uses the Qubes sandbox technology to remove any potential malware from a PDF before you open it or send it to your friends.
– You can create “vaults” on your computer, special components that are isolated from the rest of your computer and never have access to the internet. This is perfect for storing sensitive documents — if your web browser gets hacked, the attacker won’t be able to access them — and also for storing secrets such as password databases.
– You can use Tor Browser more securely than you can in other operating systems, so that even if someone manages to exploit a Tor Browser bug and hack you, like the FBI has done in the past, they still won’t be able to deanonymize you.
Qubes is a relatively new operating system, and usability isn’t its strongest point yet. It requires a lot of typing commands into terminal windows if you want to be a power user, so it’s not for everyone. If you’d like to learn more about Qubes, you might be interested in watching this half-hour video tour explaining how it works. But if you’re looking to invest time and energy into securing your computer from hackers (and you should, if you’re taking a big risk with your activism), Qubes is absolutely the place to start.
January 16, 2017