Ultimate Security Guide Part 2

Social Media and Mobile Phones

This second part of my three part guide specifically focuses on mobile devices, social media use, and how to protect yourself while protesting.

The Dilemma with Smart Phones

Phones (and to a slightly lesser degree tablets depending on the model) pose a risk to your privacy and security of significantly greater magnitude than any desktop or laptop device. That is why before saying anything more, your best bet is to not make use of any mobile phone if you can get away with it. Phones are riddled with multiple hardware and software threats that expose the user in many ways. For hardware, almost all modern phones have a GPS, Bluetooth receiver, and are always connected to cell towers, so your position can always be either pinpointed or at least triangulated. Most users don’t get a break on software as unlike a desktop, it is much harder to replace the OS on the phone you have, so most people are stuck with Apple’s iOS or Google’s Android. There are a few ways to mitigate this that one can consider

Burner Phones

Burner phones are normal phones that are prepaid for some fixed period of time (usually 1-3 months). They are good for anonymity, because you can purchase them with cash and get a new phone number periodically. I recommend against getting a smartphone burner as these are almost always the most invasive to privacy; a flip phone or some other feature phone with only a basic feature set is far less likely to have an underlying OS and applications gathering as much data on you as possible. There are several strategies of managing burner phones, but I recommend purchasing an unlocked GSM phone that you load a prepaid SIM card into. This way, you can keep the same phone and swap out cards every time you buy a fixed term plan again. When choosing a burner, it is best to find one without built in GPS or WiFi functionality. If the phone comes with either one or both, remove them or disable them completely. Burners are especially useful if you plan to travel outside the country for both privacy related reasons and practical ones. For example, if you travel to Mexico, Customs and Border Patrol will only have a phone with absolutely nothing of value on it or your primary number in the event you have a traditional subscription as well. Burner phones despite their advantages are not magic security dust; they too still expose the user to location exposure via tower triangulation and IMSI-catchers (which we’ll talk about more). Below is a list of recommended burners:

  1. Mudita Pure (pre-order phase)
  2. Alcatel QUICKFLIP 4044C
  3. Plum Ram 7
  4. Light Phone II (pre-order phase, isn’t compatible with carriers in every country)

There are far more options though that would be suitable. If you truly want full anonymity, you’ll want to buy the phone in person at a store like Walmart, Best Buy, Target, or Walgreens. When using a burner phone, keep your contacts elsewhere such as in an encrypted file on a desktop machine rather than on the phone.

Custom Smart Phones

If Burners aren’t suitable for your use cases, the next best thing is a secure by design smart phone with a free and open source operating system under the hood. The flagship offering in this category is indisputably the Librem 5 which you can pre-order now. The /e/ foundation also sells phones with their deGoogled Android variant pre-installed in their store. They also have a service where you can send in a compatible device and they’ll install it for you or you can install it yourself. For the GNU sponsored offering, there is Replicant, which is a fully free and open source (no proprietary blobs whatsoever) Android distribution. The downside of it is the limited hardware support.

The crowning jewel of secure mobile operating systems is GrapheneOS. It is a fork from CopperheadOS and is fully open source. It has considerable hardening by default with the use of their own hardened malloc, strengthened SELinux, improvements to sandboxing, and more. It supports all Pixel devices from 2 to 4, with 3 having the best support; other devices aren’t officially supported, but would techinically work. Like /e/, it has been fully stripped of any Google APIs or applications.

Lipstick on a Pig

If neither of the first two options are viable for you, there are some ways to make your existing phone more secure and give some added privacy (much of this applies to custom smart phones anyways). Android is an improvement over iOS as the core is open source and allows for much greater control. Below is a list of tasks to make Android and iOS phones more secure:

  1. Change the lock method to passphrase. Use the maximum amount of characters
  2. For Android, don’t sign in with a Google account at all
  3. Use F-Droid and the Aurora store and only use free and open source applications (will be discussed more later)
  4. For Android, try to buy from vendors that release timely security updates
  5. Turn off bluetooth when it’s not being used and try to avoid using location
  6. Uninstall and/or disable crap ware that comes preinstalled with the phone
  7. Hide notifications from being shown at the lock screen
  8. Deselect any analytics or “product improvement” options (mainly pertinent for iOS)
  9. Don’t use sensitive applications like email and banking if you can avoid it
  10. Limit the applications you giver permissions to as well as what permissions you give them

Using Good Software

It’s important to use better software to stay protected on mobile platforms. Most apps in the App Store and Google Play store are proprietary and contain ads that track your behavior and sell your data and the analytics engines underneath that power it all. If you know where to look, there are great open source alternatives to many important applications that people use that meet or even exceed what people expect of the popular proprietary options.

Application Repositories

The Google Play store requires the use of a Google Account. Disable it and use F-Droid; it is a hub for free and open source applications for most major purposes. Most of the applications discussed for Android can be obtained from there. There is also a free and open source platform that lets users access Google Play content without a Google account. It collects no user data and provides a lot of upfront information about apps; this includes if the app has ads, uses GSF, and Aurora Protect. Aurora Protect shows the list of trackers in an app. You can install Aurora from F-Droid.

Communications

SMS messaging is an absolute no go for privacy. The only encryption (if any is implemented) is between the phone and base station tower with the highly vulnerable A5/1 cipher. In 2020, there is very little excuse for using plain SMS for regular communications with others, and certainly intimate conversations and/or ones with sensitive details. The simplest solution is to use Signal from Open Whisper Systems. It is an end-to-end encrypted messenger designed to supplant traditional SMS messengers. It also supports encrypted voice and video calling. Signal is fairly unique in that it doesn’t store much metadata; contacts and any surrounding details about them, including who a user messages aren’t stored on their servers. They only have information about the following:

  1. When did a user joined
  2. When their last connection to the service was

The only thing necessary to sign up in the first place is a phone number. The Android application can even double as the default texting app as well and be used for messaging people without signal, making transition costs almost zero. This app isn’t in F-Droid as of the time of this post, so it’s best to get it via the Aurora Store. The client and the server are free and open source and if you have an account set up on mobile, you can get the desktop app as I describe in the first part of this guide.

I discussed encrypted XMPP using OMEMO with Gajim in my last part. For Android, Conversations is a great choice. The primary difference between encrypted XMPP and Signal is that XMPP is federated, which lets people have more control over their instances. XMPP has more metadata exposure than Signal, but this negative ramification is fully mitigated if you run your own server. The iOS analogue that also supports OMEMO is ChatSecure. To read about the OMEMO specification, read here.

The last two application here are Android only (sorry Apple people). Silence is an app that encrypts SMS messages locally and in transit. Unlike Signal, it requires no account and no WiFi/LTE connection. In that regard, it has an advantage that is shared with XMPP in that it’s decentralized relative to Signal. The downside is the lower adoption rate, which is more problematic from a pragmatic standpoint

Briar is a peer to peer messaging and forum app. All content is encrypted and stored only on your device. Users can connect over WiFi/LTE, Tor, and even Bluetooth in the absence of internet if fellow users are close enough. Because of this, it’s very well suited for activists and protesters.

As a final addendum, Jitsi, which I mentioned in part 1 has an Android and iOS app.

Web Browser

For Android, use Fennec F-Droid. It’s F-Droid’s Firefox build that strips proprietary blobs from the official build from Mozilla. My recommendations with Firefox in part 1 for desktop apply here. On iOS, just get the standard build for Firefox. On Android, the Tor Browser is available, but I’ll talk more about Tor on mobile devices later.

Maps

Google Maps is convenient, but terrible for privacy. Unfortunately, much of the competition isn’t quite as robust with respect to feature set. The best open source option for maps is OsmAnd is the most versatile open source maps app. Unlike GMaps, you can download maps and use it offline. It also has real time warnings and navigation features.

2FA

Two factor authentication can be an excellent godsend in securing your online accounts. It acts as a last line of defense in the event that someone obtained your login credentials. It has a variety of implementations, most common of which is SMS and email based authentication. This is better than nothing in many instances, however, it’s wise to use a more secure alternative.

For Android, there are a few good options, but I’m going to recommend andOTP. It is a free and open source two factor authentication app that locally encrypts all information. It makes use of Time-based One-Time Passwords (TOTP) and HMAC-based One-Time Passwords (HOTP) (you can read more about them here).

For user of iOS, there is Tofu. Like andOTP, you scan the QR code for the desired account and login with the provided one time password. It is encrypted via the iOS keychain, whereas andOTP allows for password/PIN based encryption.

Social Media

Inherent to the nature of the mediums is a huge divestment of privacy. If you’re super concerned about personal information exposure, don’t use social media at all. If you choose to use social media, there are two main courses of action that can be taken

Free and Open Networks

Facebook, Instagram, Snapchat, and Twitter are centralized silos of millions of users’ data. Furthermore, they have proprietary code bases and bad privacy policies. Thus, it is best to use privacy respecting, open source, decentralized networks. Mastodon is a federated micro-blogging network. It is analogous to Twitter, but has a larger character limit and different features. Because of its federated nature, Mastodon is highly resistant to censorship. There are no advertisements or trackers.

diaspora* is a decentralized social network somewhat akin to Facebook. Users join pods similar to how Mastodon users join instances. You can run your run your own pod and there is broad control over how your pod interacts with other pods, so that users can always have full discretion over where their data is shared.

Buttoning Down the Traditional Networks

If you elect to participate in the likes of Facebook, Instagram, Snapchat, and Twitter, there are still steps you can take to increase your privacy.

  1. Don’t use your full name if you don’t have to
  2. Avoid giving away needless information like your phone number and sign up with a burner email
  3. Be mindful of what kind of media you post as they can often reveal more information than you may want to disclose
  4. Use a strong password and two factor authentication

Miscellaneous

Smartphone users make frequent use of basic utility applications, provided by the phone vendor or a developer who made a proprietary third party app. In both instances, it is often the case that these applications may have unwanted tracking over user behavior and ask for excessive permissions. For Android, Simple Mobile Tools provides a suite of applications that are open source and don’t require undue permissions to be granted. These are:

  • Photo Gallery
  • File Manager
  • Calendar
  • Contacts
  • Phone Dialer
  • Notes
  • Draw (digital whiteboard of sorts)
  • Music Player
  • Flashlight
  • SMS (please use one of the options suggested above)
  • Voice Recorder
  • Calculator
  • Clock
  • Camera
  • App Launcher

Simple Mobile Tools unfortunately doesn’t provide a system cleaner, but LTE Cleaner does a fine job at being an open source alternative to the Google Files cleaner.

General Security

There is a wide gamut of apps that harden Android installations. Unfortunately, some of them require that the device be rooted. Rooting your phone is akin to having root access on a UNIX-like OS. If you’re a novice user, it can be a risky procedure if you’re inexperienced and unfamiliar with the tools used. I’ll leave this generic guide for those who want to learn more who haven’t done it.

If you root your phone, the first thing you should do is immediately delete all of the bloatware that ships with the phone. Second point of order is to install AFWall+, which is an iptables front end that allows users to create a network firewall.

You’ll also want to install PilferShush Jammer, which blocks apps from using the microphone without your knowledge. You can also just pull a Snowden and destroy the internal mic and have a pair of earbuds with an integrated mic so that the phone only has a mic active when those earbuds are plugged in.

Most importantly, you’ll want a kill switch. Ripple fulfills this purpose excellently. It can send a message to any application that can instruct the application to harden itself in a number of ways. These include, but aren’t limited to

  • Lock access
  • Disguise
  • Wipe private data
  • Send an emergency message

Android also supports DNS over TLS, so choose a provider and enter the server in the Network settings.

Attending a protest

With the anti police brutality protests that have happened in the wake of the death of George Floyd in May of this year, many people have taken to the streets to demand change in the criminal justice system. Unfortunately, participating in these kinds of protests and others can lead to making newfound adversaries with the government and potentially other groups that harbor animosity towards the cause. It’s paramount to stay safe if you choose to go out and protest. Below are some general guidelines to safely participating

  • If you don’t need to bring your phone, don’t
  • If you do, use a burner phone
  • Wear bland clothing, protect your face, and cover unique features
  • Enable airplane mode if you have a normal smartphone
  • When posting photos or videos, use MAT2 to scrub metadata from them as mentioned in part 1
  • If you’re about to be arrested, use Ripple to expunge your data
  • Consider storing your phone in a faraday cage