Laura Poitras is the Macarthur-winning, Oscar-winning documentarian who made Citizenfour. Her life has been dogged by government surveillance and harassment, and she has had to become a paranoid OPSEC ninja just to survive. Read the rest
In a major policy change that sounds like a Very Good Idea, the U.S. Army announced today that dog tags will no longer include the Social Security numbers of the soldier wearing them. SSNs have been part of this identification system for over 40 years.
There's no one else on Earth who's more familiar with the surveillance capabilities of governments, spy agencies and criminals who is also willing to discuss those capabilities. Edward Snowden's wide-ranging conversation with the Freedom of the Press Foundation's Micah Lee on operational security for normal people is a must-read for anyone who wants to be safe from identity thieves, stalkers, corrupt governments, police forces, and spy agencies. Read the rest
It's an incredibly arduous, tedious, and deliberately unfriendly process, but you can, in fact, opt out of the data-brokers that are most commonly used to doxx people, uncovering their home addresses, work details, and so on (but beware, you have to do this on a more-or-less monthly basis to stay out of their databases). Read the rest
Tommy writes, "I'm working with Verso Books (which just published Gabriella Coleman's Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous to provide free encryption workshops to groups in NYC." Read the rest
Micah Lee, the former EFF staffer whom Edward Snowden reached out to in order to establish secure connections to Glenn Greenwald and Laura Poitras, shares the methodology he and Snowden employed to stay secure and secret in the face of overwhelming risk and scrutiny. Read the rest
Stock Android phones with the Darkmatter OS use encrypted storage, OS-level app controls, and secure messaging by default, but if the phone thinks it's under attack, it dismounts all the encrypted stuff and reboots as a stock Android phone with no obvious hints that its owner has anything hidden on it. Read the rest
Douglas writes, "My rooted CyanogenMod phone got hacked at HOPE X. I'm planning to get it write-blocked and imaged to crowdsource forensics." Read the rest
In Android Anti-forensics: Modifying CyanogenMod Karl-Johan Karlsson and William Bradley Glisson present a version of the Cyanogenmod alternate operating system for Android devices, modified so that it generates plausible false data to foil forensic analysis by law enforcement. The idea is to create a mobile phone that "lies" for you so that adversaries who coerce you into letting them take a copy of its data can't find out where you've been, who you've been talking to, or what you've been talking about.
I'm interested in this project but wonder about how to make it practical for daily use. Presently, it maintains a hidden set of true data, and a trick set of false data intended to be fetched by forensic tools. Presumably, this only works until the forensic tools are modified to spot the real data. But you can conceptually imagine a phone that maintains a normal address book and SMS history, etc -- all the things that are useful to have in daily use -- but that, on a certain signal (say, when an alternate unlock code is entered, or after a certain number of failed unlock attempts) scrubs all that and replaces it with plausible deniability data.
Obviously, this kind of thing doesn't work against state-level actors who can subpoena (or coerce) your location data and call history from your carrier, but those people don't need to seize your phone in the first place. Read the rest