The right to assemble and protest is enshrined in American law, but it can still be dangerous to hit the streets to make your voice heard. Your devices are a treasure trove of information about you, and you may not always know who’s collecting that data. Take a few minutes before you go to assess your digital and physical safety. Even if you have nothing to hide, you don’t want to accidentally give law enforcement officials any information you didn’t intend to share. Follow these tips to lock down your phone before a protest or other peaceful assembly.
Going to a protest? Don’t bring your phone
without doing this firstI’m skeptical of bringing your phone at all, either in airplane mode or off, because modern phones still broadcast location when it’s ‘dead’ in order for you to find it. But I don’t know enough about that to say for sure
Off should be off. Airplane mode often leaves WiFi and Bluetooth on because airplanes allow them. And GPS doesn’t transmit anything, but if it’s enabled it’s still recording your location.
You can buy faraday wallets for like $20.
Others said not all work well though.
Wrapping in aluminum foil works. Thicker is better, more wraps is better. But one wrap stopped my test call.
I tested mine using my keyfob (which is what I bought it for). Test, for sure, but there are ones that work. Aluminum foil also works.
Buy a used phone on eBay. Activate with phreeli at a library. Only turn on phone at protests. Turn off when you leave.
Interesting, but $25 a month. Tello dot com has a cheap plan for $7.91 a month after taxes and fees. I use it on a $50 Amazon blu phone because I wanted something else for 2FA, and I have a phone ready if my main one breaks or gets lost.
- Get a cheap mobile specifically for protests, especially using it for pictures and video.
- Set it up to livestream everything, so that any video evidence gained can’t be taken away.
- Get a faraday bag for when you need to put that mobile away and not be tracked.
Maybe I’m missing something though?
I got a body cam for about $50 amazon dot com/dp/B0BHZ4PRRG, currently unavailable. Makes a great dashcam too. When the usb charging cable is plugged in it turns on when you start your car and turns off when you turn off your car.
The only thing you’re missing is to put a piece of white tape on the sole of your shoe. When you are lying on the ground It’s a cop signal that you are an undercover agent.
Shitty article. Doesnt even contain the words SIM card or IMEI so it has no business advising people on whats safe to bring to a protest. There is no such thing as cop-proofing a mobile phone unless all wireless modules have been removed. The cops can and do track peoples cell tower signal derived locations and they can log active Wifi/Bluetooth MAC addresses in their vicinity.
As others have said, just dont bring it if you are scared. Consider just using a bodycam or gopro style camera.
Modern phones rotate random MAC addresses. For WiFi, capturing SSID probes can be enough to track somebody though (some phones also have some mitigation for that too, like not probing for an SSID after it hasn’t been seen for some amount of time). Even when turned off, many phones, including iPhones, turn into BLE beacons similar to AirTags, which can be used to track you.
almost worthless. I just learned that the android 13 xiaomi phone of a family member broadcasts some of the wifi AP names it knows when scanning for available networks! constantly! why the fuck it does I don’t know because neither are hidden networks that would need this, and there’s no setting for it
Yeah, I’m guessing it’s so if you “hide” the network, it will still connect to it. Anyone can scan these advertisements, then go to wigle.net and likely get a good idea of where you live/work.
Are those networks marked as hidden SSID networks? Hidden networks require the client STA to broadcast them to find them.
Good additions, thanks.
Modern phones rotate random MAC addresses
My phone does, but im not sure if normal google/apple phones do by default.
iPhones do by default, you need to specifically turn on fixed IP at home to identify the damn phone reliably
Thank you, I have been saying this. Use a regular camera and be sure to delete meta data off images and videos when uploading!
This is slightly false in an alarmist fashion. At least in the US, the police are not actively tracking anything without a subpoena to the cellular provider of the phone in question. They can look at the location data after the fact, using a court ordered subpoena. They can also use live location data in an emergency situation,also using a court ordered subpoena.
Cellular data from cell towers on cell networks are private property of the cellular provider companies. That’s not to say you are private while on them. Just that the police are not actively tracking your location through them without great effort for each individual they wish to track.
You’ve never heard of a stingray or cell site simulator?
Commercial location data, in this case acquired from hundreds of millions of phones via a company called Penlink, can be queried without a warrant, according to an internal ICE legal analysis shared with 404 Media.
https://www.404media.co/inside-ices-tool-to-monitor-phones-in-entire-neighborhoods/
I thought this was using SDKs embedded in apps and advertising platforms. This is a different threat model. You need to block ads and prefer using websites instead of apps which have more access to device info like the advertising ID.
If you’ve got an Android, go to Settings, search for ads, and find the advertising ID and delete the ID. It’s a stable identifier that can be used to identify your phone.
Switch to more private browsers like Firefox for Mobile and install uBlock Origin.
Yeah cell tower data is private just like your google search history is private. Which means absolutely not private. Also cops can (and do) use fake cell towers to make your phone connect to something that they have live access to.
They can also use live location data in an emergency situation,also using a court ordered subpoena.
What qualifies as an “emergency situation”? I imagine that definition could be stretched pretty thinly
These articles mean nothing. You have 2 options.
-
Leave ALL electronics at home and do not bring anything to the protest that connects to a tower or the internet.
-
Just deal with the fact you are being tracked and deal with it.
-
Cripes all of that and not even, “Buy a burner SIM card”, “Use a VPN at all time if you have to use data”, “For the love of god don’t use biometrics as authorization, use a alphanumeric password to unlock”, “Use the damn encryption solution provided by your phone’s OS”.
Burner sim won’t help, you need a burner phone too.
A VPN does not stop location data for your physical device when looking at cellular data from the carrier. Your location can and is always triangulated using cell towers. VPNs only ever protect your IP address from being geolocated and encrypting the data downloaded and uploaded while connected. Bit streams are still sent and received from a physical place in the world before the VPN hides your traffic and that is recorded by the cell provider.
I turned off biometrics for unlocking the phone. Still works for downloads, passwords, everything but unlocking the phone. I’ve barely noticed a change.
Cant u just use encrypted messaging services like whatsapp signal telegram? SMS isn’t encrypted. And this is also why you shouldn’t give tech billionaire companies so much power as a nation lol they abuse ur privacy thats why I love how EU is still trying to protect our rights at least
Not relevant. Unless you use airplane mode, it will be visible that your phone was at the place.
whatsapp signal telegram
Telegram isn’t encrypted, and honestly you shouldn’t use it.[1] Whatsapp and Signal are US-based, which means that they will give up your data on the first request.
Use actually secure messengers, like Delta Chat, SimpleX, or Matrix with end-to-end encryption.
I like fluffycat :3
edit: (its just matrix)
Whatsapp and Signal are US-based, which means that they will give up your data on the first request.
This is true. In regards to Signal, they do always comply with the governments request for data. The things is, Signal has next to no data on you. So when they comply, they give them everything they have (which is next to nothing). You can see everything they have given up here: https://signal.org/bigbrother/
Signal have published several times when they receive a request for data and their response.
Due to the mechanisms they employ, all they can actually give is if there’s an account associated with a phone number and the last time it logged in, if even that last bit. There’s some fairly detailed articles diving into how this works so well under the hood from a cryptographic standpoint, but it basically amounts to even addresses of users being able to be secret to minimize shared metadata to a bare minimum.
Also the software is entirely open-source – app and server both – and are frequently audited on this. The server never has an opportunity to receive any plain-text data to store.
The weak spot is always just having access to your device.
It’s a little clunky, but KryptEY is an on screen keyboard that can encode/decode messages. The encoded messages can be transmitted over any service.
Just don’t bring it. Bring a digital pocket camera instead to document stuff.
Nowadays, you can’t use a mobile phone without signing in to some Google service or Apple. It’s mandatory. Giving them access to every data you own.
That and cell towers….
But a cheap burner. Don’t activate it. Keep it in a faraday pouch. In an emergency remove from faraday pouch and call 911. You can do that on phones you don’t activate.
But everything else, like you said, document with a digital camera.
I use my android phons without a google acccount without having a custom rom, it is usable just that most people are too ignorant and clueless
I have a Samsung phone and it is mandatory to have a Samsung account to use it.
You don’t need a samsung account lol. You probably missed the small text that allows you to skip it.
I have a Samsung Galaxy S10e and no Samsung account. I just flashed the rom. I also bought an unlocked phone, but I don’t think that actually matters. I am replying to you with said Samsung Galaxy S10e.
What ROM are you using?
I had to look it up, apparently I chose lineage. I don’t remember why, but I suspect it was the first one that I found that was compatible.
GrapheneOS or KaiOS?
With the SIM completely turned off, maybe. But it’s still a bad idea.
Without the SIM.
Yup. It’s a bit of a question of how paranoid are you/you feel you need to be but it may be worth keeping in mind that the baseband modem of any phone is proprietary and runs its own unaudited software the end user has no control over or insight into.
No need to be paranoid, IMEI/IMSI are built into the protocols. Phone networks were never built with anonymity in mind
e/OS too? :3
This might be relevant for following ICE around or direct action, but at this point there’s almost zero personal risk from attending something like a rally or a march.
My relatives and even friends my age are afraid to go to protests. They read stuff like this, and it acts as demobilization messaging. In my experience, once you get them to go once they’re no longer afraid to engage, but there’s an initial fear and anticipatory obedience that has to be overcome.
inb4 protests do nothing: getting people to stick their toe in the water helps build commitment that will one day be necessary to gain critical mass for more organized disobedience.
I go to protests without my phone, and I’m afraid every time.
I get that nothing is likely to happen to me, but it could. I get that this is am irrational fear. But idk strategically what to do.
ICE has told the press that they are “at war.” It’s not an irrational fear.
I don’t think your fear is irrational, for whatever that’s worth
ICE has literally started going door to door in Minnesota looking for immigrants and activists. It’s already starting, people need to be protecting their privacy now.
This might be relevant for following ICE around or direct action, but at this point there’s almost zero personal risk from attending something like a rally or a march.
No. If the data exists at any point, then a future threat will be able to exploit it, so full on nazi style fascism might not be here yet, but when it is, you’ll be in danger. Data can sleep forever before it becomes a threat.
I would like to bring the attention to LoRa.
Meshtastic is a good example of leveraging LoRa.
You wanted to bring attention to it but you couldn’t bother to say what it is?
Haven’t used my client in almost a year, but my repeater is still running strong.
I really really hope that this takes off.
Going to a Protest? Don’t Bring Your Phone
FTFY
Someone’s gotta record the fascism.
Then use… a camera??
cameras exist.
Camera’s can be easily confiscated and broken by fascists.
Instant uploads are much harder to suppress.
no bigger than a phone, no harder to destroy than a phone. just as easy to conceal as a phone.
SD cards are pretty resilient.
Someone will (and probably better). There are more cameras at protests than ever in history. What’s missing is mass action by complacent people.
Pretty easy to take video on an old phone without a SIM, or with a cheapo burner sim.
Are there “burner sims” you can get nowadays that don’t require online activation (i.e. they can easily trace the sim back to you)?
Phreeli, if you pay using crypto that can keep you anonymous
Also calling help if/when they shoot you might be helpful.
IMO just having your personal device on you in the presence of a protest puts you in danger. They have ample tools to track cellular devices that basically cannot be guarded against without disabling the function altogether, such as with a Faraday bag. They will catch and log that you were at a protest, and use that against you later.
don’t leave out the fact that they’ll just shoot you in the face for no reason, and then get “absolute immunity”
And then go on TV and call you a terrorist 15 minutes later.
Don’t bring your phone period. Any and all devices can be broken into by law enforcement. Buy a burner with cash if you need some kind of communication.
Yep, ding ding ding, buy a burner phone, with cash, from a store that doesn’t have many or very good cameras.
Bringing your real main phone is you thinking you know more about cybersecurity and surveillance than Palantir, than all the cybersec and intel firms the US Mil and Police departments have been partnering with with over a decade now.
99.99999999% chance you don’t.
Yes a burner that you don’t activate. Keep it in a faraday bag. In an emergency you can take it out and call 911.
Its not the device cracking that’s the problem; its the “your device was identified at the protest we have labeled a riot and has been tracked to your home, which we will now raid in the middle of the night”.
Has this regime already done this or are you just saying what the next steps might be if nothing changes?
For the “already done this”:
https://en.wikipedia.org/wiki/COINTELPRO
For the modern technology making it significantly easier:
https://en.wikipedia.org/wiki/IMSI-catcher
https://en.wikipedia.org/wiki/Stingray_phone_tracker
TL:DR, if you’re at a protest and your signal drops to 2G, your device is being monitored and tracked. Whether or not anyone acts on that data is a whole other thing.
And bring a separate video camera
No, , this isn’t the 90s. You want a many copies as possible immediately, later might not happen.
I bring my phone, and my wallet, and my keys, and a $7,000 camera, and my lawyer’s phone number in my head.
they can suck my balls
always film cops
