Effective Communication Security / Beyond 'Use Signal Use Tor'.
Devoted to people who live under oppressive regimes.
"The “tools first” brigade love to advance “use ${this}” as if whatever ${this} is will implement all sequences of the process for you. Then any tool which fails to address a real threat, or provide the appropriate protection, can be blamed for not addressing arbitrary threat models. This entire approach is backwards." Grugq
Key points:
Real problems associated with bad communication practices are usually on endpoints, not really in SW/apps/protocols. Keep in mind that bad implementation of technology is human problem.
Laptop - Do use ephemeral messaging apps as often as possible, which cannot be traced to your physical identity (e.g. Ricochet - https://ricochet.im). Another choice with good UX could be CoyIM (https://coy.im).
Mobile device - Do use Signal/Wire, prefer encrypted voicecalls over messaging or make sure you use self-destructing messages for all sensitive conversations. Do not use their Electron-based desktop versions (possibility of XSS attack vector but with the OS level access as a sweet bonus). Also realize that these apps are bound to your physical identity (to your phone number, e-mail or simply IP address), so you're not really pseudonymous/anonymous.
Rule of thumb - no logs, no crime. Avoid logs, even on the client side. Also this is one of reasons to avoid IRC for sharing sensitive info / organizing events.
Avoid proprietary messaging apps (e.g. Telegram, Messenger). Try to always use open-source software audited by professionals.
In general, a laptop is significantly less secure than an iOS device. Even a Pixel Android device (kept patched) is more secure than a laptop. If possible, use iPhone, always updated to newest iOS version. Do not jailbreak it. If use Android, do not root your device & do not enable developer mode. For both platforms - disable cloud backup. Require a password to unlock. If possible, register Signal/Wire with pre-paid SIM card.
Avoid private communication via e-mail at all costs, even via encrypted e-mail. Use communication channels listed above instead.
Enable two factor authentication (YubiKey, Google Auth., Duo, Authy) whenever possible.
If you want to present your ideas & future plans on any social media/event-sharing platforms (eg blog, Twitter feed), always use Tor (note: Tor does not mean extremely insecure Tor Browser).
Enable full HDD encryption. Encrypting only /home/ folder is often not enough in case your machine will be seized. Always turn off your PC/Mac after usage. Never store decryption keys on non-encrypted drives.
Consider using VeraCrypt containers for sensitive stuff (on top of full HDD encryption) because you could be forced to hand over your keys to authorities by court (This is especially relevant for citizens of Australia, Canada, France, Norway, Russia and United Kingdom).
Never ever contaminate your online activist identity with your real identity. Learn to compartmentalize.
What's wrong with Snowden's simple 'Use Signal Use Tor' statements ?
Well, you'd better use endpoint of your endpoint (i.e. your brain, my friend) in the first place. Consider your threat model and behave appropriately. Do not rely solely on technology. Majority of serious communication security problems are generated on endpoints (i.e. user's bad OPSEC practices).
Security is the holistic and never-ending process, not the final product (to quote Bruce Schneier).
Stay safe, my friend.
Top comments (6)
Thanks for excellent comment, Phil! In fact I am little ashamed that I did not make this post more comprehensive and holistic, but even some basics are sometimes hard to grasp for ordinary people. Also thanks for notice on threat modelling, yes, one should definitely put a threat model review into the development lifecycle, and think about it at the first place. Maybe (if there'll be enough time), I'll write more comprehensive post later, but I am really not sure if whether it belong here, on forum focused primary on development.
I have lived this. And I'm still trying to get myself dishonorably discharged from the tools brigade.
Gotta critique you on this, though:
It's hard to get across how low, really low, the confidence should be in those identifications, which I've rarely seen based on much beyond past history, the results of garden variety monitoring tools, and intuition. I'm speaking from bitter personal experience here, and from my on and off reading of Hubbard and Seiersen.
This is something on slightly different note, but could be useful for some people. Feel free to criticize me :)
Did you use TOR to post this?