Technical Discussions Related to Security

I didn’t find a thread for discussing Technical Aspects of IT and related Infrastructure related to security So here one it.

We recently had an action in WA where the police knew what we were planning and told our Police Liaison so when they first made contact. We were not particularly secretive about our intentions so there is nothing to show that the police did not simply gain this information through good old detective work and putting two and two together, but it does prompt us to review our security processes. So here is an Interesting article about the technical possibility of phones to be used for spying. Bare in mind that this sort of recording breaks every privacy agreement I’ve ever read, so I don’t believe phone companies are doing it across the board on a regular basis. This article just explains what is technically possible especially with a warrant. :wink:

A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU’s RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network. That mobile telephony network is accessible to the mobile telephony operator, but also to attackers setting up fake base stations for that purpose.
Good modem isolation
On the other hand, when the modem is well-isolated from the rest of the device, it is limited to communicating directly with the SoC and can only access the device’s microphone when allowed by the SoC. It is then strictly limited to accessing what it really needs, which considerably reduces its opportunities to spy on the user. While it doesn’t solve any of the freedom issues, having an isolated modem is a big step forward for privacy/security. However, it is nearly impossible to be entirely sure that the modem is actually isolated, as any documentation about the device cannot be trusted, due to the lack of effective hardware freedom. On the other hand, it is possible to know that the modem is not isolated, when there is proof that it can access hardware that could be used to spy on the user.

There’s a page on the French base on security and organising actions. I repost it here for consideration, filtered through google translate.

Protecting ourselves and others: securing our actions

In order to try that as much as possible that our actions can be carried out, we invite you all to respect some precautionary rules when preparing them.

:spy:Learn how to protect your digital freedom: read these operational security posts .

:one: Protect yourself before action

:small_blue_diamond: Never give the place, date and time of the actions to people other than the coordination team.

:small_blue_diamond: Use a code name for the location / target of your action so that you can talk about it out loud without disclosing it.

:small_blue_diamond: Switch off and isolate his phone at the start of each meeting / discussion concerning an action, whether physical or on a campfire.

:small_blue_diamond: Where possible, favor physical meetings in a private location over virtual meetings.

:small_blue_diamond: Make maximum use of a computer for online campfire meetings, not your phone.

:small_blue_diamond: Do not talk about stocks, their logistics etc. on an unencrypted telephone line.

:small_blue_diamond: Use a VPN as well as TOR for everything related to preparing for the action.

:two: Protect yourself in action

:small_orange_diamond: Avoid taking your personal phone in action, instead prefer an old phone with a prepaid card.

:small_orange_diamond: Switch off your phone once the action has started and do not switch it on (including at the police station).

:small_orange_diamond: Remove all applications relating to XR before an action, the phone numbers of other members and delete all conversations with them.

:small_orange_diamond:Disable USB debugging on your phone and encrypt it on startup (see Phone security 1 ).

:three: The essential digital security rear base

For the safety and well-being of the rebels, the manual of action teaches us how to organize a rear base. One of its aspects concerns digital security.

:warning: Before the action

Each coordo designates a “security” referent, who is responsible for contacting the administrators and moderators of the Base to indicate the action to come. The information given may be approximate, initially, for the purposes of discretion. This is to help prepare the suspension of Base and Mattermost accounts in the event of arrests.

:arrow_right:To do this, send an @moderators message to the Base to establish contact. The exchange of information will be done confidentially.

:arrow_right: Anticipate as much as possible: leave it to the Moderation team to organize themselves so that a member is available on the day of your action.

:arrow_right: Plan to provide a list of rebels in action.

  • Do not send it via the Base. Also avoid Mattermost. Agree with your contact to send it by protonmail or by Signal.
  • Specify if some rebels do not have exactly the same nicknames on the Base and on Mattermost; if so, give both.
  • Send the list to your contact:
    • sorted by groups, if your action requires several rebel teams. Please give each of these groups a simple and clear identifier. For example a letter, a number, a color.
    • In alphabetical order.
    • Online, with the @: @pseudo, @pseudo, @pseudo, @pseudo, @pseudo, @pseudo, etc.

:warning: In the event of police custody

The referent must very quickly warn their contact in the Administration or Moderation team of any police custody, so that they can take the necessary measures.

Once again, the safety of all rebels is at stake!

To contact us, in order of preference (and knowing that it is better to be warned several times than none):

I’m curious what the @Nat-WG-IT think of this advice and process? Could we set up a similar process for Australia?