diff --git a/opsec/anonprotest/1.jpeg b/opsec/anonprotest/1.jpeg new file mode 100644 index 0000000..461a885 Binary files /dev/null and b/opsec/anonprotest/1.jpeg differ diff --git a/opsec/anonprotest/2.jpeg b/opsec/anonprotest/2.jpeg new file mode 100644 index 0000000..62adeb8 Binary files /dev/null and b/opsec/anonprotest/2.jpeg differ diff --git a/opsec/anonprotest/3.jpeg b/opsec/anonprotest/3.jpeg new file mode 100644 index 0000000..de7faa7 Binary files /dev/null and b/opsec/anonprotest/3.jpeg differ diff --git a/opsec/anonprotest/4.jpeg b/opsec/anonprotest/4.jpeg new file mode 100644 index 0000000..3c52466 Binary files /dev/null and b/opsec/anonprotest/4.jpeg differ diff --git a/opsec/anonprotest/eSIM/1.png b/opsec/anonprotest/eSIM/1.png new file mode 100644 index 0000000..f6a27af Binary files /dev/null and b/opsec/anonprotest/eSIM/1.png differ diff --git a/opsec/anonprotest/eSIM/10.png b/opsec/anonprotest/eSIM/10.png new file mode 100644 index 0000000..ee53fb4 Binary files /dev/null and b/opsec/anonprotest/eSIM/10.png differ diff --git a/opsec/anonprotest/eSIM/11.png b/opsec/anonprotest/eSIM/11.png new file mode 100644 index 0000000..495a315 Binary files /dev/null and b/opsec/anonprotest/eSIM/11.png differ diff --git a/opsec/anonprotest/eSIM/12.png b/opsec/anonprotest/eSIM/12.png new file mode 100644 index 0000000..cfb9115 Binary files /dev/null and b/opsec/anonprotest/eSIM/12.png differ diff --git a/opsec/anonprotest/eSIM/13.png b/opsec/anonprotest/eSIM/13.png new file mode 100644 index 0000000..4669c3b Binary files /dev/null and b/opsec/anonprotest/eSIM/13.png differ diff --git a/opsec/anonprotest/eSIM/14.png b/opsec/anonprotest/eSIM/14.png new file mode 100644 index 0000000..107b933 Binary files /dev/null and b/opsec/anonprotest/eSIM/14.png differ diff --git a/opsec/anonprotest/eSIM/2.png b/opsec/anonprotest/eSIM/2.png new file mode 100644 index 0000000..f46e85e Binary files /dev/null and b/opsec/anonprotest/eSIM/2.png differ diff --git a/opsec/anonprotest/eSIM/3.png b/opsec/anonprotest/eSIM/3.png new file mode 100644 index 0000000..0fe3b95 Binary files /dev/null and b/opsec/anonprotest/eSIM/3.png differ diff --git a/opsec/anonprotest/eSIM/4.png b/opsec/anonprotest/eSIM/4.png new file mode 100644 index 0000000..22a3cb7 Binary files /dev/null and b/opsec/anonprotest/eSIM/4.png differ diff --git a/opsec/anonprotest/eSIM/5.png b/opsec/anonprotest/eSIM/5.png new file mode 100644 index 0000000..13bc914 Binary files /dev/null and b/opsec/anonprotest/eSIM/5.png differ diff --git a/opsec/anonprotest/eSIM/6.png b/opsec/anonprotest/eSIM/6.png new file mode 100644 index 0000000..207ae4f Binary files /dev/null and b/opsec/anonprotest/eSIM/6.png differ diff --git a/opsec/anonprotest/eSIM/7.png b/opsec/anonprotest/eSIM/7.png new file mode 100644 index 0000000..8c073bf Binary files /dev/null and b/opsec/anonprotest/eSIM/7.png differ diff --git a/opsec/anonprotest/eSIM/8.png b/opsec/anonprotest/eSIM/8.png new file mode 100644 index 0000000..c1a62a0 Binary files /dev/null and b/opsec/anonprotest/eSIM/8.png differ diff --git a/opsec/anonprotest/eSIM/9.png b/opsec/anonprotest/eSIM/9.png new file mode 100644 index 0000000..afafef2 Binary files /dev/null and b/opsec/anonprotest/eSIM/9.png differ diff --git a/opsec/anonprotest/index.html b/opsec/anonprotest/index.html new file mode 100644 index 0000000..dcb2c89 --- /dev/null +++ b/opsec/anonprotest/index.html @@ -0,0 +1,712 @@ + + + + + + + + + + + + How to remain Anonymous during a protest + + + + + + + + + + + + + + + + + + + + +
+
+
+ + The Nihilism Blog +
+
+ +
+ +
+
+ + + +
+
+
+
+ Previous Page

+

+ nanoanon - 10 / 10 / 24 +

+

How to remain Anonymous during a protest

+

You just turned on your TV and saw that there is a protest near the white house + because the government decided that end to end encryption leads to terrorism and are passing a + law to ban it. You feel patriotic and know that it isn't right. You show up to the + protest without telling anyone for a few hours and you get back home proud that you + showed your support to the people. However, the police bangs your door and arrests you + for taking part in the protest.

+ +
+
+
+
+ + +
+
+
+
+

Phones are tracking devices for Law Enforcement

+ +
+ +

Government, Internet Service Providers (ISPs), Cellular + network providers can all find out where you are with the help of + your device emitting and receiving radio waves. These entities use various methods to track you + down at any given time. This is called Geofencing.

+ +
+ +
+

Tower Triangulation

+ + +

This is where multiple cellular towers are used to geometrically locate devices connecting or + pinging them by measuring the strength of the connection from each tower.

+ +

more towers present around you = more accurate location

+ +

Towers even at a distance of 5 miles from you can be used to triangulate your + location precisely.

+
+ +
+

Wifi Triangulation

+ + +

+ +

Wifi routers often interact together especially when they're from the same ISP. When your + device recognizes a wifi network nearby (as seen in the wifi details option of your phone) + which also allows them to determine the signal strength of each router.

+ +

This can be used to geometrically determine your device's location based on how strong the + nearby signals are, even when you're not connected to it.

+ +

Two routers are enough to track you precisely upto a 6 feet error. You're surrounded + by tens of them.

+ +

On Android and Apple devices, wifi can also be used to geofence you with GPS through Google + or Apple Network Location Provider (NLP) service. Making it even easier to geo-locate your + device.

+
+ +
+

GPS/A-GPS

+

Your phone constantly searches for satellites to connect to Global Positioning System (GPS) + signals.

+ +

Both Android and Google devices use Google-SUPL service for gps queries - + [supl.google.com:7275]. This happens even if you do not connect your phone to a WiFi or + Cellular data.

+ +

Blocking this service greatly impacts cellular data connectivity and disables location + services on your device.

+ +

(A-GPS stands for 'Assisted GPS'. It is when the SUPL GPS service works with the on-device + GPS module to be even efficient in location tracking.)

+
+ +

TLDR; Unless if your phone is powered off in a faraday bag, wherever it goes, there exists a + permanent record of where a phone has been and that record is known by Law Enforcement + entities.

+ +
+
+
+
+ +
+
+
+
+

Prevention - staying Anonymous outdoors.



+

Reminder: Anonymity is when you are amongst a group of people, and you are indistinguishable + from the other members of the group.

+ +

⚠️ Read the entire article before taking any actions or steps as half-knowledge could easily + land you in jail.⚠️

+ +
+ +

Look the same

+

To minimize the risk of being identified by police or surveillence devices like CCTV, protestors + including you should adopt a uniform. The best way to do this is implementing the following.

+ + + +

+
    +
  • Wearing all black - (long sleeve tshirts, pants, socks, shoes, gloves, + glasses, and masks.) +
    • +
    +
  • No jewellery - necklaces, watches, earrings, bracelets, etc.
    • +
    +
  • Dress up such that you're always ready for a run.
    • +
    +
  • Do not touch surfaces with your bare hands and leave potential fingerprints.
    • +
    +
  • Do not carry any weapon, signal jammer, or any such device that might get you in trouble + in the court.
    • + +
+

+ +
+ +

⚠️ Leave your primary personal (public use) phone ACTIVATED at YOUR home. ⚠️


+

Taking your phone to the protest, deactivating your phone or trying to mask the location of your + phone can be a good reason for Law Enforcement agencies to put you on the suspicion list. All + that the law enforcement needs to prove you guilty of participating in the protest + is your primary phone (affiliated to you publically) to be nearby the protest, potentially + landing you in jail and big trouble, even if you went just to buy grandma's medicine.

+ +
+ +

Leaving your phone activated at home leaves no digital trace of you ever being affiliated with + the protestors.

+ +

As we have discussed the various methods that Law Enforcement agencies can track you down + precisely, and there isn't much you can do to stop it, leaving your personal mobile phone, smart + watch, or any other smart device at home is the best way to stay anonymous in a protest, leaving + no proof that you took part in it and denying that + you ever left your home.

+ +
+
+
+
+ + + +
+
+
+
+ +
+

How to have a phone for anonymous use?



+ +

+ WARNING: + The safest and simplest way to stay anonymous is to keep your phone at home, as explained + above, for deniability, where you can claim that you stayed at home during the protest. +



+

⚠️ Proceed only if you need connectivity for communications while doing + anonymous outdoor activities. ⚠️

+ +

WARNING: Best preferred Android ROM is GrapheneOS. If you REALLY NEED a secondary phone and + it is compatible with LineageOS, you can proceed with it, but remember, you WILL NEED to + make changes to the LineageOS firewall (+ block supl.google.com:7275) for it to be even + close to Graphene in terms of security.

+ +

WARNING/TIP: If you're proficient with linux and have experience using ubuntu touch, you can + proceed with the same steps of setting up and precautions after you have secured its + firewall.

+ +

Preparation - indoors:

+
+ +

+
    +
  • Use your main pc to flash grapheneOS on a pixel + phone. + Only proceed if you get one. Otherwise, don't use a secondary phone at all.
    • +
    +
  • Get a decently reviewed Faraday bag on amazon. However its recommended to buy + it physically with cash + or learn how to make Faraday bag here, here, or here. +

    + WARNING: Make sure to check whether your faraday bag works on not at your + home prior the protest by putting your or someone else's phone inside it with + cellular data and gps/location enabled and trying to call/track it. +
    • + +
    +
  • After you have flashed your pixel with grapheneOS (first step), DO NOT CONNECT TO + ANY WIFI OR + CELLULAR NETWORK. Now switch your phone off and immediately put it in a faraday bag, + making sure its completely sealed. + Its is good to cover and disguise the faraday bag as a normal envelope or put it in + a bag to + avoid high-level suspicion. +
    • +
    +
  • Use sites like Openwifimap + through tor to pre-scan and find free + open WiFi around the protest + to use in a secondary phone and the place where you plan to use active internet (as + shown later).

    + + [WARNING: Do this only if you NEED to use secondary phone for + the protest]. +
    • +
    +
  • ⚠️ Use a Faraday bag at all times to store your secondary phone + when you don't + need to use it. ⚠️ +
    • +
    + +
+ + Next steps (a) & (b) are for accessing internet anonymously ONLY AFTER you have completed + the above steps. + +

+

+ +

a. Accessing internet anonymously - eSIM

+ +

+
    +
  • Using Whonix VM or Tails VM, via the tor browser and some + Monero (XMR), purchase an eSIM from https://silent.link and note down the activation + code on a piece of paper. +

    +

    WARNING: It is important to write the combined activation code down on a + piece of paper or print the QR activation code (both given by silent.link after + the purchase), and not in any digital or audio format because you do not want to + leave any evidence of you ever interacting with the anonymous eSIM providers and + arise suspicion.

    +
    • +
  • Write down the activation instructions below on a piece of paper. Dress up all black + and go to a random place insignificant to you, get your phone out + of the faraday bag, and connect to an open wifi network. There activate the eSIM as + instructed below.
    • + +
    + + + +

    How to activate eSIM

    + +
    +
    +

    Step 1

    +

    Navigate to your grapheneOS setting and click on "Network and Internet" +

    +
    +
    +

    Step 2

    +

    There you will find that the "priviledged eSIM management is disabled. + This is because the google play services and google play service + framework is not present by-default in graphene."

    +
    +
    +

    Step 3

    +

    Navigate to your app drawer and click on "Apps"

    +
    +
    +

    Step 4

    +

    Now install "Google Services Framework" and "Google Play Services"

    + +
    +
    +

    Step 5

    +

    Navigate back to "Network and Internet" in the settings. The eSIM + managament option should be enabled now.

    +
    +
    +

    Step 6

    +

    Click on the eSIM management option. Then click "Download a SIM instead." +

    +
    +
    +

    Step 7

    +

    Click "Next."

    +
    +
    +

    Step 8

    +

    Here, either scan the printed QR code on the piece of paper. Otherwise, + navigate to "Need Help?" and select the option to input the code + manually. Input the combined activation code from the silent site + that you noted down on the piece of paper.

    +
    +
    +

    Step 9

    +

    You might see different sim name downloading when you activate the sim. + Its fine.

    +
    +
    +

    Step 10

    +

    Navigate to "settings" after you've finished downloading the eSIM.

    + +
    +
    +

    Step 11

    +

    Click on the downloaded eSIM option.

    +
    +
    +

    Step 12

    +

    Toggle "Use SIM"

    +
    +
    +

    Step 13

    +

    Make sure to enable use for data if you want to access internet. You now + have access to your private and anonymous eSIM. If you encounter any + abnormal issue, using tor browser, head to silent help.

    +
    +
    +

    Step 14

    DO NOT FORGET TO + REMOVE BOTH GOOGLE SERVICES THAT YOU DOWNLOADED EARLIER. +
    +
    + + +
    + + + +
    + + +
    +
  • Make sure that while you're doing this, you're not under any security surveillence + (cameras, law encorcement buildings, etc).
    • +
    +
  • Once you validate that the eSIM works, power the device off, and put it in the + faraday back again right away.
    • +
+

+ +
+ +

⚠️ Although eSIM method works well, you need to remember that + the moment you activate it, the systems start tower-triangulation right away and + doing it anywhere close to your + location of interest might be potentially risky. You also need to be careful NOT to + switch it on at your own home by any chance, + or you could hear the bang on your door soon. This is why its best to use open public + wifi.⚠️ + +

Leave your primary phone INDOORS and ACTIVATED while you are outdoors. + +

+ +

+ ⚠️ Remember NEVER to carry both - your personal/primary and your secondary phones at the + same time. If and only if need to for critical reasons, make sure to ALWAYS keep atleast + one of them in a faraday bag at all times and do NOT switch on both of them + simultaneously. ⚠️

+ + + + + +
+ + +

b. Accessing internet anonymously - public wifi

+ +

+
    +
  • There are multiple advantages to use tools like openwifimap to find public WiFi cafe networks + to connect to.
    • +
    +
  • If for some reason the app/website does not show free open WiFi around your area, + you might want to go for a walk like a normal person just to grab some coffee and + note down the password without any suspicious movements.
    • +
    +
  • Make sure to install f-droid on your grapheneOS + and install tor + browser and orbot vpn from it. + Check "Setting up package managers" section of this to be guided through how to install + fdroid securely. +
    • +
    +
  • Go in your grapheneOS settings and search for 'VPN' , find and select more options + for orbot vpn after opening the orbot app once and giving it permission to start a + VPN. + Select the option to set orbot as an "Always-on VPN" and turn on "Block all + connections not using this VPN". + +

    + (or) +

    + + Install Mullvad VPN and proceed with the same steps to block all connections not + using Mullvad. + +

    + +

    Setting up orbot


    + + For routing internet traffic to specific servers anonymously, nothing beats tor. + + You can learn how to extensively do so here. + +


    + + +

    + ⚠️ If tor is banned and illegal in your country, you NEED to access it through + an untraceable anonymous VPN like Mullvad. +

    + +

    For now, we will just set up orbot as power user (socks proxy) through which we can safely route our SimpleX chat (below) messages securely.

    + +

    +
    +

    Step 1

    Navigate to the orbot app after you have installed from the steps above

    +

    Step 2

    Go to "More" (three dots) on the bottom left of the screen

    +

    Step 3

    Go to settings

    +

    Step 4

    Enable "Power User mode"

    +
    + +


    + We will be showcasing how to use the SOCKS5 proxy you just enabled to securely relay SimpleX messages and also a guide on setting up Mullvad VPN in our future article(s). + +

    + + + + +
    ⚠️ Although Mullvad is one of the very + few trustable VPNs out there, we can NEVER trust a single entity so its better + and free to use orbot. ⚠️
    +
    • +
+

+ +

+

Now whenever you are outdoors onto doing something sensitive, being unidentifiable with the + uniform and your gear, you can take the phone out of the faraday bag, power it on and use + it.

+ +
+ +

+
+


+ +
+

Anonymous Communications

+
+ +

A trusted, decentralised communication platform for discussing things about the protest is + the most important thing. Despite having all + the proxies and anonymization tools in your hand, if the Law Enforcement already knows about + the people going to protest, they can arrest them prior the protest. + +

+ + This is why you need a secure, decentralised, end-to-end encryption based messaging + platform. + +

+

+ +

+ +

Simplex Chat

+
+

For sensitive communications while outdoors, it is suggested to use SimpleX + chat with disappearing messages turned on. + +

+ You NEED to make sure to turn on disappearing messages on both ends, incase authorities get + hold of your device and search for your chats. + Having messages set to disappear after a said amount of time allows you to use deniability. +

+ We will be also showing how to use SimpleX as an all-in-one privacy messenger for all your + activities in one of our future tutorials. +

+ +
+ +
+
+
+
+ + +
+
+
+
+

Physical opSec

+

What you do in day-to-day life is a big part of who you are, your personality, your agenda, etc. + You NEED to be aware of your physical operational security + and take care of it properly. +

+ +
+

Your body language

+

sourced from cia + assessment training papers from wikileaks.

+
+ +

While interacting with people of the protest, you need to take care make sure that you

+

+
    +
  • Do NOT tell anyone your real name. Create a pseudonym for every + group/contact. SimpleX chat offers this feature within their app to randomly + generate one using "Incognito mode" within the app.

    • +
  • Do NOT vocally talk about protest at home, near devices. SimpleX chat should be + the only place you talk about the protest.

    • +
  • Do NOT share personal info (address, phone number, birth year, family background) + with ANYONE.

    • +
+

+ +
+ +

When going outside to safely access services like eSIM or tor, as we talked earlier, always + keep in mind to

+

+
    +
  • NOT go to a location that holds a significance to you.

    • +
  • NOT go to a location that is near Law Enforcement premises or under surveillence + (CCTV) without being sure you've not been followed and are unidentifiable.

    • +
  • +

    Put your uniform in a bag (A) and put a bag (B) in + the bag (A). Go to a + subway washroom/restroom and wear the uniform making sure no cameras are + watching you. Make sure to now put the bag (A) in bag (B) and proceed with your + work as shown in the below diagram.

    + +
    • + +

    + +

    Again, keep the secondary phone switched off in a faraday bag at + all times. Switch it + on or remove it from the faraday bag STRICLY ONLY AFTER YOU HAVE DISGUISED (ONLY + after reaching public washroom A). Put the phone back in before removing your + disguise (BEFORE leaving public washroom B).

    + +
    +
+

+ +
+ + +
+
+
+
+ + + + + + + +
+
+
+
+

Nihilism

+

+ Until there is Nothing left.



+

Creative Commons Zero: No Rights Reserved
+ +

+
+ +
+

My Links

+

+ + RSS + Feed
SimpleX + Chat
+ +

+
+ +
+

About nihilist

+

Donate XMR to the blog: + 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8 +


+

Donate XMR to the blog editor: + 88Vc2wutSzzCXdFjepFzp9ZhAW6eYCUq2iiME5H7Sdda689fcHeybfUZ3jaVPqRN5T1FK6R1dq4bsPaEPpD3RMTG1rQbU4L

+

Contact: nihilist@contact.nowhere.moe (PGP)

+
+ +
+ +
+
+ + + + + + + + \ No newline at end of file diff --git a/opsec/anonprotest/orbot config.png b/opsec/anonprotest/orbot config.png new file mode 100644 index 0000000..f9ca296 Binary files /dev/null and b/opsec/anonprotest/orbot config.png differ diff --git a/opsec/anonprotest/popsec-1.png b/opsec/anonprotest/popsec-1.png new file mode 100644 index 0000000..ecbd29d Binary files /dev/null and b/opsec/anonprotest/popsec-1.png differ diff --git a/opsec/anonprotest/popsec-2.png b/opsec/anonprotest/popsec-2.png new file mode 100644 index 0000000..b82b27b Binary files /dev/null and b/opsec/anonprotest/popsec-2.png differ diff --git a/opsec/anonprotest/sd-anons.png b/opsec/anonprotest/sd-anons.png new file mode 100644 index 0000000..4a9144d Binary files /dev/null and b/opsec/anonprotest/sd-anons.png differ diff --git a/opsec/anonprotest/tower-triangulation.png b/opsec/anonprotest/tower-triangulation.png new file mode 100644 index 0000000..47bea5a Binary files /dev/null and b/opsec/anonprotest/tower-triangulation.png differ diff --git a/opsec/anonprotest/wifi-triangulation.png b/opsec/anonprotest/wifi-triangulation.png new file mode 100644 index 0000000..d771e87 Binary files /dev/null and b/opsec/anonprotest/wifi-triangulation.png differ