Secure Comms for the Resistance
I’ve always assumed the government sees every bit of unencrypted communication. That hasn’t worried me … until now. Here’s what to do.
Watching a coup from my living room this past week has been pretty wild. Well, awful. Awful is the right word. I’ve been hiding under my weighted blanket watching Supernatural for the 457th time* and trying to figure out what I can do to help. This is part of it - I can share my security knowledge with others.
Government surveillance has been a thing forever, but it definitely started to overreach after we passed the PATRIOT Act in 2001 after 9/11. That act did a lot of things, but for the purpose of this post, the important thing to note is that the government no longer needs a warrant to monitor your communications. So like I said, I just assume they are monitoring everything, and so should you.
Let’s say you want to join me in doing what you can to help. Say you want to rebel a little bit… in a healthy, non-satanic way.
End-to-End Encrypted Messaging
For as long as that damn fool idjit from The Apprentice is in office, I’m going to need everyone to start using encrypted (or better yet, offline) communications to organize. Whatever you’re doing, whether it’s organizing a protest, handing out masks with your local mask bloc, feeding hungry people, whatever it is, assume it’s going to be illegal soon and cover your assbutt. (Note: feeding unhoused people is already illegal in many jurisdictions, hence my paranoia there.)
So how do we do that?
First of all, only use messaging apps that are end-to-end encrypted. This means that your conversation can’t be read other than by you and the person you’re talking to.
You’ve got some options there. My favorite is Signal. Telegram also counts, but I don’t use it for the same reason I don’t use X. (It’s been overrun by Nazis.) It’s lesser known, but I’ve also been using Voxer. They use the same end-to-end encryption as Signal.
Anyway, it’s pretty easy to get started:
Download and set up Signal (or app of your choice) on your phone.
Turn off notification previews. While the conversation itself is encrypted, the text of the push notification isn’t. (If you’ve done this right, it should just say “Notification” when you get a new message.)
Tell all your friends/fellow organizers to do the same.
Chat freely.
A little caveat about Meta apps: Facebook Messenger and WhatsApp are both owned by Meta. They are also end-to-end encrypted, but with Zuck at the Inauguration, I really don’t trust them not to have a backdoor to unencrypt all of your messages.
Hi, Jillian Ratliff, paranoid bastard.
For the record, none of my recommendations are paid endorsements, but I trust Signal. I’ve been using it for years.
Virtual Private Networks (VPNs)
Next, download and pay for a good VPN if you can. A VPN creates an encrypted network tunnel and routes all of your traffic through another location. When you’re browsing the web, it changes the IP address that the traffic is coming from. This adds a layer of anonymization, but I wouldn’t rely on this entirely for privacy online.
You’ve got some options here:
NordVPN
SurfShark
ExpressVPN
Proton VPN
All of the above options are fine. They all say that they don’t log your internet traffic, which means they can’t be subpoenaed for your traffic later on. You could still be tracked in other ways, but we’ll get to that.
Look, it's bad enough that you're tracking us. But, it's even worse when you say... we've... been... Garthed.
Just remember that a VPN is not a complete guarantee that your online activity isn’t going to be monitored. If you use a VPN but still post something on your public social media, that’s still going to be public. The same thing applies to anything you do on the Internet. Just be careful.
An underrated feature of using a VPN for me is I can connect to a different country and get different search results. Some information is being suppressed within the United States. Do with that what you will.
Incognito Mode
Whatever Internet browser you use should have an “Incognito” or “Private” mode. I’d recommend using this often because most websites have what we call tracking cookies. For the most part, they’re just for advertisers to track your activity or keep you logged into a website.
The trouble is, it’s pretty tricky for the average non-computer person to figure out which cookie does what. Just to be safe, if you use incognito mode, all cookies and website history are deleted from your browser when you close it out.
In Chrome: File > New Incognito Window
In Firefox: Menu > New Private Window
In Safari: File > New Private Window
You get the idea!
Temporary Email Addresses
Given that Google changed the Gulf of Mexico to “Gulf of America” in Google Maps and deleted Black History Month and Pride Month from their calendar app, I think it’s safe to say your Gmail is probably being monitored at this point.
This is fixable, though.
Let’s say you want to be able to contact a reporter anonymously, and you need a temporary email address that isn’t tied to you. You’ve got your VPN running, and you’re using a Private Window, but how do you get a temporary email address?
I’m going to recommend Proton Mail. It’s free and encrypted email, and you can make as many email addresses as you need.
Temporary Phone Numbers
There are plenty of reasons why you might want a phone number that isn’t tied directly to you. For example, if you want to set up an account somewhere, but they need to send you an SMS text in order to log in. Or maybe you want to be able to communicate with someone you met on the Internet and don’t want them to have your real phone number.
A couple of options here:
Phoner and Hushed don’t require your current phone number to create an account. There are a few more options, but if they ask for your phone number, then that temporary phone number can be tied back to you.
Good Old Fashioned Paper
I went to a fair last weekend and picked up some ‘zines for free from one of the vendors. It occurs to me that if social media continues to suppress information, we may have to go the old-fashioned route to get information out there.
A copy machine (NOT connected to the Internet) may become the Resistance's primary communication method. It’s slow. It’s old-fashioned. But it can’t be monitored by the government or suppressed by social media tech bros who went to Mierda Lago** to kiss the ring.
I’d recommend making lots of copies of Resistance material and handing it out at protests.
Alexa, et al.
It’s also worth mentioning that if you have things in your house that automatically listen for your voice, like Alexa, Siri, or the “hey Google” thing on Android phones, you might want to turn that feature off. I know it’s handy, but the thing is, those things are always listening. There’s no guarantee “big brother” isn’t listening as well.
I hope this helps. Most folks live and die without moving anything more than the dirt it takes to bury them. You get to change things, save people, maybe even the world.
* This is, of course, an exaggeration. But if you’re a fellow Supernatural fan, see how many references you can spot in this post. (There’s one very obvious one, but I couldn’t help but include it. I love Garth.)
** Not a typo. (Wink!)