-
Notifications
You must be signed in to change notification settings - Fork 3
/
emergency.html
144 lines (140 loc) · 7.57 KB
/
emergency.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<!DOCTYPE html>
<html lang="en">
<head>
<title>In Case of Emergency</title>
<!-- Meta -->
<meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=0.5, maximum-scale=2, user-scalable=yes">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="creator" content="Cookie Engineer">
<meta name="description" content="What to do when your government spies on you">
<meta name="keywords" content="What to do when your government spies on you">
<meta name="generator" content="Cookie Engineer with some beer and nightly VIM sessions">
<meta name="robots" content="noindex, nofollow">
<link rel="alternate" type="application/rss+xml" href="weblog/feed.xml">
<!-- Website Design -->
<link rel="stylesheet" href="/design/layout/index.css">
<link rel="stylesheet" href="/design/about/index.css">
<!-- Website Functionality -->
<link rel="stylesheet" href="/design/menu/index.css">
<script src="/design/menu/index.js" defer></script>
<!-- Magic: Copy/Paste -->
<link rel="stylesheet" href="/design/magic/index.css">
<script src="/design/magic/index.js" defer></script>
</head>
<body>
<header>
<aside id="menu" class="visible">
<a id="menu-button" href="#menu">Menu</a>
<a href="#emergency">Emergency</a>
<a class="icon-section" href="/index.html">Portfolio</a>
<a class="icon-section" href="/weblog/index.html">Web Log</a>
</aside>
</header>
<section id="emergency">
<h1>Hello, fr1end.</h1>
<article>
You wanted to work with me but all your devices got hacked?
<br><br>
Well, happens to the best of us. This is a quick 'n dirty guide on how to fight back
against the next door surveilling nation that's trying to invade your privacy.
<br><br>
Please follow it to the letter, because contacting me via your standard OEM smartphone
(even a "secure" iOS device) will probably result in your device being compromised.
<br><br>
We're dealing with state surveillance here after all, and believe me when I tell you
that they got the means and power to do so.
<br><br>
If you don't believe me, then don't contact me. That's better for the both of us.
</article>
<h1>The Hardware</h1>
<article>
<p>
Get an Android smartphone from eBay in used condition. Deliver it to an anonymous address that cannot
be linked to your personal life (if possible). Choose a supported device from the <a href="https://wiki.lineageos.org/devices/">LineageOS wiki</a>
<br><br>
I can recommend the Fairphone models, and the Nexus or Google Pixel variants, because they're easily repairable
when they break (see YouTube teardown videos for more on this).
<br><br>
Some Xiaomi Redmi devices are nice as well, but it takes up to 8 weeks to activate/unlock their Bootloader.
Forget the Pinephone, because as of now (mid 2023) GLUDroid isn't there yet.
</p>
<p>
Get an anonymous Prepaid card or use Wi-Fi only for internet access. Anonymous prepaid cards are hard to
get within the European Union, but there are some providers that allow to get them still in a pre-registered
condition; so you don't have to link your passport to the SIM card.
<br><br>
Use a trashmail provider (like mytrashmail or similar), most throwaway mail providers are useless because the
registration process takes days/weeks sometimes. Use a domain that doesn't look obvious to a human. If it's
something like <q>@throwaway123mail123.com</q> a human will immediately recognize it and block/flag your account.
<br><br>
Some phone shops have preregistered SIM cards. Just ask them nicely :)
</p>
</article>
<h1>The Software</h1>
<article>
<p>
Follow the installation instructions in the <a href="https://wiki.lineageos.org/devices/">LineageOS wiki</a> for your selected device.
Flash TWRP first, then an official LineageOS build from their website (e.g. via ADB sideload).
</p>
<p>
<b>DONT EVER USE</b> any XDA-developers provided builds, they're known to contain a lot of malware and banking
trojans. Especially from our neighbors living in the friendly mother Russia.
<br><br>
Only use a LineageOS build, and only the one <b>without</b> the <q>gapps</q>. This will disable Google Play
framework and you'll have to use F-Droid as an App store, but we don't want spyware anyways, right?
</p>
</article>
<article>
<p>
Never install <q>SuperSU</q> or <q>Magisk</q> on your phone. You don't need a <q>rooted</q> phone.
Seriously, it's a big security risk and you're best to avoid it.
<br><br>
A lot of spyware (e.g. Pegasus and Predator) have support for exploiting the <q>su</q> command, and then they have
full access for free, because you handed it over to them.
</p>
<ol>
<li>Install <a href="https://f-droid.org/en/">F-Droid</a> (Open Source App Store)</li>
<li>Install <a href="https://f-droid.org/en/packages/eu.faircode.netguard/">NetGuard Firewall</a> and give the developer a few bucks for it at <a href="https://netguard.me">netguard.me</a> cause he's a nice guy</li>
<li>Install <a href="https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/">Fennec</a> (Open Source Firefox build)</li>
<li>Inside Fennec Add-Ons, install <q>uBlock Origin</q> and <q>LocalCDN</q></li>
<li>Inside the uBlock Origin Settings, synchronize/download the newest filter lists</li>
<li>Install <a href="https://gitlab.com/AuroraOSS/AppWarden/-/releases">AppWarden (apk)</a> and use it to scan/audit/remove all your Apps for/from known Trackers</li>
</ol>
</article>
<h1>Operational Security / OPSEC</h1>
<article>
<ul>
<li>Never use any Social Media on your anonymous phone.</li>
<li>Never add any family or real-life contacts on your phone.</li>
<li>Never store any password on your mobile phone.</li>
<li>Treat your phone as a throwaway device, always.</li>
<li>Always use your phone in airplane mode, only activate SIM card when necessary.</li>
<li>Never deactivate airplane mode when you're closeby related ones or friends.</li>
<li>Register and use the phone's SIM card (aka not in airplane mode) only inside the forest/jungle somewhere far away (min 20km, better 70km) from your home.</li>
<li>Never connect the phone to another computer via USB.</li>
<li>Never enable ADB (Android debug bridge) cause malware sure likes to spread via ADB.</li>
<li>If you have the option, use OpenWRT on your router at home, and use a separated guest Wi-Fi for your smartphone.</li>
</ul>
<p>
Stay safe. You're not alone in this fight.
</p>
</article>
<h1>Contact Me</h1>
<article>
<ol>
<li>Install <a href="https://f-droid.org/en/packages/org.briarproject.briar.android/">Briar for Android</a></li>
<li>Inside Briar, tap on the <q>+</q> button on the bottom right</li>
<li>My personal briar identifier is: <a href="briar://acvwbffcpuuweyymdpjxbyxw6zwwjsujzylmw65y75kco5whshyck">acvwbffcpuuweyymdpjxbyxw6zwwjsujzylmw65y75kco5whshyck</a></li>
<li>Send me your identifier link via alternative messaging channel (my nickname on Telegram for example)</li>
<li>Without your identifier link I won't be able to add you back</li>
</ol>
</article>
</section>
<footer>
<p>Made with 💔 in Heidelberg, Germany. All rights (and jokes) reserved under European Law.</p>
</footer>
</body>
</html>