[diggan]

If you're attending a large-scale protest, it's likely that the cell-towers (or stingrays) won't be able to handle everyone who is connected anyways, so worth planning to use apps that can chat over P2P WiFi or Bluetooth together with the rest of your friends. This also allows you to continue using Airplane Mode the entire time, while being able to communicate with people nearby.

Alternatively, investing in walkie-talkies that have encryption can be worth it as well, but unsure how legal they are around the world, think some countries put restrictions on those so you might have to acquire them while vacationing somewhere else.

It's mentioned in the body of the article, but get the feeling most people could miss it: Absolute best idea is to leave your "personal" phone at home! Either get a secondary (burner) phone with nothing useful on it and no real names, or skip out on the phone fully. If you do get a secondary phone, make sure it has a removable battery and keep it out from the phone until you arrive at location and as soon as you move, remove battery again.

[giantg2]

"investing in walkie-talkies that have encryption can be worth it as well"

Generally not allowed in many bands in the US. Motorola sells some AES walkies. They're really the only ones I know of, and they're very expensive.

[Aeolun]

I don’t understand under what logic AES encrypted radio communications (walkie-talkie) differ from AES encrypted radio communications (mobile network).

[op00to]

Encryption allows you to use a public resource (GMRS, for example) for exclusive private use. To have private use of a frequency, you gotta pay.

[bigfatkitten]

In the US, you can't run anything but analog voice on the bands you can use somewhat freely (CB, GMRS, FRS etc). On the amateur bands, you can run digital voice but you can't apply encoding for the purpose of obscuring the meaning of a communication.

You can do this on land mobile frequencies, but unless you're an organisation, you won't meet the eligibility requirements to be granted a licence by the FCC.

Your only other lawful option is one of the 900MHz FHSS solutions, though I don't think any of these offer robust encryption.

[echoangle]

Well the whole point of hiding your tracks is evading law enforcement, why would you care if it’s illegal? Or is it because of the „only do one crime at a time“ thing?

[giantg2]

Why do you assume this is about doing illegal things? This is about protests, many of which never turn into riots or illegal acts.

[echoangle]

I was thinking along the lines of „the state wants to oppress the protestors and makes it illegal“, but if you just want to avoid surveillance at a legal protest, yeah, you’re right.

[JumpCrisscross]

Going into a protest with illegal communication devices is almost a direct sabotage of the protest's intent. It gives law enforcement a legitimate reason to act, even if almost certainly ex post facto. And it paints the protest as wilfully illegal--you went in intending to break the law.

[paulryanrogers]

If you're protesting an oppressive regime then it's likely most privacy respecting methods are illegal.

[keybored]

The state has every reason (for itself) to demand perfect law-abiding behavior. The abstract Protest’s intent does not.

[mathieuh]

“If you have nothing to hide you have nothing to fear” right? That’s the same logic politicians are using to make spying on populations legal.

[dostick]

"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." - Ed Snowden

[Gud]

No one was arguing this.

It’s possible to have encrypted communications without fucking up public parts of the spectrum.

[BrandonMarc]

Hiding from surveillance is not the same as planning to do something illegal.

... but it benefits the state if people think it's the same ...

[hulitu]

> Well the whole point of hiding your tracks is evading law enforcement, why would you care if it’s illegal?

Because it will make you an easy target.

[Xen9]

Absolutely best idea is to make an encrypted PDA & play forensic scientist by recording everything.

1. Get a Google Pixel 9, 9 Pro, or 9 Pro XL smartphone (Cellebrite-proofn at time of writing). 2. Verify images & GOS. 3. Disable biometrics & wireless connections. 4. Memorize with Anki or your own head a new, NIST-compliant passphrase with ≥ 8+ words. 3. Get a cover for the smartphone. 4. Buy EMI tape and electrically insulating waterproof tape. 5. Tape the insides of the cover with EMI, layering it & govering the inner walls as well, no gaps (overlay two adjacent layer always, say ≥ 1 cm, if possible) 6. Add one layer of the other tape to insides of the cover 7. Story inside your underpants 24/7 powered off when you don't use it.

My setup is more secure than not having phone, a Qubes laptop, a 2G burner, or not having phone.

[dartos]

How is it more secure than not having a phone?

[MrDrMcCoy]

By capturing evidence of what happens to you that cannot be tampered with.

[redeux]

But that’s not security, it’s usability. Just by virtue of taking your phone to a less safe place you’re lowering its security. Taking a small offline camera would be a lot more secure if your concern is recording the events.

[dartos]

Any honest threat model assumes that any internet-connected device is already compromised…

[thunfischbrot]

If you‘re opening the cover, disconnecting antennas might be the way to go instead. Depending on the device, it‘s relatively painless and even reversible.

[gknoy]

I believe they mean a cover as in a case that has a folding cover, not as in the external layer of the phone itself. So you effectively turn that otterbox-ish thing into a faraday cage that will enclose your phone.

I am not sure how I follow how that isn't completely negated as soon as you go to actually use the phone, though.

[Xen9]

Most antennas require desoldering to disable, but mmWave & possibly NFC can be removed without it. Lining the case thoroughly with EMI tape edge-to-edge and adding another layer over any gaps blocks RF signal emission & reception. The screen side doesn't need shielding since antennas aren't directed through it. If you set & use USB-C for charging only and your installation passed PGP & attestation, then the OS disabling wireless components will also eliminate active remote attack surface & reduce passive remote attack surface at least remarkably.

[ignoramous]

Or, use a Faraday cage?

[_DeadFred_]

Burner phones aren't safe. Security through obscurity worked with the 1990s cell network but not with today's vast logging/geolocation tagging.

[scarface_74]

The idea is that they can’t tie the phone to a person. You also have to make sure you don’t get the burner phone some place with cameras.

[kevin_thibedeau]

Once the phone is on, they can tie it to a person with geolocation. Either directly if you do it at home, or indirectly when traveling in a vehicle associated with you.

[scarface_74]

The rule is that you don’t use your burner phone at home, you use it when you are at the protest.

[Animats]

If you have two phones both turned on and they both move around similarly, they can be associated later.

[scarface_74]

They also tell you to keep one off until you get to the place. Never have both phones on at the same time.

This is all well documented

https://www.offgridweb.com/preparation/burner-phone-basics-h...

[nurumaik]

Buy a burner phone with cash without taking your main phone and stash it somewhere. Then, before protest, take phone from stash and bring it with you

[krunck]

Sure the phone can't be tied to a person. But try getting phone service in the US without giving away your identity. Can't be done.

[BrandonMarc]

While true, I'm kinda wondering if that's even possible ...

[seb1204]

Can you still buy phones with sim cards that don't require ID to get working? Not in Europe, UAE or Australia.

[ghxst]

The countries I am familiar with in Europe (NL to name one) you can buy sim cards without any ID. Additionally there's at least 1 provider I know of that's giving them away for free while for the majority you pay 1-5 EUR but get some data after activation. There's no limit on how many you can purchase at once either.

[notpushkin]

> Not in Europe

In Estonia, you could buy a prepaid SIM card in a convenience shop a few years ago, without any sort of ID verification. Not sure if that’s still an option but I think it’s not a priority there. You can then use it all over the EU.

And of course, buying a phone without a contract doesn’t require ID either.

[mlni]

Anonymous prepaid cards still available in any corner shop

[em500]

Some countries still allow that: https://www.comparitech.com/blog/vpn-privacy/sim-card-regist...

[jenadine]

Just break your phone in two part after your call and you'll be safe /s

[qwerty_clicks]

What apps do you recommend with p2p messaging?

[diggan]

Lots of groups have used https://briarproject.org/ successfully in the past, I've heard. Assumes you're using Android though which if you're using a burner, you most likely are.

[mmooss]

> successfully

Successfully in terms of communication or in terms of security?

Successful communication is easy if you don't worry about security. Just post it on Instagram.

How do you know if your security is successful? How do you know if your messages were intercepted and read, your app was hacked, data was extracted from it, etc.? The attackers (authorities or otherwise) are not going to tell you.

[TheSpiceIsLife]

I’d go as far as to assume there’s no evading surveillance in a strict sense.

If you attend, leave your phone home (atypical usage), go with other people / meet them there / other people you know are there (facial recognition / gait analysis / clothing preference) those are all good data points to predict with high probability where you are and what you’re up to, especially given your typical movements, data usage patterns, purchasing habits, friends / acquaintances / social media interactions are all in at least a few databases.

Take the security measures you’re willing to make the tradeoffs for.

If history is anything to go by, we’re only ever an election, or other political churn, away from your particular sets of beliefs / identifiers being persecuted, or at least your least favourite political prisoners being released and coming after you.

And, as you allude to, relying on the security practices of others has its own problems. Even Perfect Forward Secrecy etc etc provides little help against Rubber Hose Cryptography.

[Muromec]

>If history is anything to go by, we’re only ever an election, or other political churn, away from your particular sets of beliefs / identifiers being persecuted, or at least your least favourite political prisoners being released and coming after you.

it goes other way around too - you are only one election cycle away to be pardoned.

And if the protest is succrssfull, you dont need a pardon anyway.

Source -- been to places, done the things, a special law shields me from the thiengs being brough up by autorities

[TheSpiceIsLife]

Being pardoned doesn't help much if you're dead.

A special law shields you? How does a law shield you from persecution?

Over ten years later, I've never forgot this comment:

https://news.ycombinator.com/item?id=6033481

[__MatrixMan__]

Sometimes, when a protest makes the government extra uncomfortable, they'll shut off the internet. So it's probably best to not rely on Instagram.

[thwackamole]

> Successful communication is easy if you don't worry about security. Just post it on Instagram.

Nope, assume Meta is captured and will suppress such communication.

https://news.ycombinator.com/item?id=42777938

https://www.bbc.com/news/articles/c4g32yxpdz0o

This has been widely replicated on inauguration day before being rolled back.

I would assume any social media site whose CEO attended is captured as well.

[DicIfTEx]

Here's a guide to PET (peer-to-peer, encrypted, through Tor) apps, focussing on Briar and Cwtch: https://itsgoingdown.org/the-guide-to-peer-to-peer-encryptio...

[crossroadsguy]

Depending upon which OS are on. If Android - Briar is the most famous and obvious choice. On iOS? There are not any options really but wasn't any usable one around a year back the last I had checked.

On iOS there are not many options for P2P w/o Internet (I assume that is what you meant - otherwise if you want P2P over Internet then there are some options although not really "truly" P2P of course - and of course if Internet is shut down or overwhelmed then it will be down). There's https://github.com/berty/berty (the last time I tried it was crashing incessantly but it might have improved). I do not know of anything else really (there might be few but I am not sure).

[nostradumbasp]

Turn your phone off, and wrap it in 5 layers of tin foil. Or like you said leave the stupid thing at home.

[HumanOstrich]

Hey that should go well with my tin foil hat.

[nostradumbasp]

They actually sell those now. Well they use "faraday fabric". So that's another solution, but your phone one your head and put a foil hat on it.

[morkalork]

How safe is Bluetooth really? Cities has scanners used to track devices for monitoring road congestion, malls have scanners to measure foot traffic. I have to believe that anyone with access to stingray type of device can track Bluetooth as well.

[theoreticalmal]

Don’t both Apple and Android implement random BT MAC addresses specifically to prevent this kind of tracking?

[mmooss]

There could be other fingerprints besides MAC addresses.

[snypher]

How about my smartwatch, or my $29 earbuds? They are always conveniently near the 'random mac' and can be used to fingerprint.

[AlphaCerium]

don't bring them to a protest, simple :)

[grugagag]

Yeah, not sure many people are aware their beloved tech is spying on them. At this point face recognition and other tech can make it such that everyone is traced, filed and automatically sent summons of some sort.

[diggan]

Usually, protests are located in one somewhat easily defined area, until you cannot be there anymore or the goal has moved somewhere else. So then you need to get to another spot, this is the moment you disconnect your battery until you've arrived at the other place.

So yeah, they'd be able to say that "person A was at location B and later C", but not necessarily the way there or after/before those specific locations.

I agree that the safest is to assume they can definitely track you no matter what protocol/antenna you use, so you have to chose what moment it's OK to be tracked (like large groups).

[esperent]

> so worth planning to use apps that can chat over P2P WiFi or Bluetooth together with the rest of your friends

I can't even get Bluetooth audio to work reliably in a crowded cafe, are you sure these other protocols would fare better?

[pclmulqdq]

Messaging doesn't have the same real-time requirements. It's still often flaky.

[tehjoker]

The battery thing can be important. One strategy law enforcement uses is to force your phone into a high energy state and zap the battery very quickly.

[nine_k]

No need for the law enforcement to do anything. I suspect that a large, thick crowd where everyone carries a phone creates enough radio interference that phones lose contact with the tower very often, and try to reconnect very often, especially when people send or receive messages, auto-upload photos, etc. This keeps the phones in the active state for longer, draining the batteries.

[theoreticalmal]

What does this mean? What does the zapping accomplish?

[Cpoll]

I'm guessing in this context it means drain the battery. I haven't heard of this technique, but it seems plausible, by tricking the phone into constantly transmitting over WiFi or cell.

[dinosaurdynasty]

I wonder how useful purism phones are for this (all external communication, including GPS, has hardware shutoffs).

They are expensive though...

[DaSHacka]

Couldn't you achieve the same by just enabling airplane mode or similar on regular devices? I don't think niche devices with hardware killswitches should be necessary

[snypher]

My S23 enters airplane mode and the WiFi and Bluetooth are still connected... Airplane mode isn't what it used to be!

[portaouflop]

I just have a 20 yo Nokia - doesn’t have all the fancy stuff, only can send texts

[RiverCrochet]

Guessing from things I've heard, take this with a grain of salt:

- In order for most cellular protocols to work successfully, it's necessary for the transmission power level (phone to tower and tower to phone) to be lowest possible.

- So that tx power has to be constantly modulated because the phone's distance is always changing as it moves, meaning the optimum power level is always changing.

- The tower is in control of this - it tells the phone how powerful to transmit, and this can be done for each device.

- So I would suppose a malicious party in control of the tower could simply tell the phone to transmit at max power, which will drain batteries quickly, especially if the connection is being actively used I guess. This may have interference considerations but if the tower is really a box on top of a car or truck it may not really matter.

- I don't know how the phone is prevented from connecting to closer non-malicious towers.

[JohnMakin]

I could hazard a guess that if someone made your phone really hot it would be able to be scanned by thermal imaging and pick you out of a crowd. Just leave phones at home, like, use 18th century methods if you have to. I dont pretend to care or know why people would be interested in this, but like, your phone probably is not your friend in a protest

[HumanOstrich]

Sounds like a great movie. When does it come out?

[JohnMakin]

nice try diddy

[tehjoker]

Reducing the ability for protestors to coordinate on the streets.

[Muromec]

You dont coordinate on a protest with a phone and a network

[tehjoker]

I don't think it's a good idea either but people do text each other.

[mmooss]

> One strategy law enforcement uses is to force your phone into a high energy state and zap the battery very quickly.

As a denial of service attack?

[dghlsakjg]

How do you force a phone into using more battery through external means?

[Groxx]

(I have no information and thus no opinion on this being a thing that happens but)

constantly keeping the cell antenna and CPU awake would probably do it. it's a BIG part of why weak cell signal and lots of noise at e.g. conventions drains your phone many times faster than normal, even when you're not using it. you could probably do that just by sending junk data to everyone occasionally, or delaying valid data to prevent going into sleep modes for longer periods.

[quesera]

If you ever forget to put your phone in Airplane Mode when flying (and you survive the flight!), you will notice that the battery is surprisingly depleted.

I think it has to do with the phone constantly renegotiating with cell towers along the route.

I've seen similar behaviour when a hurricane took out power to a local tower, and it was intermittently restored.

It might be possible to emulate that in a controlled environment/area.

[542354234235]

Not exactly. The phone needs to transmit with enough power to communicate with the tower. When connected to the tower, the tower is constantly monitoring the signal and sending back information to the cell phone to tell it how much power it needs (without using more than it needs and wasting battery life).

If a phone isn’t connecting to any towers (like on a plane) it assumes it is out of range and is blasting out max power trying to find something to connect to. During hurricanes, many towers are down, which can overburden adjacent towers as well (since each tower only has a certain number of slots/channels it can handle). It means that you may not be able to communicate with your closest tower, since it is down, but you also may not be able to communicate with the next nearest tower, since it at capacity for current users, which puts you in a longer distance higher transmit power situation.

From what I have heard, those Stingrays act as fake towers, so I would assume they could set them to always tell the phones it needs max transmit power.

[a12k]

If iPhone, have a case of active AirTags in the vicinity.

[uoaei]

Nitpick: it's sap the battery, as in sapping energy.

[Onawa]

I think both 'sap' and 'zap' work in this context, and zap might be the better option because 'sap' can have the additional meaning of moving the energy somewhere else, whereas 'zap' can just mean to remove in general.

[uoaei]

"zap" has never meant to remove anything, in general, where are you getting this?

[Onawa]

https://www.merriam-webster.com/dictionary/zap

zap: 2 of 3; verb zapped; zapping; zaps

transitive verb 1a: *to get rid of*, destroy, or kill especially with or as if with sudden force

I was using the "to get rid of" portion of the definition.

[uoaei]

That implies you've detonated or otherwise destroyed the battery, not merely drawn the energy from it.

[G_o_D]

cold boot attack usually on pc and laptop, nowadays there are not much removable batteriez

[AnarchismIsCool]

.....please don't rely on cell towers being too overloaded to track you. The rest of the advice is solid.....but the premise is just gonna get you v&.

[diggan]

My note about overloaded towers is not about that they'll be unable to track you, but you'll be unable to use public internet to communicate with the rest of your group.

[timewizard]

Keep in mind "Mens rea." If you are implicated in the crimes of the crowd all of these actions may be used to increase the penalties you face. Even if you "trust" the crowd, somehow, you should remember that agent provocateurs exist.

You might ask what attending a large scale protest is intended to achieve and decide for yourself if the personal risks are worth it.

[neilv]

> You might ask what attending a large scale protest is intended to achieve and decide for yourself if the personal risks are worth it.

True. But keep in mind that demonstration size can have an impact.

Even just relatively large, not even a Million Man March.

For example, relevant to recent news magnifying vile Nazi-saluting imbecile demographics: They tried to pull that at an event in Boston in 2017, but tens of thousands of counter-demonstrators showed up. https://en.wikipedia.org/wiki/Boston_Free_Speech_Rally

We need more reminders that the US can be good people.

[timewizard]

> but tens of thousands of counter-demonstrators showed up

What social change did this lead to? It sounds like two ideologically opposed groups showing up in the street to war with each other. In the end the organization just built a new group and moved everyone into it. What is this meant to be an example of?

Seems like "Sound and fury. Signifying nothing." to me.

> reminders that the US can be good people.

The US /is/ good people. Will it ever be 100% "good people?" Of course not. Perhaps you shouldn't let salacious for profit media hyperventilation over the few bad apples that exist to tarnish your view of an entire country. Let alone allow this to encourage you to participate in meaningless street level shouting matches.

[scarface_74]

The last election proved otherwise. The police are corrupt and now are going to have immunity to it. The President just introduced a meaningless cryptocurrency to bilk his true believers and is just ripe for a rug pull.

We demonized a whole group of immigrants and said they were eating pets and they just pardoned 1500 violent criminals that even the police were opposed to pardoning.

And over half the country is okay with that

[neilv]

> What social change did this lead to?

Even when obviously crazy/corrupt/malevolent people seize control of most branches of government, demonstrations tell some of the people who feel most threatened that they're not alone, that the people around them are not what the news would have them believe, and that many others will come out and stand up for them.

[6LLvveMx2koXfwn]

And if those risks are too great due to state over-reach, best stay at home.

[nonrandomstring]

That seems too lenient on yourself. Why not do the right thing and hand yourself into the Inquisitor General for wrong-think about protesting? Maybe they'll go easy on you.

[_DeadFred_]

At the least you should confess your temptation to wrongthink at the nearest Larry Ellison AI monitoring 'oracle'. Landru...I mean Oracle AIs maintain social order through their constant AI vigilance. The good is the harmonious continuation of the Body.