[liberationtech] best practices - roundup
Fran Parker
lilbambi at gmail.com
Tue Oct 9 10:30:12 PDT 2012
Thanks Parker! I was hoping someone would post some of these best
practices as an article or white paper link.
On 10/9/12 1:28 PM, Parker Higgins wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi Katy,
>
> Excellent list. Sorry I'm late to the game, but if you're traveling to
> one Internet hostile regime in particular -- and here, I'm referring
> to the US -- you or others may find this EFF whitepaper on border
> crossing to be useful.
>
> https://www.eff.org/wp/defending-privacy-us-border-guide-travelers-carrying-digital-devices
>
> Thanks,
> Parker
>
> On 10/9/12 9:23 AM, Katy P wrote:
>> Best practices for traveling to an internet-hostile regime.
>>
>> There is a lot of variance - obviously the regime's capabilities as
>> well as one's own visibility come into play.
>>
>> And, if it isn't obvious, I'm not a security expert. This is not
>> official, legal advice. Everyone needs to research this on their
>> own and make good decisions for themselves. If you're really not
>> tech-savvy, it might be worthwhile to hook up with a tech-savvy
>> friend (or IT professional) to do some of these steps.
>>
>> Regardless, here are some hints from the community:
>>
>> BEFORE YOUR TRIP - your laptop and mobile device should be ones
>> that are fresh - factory reset to the original operating system and
>> best case would be "burners" -- devices that you can factory reset
>> upon return home (some suggested also using a bootable Linux
>> install) - do not link your Dropbox, GDrive, or other file service
>> at any time - do not be logged into GMail, social media sites,
>> etc. - be careful with what photos you have on your phone (before
>> leaving the country especially) - have a virus scanner installed -
>> make sure that all software is up-to-date (Windows Updates, virus
>> scanner) - any sensitive data/documents should be on a USB drive,
>> not kept in an obvious place (like throw it in with your toiletries
>> or something) with an encrypted volume - change all of your
>> passwords to something very secure before your trip - install TOR -
>> consider a mobile security app (Here's a review of some Android
>> ones:
>> http://www.digitaltrends.com/mobile/top-android-security-apps/) -
>> encryption may be illegal and may cause more concern
>>
>> AT THE AIRPORT: - don't be logged into anything - be polite - don't
>> be nervous
>>
>> DURING YOUR TRIP - when on WiFi, DNSCrypt
>> http://www.opendns.com/technology/dnscrypt/ - set up a VPN
>> connection - never leave your devices anywhere (even hotel safe) -
>> assume phone conversations are monitored - turn off GPS - turn on
>> encryption for your social media sites (Facebook encryption
>> http://www.facebook.com/help/?faq=215897678434749 Twitter
>> http://blog.twitter.com/2011/03/making-twitter-more-secure-https.html)
>>
>>
> - - some suggest having a different "burner" social media account
>> - be careful posting pictures and updates during trip
>>
>> LEAVING THE COUNTRY - if possible, it might be a good idea to do a
>> factory reset on devices before going to the airport (??) - upon
>> return, do factory resets of all devices - change passwords upon
>> return
>>
>> Thanks to everyone that made suggestions.
>>
>>
>> -- Unsubscribe, change to digest, or change password at:
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>
> - --
> Parker Higgins
> Activist
> Electronic Frontier Foundation
> https://eff.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (Darwin)
> Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
>
> iQIcBAEBAgAGBQJQdF7TAAoJEJQzX4iaNncJRX0P/RJ6j52WS82MrhphAACYLmf3
> 6piCAtmjroMYfS+vMdXmcWVbJcR8PHo2W93PPuZcWxXuZJ9oxEkL5X6yDhs8ujcN
> m0XBK5U19/Sl+6Go18p+1Wwd6Q0bWLJAYeU4T+wKHZ6KBTlw9GzadfFKUXdIzp99
> W+Xpe4ye429AJBxMs+LE/oJ88Fuu9eD61mwWD++M6VgXvA2kIsZ+2WGwHdR4xkfP
> xhnbaQw+MlFzTBx9W8ZkWcYG6gR4QDIEQxFC+NczBLYbkEz8uZ8oFFB6raUaBjSN
> G5zouS3FGvgaaufMMHedp0Aj70aFTgHYuif4y1e4c47w1D+h5Fv6ajU5rUbLlbmh
> mBi056jw5us2N9u7wWjna9z6lUWrPe4pJVlUb+lcUgCR2Eg5ezW8dGoaBzQC+Gtg
> Zg3wNNA34G43D0WuUkzU1m8IQewHXUsawtji/RC05YdPXqTER63S02f1iDMbRt1l
> bn7t4TEmWo8Dbe1AZmls1usi0WOc4pxflrV2UFvhSVF2RXUVuHC4C9BI5cDyd83g
> 1UH6nRtREo9ybwg2OhXQIOTecsDz+yejU6gWpLMLkhqlBNhLfjrmbqe5aZHXq7A/
> yrNj/wS1m5IAOUnAIf+mZaRaa6Tggk80qAa/4EvPySeucGGExFnWiqCVfB3jeJAi
> MwGq8qRxMxyMcDU3WRTQ
> =4wVS
> -----END PGP SIGNATURE-----
> --
> Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
More information about the liberationtech
mailing list