Session won’t save you if you don’t have a head on your shoulders.
never give out information about yourself, even if you correspond through the most secure channel. Don’t forget that although the encrypted channel cannot be read by outsiders, an outsider can contact the person on the other side and gain direct access to the chat. paranoid zero trust is the basis, encryption is the superstructure.
Black Bridge Paranoid ZeroTrust
Paranoid ZeroTrust – don’t trust anyone, not even yourself.
First, read about ZeroTrust for a healthy person from the Greenhouse of Social Technologies: https://te-st.ru/2022/09/19/zero-trust/
If you are a partisan, forget what is written there, this is not for you, but for peaceful activists. You need a paranoid level of ZeroTrust to operate and stay free:
Briefly: in any communications, assume that the interlocutor may be hacked, unintentionally leak information, or turn out to be a set-up.
1. Any interlocutor may turn out to be an intelligence officer.
2. A person you trust may spill the beans and give you away.
3. A member of your resistance cell can be arrested by accident or on purpose, and drag the rest of the partisans along the chain of acquaintances.
4. Your smartphone, laptop, computer, tablet may be stolen/lost/broken/seized by employees.
5. Any group chat with any access can be infiltrated by employees. The larger the group and the more extreme the group’s activities, the higher the likelihood.
6. The contact address can be faked (for example, admin and admln).
7. A link to a seemingly safe resource can be faked (twitter twitter twittr)
8. A 100% secure and trusted conversation partner can be hacked or otherwise compromised.
9. Your Russian Internet/mobile communications provider records your traffic and transmits it to the authorities (this is not even paranoia, this is a fact, google “SORM” if you don’t know). Therefore, all your unencrypted conversations, including regular cellular communications (it is almost not encrypted by operators), are known to the “trash major”.
10. All Russian Internet services are either already transmitting data to the “trash major”, or are planning to do so.
11. Centralized Whatsapp, Viber and other “unblocked” foreign messengers “cooperate” with Russian security forces in various forms.
The situation with Telegram is not entirely clear. On the one hand, the RKN fought with him and lost, and now Durov is putting the screw on fines for “failure to remove fakes about the Russian army and its own.” On the other hand, there is the fact that “Smart Voting” was blocked in the last Duma elections, probably due to hostages – employees on Russian territory who were threatened with physical harm.
How to survive if you are paranoid in such a situation?
1. Always assume that your interlocutor is a senior major who is sewing a case against you and all your words can become evidence.
2. Don’t tell anyone anything that could de-anonymize you. No personal details to anyone, even if you trust us, including us.
3. Do not tell anyone the details of your plans, which will indicate exactly the place and time of the action.
4. Use completely anonymous accounts that are in no way tied to your non-anonymous accounts and personal data.
5. On local devices, store a minimum of information related to the “partisan identity” or nothing at all, including anonymous messenger accounts. If you store something, have a plan to quickly destroy the storage medium/device.
6. Store sensitive data and accounts in “clouds” and network folders, in encrypted form. Do not write down links to these “clouds”, logins and passwords anywhere – remember them.
Points 1-4 protect against linking a “partisan personality” to a real person. Paragraphs 5-6 provide the possibility of “plausible deniability” in case of detention and search.
The same approach should be used in technical issues of ensuring your information security.
How to confirm the authorship of a direct action if you cannot tell anyone anything about your plans, and taking photos and videos is dangerous? Use a hash function to verify authorship:
How to organize your own independent resistance cell? We answer:
If you have this question, you are a resistance cell . The rest is technical details.
1. To safely search for information, make a flash drive with the TAILS operating system . “In reading mode” you don’t need anything else; even Telegram channels can be read simply by following a link in the browser. Warning: TAILS is a must-have guerrilla security tool.
2. For secure communication on sensitive topics, the minimum required is completely anonymous email. We recommend https://proton.me/ They encrypt your data so that only you and no one else can read it. To create a completely anonymous mailbox, load into TAILS (this is required) and go to https://proton.me/ The only difficulty is that they ask for another email for confirmation. Use temporary mail, there are plenty of such services on the Internet. You don’t need to use your regular email for this. In the future, communicate from this mailbox and log into it only under TAILS
3. Your resistance cell needs media representation . Ideally, if dependent media or z-propagandists write about your action. This is only possible in the case of the most hardcore promotions. A simple way to publish that will definitely work is to write from a completely anonymous mailbox to our email in the channel description. Write only the bare minimum about the event that took place. You can add the name of your resistance cell and individual symbols.
Here it is described how to create a completely anonymous account and channel in Telegram for independent media representation of a resistance cell: https://telegra.ph/Polnostyu-anonimnyj-kanal-v-Telegrame-09-02
