Zombie Zen

Posts tagged "Encryption"

Phone Security Quick Tips

Posted on

Cyber security has become critical to ensuring public safety in the US. There’s an absence of good coherent information, and people are rightfully scared and confused. I’m drafting another article that explains cyber security principles in greater depth, but it’s not ready yet. Until then, I’ll get straight to the practical tips:

  1. Encrypt your phone. Instructions from CNET. This protects someone from looking at your phone’s storage without knowing the passcode. If you only follow one step from this guide, follow this one.
  2. Use Signal for communications. Messages and voice calls made through Signal are encrypted such that only the two devices communicating can read the messages. However, if you don’t encrypt your phone, then the messages can be compromised with physical access to the phone. Encrypt your phone!
  3. If you think you are about to be detained by police, turn off your phone. Police can legally coerce you to touch the fingerprint scanner, but cannot legally make you divulge a passcode (source). By turning off your phone, your phone “forgets” the decryption key to the storage, thus requiring the passcode on boot. If you are participating in protests or other situations requiring elevated security, disable fingerprint scanning for sign-in.
  4. Be cautious of apps you install and use a phone from a reputable manufacturer. I trust Apple and Google, but use your own discretion.

Beyond this, the usual security advice applies — don’t visit sites you don’t trust and use HTTPS where possible. Stay safe!

Important tip for those protesting: use the Signal messaging app. SMS can be intercepted, and while I don’t know of any specific threat, prevention never hurts.

News from the White Rabbit. The QR code decodes to this:

-----BEGIN RSA PRIVATE KEY-----
MIIByAIBAAJhALWSG2+yBnYvjO5vQv/mI7WBm09YH9v6eUu4QTHUNQoOWqdFaZL0
Yekx7+iHgvA4m4uqlVp/LUMAZ10+mO2ufHzemL6M1KPqxr+sY7wWCsuZA6VyaR3n
YBnaaaBWbAZk0wIBIwJgKYB7TLr6KaR3+/wskkM7XK/o/DFmXiqfYcO3IVUTcANH
67gYIZbxzubXwB75W3qm0sT4GG4FPOcQjyIa9nH1wGabgEG646d9sowd2p93GL1N
f1rX6MRQYmbIAgQ1Ic3LAjEA71frKFmVheQC/2LPyYgLzdIrlJRgSQuxiivqi71s
9Kz8bf5oJntqv4nH/Oh6XP03AjEAwjTsx0RA0ql766aTLfPdhUuE2NjituJPSFt2
k970yq/UKkaQXREVq872mpuJNYNFAjA9i6LefW+XdSVXnRDcDQpZfy/HHtbuNjT3
pOSKVUfnJSr3tnKNjXM4kSTMAUQJSG0CMBClc2GJgeYryMsORyEyKO4rC2MLRqH2
JA2ELrw3rpUHwbp7E7A0qhYKbOiuPvX1TwIxANfA9NTZxf1K4+LoKInwQKWz2sRc
NS4CYsNpg3F0MPUXXH8VxlT+WvojZJ2OogoYIQ==
-----END RSA PRIVATE KEY-----

If this doesn’t make sense to you, be patient. I will post an explanation shortly.