On 05/01/2015 06:35 AM, Georgi Guninski wrote:

On Thu, Apr 30, 2015 at 10:04:48AM -0700, Razer wrote:

...

prosecutor, even as they leak 'evidence' Gray 'beat himself to death'

I don't believe this.

As the police joke says: "The arrested committed suicide, shooting himself in the head three times in the same place".

I was raided once in a ground floor apartment with a street window by cops who, when the ones at the door said "Let us in!", the cops in the window said "Come in!" and down went the door. Let me know when you find out police officers are typically corrupt thugs.

On Thu, Apr 30, 2015 at 08:57:59PM -0400, Griffin Boyce wrote:

Aloha from Baltimore,

The protests have been peaceful of late, and actually fairly peaceful overall. The police, however, have not been. Despite claiming to be basically terrified of black people congregating in

Did the riots caused (much) damage to citizens not affiliated with the government? I would expect all sufficiently large riots to cause some collateral damage. -- georgi

On Fri, May 01, 2015 at 12:38:57PM -0400, Y G wrote:

On 04/30/2015 08:57 PM, Griffin Boyce wrote:

...

Georgi Guninski wrote:

...

How are the Baltimore riots going?

https://en.wikipedia.org/wiki/2015_Baltimore_riots

...

Mandatory curfew effective April 28 – May 5 from 10pm-5am

Aloha from Baltimore,

Is there any way that the protests could use help on the tech front?

Maybe doxing the baltimore police will shed some light on the murder of Freddie Gray.

On 05/01/2015 10:38 AM, Y G wrote:

On 04/30/2015 08:57 PM, Griffin Boyce wrote:

...

Georgi Guninski wrote:

...

How are the Baltimore riots going?

https://en.wikipedia.org/wiki/2015_Baltimore_riots

...

Mandatory curfew effective April 28 – May 5 from 10pm-5am

Aloha from Baltimore,

Is there any way that the protests could use help on the tech front?

OPSEC training!

I heard a bunch of things about the Baltimore PD being sure to keep track of livestreams and I think also checking Twitter photos?

Yes, and using Stingray. Protesters, or at least key organizers, need to be running apps to detect and block IMSI catchers. And everyone not using them needs to put their phones in Faraday bags. So they also need to know how to make Faraday bags from aluminum foil and duct tape.

So maybe someone running their own StatusNet or Pump.io or something, so that the Baltimore PD aren't at least getting the data firehosed from the source? (Of course, that would require getting the message out to everyone to switch...)

Yes.

On 05/02/2015 03:40 AM, Douglas Lucas wrote:

On 05/01/2015 03:26 PM, Mirimir wrote:

...

Protesters, or at least key organizers, need to be running apps to detect and block IMSI catchers. And everyone not using them needs to put their phones in Faraday bags. So they also need to know how to make Faraday bags from aluminum foil and duct tape.

Good links to walkthroughs on both these would be greatly appreciated.

I don't use smartphones, and so don't know what works best. Searching on "detect IMSI catcher" yields hits for Android, but I see no apps for iOS. AIMSICD looks like a good app. Maybe someone who knows this stuff well can recommend one. For the Faraday bag, see http://www.instructables.com/id/RFID-Secure-Wallet/. It's easy to test. Just put the phone in the bag, and call it. If it rings, there are leaks. The hardest aspect is getting good electrical contact on all seams, including the access flap. The maximum dimension of any hole in the bag must be small, less than an inch. A gap at the seam that's an inch long, even if it's very narrow, will leak a lot. The other thing to keep in mind is that aluminum foil gets brittle with bending, and will crack. So you need multiple layers, and the layers must be in electrical contact. Narrow strips of double-stick tape between layers are OK to provide structural stability. But it's a trade-off.

I was at Freddie Gray et al./May Day protest tonight (Friday; see tweets https://twitter.com/douglaslucas/with_replies). There was one point, a key intersection we were marching through halfway into the march, where cell reception inexplicably dropped for a few minutes. There was also, early on, someone in an Austin Police Department hat taking pictures/video from the balcony of a firefighter's station, suggesting that the cops were clued in, which would make sense given the organizing happening on facebook etc., which of course sounds like horrors to crypto snobs but in terms of mobilizing large populations is the only current, repeatedly practiced answer and an effective, if dangerous, one.

On 05/03/2015 11:20 AM, Georgi Guninski wrote:

On Sat, May 02, 2015 at 06:21:16PM -0600, Mirimir wrote:

...

For the Faraday bag, see http://www.instructables.com/id/RFID-Secure-Wallet/. It's easy to test. Just put the phone in the bag, and call it. If it rings, there are leaks.

I am noob at smartphones, but isn't this very close to functionally equivalent to just physically remove the battery from the phone?

At what distance is phone with removed battery detectable?

Well, if someone implanted "backup battery" this fails, but the implanted battery must be sufficiently small to not see it.

I don't know enough about smartphones to say. The effectiveness of removing the battery may vary among devices. Snowden told people visiting him in Hong Kong to put their phones in the refrigerator, which is a Faraday cage. Also, using a bag is arguably less hassle than removing the battery.

...

On Sat, May 02, 2015 at 06:21:16PM -0600, Mirimir wrote:

...

For the Faraday bag, see http://www.instructables.com/id/RFID-Secure-Wallet/. It's easy to test. Just put the phone in the bag, and call it. If it rings, there are leaks.

...

I am noob at smartphones, but isn't this very close to functionally equivalent to just physically remove the battery from the phone? At what distance is phone with removed battery detectable? Well, if someone implanted "backup battery" this fails, but the implanted battery must be sufficiently small to not see it.>I don't know enough about smartphones to say. The effectiveness of removing the battery may vary among devices. Snowden told people visiting him in Hong Kong to put their phones in the refrigerator, which is a Faraday cage. Also, using a bag is arguably less hassle than removing the battery. For an RF-shield, I think that using a microwave oven would be much superior to a refrigerator.  By definition, a microwave oven is designed to contain a huge (1 kilowatt) emission of 2.45 GHz signal (close to those of cell phone frequencies, some are 1700-1900 MHz), so that humans can live with reasonable safety a foot or so away from it.  This implies a shielding of around 60 decibels.I'd keep a container of water inside the microwave cavity to absorb emitted microwave-band signals.  (And, of course, you should detach the power-cord of the microwave, to avoid accidently frying your valuable electronics.)As for smartphones, my understanding is that most of them don't have detachable batteries.  They do, however, have "airplane-mode" function, where (presumably) they are set to not emit any signals in any band.  That doesn't mean they couldn't hear, or record, audio, or detect RF signals, for recording and later transmission.        Jim Bell   N7IJS             Proudly standing as the LAST "Tech-Plus" Ham (Amateur Radio Operator) in the World.

On Mon, May 4, 2015 at 12:41 AM, rysiek wrote:

That doesn't even mean they can't transmit and receive. They just *claim* they can't. *If your threat model contains "NSA controlling my phone" threat*, airplane mode is not a real option.

Maybe better to say the "attacker controlling my phone" threat. Doesn't have to be NSA (or any other TLA) - no reason mobsters, script kiddies, political opponents, personal enemies, and other non-state attackers couldn't pull the same trick.

OR: Put phone in microwave and set it for a slow-roast program. The interference will prevent harmful spy-rays from reaching the phone. Bonus, you can fast-charge Apple devices using the Microwave thanks to #AppleWave! On 5 May 2015 12:58:02 GMT+01:00, Georgi Guninski wrote:

...

...

removing the battery may vary among devices. Snowden told people visiting him in Hong Kong to put their phones in the refrigerator, which is a Faraday cage. Also, using a bag is arguably less hassle than removing the battery. For an RF-shield, I think that using a microwave oven would be much superior to a refrigerator.  By definition, a microwave oven is designed to contain a huge (1 kilowatt) emission of 2.45 GHz signal (close to those of cell phone frequencies, some are 1700-1900 MHz), so

On Sun, May 03, 2015 at 08:51:02PM +0000, jim bell wrote: that humans can live with reasonable safety a foot or so away from it.  This implies a shielding of around 60 decibels.I'd keep a container of water inside the microwave cavity to absorb emitted microwave-band signals.  (And, of course, you should detach the power-cord of the microwave, to avoid accidently frying your valuable electronics.)As for smartphones, my understanding is that most of them don't have detachable batteries.  They do, however, have "airplane-mode" function, where (presumably) they are set to not emit any signals in any band.  That doesn't mean they couldn't hear, or record, audio, or detect RF signals, for recording and later transmission. 

...

      Jim Bell   N7IJS             Proudly standing as the LAST "Tech-Plus" Ham (Amateur Radio Operator) in the World.

For maximum safety: ;)

1. Put the phone in airplane mode 2. Physically remove the battery 3. Put the phone in tinfoil faraday cage as explained here 4. Put the faraday cage in the microwave oven

...

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

On Tue, May 05, 2015 at 10:38:57AM -0400, Griffin Boyce wrote:

Cathal (Phone) wrote:

...

OR: Put phone in microwave and set it for a slow-roast program. The interference will prevent harmful spy-rays from reaching the phone.

Bonus, you can fast-charge Apple devices using the Microwave thanks to #AppleWave!

I find that putting my tinfoil hats in the microwave on high for five minutes really restores their luster. ;P

lol... Likely entirely offtopic, but this reminds be of the joke which in Bulgarian reads: "Когато станем милиарди, ще видиш ти на кой ще викаш луд" Very roughly translated, pun lost: "When we reach billions lunatics, you would be much more careful whom you call madman"

On 05/05/2015 02:35 PM, Juan wrote:

On Tue, 5 May 2015 14:58:02 +0300 Georgi Guninski wrote:

...

...

For maximum safety: ;)

1. Put the phone in airplane mode 2. Physically remove the battery 3. Put the phone in tinfoil faraday cage as explained here 4. Put the faraday cage in the microwave oven

1. get a hammer 2. use it

3. Stop organizing large numbers of people to do anything offline, it is completely worthless, it is laughable that Mexicans are destroying government buildings to resist the narcostate, what dorks, they use phones, they and the journalists murdered there should be completely ignored by Twitter accounts with millions of followers in favor of David Miranda 4. Cypherpunks using sekrit crypto should become Bitcoin billionaries because once they have tons of money, they will be normal, average, amicable billionaires like Pierre Omidyar and lead us to social justice just like other oligarchs have throughout history, only this time it will be even better since computers are cool

On Tue, 5 May 2015 22:27:30 +0000 Ron Perry wrote:

On Tue, 5 May 2015 16:35:33 -0300 Juan wrote:

...

On Tue, 5 May 2015 14:58:02 +0300 Georgi Guninski wrote:

...

For maximum safety: ;)

1. Put the phone in airplane mode 2. Physically remove the battery 3. Put the phone in tinfoil faraday cage as explained here 4. Put the faraday cage in the microwave oven

1. get a hammer 2. use it

1. Switch on phone 2. Leave it at home, always 3. Use your phone location as alibi

Ha. That's a good one.

Caveat: Keep in mind that your phone, smart or not, will be transmitting on a regular basis trying to poll for cellsites. Encasing your phone in a tinfoil wrapper or other tightly fitting metal case will SERIOUSLY affect the Standing Wave Ratio (SWR) of the radiating 'antenna' (now days, because everyone thought antennas were ugly, or inconvenient despite the fact they dramatically improve phone performance that's about every metal part in the phone's chassis), and may shorten it's life. The communications frequency equivalent of putting a metal object in a microwave oven. On 05/02/2015 05:21 PM, Mirimir wrote:

I don't use smartphones, and so don't know what works best. Searching on "detect IMSI catcher" yields hits for Android, but I see no apps for iOS. AIMSICD looks like a good app. Maybe someone who knows this stuff well can recommend one.

For the Faraday bag, see http://www.instructables.com/id/RFID-Secure-Wallet/. It's easy to test. Just put the phone in the bag, and call it. If it rings, there are leaks.

The hardest aspect is getting good electrical contact on all seams, including the access flap. The maximum dimension of any hole in the bag must be small, less than an inch. A gap at the seam that's an inch long, even if it's very narrow, will leak a lot.

The other thing to keep in mind is that aluminum foil gets brittle with bending, and will crack. So you need multiple layers, and the layers must be in electrical contact. Narrow strips of double-stick tape between layers are OK to provide structural stability. But it's a trade-off.

On 05/01/2015 09:38 AM, Y G wrote:

Is there any way that the protests could use help on the tech front? I heard a bunch of things about the Baltimore PD being sure to keep track of livestreams and I think also checking Twitter photos? So maybe someone running their own StatusNet or Pump.io or something, so that the Baltimore PD aren't at least getting the data firehosed from the source? (Of course, that would require getting the message out to everyone to switch...)

One of the high profile sites covering the Baltimore protests, FergusonAction, is being 'protected', including dedicated DNS, by Cloudflare. That means Cloudflare, owned by the creator of "Operation Honeypot" and known to be quite friendly with the feds, 'haz all ur metadataz' I discovered that this morning and tumbl'd it, with the rest of what I know about Cloudflare, here: http://auntieimperial.tumblr.com/post/117874632894