[liberationtech] best practices - roundup

Katy P katycarvt at gmail.com
Tue Oct 9 09:23:58 PDT 2012 

Best practices for traveling to an internet-hostile regime.

There is a lot of variance - obviously the regime's capabilities as well as
one's own visibility come into play.

And, if it isn't obvious, I'm not a security expert. This is not official,
legal advice. Everyone needs to research this on their own and make good
decisions for themselves.
If you're really not tech-savvy, it might be worthwhile to hook up with a
tech-savvy friend (or IT professional) to do some of these steps.

Regardless, here are some hints from the community:

BEFORE YOUR TRIP
- your laptop and mobile device should be ones that are fresh - factory
reset to the original operating system and best case would be "burners" --
devices that you can factory reset upon return home (some suggested also
using a bootable Linux install)
- do not link your Dropbox, GDrive, or other file service at any time
- do not be logged into GMail, social media sites, etc.
- be careful with what photos you have on your phone (before leaving the
country especially)
- have a virus scanner installed
- make sure that all software is up-to-date (Windows Updates, virus scanner)
- any sensitive data/documents should be on a USB drive, not kept in an
obvious place (like throw it in with your toiletries or something) with an
encrypted volume
- change all of your passwords to something very secure before your trip
- install TOR
- consider a mobile security app (Here's a review of some Android ones:
http://www.digitaltrends.com/mobile/top-android-security-apps/)
- encryption may be illegal and may cause more concern

AT THE AIRPORT:
- don't be logged into anything
- be polite
- don't be nervous

DURING YOUR TRIP
- when on WiFi, DNSCrypt http://www.opendns.com/technology/dnscrypt/
- set up a VPN connection
- never leave your devices anywhere (even hotel safe)
- assume phone conversations are monitored
- turn off GPS
- turn on encryption for your social media sites (Facebook encryption
http://www.facebook.com/help/?faq=215897678434749 Twitter
http://blog.twitter.com/2011/03/making-twitter-more-secure-https.html)
- some suggest having a different "burner" social media account
- be careful posting pictures and updates during trip

LEAVING THE COUNTRY
- if possible, it might be a good idea to do a factory reset on devices
before going to the airport (??)
- upon return, do factory resets of all devices
- change passwords upon return

Thanks to everyone that made suggestions.

--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list