18 Million Rising hosted this class. Here is the recording: https://youtu.be/j20ku2kr6ty. There’s also a document they provided with resources and links, here.
Their focus is on Community Organizers.
> Since our activities are shared digitally to the internet, letβs consider the legacy of colonization embedded within the technologies, structures, and ways of thinking we use every day.
> We are using equipment and high speed internet not available in many indigenous communities. Even the technologies that are central to much of our work leaves significant carbon footprints, contributing to changing climates that disproportionately affect indigenous peoples worldwide.
> We invite you to join us in acknowledging this as well as our shared responsibility: to make good of this time and for each of us to consider our roles in decolonization and solidarity. adapted from a digital land acknowledgement by Adrienne Wong of spiderwebshow
Digital Threats
- Marginalized communities have a long history of survelliance
- Threats from
- far-right
- ICE and border agents
- social media censorship
- tracking (ebt, metrocards)
- facial recognition
- social security scams
- phishing
- data breaches
- police surveillance
- security camers
- bad tech policies
Risk Accessment
- what or who do I want to protect?
- who do I want to protect it from? who are my adversaries?
- how motivated and capable are they to get it?
- what happens if they do get it?
- what am I willing to do to prevent that?
Digital Security Is…
- community defense
- harm reduction
- an ongoing practice
- a balance between security and convenience
Accounts and Data
strong passwords
-
use strong password generators
-
length
-
complexity
-
keep it updated
-
avoid personal details
-
keep it unique! donβt reuse passwords
-
practical + memorable β passphrases
-
password managers
-
generates strong passwords + 2fa codes
-
secure password and sensitive data storage in cloud
-
autofill feature
*resources
- security.org/how-secure-is-my-password/
- bit.ly/18mr_pw (all caps)
- haveibeenpwned.com
2 factor authentication (2fa)
- extra layer of protection (beyond just username and password)
- recommended to enable alerts for unusual logins
- options
- sms
- authenticator apps
- 2fa keys
doxxing prevention and mitigation
- revealing identifying information about a person online with malicious intent
- Data can include Legal name, home address, workplace, contact info, photos, etc.
> phishing = tricking a person into taking an action or revealing sensitive data through fake emails, websites, or messages pretending to be from a reputable person or company.
> Malware – Malicious Software
Communications
Use Signal
- end to end encrypted
- use signal to share sensitive info
- avoid using legal name + photo
- settings
- disappearing messages
- admin controls in group chats
- note to self
- blur face tool
- keep your phone number private with signal usernames
- new feature: user names instead of phone numbers
Use alternatives
- Gmail
- ProtonMail
- Tutanota
- for Zoom, use Jitsi Meet
- Protect your files- encrypt them
- etherpad via Riseup.net
- CryptPad
- tresorit
- Reproductive Health Apps Considerations
- how the app stores and handles sensitive data
- could sold to third party marketers
- data could be shared with law enforcement
- Web Browsing
- Firefox, Tor, Brave, DuckDuckGo
- Privacy Badger- blocks invisible trackers
- Search Engine: DuckDuckGo
- doesn’t use cookies
- does not track and profile users
- does not collect or store personal info
- Google: myactivity.google.com to check
VPNs: Virtual Private Network
> a service that encrypts your internet traffic and disguises your online identity. this makes it more difficult for third parties to track your activities online and steal data.
- TunnelBear
- Mullvad VPN
Securing Your Devices
- update your phone and computer operating systems and apps
- face id and fingerprints are easily compromisable; turn off – esp during protests
- set up automatic lock on devices
- turn off location services when possible
DIGITAL SECURITY FOR IRL PROTESTS + EVENTS
- strong passwords for phones, not biometrics
- use signal to organize action and during attendance
- leave location trackers at home (smart watches, air tags, etc) + turn off bluetooth, wifi, gps
- use a faraday bag, screen protector, mic-lock
- protect privacy: mask up, avoid identifying photos
- remove metadata from images + footage
- disable message previews on lock screen
- leave signal threads before actions or delete apps
thank you! π