feature image via Newsweek.
I know I said last week I wasn’t gonna do it. Too many people have already done it, and they’ve all done it really well. But it is important for this community, some members of it more than others, to protect their digital information in the time of Voldemort. So here I am writing about it: you have to take measures to protect your information, especially if you’re organizing to resist the white nationalist administration. Even if you’ve felt cybersecurity fatigue—and I know I have—you’ve got until January to remedy it. Why, you ask? Just take a quick gander at Violet Blue’s piece on how Trump feels about cyber security. Here’s an excerpt:
As we know, everything with Trump has to do with his likes and dislikes. And he likes surveillance, as evidenced in his personal phone-spying practices, and he likes the NSA’s spying. In fact, Trump is an outspoken supporter of government surveillance, and in his words, the NSA “should be given as much leeway as possible.”
He told The Daily Signal, “I support legislation which allows the NSA to hold the bulk metadata. For oversight, I propose that a court, which is available any time on any day, is created to issue individual rulings on when this metadata can be accessed.”
Mr. Trump didn’t like Apple refusing to unlock the San Bernardino shooter’s iPhone for the FBI this past year, and his reaction to the case is instructive. When it was brought to his attention, Trump said Apple should be forced to allow the FBI access to the phone’s contents. “I think it’s disgraceful that Apple is not helping on that. I think security first, and I feel — I always felt security first,” he said. “Apple should absolutely — we should force them to do it,” he said.
While Blue deals mostly with how national and international cyber security policy will be affected (very, very negatively), her excellent essay also makes it clear that the American people are about to be surveilled like never before. But Trump has already made it clear how hard we’re going to be surveilled. He’s setting up a registry for chrissakes, and using Japanese internment camps as a precedent. I MEAN COME ON.
So I’m here to present you, a community whose members are likely to be specifically targeted by an administration that wants to register us, deport us and believes electroshock will turn us straight, with some excellent resources and some good first steps.
Access Now’s Recommendations for Activists
Let’s start with this infographic from Access Now:
This infographic is targeted toward activists but has useful information for all (though let’s be real, I’ve seen all of y’all get active during this time).
Privacy Badger and HTTPS Everywhere
You’ll notice that two of these links are from something called eff.org. That’s the Electronic Frontier Foundation, an organization going to bat for your rights in a digital world. Privacy Badger blocks ads and trackers and you can get it for Chrome, Firefox and Opera. HTTPS Everywhere encrypts your communications with sites around the web and is available for the same browsers as Privacy Badger. Donating to the EFF is a pretty good idea as well—and you have the option to make that donation recurring, which is good for sustaining organizations likely to be drained by Trump’s policies.
Signal and Slack
I mentioned Signal last week, but if you want to chat about anything you wouldn’t want Voldemort to hear, do it on Signal. Signal is a secure messaging service for iOS and Android. It’s free. It’s encrypted. No reason not to. What’s not on this graphic is Slack. Did you know that Slack is encrypted*? I didn’t either. Our very own Cee Webster pointed this out to me. While Slack was created with work in mind, your “team” can be anyone you like. So go forth and jam, Straddlers. Or should I say, go forth and organize.
*this has been edited! I originally wrote “end-to-end” which is not what I meant! That is what happens when I write without the proper amount of tea by my side.
Me and My Shadow
The last link on this graphic links to something called Me and My Shadow. It’s a beautifully designed website that teaches you exactly how digital traces tell a story about you online. I haven’t gone through it all yet, but plan to over tea this weekend. Join me on that? I think we could all learn something about it.
A DIY Guide to Feminist Cybersecurity
We’ve recommended A DIY Guide to Feminist Cybersecurity before, and I’m here to do it again. Created by Noah Kelley of HACK*BLOSSOM, this DIY guide helps you make decisions that are right for you so you can exist safely online. This guide is meant to be comprehensive, so it’s long and probably deserves a read over tea. What I absolutely LOVE about it, though, is that you don’t need to wait until you’re an expert to get started—there’s a handy cheat sheet section that lets you make decisions quickly and flesh out your knowledge later. Considering the time crunch we’re all under (me included) to get our house in order, it might be best to start there.
The Smart Girl’s Guide to Privacy by Violet Blue
Hey, remember that excellent article we started this post with? Well Violet Blue, author of said article, also wrote this book about privacy online. It costs ten dollars on Kindle and you can get a sample to try it out. What I like best about it is it not only teaches you about privacy and technology, it teaches you strategic thinking. And it does it all in plain English. It assumes a female reader, but this book will be useful for anyone in our community who wants to protect themselves from a white nationalist administration, but also from those empowered by it to do harm online and in physical spaces.
Things To Know About Web Security Before Trump’s Inauguration: A Harm Reductionist Guide
H, the author of this guide, is super real about all this. One of the reasons I like their guide is that they think hardware too—they remind you that your phone is locatable. And Cee confirmed that one as well—”Turning your GPS off does not change that They can triangulate your location via the cell towers—they’ve been doing that since the early 1990s. Or late 80s even!” So if you don’t want your location known, favor a cheap, pre-paid phone. They also write this excellent point about bugging your friends:
You downloaded Tor, got a VPN, only message on Signal, encrypt your email and send the key to your friend via messenger pigeon. They open your email on Starbucks wifi, copy and paste the contents to their Yahoo mail drafts folder, then post the info to a FB thread. If you’re going to do it, annoy your friends about it too.
Security In A Box
One of the things both Cee and H recommended is Security in a Box. It’s another explainer, so get prepped to settle in for some reading on this one too. I really like the examples given by the fictional scripts, featuring Claudia and Pablo, who have some information they’d like to keep private. It helps contextualize the information and explain why it’s important.
We’ve written about Protonmail before. It’s encrypted email. You can even send emails that disappear after a set amount of time. I still don’t think it’s usable on the daily without some of the features I rely on for my work, but it’s CERTAINLY perfect for those who need to send emails that you wouldn’t want Voldemort to read. They have a free account and a couple paid options.
Crash Override Network
If you get doxxed by any of Voldemort’s followers, Zoë Quinn has got your back with Crash Override Network. If you’re experiencing online abuse, email them. Their services are free and confidential because they’re awesome. Highly recommend.
This Is Important. We’re Doing It Too
Y’all, I might be your Geekery Editor, but I’m also a chaos muppet. Sometimes I suffer from security fatigue too, and sometimes I’m just a whirlwind of a person and I leave out steps. It’s who I am. So I’m committing to do this to my own technology as well, before Voldemort officially ascends to power. And I’m going to try my very best to provide you with more information on your own digital security. You may also have noticed a change in Autostraddle over the past week. Here’s Cee with more about that:
“This week I switched the website over to SSL only. You may have noticed the https in the URL or the lock icon, or you may have noticed a few buggy pages during the week. I’m currently working on getting all our external stuff to load over https (including our ads, which is why you might not see any today). SSL is important for stuff like credit card data (which we had in place already for those pages), but also to limit eavesdropping of any data as it goes from your computer to our server. Metaphors are kinda silly for this, but helpful for some—it’s like instead of the page being delivered as a postcard that anyone can read in transit, it’s now sent in an envelope.”
If we all do our part to keep our information safe, we might be able to reduce harm in the coming four years. So what are you doing about your InfoSec?