/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M The Digital First Aid Kit Introduction The Digital First Aid Kit aims to provide preliminary support for people facing the most common types of digital threats. The Kit offers a set of self-diagnostic tools for human rights defenders, bloggers, activists and journalists facing attacks themselves, as well as providing guidelines for digital first responders to assist a person under threat.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M Helpful Resources Secure Communication This section will provide you with guidance on ways to establish secure communication when reaching out for help when confronted with a potential digital attack. As a general rule, it is important to understand that most ’normal’ communications tools are not very secure against eavesdropping. Mobile and landline phone communication is not encrypted and can be listened to by governments, law enforcement agencies, or other parties with the necessary technical equipment. Sending unencrypted communication is like sending a postcard, anyone who has access to the postcard can read the message. Sending encrypted communication is like placing the postcard inside a safe and then sending the safe, which only you and those you trust know the combination to and are able to open and read the message.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M CPJ URL: https://www.cpj.org/ email: [email protected] RSF URL: http://en.rsf.org/ email: [email protected] Access URL: https://www.accessnow.org/ email: [email protected] PGP key fingerprint: 6CE6 221C 98EC F399 A04C 41B8 C46B ED33 32E8 A2BC Digital Defenders Partnership URL: http://digitaldefenders.org/ [email protected] Freedom House URL: http://freedomhouse.org/ Internews URL: https://www.internews.org/ IWPR URL: https://www.cyber-arabs.com/ Open Technology Fund URL: https://www.opentechfund.org email: [email protected] PGP key fingerprint: 67AC DDCF B909 4685 36DD BC03 F766 3861 965A 90D2 1. When seeking help, also remember that the device you are using might be the subject of the attack. In order to establish a secure line of communication with a person who can help you, it may be necessary to contact them from an alternate, trustworthy device.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M If you believe your communications are being targeted, you must stop using the communications services/accounts that you believe are compromised immediately. Create a new account and remember not to re-use your existing usernames, passwords or email accounts as you seek help.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M registration) and can reveal your location. These tools do not protect against this, they only encrypt the content of your communication. Android ChatSecure by The Guardian Project [https://guardianproject.info/apps/chatsecure/] integrates with desktop chat Clients like Jitsi and Pidgin (using Gchat or Jabber/XMPP) and adds end-to-end encryption and the ability to send encrypted files, photos and audio.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M Account Hijacking Are you having a problem accessing an email, social media or web account? Does an account show activity that you do not recognize? There are many things you can do to mitigate this problem.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M Step 1: Answer the following questions for yourself: Who might have access to your account (friends, co-workers, spouse, children)? What devices (computer, phone, tablet) have you used to access the account? In what physical locations have you accessed these accounts (home, office, cybercafe, wifi network)? Step 2: Do you use the same password on other accounts? If so, perform the same checks on those accounts. Create new, unique passwords for each one.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M What happened? What sort of device are you missing? A computer, mobile phone, tablet or an external hard drive? When and where did you lose the device? How did you lose the device? Was it stolen by another person, taken by a state authority or did you simply lose track of it? Is the device still missing? What kinds of security protections did the device have? Was the device protected by a password or other security measures? Which operating system was running on the device? Was this a legal version, or was it an illegal, jailbroken or rooted version? Does the device have full disk encryption turned on? What state was your device in when it was lost? Were you logged in? Was the device on but password-locked? Was it sleeping or hibernating? Completely turned off? Do you have remote access to the device? What was on the device? Make an inventory of the different types of sensitive information that was on your device.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M level of risk you’re facing, you may want to treat the device as if it is now untrusted or compromised. Ask yourself the following questions and assess the risk that your device has been compromised: How long was the device out of your sight? Who potentially could have had access to it? Why would they want access to it? Are there signs that the device has been physically tampered with? For more extensive threat modeling assistance see the Surveillance Self Defense Guide.
/1$PdhSvxKOM5M https://hackpad.com/ep/pad/static/PdhSvxKOM5M Prevention is the key to mitigating the risk of having your device seized, lost or stolen. However, simple actions can protect the data on your device if it is seized. Think about encryption, passwords, pin code locks for cell phone backups, tools that allow remote data wipes, installation of alert software in the case of theft. Prey Anti-Theft is a useful cross-platform and open source device tracking tool.