Digital resistance: security & privacy tips from Hong Kong protesters
Full digital gear: Telegram, Protonmail, AirDrop, FireChat, Bridgefy, PrivateBin, Fingertrapp, What3Words, Tor, VPN, prepaid SIM-cards, burner phones.
Disclosure: in this article we focus on tech, rather than politics. If you disagree with any information below feel free to participate in the discussion. If you think that I’m a pro-US shill, then read my article about US imperialism. I own BTC, ETH, BCH, and other coins, but my portfolio is heavily diversified, so I don’t have financial incentives to shill for any particular coin. This article is brought to you by privacy-oriented peer-to-peer crypto trading platform LocalEthereum.
HK youths: Hong Kong is not China!
Chinese: Hong Kong is a part of China!
Me: Hong Kong is a Cypherpunk Harbour!
In the previous article we’ve discussed how protesters make collective decisions using platforms such as LIHKG, Reddit, and Pincong.
Decentralized governance: inside Hong Kong’s open source revolution (LIHKG, Reddit, Pincong…
Dear passengers, welcome to Hong Kong, Cypherpunk Harbour. Please wipe out your chat logs, photos, browsing history…
There are many articles and videos describing protesters’ full riot gear, but there is not much material about their use of cutting-edge security & privacy technologies. In this article we will examine HK protesters’ full digital gear, which can be used by any activists around the world from Catalonia to Chile. We will talk about different apps, but let’s start with an encrypted messaging app Telegram, which is essential in HK protests movement and it experienced powerful DDoS attacks in June during massive Hong Kong protests.
General phone security tips
There is always a trade-off between UX and privacy/security, but when your life is at stake, you tend to value safety more than convenience. HK protesters widely share many guidelines and privacy tips, most of which will be useful for activists around the globe, so let’s look at all those tips.
Firstly, activists prepare their phones:
- Purge WeChat and other Chinese apps or at least disable audio & location permissions, and log out when apps are not in use
- Disable FaceID & FingerID which an adversary can use to unlock victims’ phones without their consent
- Set up SIM card PIN (iPhone, Android)
- Lock a phone with a long and complicated PIN
- Delete any sensitive information from the phone (chat logs, photos, videos, browsing history, YouTube history)
- Use Tor (Orbot for Android) or a VPN (ideally, paid with crypto without any link to user’s ID, or with anonymous debit cards from grocery stores)
- Download Brave browser and always use private tabs for browsing. Alternative: Firefox browser with privacy addons. (Update: here is an interesting Firefox vs. Brave discussion.)
- Set DuckDuckGo as a default search engine in the browser settings
- Download Telegram app
- Lock Telegram and other sensitive apps (messengers, gallery, notes, contacts, etc.) using “Restrictions” on iPhone or “App Lock” on Android
- Hide Telegram app from the homepage with “App Lock” on Android
- Some hardcore activists don’t allow Telegram any permissions such as Camera, Contacts, Location, Microphone, Telephone, Storage (optional, because doesn’t allow to send photos and videos from phone’s memory)
- Since a well-funded adversary can potentially discover user’s phone number, advanced activists register a Telegram account using a prepaid sim-card that is not linked to user’s ID (ideally, an activation code is received on a cheap burner phone to avoid being identified via IMEI). Alternative: activists receive an activation code using burner-like apps such as Cover Me or TextMe Up. Another option is to use VoIP like Google Voice or MySudo.
- Set up Passcode Lock to protect secret chats
- Use Two-Step Verification to protect an account from a SIM swap attack
- Set up a username to use it for exchanging contacts instead of a phone number
- Optional: set up Proxy if a VPN or Tor are not used
Many activists also adjust other Privacy & Security settings for more safety:
- Who can see my phone number? Nobody
- Who can find me by my number? My Contacts
- Who can see your Last Seen time? Nobody
- Who can see my profile photo? My Contacts
- Who can add a link to my account when forwarding my messages? Nobody
- Who can call me? Nobody
- Who can add me to group chats? My Contacts
- Disable Sync Contacts
- Disable Suggest Frequent Contacts
- Map Preview Provider: “Telegram” or “No previews”
- Disable Link Previews in Secret chats
Side note: some privacy settings don’t have “Nobody” option, so hardcore activists choose the most secured option in the list, which is “My Contacts”, even if they disable contacts permission.
Telegram usage tips
When exchanging contacts, advanced activists exchange only usernames not to expose the phone numbers. Side note: a username can easily be changed.
Activists use “secret chats” to enable end-to-end encryption, which is disabled by default, and they set up a self-destruct timer, so all received messages are auto-deleted after a certain amount of time.
During early stages of protests, activists often used anonymous Telegram surveys to make collective decisions on the ground, e.g. whether to disperse or continue the confrontation with the police.
Highly paranoid activists with disabled sync and permissions have to manually backup all new valuable contacts and store in a safe place, because they won’t be able to retreat those contacts if they lose the device.
Extra: activists occasionally check “Active Sessions” to make sure that a current account is used only on one device.
Here is a big list of public Telegram channels that spread information about the HK pro-democracy movement.
This article is brought to you by privacy-oriented peer-to-peer self-custodial end-to-end encrypted marketplace LocalEthereum, where you can buy & sell ether (ETH). To start trading, create a new password-protected account or log in with your favorite wallet such as Ledger, MetaMask, or mobile apps like imToken.
Telegram history crash course
Telegram was developed in 2013 by brothers Nicolai and Pavel Durov, Russian entrepreneurs currently in exile after a confrontation with Russian government over the social media platform VK regarding users’ privacy and freedom of speech. Durov brothers founded VK in 2006, but they were later pressured to sell and left the company.
Digital Resistance movement became popular in Russia in 2018 when the government tried to block Telegram due to its high level of privacy and a surge of politically-oriented anonymous Telegram channels critical towards the Russian government. Authorities blocked more than 15 million IP addresses including servers operated by Google, Amazon, Microsoft, and Digital Ocean, so many popular websites and apps experienced outages during a few weeks of a standoff. Telegram users, however, received push-notifications with new network settings multiple times per day, so most people were able to use an app without a VPN. Eventually, the Russian government gave up on trying to block Telegram. Other authoritarian governments usually solve this issue by importing China’s surveillance and censorship technologies, but for Russia, I guess, the national security concerns are more important, so they don’t use China’s technologies, therefore Telegram can still be accessed freely from most ISPs.
Side note: Internet in Russia is heavily censored, e.g. even LinkedIn is blocked.
Since the start of Digital Resistance movement, Telegram became very popular in crypto space and in highly oppressed regions such as Russia, Iran, Hong Kong, etc.
Hong Kong Digital Resistance
In order to confront the 50 cent army (Chinese state-backed trolls) and spread the word across the world, HK activists started massively signing up for western social media platforms. However, openly criticizing CCP is very dangerous, so most Hongkongers take care of their privacy using the best practices known in the crypto space. Let’s look at those practices:
- Use Tor or a VPN (ideally, paid with crypto without any link to user’s ID, or with anonymous debit cards from grocery stores)
- Create an email address using privacy-oriented email providers (e.g., ProtonMail) that will be used only for signing up for social media platforms.
- Do not use this email address for any other communication, because the address should stay secret, so a potential adversary will have to discover an email address, password, and bypass 2FA (if set) in order to break into an account.
- Do not use two-factor authentication via SMS, because it can be used to break into an account with a SIM swap attack. If the platform supports two-factor authentication via TOTP (Time-Based One-Time Password), then use it instead.
- Do not scan TOTP 2FA QR code, but rather type in a secret key manually, and don’t forget to back it up.
- After registration to a social media platform, activists hide their email addresses from public in the account settings.
- If the platform requires a phone number for registration, then activists use either prepaid SIM cards that are not linked to their IDs, or VoIP and burner-like apps. Ideally, the phone number should be detached from the account after the registration to protect from a SIM swap attack.
- Activists use complicated passphrases that consist of multiple random words, e.g. “correct horse battery staple”, which are easier to remember but harder to break than “Carr13Lam777”.
When recording videos, activists often prefer streaming services to avoid videos being deleted from the phone if the device was lost or confiscated.
Activists often use AirDrop service on iPhones, which allows pseudonymous sharing of important information “on the ground” over Wi-Fi and Bluetooth.
FireChat or Bridgefy
In the absence of an internet connection, activists sometimes use FireChat or Bridgefy messengers to chat with each other using peer-to-peer connection via Wi-Fi and Bluetooth (meshnet). However, Bridgefy requires a phone number for registration.
In some extreme cases activists use a Private Bin service if they are afraid that the message can be intercepted. Here are some interesting use-cases:
- Activists create a pastebin with a “burn after read” feature enabled, encrypt it with a password, and then share a link over the suspicious communication channel. If upon opening a link, the bin has already been deleted, then the message has been intercepted by an adversary, so the communication channel is not secure. Side note: a pastebin is deleted after opening a link even if it was not decrypted with a correct password.
- Activists share a link to a pastebin and a password for it via two different communication channels to make sure that an adversary won’t be able to access the important information even if he intercepts one of the messages.
- When activists temporary don’t have an access to a trusted channel of communication, they encrypt a message using a pre-agreed password and set expiration time (e.g., 10 mins, 1 hour, 1 day). Then they share the link in a group, knowing that only activists with a correct password will be able to decrypt the message. For security reasons passwords are changed periodically and shared face-to-face or via a trusted channel of communication.
Whistleblowers use Fingertrapp to clear English-language docs from hidden characters that can identify an employee that leaked the evidence. However, the app currently supports only English, Korean, Russian, and Devanagari.
Advanced activists use What3Words to set up a location for a private meeting (e.g. flock lock photocopy), especially if they don’t know each other and will meet for the first time. What3Words has some advantages over other maps:
- You don’t need to be physically present at the spot to get the 3 words representing the precise location
- It’s easy to find a person if you know the exact 3x3m square he will be in
- It’s essentially just GPS locations but in 3 words which people can easily remember and share
- You don’t need GPS or internet to get the location if you have the app
- Don’t need to have the app to get a location if you have an internet connection (i.e. getting locations works through the browser).
- It’s easier to hide 3 random words into any text to obfuscate the location of the meeting for a conspiracy purpose
Here are some other ways activists protect their identities during protests.
People wrap their HK IDs, subway cards or credit cards with an aluminum foil (tinfoil) so adversaries can’t track them by remotely scanning the radio frequency identification chips embedded in the cards.
Ideally, protesters leave their main phones at home and use cheap burner phones when attending events. Many hardcore protesters don’t carry any phones, but rather communicate face-to-face or with walkie-talkie.
Using phone during protest
If activists bring their phones to events, then they take extra precautions:
- disable GPS
- turn on an “airplane” mode when the phone is not in use
- log out from all social media apps, so adversaries won’t get an access to activist’s accounts if they obtain and unlock his phone
- beware of CCTV cameras when checking a phone, because cameras can capture passwords and other sensitive information such as account names, phone numbers, chat logs, etc.
Activists often use umbrellas not only as shields against riot-control weapons, but also to hide their activities from cameras.
Protesters hide their faces with all kinds of facial masks, goggles and caps.
People can be identified not only with face recognition technologies, but also by specific hairstyle, hair color, shape of ears, tattoos, piercings, freckles, unique cloths, the shoes style, etc. Thus hardcore activists cover all body parts with simple black cloths without brand names.
If there was a specific dress-code (e.g. all black) then many activists change the cloth into something brighter before commuting home to avoid being targeted by police or pro-government radical groups.
Activists use cash to buy protective gear and MTR tickets when commuting back home from the protests.
China is exporting censorship and surveillance technologies across the world, while Hongkongers teach us how to use privacy-oriented technologies to protect our freedoms.
“One country, two systems” principle will officially end in 2047, so many of those who will fight for the freedom in 2047 are not even born yet. What values that generation will carry and how much freedoms will Hongkongers have after 3 decades? We don’t know that yet.
But what we know for sure is that Hong Kong has already reached a generation of youth who cares less about academic and financial success, than political freedoms and civil liberties. The new generation is young, bold, tech-savvy and they are protesting from early ages.
Disclaimer: I am not a licensed financial advisor, and this article is not a financial advice. The information presented here is for educational purpose only, it represents my personal opinion, and is not purported to be fact. Seek a duly licensed professional for an investment advice.
Read this article to learn how the modern financial system evolved from commodity money to absolutely unbacked fiat money, how the US dollar became the world’s dominant currency due to the petrodollar warfare, how the aggressive US foreign policy accelerates the de-dollarization process, how many countries (China, Russia, Iran, Venezuela, etc.) lean towards cryptocurrencies in order to bypass US economic sanctions, and how China expands its empire via Belt and Road initiative, challenging the US dollar’s domination with petroyuan.
How to onboard your folks to crypto #1: from gold to petroyuan & de-dollarization
History of money is a very sensitive and controversial story that shows us the dark side of human nature through…
- Help inform people about privacy & security by clapping 50 times 👏
- I only write quality content about cryptocurrencies, blockchain, privacy & security, and Hong Kong. Follow me on medium, twitter, or mastodon, and you won’t regret that.
- Send me a direct message on twitter or linkedin if you want me to help improve your project, white paper, website, or sponsor my next articles.
- Use the most secure, private and intuitive way to swap ether (ETH) with others for your local currency — LocalEthereum.
Thanks to Mattias Nystrom for a review.