This documents is designed to be shared with activists interested in organizing in 2025. This is not comprehensive, nor is it designed to be one-size-fits-all. I REPEAT THIS IS NOT ONE SIZE FITS ALL. It's a general document for normies and is comprised of my opinions as a cybersecurity professional. Everyone has a different threat model and I do not presume to know everyone's or assume that I know what's best for everyone. This document is also not designed with any specific threat model other than: "How do I limit the ability of technocrat enabled facists to easily know what I am up to?" As always with security measures the more comprehensive you are, the better protected you will be. Following as much of this guide as is reasonably feasible for you will help reduce some of your digital footprint. For substantial threat surface reduction CONSULT YOUR LOCAL CYBERSECURITY PROFESSIONAL to help you threat model what is most appropriate for your scenario.
- Surveillance cameras - Incidental collection - Physical security - movements - group organization - public mobilization - general online privacy
Operational security is key to ensuring that organizational activity is not interfered with.
Elle Armegeddon wrote this excellent guide.
https://archive.org/details/opsec-for-activists-by-elle-armageddon/mode/2up
Surveillance cameras are nearly ubiquitous and there is Incidental collection nearly everywhere. Facial recognition, gait analysis, clothing are all factors that can be used to identify you on surveillance footage.
The EFF has published their Atlas of Surveillance
https://atlasofsurveillance.org/ and it is an excellent resource to consider for activists.
OSINT Framework - use the tools here to research people of interest
https://osintframework.com/
Veilid - emerging project for secure comms:
https://veilid.com
Meshtastic - emerging project for off grid secure comms:
https://meshtastic.org
THE Privacy OS:Hardware limitations apply, and substantial quality of life connectivity through google services must be given up.
https://grapheneos.org/
Private Email Hosting:
https://tuta.com/secure-email
Mullvad VPN:
https://mullvad.net/en
Leave no trace:
https://www.notrace.how/
Surveillance Atlas:
https://atlasofsurveillance.org/
Detect Stingrays Detect stingrays and contribute to the larger knowlege base.
https://www.eff.org/deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying?language=en
https://github.com/EFForg/rayhunter
The Big List of Protests:
https://theblop.org/
DeFlock Flock ALPR License plate reader locations:
https://deflock.me
Zoom/GoogleMeet/Teams Alternative: Note: Not fully anonymous for host/moderator. No sign in required for participants.
https://meet.jit.si/
https://moderated.jitsi.net/
- Do not use "Smart Locks" or lease apartments with RFID/NFC apartment keys. RIFD/NFC locks are easier to brute force (pick) than a standard tumbler pin lock. And are often configured with insecure default keys.
- When in public, be aware of your surroundings and look for opportunity to blend into crowds.
- Wherever possible, where non-descript neutral clothing that does not stand out.
- Conversely, wear distictive and easily identifable clothing when you are traveling routine paths of travel where you want to be identified easily in surveillance footage.
- Wear a hat, sunglasses and N95 mask wherever possible.
- Know all possible back routes out of your place of residence, including non-descript routes.
- Be aware of the locations of surveillance cameras near your home, pay attention to locations of doorbell cams.
- Regularly inspect your vehicle for tracking devices.
- Regularly inspect you personal effects and clothing for tracking devices like AirTags.
- Note that every device you carry on you with bluetooth or wifi is emitting a unique identifier that can be recorded with commodity hardware.
Burner phone tips:
- DO NOT USE BURNER Phones without extremely good discipline.
- Buy burner phones with cash, have someone trusted buy them for you if possible.
- Prefer models with removable batteries.
- Prepaid only.
- Do not buy burner phones all from the same place.
- Prefer places with minimal security like a small independently owned shop in Chinatown.
- Do not turn on burner phones in proximity to your home, office, or your other devices.
- Faraday bag for your devices when turned off.
- Do not connect burner phones to your home or office network.
- If possible - buy burner android phones compatible with Graphene OS and install that - https://grapheneos.org/
- Do not use android phones without Graphene OS.
- Apple:
- If feasible put your devices in LockDown mode.
- Use the security checkup feature regularly to see what apps have access to what data on your phone.
- Fully reboot your phone weekly at a minimum.
- set a passphrase, not a PIN. (long is strong)
- Turn on stolen device protection
- Set up account recovery key and store safely offline
- When turning off Bluetooth, Wifi; make sure you go into settings. The control center controls do not fully disable these.
- Do not have personal devices in proximity with burner phones without one being powered off and in a faraday bag.
- When traveling to meet with a source, co-organizer, meeting, etc.
It's important to consider how you are getting there, take longer routes that divert through
different modes of transport, cut through buildings, subways, and use taxis paid with cash.
- When using public transport with payment card, load with cash value from a kiosk, pay cash;
change metro cards frequently.
- Disable location services on your primary phone if you must take it; otherwise bring only your
burner, and ensure you are leaving any AirTags at home.
- Modern Apple devices all have "Find My" wideband BTLE broadcasting, even when powered off.
Faraday bag any Apple devices you need to take with you.
- When considering routes, doubling back multiple times while changing modes can help lose potential tails.
- Consider automated license plate readers in parking garages and elsewhere in public.
This data is aggregated and sold into the Surveillance economy.
- When going to protests, if social media plays a part in your movement, be sure to leave
your personal devices at home. Take protest specific devices, unconnected to all of your personal accounts.
The most important step is to make sure you can communicate securely without being surveilled.
You need a way to communicate privately with your peer group and a way to stay up to date with what's happening
around you and where demonstrations are taking place.
- Keep key leadership cell tight
- Use Signal for all communications
- Vet new leadership with OSINT
- Establish a "Go to ground" protocol
- Set up burner phones with Signal, Cloudflare Warp
- Pre-connect new Signal accounts on each device to each other
- ensure disappearing messages are set for no more than 4 hours
- Keep phones charged and ready with backup power bank in a faraday bag
- practice "Go to ground" protocol monthly at a minimum
- Keep sensitive communication off devices with "AI" tools installed
- DO NOT USE TELEGRAM, WHATS APP OR GROUP ME.
- Arrange group hierarchy such that if one group or person is compromised,
the security of the organizing is not impacted.
- Core trusted group for key leadership - keep as small as possible (4 or less ideally)
- Secondary and Tertiary groups with larger memberships designed for spreading key information for the movement to progress, and organizing protests.
- Keep any direct actions to core group selected on a need-to-know basis.
- Consider using alternative communication channels during direct actions, independent from cellular and internet connectivity requirements
- Do not plan direct actions in recorded forums, video calls, conference calls where guarantee of eavesdropping
prevention or transcription is not possible.
- DO NOT PLAN DIRECT ACTIONS THAT COULD RESULT IN DEATH OR INJURY.
- Keep your direct actions legal and free of harmful things that could lead to someone getting hurt or killed.
No direct action is worth loss of life or injury.
- Do not plan or knowingly participate in direct actions that result substantial in destruction of property. Leave that to the professionals willing to risk their personal freedom.
- Social Media accounts for directed action - Social Media can be super important in helping get the message out.
When using social media there are some things you can do to reduce your chances of getting doxxed, however its important to remember that social media also plays an important part at protests.
- Use a dedicated device for the social media activities if possible
- Use an alias account name
- Do not use email accounts connected to or accessed from your home network or personal devices
- Ensure that MFA is setup with device or app based - do not use SMS
- Ensure that the password reset methods from an un-logged in device do not reveal email address information that could be used to identify you.
- Do not share pictures taken in your home.
- Practice extreme discretion in revealing personal information about yourself, your background, what you look like, where you live, where you work
- Consider a "Public Identity" persona with first and last name you can use to mis-direct identification/unmasking. (ie: John Smith)
- Do not access these accounts from personal devices ever.
This document orginated from a threat modeling conversation wherein we were determining how easy it would be to implement any of the myriad of suggestions being discussed by numerous experts in the cybersecurity field, from the perspective of someone excerising their free speech rights in a technocratic America.
This site was intitally a repository of those discussion notes converted to simple html.
The site is shit.baby as in: "You want to do some shit baby?" or "Let's avoid some surveilience shit baby."
The HTML is trash intentionally. Get over it.