Tactical Technology Collective - securityinabox.org

Mobile Security

anne — Sun, 20 Jan 2013 11:45:03 +0000

Read original article : Mobile Security

The mobile security section includes hands-on guides for a number of Freeware or Open Source smartphone applications which will help to make your smartphone use more secure. As with the hands-on guides for computer applications, they guide you through the process of downloading and configuring the applications, and include screenshots and step-by-step instructions to help you follow along.

The applications can be downloaded in .apk-file form from the developers' websites by following the link provided in the relevant hands-on guide. They can also be found either in the F-Droid repository or the Google Play store.

For security reasons, you should always try to use the current version of these tools. The included version of some tools may be more recent than the version that was used to create the corresponding Hands-on Guide. In such cases, the user interface of that tool may differ differ slightly from what is shown in the Guide.

The hands-on guides included in the mobile security section are currently only available on Android devices. However, they will be expanded to include iPhone applications in the near future.

From securityinabox.org

Orweb for Android Devices

anne — Tue, 15 Jan 2013 10:30:21 +0000

Read original article : Orweb for Android Devices

Orweb is an free Android-platform mobile phone application, created by the Guardian Project for browsing the internet anonymously in conjunction with Orbot.

Homepage

Orweb homepage

Phone Requirements

Android 1.6 and up

Version used in this guide

v2 (0.2.2)

License

FOSS (GPLv3)

Required Reading

How-to Booklet Chapter 8. How to remain anonymous and bypass censorship on the Internet
How-to Booklet chapter 10. How to use mobile phones as securely as possible
How-to Booklet chapter 11. How to use smartphones as securely as possible

Level: 1: Beginner, 2: Average, 3: Intermediate, 4: Experienced, 5: Advanced

Time required to start using this tool: 20 minutes

What you will get in return:

The ability to conceal your digital identity from the websites that you visit.
The ability to conceal your on-line destinations from Internet Service Providers (ISPs) and other surveillance mechanisms.
The ability to bypass Internet censorship and filtering rules.

From securityinabox.org

How to use smartphones as securely as possible

anne — Thu, 20 Dec 2012 11:33:50 +0000

Read original article : How to use smartphones as securely as possible

In Chapter 10: How to use mobile phones as securely as possible, we discussed the security challenges of using basic mobile phones – including issues with voice communication and text messaging (SMS/MMS) services. Those phones primarily (if not exclusively) use mobile networks to transfer calls and data.

Advances in technology now mean that mobile phones can provide services and features similar to desktop or laptop computers. These smartphones offer many new ways to communicate and capture and disseminate media. To provide these new functionalities, the smartphones not only use the mobile network, but also connect to the internet either via a wifi connection (similar to a laptop at an internet cafe) or via data connections through the mobile network operator.

So while you can, of course, make phone calls with a smartphone, it is better to view smartphones as small computing devices. This means that the other material in this toolkit is relevant to your use of your smartphone as well as your computer.

Smartphones usually support a wide range of functionality – web browsing, email, voice and instant messaging over the internet, capturing, storing and transmitting audio, videos and photos, enabling social networking, multi-user games, banking and many other activities. However, many of these tools and features introduce new security issues, or increase existing risks.

For instance, some smartphones have built-in geo-location (GPS) functionality, which means they can provide your precise location to your mobile network operator by default, and to many applications you use on your phone (such as social networking, mapping, browsing and other applications). As mentioned before, mobile phones already relay your location information to your mobile network operator (as part of the normal functions of the phone). However, the additional GPS functionality not only increases the precision of your location information, it also increases the amount of places where this information might be distributed.

It's worth reviewing all the risks associated with mobile phones discussed in Chapter 10: How to use mobile phones as securely as possible as all of them are also relevant to smartphone use. Chapter 10 covers issues of eavesdropping, interception of SMS or phone calls, SIM card related issues, and best practices.

In this chapter we'll take a look at the additional security challenges posed by smartphones.

...

From securityinabox.org

Social networking tools: Facebook, Twitter, and others

anne — Wed, 10 Oct 2012 11:40:57 +0000

Read original article : Social networking tools: Facebook, Twitter, and others

This chapter aims to help you navigate through the privacy and security settings of some popular social networking sites with a view to making their use more secure, or perhaps better said, less insecure. In particular, it gives step-by step guides in this respect for Facebook and Twitter, as well as some general guidelines for using YouTube and Flickr.

These social networking websites are the most popular and widely used social networking tools. They are owned by private companies and, as noted in chapter 10. How to protect yourself and your data when using social networking sites, these companies make their money by collecting information about users and selling it on to advertisers. Government crackdowns will target these sites first and block them, and the companies will cave into government pressures and censor when necessary. It may be worth looking at alternatives to these sites, such as Diaspora (http://joindiaspora.com), Crabgrass (http://we.riseup.net) Friendica (http://friendica.com), Pidder (https://pidder.net), or SecureShare (http://secureshare.org) which have been designed with digital security and activism in mind. The Social Swarm (http://socialswarm.net) is a think-tank run by a not-for-profit organisation which carries out discussions, awareness-raising and campaigns related to privacy on social networks, and may be a useful learning resource.

Other similar sites may be popular in different regions, so you way wish to explore other options. Before choosing one you should consider the following points:

Does it provide connection over SSL for all uses of the site, rather than just during login? Are there no problems related to encryption, such as problems related to encryption certificates?
Read the End User Licence Agreement and Privacy Policy or Data Use Policy carefully. How are your content and personal data treated? With whom are they shared?
What privacy options are provided for users? Can you choose to share your videos securely with a small number of individuals, or are they all public by default?
Do you know the geographical location of the servers, under which territorial jurisdiction they fall or where the company is registered? Are you aware of how this information relates to the privacy and security of your email activity and information? Will the site's owners hand over information if they receive a governmental request to do so?

From securityinabox.org