14ymedio, Havana, 19 July 2021
1. Use PIN or alphanumeric passwords
Use alphanumeric passwords of no fewer than 10 characters that contain numbers, capital letters, lowercase letters, and special characters. Don’t use a pattern lock, digital fingerprint, or facial recognition.
2. Encrypt your device content
Enable encryption of your Android or iPhone device, including the encryption of the microSD card in the case of Android devices with a microSD card slot. Enable BitLocker on Windows. If you have a device with a different operating system, search how to do it.
3. Encrypting files and folders
If you need to make a copy of files or folders to save to an external storage device or for another reason, use an ecryption app.We recommend GPG. Available for almost all platforms. Some training is required for its effective use. Extremely secure.
4. Password manager
Use a password management app. We recommend any in the KeePass family (KeePass2, KeePassDroid, Keepassium, etc.) Use the password generator in the app and generate passwords of 20 characters or more with the requirements mentioned in point 1. DO NOT save passwords in the browser, whichever one you use. NEVER save or copy passwords in notebooks, agendas, or files in plain text. There are various versions of KeePass for all operating systems.
5. Web browser
Use Tor. Set up secure erase at logout and configure DuckDuckGo as a search tool. There are versions of Tor for all operating systems.
6. Messenger service
Don’t use any type of SMS messenger system over the telephone network. Use secure messenger services. We recomend Telegram and Signal. Do not use or at least minimize the use of groups for very sensitive information. Both apps are available for all operating systems. DO NOT use WhatsApp, Messenger, or others.
7. Social media
Make the most of social media as a platform for public denouncements and announcements. Minimize or eliminate completely their use for any activity that could expose personal data or activities that are not explicity public.
If you need a truly secure and anonymous email service, use ProtonMail. It has apps available for Android and iOS and a web version for computers.
Virtually no explanation is needed. Using a VPN allows you to access sites blocked by Etesca. We don’t have a specific recommendation for one: use the one that you like most or understand best, it’s even recommended to have more than one and use the one that works best at the time.
10. Cloud storage
Despite connectivity issues, it’s possible that you will need to have a network backup of some very important documents, such as your KeePass database or something similar. We recommend using Mega. It has end-to-end encryption. Important: It DOES NOT have a password recovery option. The MegaSync synchronization tool is available in versions for nearly all operating systems.
11. Portable operating system
If you do not want to leave any trace on a computer, use Tails. It is a GNU/Linux distribution to guarantee extreme privacy. It contains the necessary tools to navigate the web, edit documents, and more. All you need to do is start your computer from a flash drive with the system image, and you’re ready. Extremely intuitive and easy to use.
12. Faraday cage
Mobile phones, even when turned off, can have their metadata tracked and collected by Etesca. If you do not want this to happen, construct a Faraday cage for your phone. It can be made with tin foil (yes, I know that this is Cuba and there’s not even toilet paper, get creative). It is nothing more than a completely closed envelope made of some kind of metallic material in which you can keep a phone. Search online and you will see that it is extremely easy to do. (Recommended for those who are paranoid and have delusions of persecution).
– When you don’t have internet or it is not recommended to broadcast live, record a video of what’s happening, save it and publish or send it later. Whether you are broadcasting live or recording, ALWAYS mention the date, time and place of the event at the beginning of the video. This avoids confusion and possible manipulation and facilitates the work of the media and its subsequent dissemination.
– Avoid using the same password for more than one device, site, service, or app as much as possible. If at any point a device falls into the hands of third parties, immediately change your passwords. If you use a password manager, it will help you do this quickly and securely.
– If you think your mobile phone may be taken, immediately turn it off or lock it. Keep your computer and other devices locked if you are not using them in case they are taken during a surprise search.
– Look online for advice on creating secure passwords. It’s not as difficult as you think. Change them with some frequency, do not trust.
– Never install an app without first checking online that it is completely secure. ALWAYS install from the developer’s official site, Github, Google Play, or App Store. Abstain from using cracks, key generators, and similar.
– Do not open a message if you are not sure that it comes from a trusted source, confirm first. If it contains a link, do not open it without checking with the sender that it is a valid link. Do not connect to a wifi network that you do not know and can verify that it is valid. Do not trust anything that looks too good. It can be a trap.
– Use GNU/Linux
Translated by: Estrellita