It is well documented that what you say and do online is tracked. Yes, private organizations do their best to protect your data from hackers, but those protections don't extend to themselves, advertisers, and law enforcement.
Whether you are a journalist, a protestor, or a high-ranking official, there are times when communication must be conducted with a high degree of certainty that the information will not be accessible by unauthorized parties. While there is no way to guarantee a 100% secure line, there are things you can do to improve it greatly.
If you're still communicating via SMS, stop right now.
Anything you send and receive over this dated standard created in the 1980s is unencrypted as it travels the network, which means it can easily be read by someone else with the right tools. Encryption protects your messages by locking them away in a digital safe, only available to those with the proper key.
But having an encrypted system isn't enough; it needs to tested. Ideally, it should also be open-source, where the code can be reviewed by anyone. At the time of writing, the gold standard here is Signal Private Messenger.
Signal uses the Signal Protocol, considered one of the best encryption protocols on the market. It is used by most major messengers, including iMessage and WhatsApp. With Signal, your messages and calls are end-to-end encrypted, a fancy way of saying that the entire process (from sending to transit and delivery) is secure.
However, what makes Signal Private Messenger special is the limited amount of metadata it captures. Metadata is "data about data," information regarding packets sent and received, including time, location, and user, that can still be gleaned from encrypted messages. When enough of this is available, it is easy to paint a picture of who sent the message and what it may be about.
An even safer form of communication takes place offline. Messages that don't travel across traditional attack surfaces such as Wi-Fi or mobile data are much harder to intercept.
Bridgefy is an app that takes advantage of Bluetooth to send direct messages to nearby users without the internet. Users within Bluetooth range can send encrypted messages directly. You can communicate with users up to 660 feet away thanks to a feature known as "Mesh Mode," which turns Bridegfy devices into relay points to between you and the recipient, all while maintaining your security.
No matter what type of phone you have, it isn't 100% safe. While some phones do a better job of protecting you against hackers, they don't protect you from your wireless carriers' data collection or themselves. If you'll accept no compromises with your privacy, what you need is a phone specifically designed to protect your data — and right now, that means a Purism Librem 5.
Every component of the Purism Librem 5 has privacy and security in mind. Starting with the OS, the Librem 5 uses PureOS, an open-source operating system based on Linux. Besides strengthening the boot process and using multiple layers of protection, it also doesn't include any trackers. It even has a removable battery so you can fully turn off your phone.
There are three physical switches on the body of the phone that turn off power to specific sensors — one for WiFi, one for cellular data, and one for the camera and microphone. If all three are turned off, the GPS will be disabled.
It's also the first phone powered by Matrix, an open network that provides end-to-end encrypted phone calls and messages. Matrix can also exchange data and messages with other platforms using an open standard.
Stingrays are devices that pretend to be cellular towers, allowing the operator to conduct a man-in-the-middle attack on any device connected to it. It is a common tool used by law enforcement, deployed in cars, vans, and even planes to track targets, who in the past, have included protestors.
As a fake cell tower, as long as the Stringray provides the strongest signal, devices will connect to it. In a small city, that can mean hundreds of phones, many of which have nothing to do with the police investigation.
To protect your data from this mass surveillance, you can either opt for a more secure phone, such as the Librem 5, or install a Stringray detector app. SnoopSnitch captures mobile radio data, examines its content, and informs you of potential threats, including potential Stingrays. When you receive this alert, you can protect yourself by placing your phone in airplane mode until you leave the area.
- Play Store Link: SnoopSnitch (free)
A virtual private network (VPN) is one of the easiest ways to add layered security. A VPN reroutes all data to a server that acts as a mediator between you and the rest of the internet. All incoming and outgoing packets are sent through it first, adding a wall of protection. Additionally, your device is given a new IP address, allowing you to maintain some level of privacy while interacting on the web.
Is a VPN necessary? No. But adding it doesn't hurt and it gives hackers, ISPs, and government officials another thing to penetrate first before reaching the messages in question. Having a VPN which logs little to none of your data will protect you in case the service is compromised. You can check out our testing using the link below, but for a TL;DR, CyberGhost is one of the best options available.
Keep Your Connection Secure Without a Monthly Bill. Get a lifetime subscription to VPN Unlimited for all your devices with a one-time purchase from the new Gadget Hacks Shop, and watch Hulu or Netflix without regional restrictions, increase security when browsing on public networks, and more.
Other worthwhile deals to check out: