Belarus, internet shutdown, dictatorship, "revolution", how to protect myself and my friends?

Hello,

Context: Presidential elections were held in Belarus on 9 August, Alexander Lukashenko is now re-elected. This is of course totally fake result.

Internet is now shutdown everyday (17h to 8h) (https://netblocks.org/reports/internet-disruption-hits-belarus-on-election-day-YAE2jKB3 ; https://www.wired.com/story/belarus-internet-outage-election/). There are protests everywhere, police and protesters are fighting every night.

ProtonVPN is now totally blocked, I could only find Psiphon that works but not always. I’m really afraid, is using Signal is enough to protect my private discussion? Is Psiphon trustfull? Why ProtonVPN doesn’t work anymore? Do you have any recommandation to protect me from online surveillance?

I’m using uni Wifi, is it okay? I already disabled biometric passwords on my phone (android) and uninstall all belarus / russian apps. I also downloaded tor for private research. I only use Signal to discuss. What can I do to improve my security and privacy even more?

Thank you for your help

1 Like

It is enough, but keep in mind should any of your friends be interrogated by the police you don’t want to leave anything incriminating on their phone. I would also consider using Signal’s disappearing messages feature too.

It’s quite likely they won’t go to too much extent forensically unless they’re looking for something specifically.

You may also want to consider something like Briar as well. Messages can be sent over bluetooth to nearby contacts.

About the only possible thing you may find is that Tor becomes blocked, if that’s the case then you may want to invest in a private bridge: https://2019.www.torproject.org/docs/bridges.html.en

I believe the public ones are blocked in countries like China.

2 Likes

Darn, you panic af :joy:

first of all chill its fine, people live in China and even in Arabic countries (me) and surveillance everywhere so you fine

second, Yes i believe signal is enough! and about Psiphon it’s free at the end and i remember contacting them in the past and they told me they get money from other companies that uses their servers so its up to you to trust them and for me i would say tor bridges if you are on mobile (still “free vpn” and trusted at least)

– uni Wifi i’m not sure but i would say as long as you using VPN and stuff to protect your data you are fine!

last but not least, tell me more what you ready to do exactly to improve your security and privacy i mean if its up to me i would say install custom OS :sweat_smile:

1 Like

This really does depend. Ther gold standard really does go to things like GrapheneOS (but that requires a Pixel). See the Mobile operating systems recommendation page.

It may be a more thorough approach to use a phone that was not purchased within your state (Belarus) and has the ability for you to install an operating system that can be verified externally.

The reason for this is you can’t know that everything has been truly uninstalled or what might lie elsewhere within the system partition.

If you don’t think you’re under any kind of targeted investigation it may make sense to import a phone that is unlikely to be tampered with, and install a custom ROM on that. Though be mindful that it is compatible with your telecommunication provider’s network.

Alternatively an iPhone is not a terrible choice, when it comes to privacy and security, despite being closed source. Apple makes it quite difficult to tamper with the hardware itself.

Both Apple and Google are unlikely to be friendly towards a state like Belarus when they’re persecuting people for local infractions not considered to be criminal by international law. Therefore it is probably better if you put trust in US based services or EU services that are operating within democratic countries with good standing in the privacy community.

An iPhone may also appear less extraordinary as it’s far more ubiquitous than a device running GrapheneOS or some other custom ROM. Ie. it’s worth considering what would happen if the police found this device in your possession. Would they consider a security or privacy distribution of Android to be suspicious? Would this raise more questions?

How much of your life needs to be on a device that is in your pocket? Amnesic operating systems like Tails have distinct advantages of there being no evidence remaining after usage. Anything you do want to keep can be encrypted on an external USB stick, or persistent volume. A USB thumb drive can be hidden physically easily.

Always consider:

Security

Likely because they blocked the servers. They have a static IP addresses that do not change. Many countries which restrict citizen’s freedoms start by blocking those IP addresses of services which might allow for circumvention of state authority. If we consider China as an example, there are a number of blocking methods they use. Some of these methods could be:

  • The government signing up to the services to discover the addresses
  • DPI and other network traffic fingerprinting technologies ie programs which monitor the network and decide whether network traffic is “encrypted” or not. If a lot of people use the same VPN provider then this will be really obvious.

For circumventing that people usually need specialized obfuscation tools, like Tor bridges combined with some of the pluggable transports run on private servers abroad that are only used by that person. Commonly in China v2ray is also used, though I have never personally used that.

You may also find this presentation interesting: Roger Dingledine - The Tor Censorship Arms Race The Next Chapter - DEF CON 27 Conference.

I haven’t used it myself personally, but it appears to be developed by Citizen Lab, which are fairly well respected in the privacy community.

3 Likes

Thank you a lot for all you explanations, you reassure me!)

1 Like