Four Browsers for Defending Your iPhone from Evildoers, Spiders and Snoops

Note: I’m trying to blog more, just get any useful thoughts or recommendations I have down in public, on paper, so to speak. While I have developed, contributed to and promote various formal digital security guides and curriculum, sometimes these can be overwhelming to people just looking for some quick advise.

Why do you need a safer browser than the Safari app your phone comes with? Well, it is true, that Safari is pretty good, and Apple’s track record on security and privacy is solid. That said, Safari is configured by default to work for the most general needs of all iPhone users, many of whom prioritize convenience over privacy and security. While you might not notice day to day, there are a lot of sneaky, suspicious spiders out there in the infrastructure of the net, looking to suck all the value of your data, information and communication, for a wide variety of reasons.

You may have some desire to have more security and privacy when browsing the web, because of work that you do, places you travel, or topics that you are searching for or researching. Perhaps you want to keep your personal browsing separate from other browsing. Some may be worried about browsing on insecure wifi networks when you are at a cafe, hotel or traveling abroad. Whatever your reason, it only takes a few minutes to try these browsers out, which could save hours and days of headaches down the road.

Here then, is my list of browsers to use on your iPhone or iPad, if you want more security and privacy controls than just what the built-in Safari browser offers.

  • Brave Browser: Brave is an open-source browser for mobiles and desktop that increases security and privacy primarily through blocking all advertisements by default. They are open-source, block ads and tracking pixels, and default to using HTTPS on sites that support it. Their business model is focused on reintroducing safe, quality advertisements for content creators, which hopefully leads to both sustainability and a safer, faster web experience.
  • Endless Browser: Endless is another open-source browser, with an amazing array of secure and private by default configurations. It blocks all kinds of bad network behavior like unexpected iframes, popups, and cookies and weak SSL/TLS encryption ciphers. It also includes HTTPS Everywhere, so like Brave and Tor Browser on the desktop, it defaults to secure HTTPS connections if the site supports it. Endless was made by an independent developer who has been working hard to keep it up to date, and doing a great job of it.
  • Onion Browser: This is the best option for browsing through the Tor network on iOS, that gives you maximum privacy of your IP address, increased defense against network surveillance and intrusions, and solid secure default settings. While it has a simple user interface, the guts of it are built on great code, audited components, and incorporates the latest Tor engine and Pluggable Transport support (to get through the most unfriendly firewalls!). Onion Browser v2 is coming soon, based on Endless Browser, which will really bring two of the best open-source iOS browser projects together.
  • Chrome Browser: While Apple limits the ability for Google to port the entire Chrome browser stack to iOS, you still get a bump in security by trusting Google with your web browsing needs. This includes “Safe Browsing” malware protection and stronger HTTPS security through certificate pinning, If you aren’t a Google fan, and care more about privacy than security, then this might not be your best choice, since more of your browsing history data will likely end up in their algorithm.

All of these browsers can be paired with an iOS system wide ad blocker and VPN. I will cover my recommendations for those in another post.

If you feel I have missed a browser, configuration or other complementary option, please let me know!

SMS Privacy Tips for Election Monitoring And More

I was recently asked to contribute my thoughts on how election monitors using simple mobile phones could improve their safety and security when working in hostile environments. More specifically, the goal was to find techniques by which their use of SMS messaging to report back to a centralized service or team could be done in a more secure, private manner, that would make it more difficult for an adversary working against them to stop, block or track. All of this must be done without software or special hardware, instead just relying on easily teachable techniques.

Here’s the collection of tips and ideas I came up with on short notice. It is by no means complete, but I felt it would be useful to publish these to a wider audience here on my blog. Finally, before you say “well couldn’t criminals and terrorists use these techniques too?”, I will refer you to an excellent Abuse FAQ page from the Tor Project which covers this very topic (“Criminals can already do bad things. Since they’re willing to break laws, they already have lots of options available that provide better privacy than Tor provides”).

Now, on to the topic at hand…

Changing Your SIM Card
Often the first thing that comes to mind when people think about reducing tracking of their mobile phone is to change their SIM card. Unfortunately, changing SIM cards isn’t a reliable solution to stop centralized tracking because each phone also has an IMEI (http://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity) that uniquely identifies the underlying phone hardware itself. This means that even if you change your SIM card, the phone’s unique identifier can still be tracked. Still a new SIM card would change the phone number that is displayed or logged on the receivers phone, which could buy someone time or throw off a lazy investigator.

You can check your IMEI by typing in: *#06# or something similar depending upon carrier or phone. There are a number of cheap Chinese phones on the market in some countries that have an IMEI of 000000000000, which can come in handy if they are those types of things available. It is illegal in most countries to change the IMEI or to use a phone with an invalid IMEI.

Airplane Mode Ain’t Just for Airplanes
If their phone has “Airplane Mode” or a way to disconnect from a network or manually choose a network, that usually works as well as taking the battery out. This is useful if they still want to take pictures, notes, record message, queue up SMS messages to be sent once they reconnect in a different location from where the data was captured.

To step back a bit, it is important to understand, that mobile phones are always in constant contact with the cellular towers in the area. As you move about, your phone is in constant negotiation with different towers to connect to the best single, check for incoming calls, SMS message and so on. In addition, the server provider is checking your identifiers to make sure your phone is valid to work on the network, that you have an activated account, that your hardware isn’t blacklisted (aka stolen, etc), and so on. In summary, even if you aren’t using your phone, your phone is being tracked for operational and billing purposes, not necessarily malicious. However, it must be understand that this same data can be used by authorities for whatever purpose they like and is legal in the current country or context.

In theory, if you put your phone into “Airplane Mode” all signals emanating from your phone are stopped.

Complicating Monitoring by Turning Text into Pictures
If picture messages or MMS is available, write a message/code on paper and take a picture of it instead of sending it as text. Harder to automatically filter/monitor, and that the small resolution on the screen harder to read… if they can get the message on a PC on the receiving end, it can be zoomed up, but if the sender is stopped by local authorities, they may not see it.

In addition, picture messages of colors can also be a code:

  • Blue Sky = “okay”
  • Red Sign = “problem”
  • Brown Dirt = “Ballot Stuffing”

Your Very Own Secret Code
Come with a very basic text code that say involves ten digits, with each different representing 0-9 of possible states.

  • 0-9: how long is the wait (in hours)
  • 0-9: how bad is intimidation from militia (scale)
  • 0-9: how good is the turnout (scale)
  • 0-9: general code (0 = no problems, 1 = polling place closed, 2 = armed men outside, 3 = riot, 4 = no ballots available)

could then result in a code:

  • 2190 <— this would be a pretty good polling place
  • 9912 <—- this would be a report of trouble

You could easily write this on piece of paper and take a picture of it as well.

Again, this type of code would just look like gibberish at the local level, and perhaps buy some time at a state surveillance level until they got their own copy of the code. At the least you would be making them work some more to figure it out, and make them less able to filter by keywords.

Mobile Pyramid Scheme aka Improved Autonomy
Local groups can send to one local person, and then that person can forward each message to another level up the tree and so on. This would enable a bit more protection than all field election monitors texting to a centralized number. It introduces some other issues around reliability of the data and complexity of the process, but in exchange you help foster autonomy and decentralization, two great tools to improve safety and privacy in your overall network.

Managing What Gets Logged
By default, phones tend to log and track everything you do, in the name of convenience. This includes all the text messages you send. The problem is that if a person is detained, it can be difficult to quickly delete those messages before the detainers take away the phone to see what they can learn from it.

Most phones offer a way to NOT save outgoing SMS messages and also to potentially delete inbound after they are read. This feature should be utilized. In addition, numbers should be memorized and manually entered, instead of stored in an address book.

More Ideas?
If you are reading this post and have your own thoughts or firsthand experience to contribute to the discussion, please add them using the comment section below. I will make sure the right people see this information. Your insight and creativity can make a difference!

Guardian Project: SMS Encryption (non-)Options for Android

My first post was titled “Guardian Approved” as I did want to highlight applications that were of a certain quality or caliber. Unfortunately, in the realm of secure, private, encrypted short messaging (SMS), I can’t really say I have anything to approve! The best, most trusted solution out there (from CryptoSMS.org) hasn’t been ported to Android yet, and the rest of the offerings either cost too much, aren’t targeted directly at SMS, are closed source or generally poorly written alpha quality applications.

I’ve quickly realized that a quality SMS encryption application for Android (along with interoperability with other mobile phone platforms) is a critical application for the Guardian Project to focus on. One of the really cool aspects of building apps for Android is that you can completely replace the core applications on the device, meaning that an encryption-enabled SMS application isn’t relegated to a third-party status within the device. It can actual take over and replace the built in “Messaging” application and seamlessly handle SMS traffic and transparently handling encryption of messages to and from those addresses you have done a key exchange with.

Where Its At

In the meantime, here is a quick breakdown of what is available on Android today:


  • While not used for encryption, ChompSMS represents an excellent example of a “power-up” replacement for the built-in Android messaging application. It does offer an ability to send SMS through their Internet-based SMSC gateway. This means that as long as you have an mobile Internet data connection, you can send SMS messages without being monitored by the local mobile carrier, and even send SMS over a WIFI connection.

  • Encrypted SMS – $1.99 – “Parents Spy Much? Here’s your solution!” – This app is clearly targeted at the “passing secret notes in class” audience and not meant for anything serious. The encryption used seems to be of the basic letter substitution pig-latin variety, which could be cracked in about two seconds by someone with a pencil and paper.
  • Platinum RSA SMS – Free – “Encrypted text messaging service for your Android device. 1024 bit RSA math” – While the potential for this app seems good and the heavy use of the phrase “RSA math” indicates they know SOMETHING about encryption, the user interface is very confusing, even for me a seasoned user of terrible mobile user interfaces.
  • TXTCrypt – $9.99!

    “With TXTcrypt just enter your message and a password for it , now the encrypted message can only be decoded with that password , just tell it to someone , and send them message encrypted with it , they can use TXTcrypt to decode it..”. This application is very powerful and well written. However, it costs way too much for what it offers. No key change, no proper integration with SMS… it is just a basic password-based plain text encryption tool.



CryptoSMS

As mentioned before, there is a quality, open-source solution available called
CryptoSMS. From their site: “Cryptosms provides public/private key encryption, key generation and key management. it sends and receives encrypted sms and public keys, de- and encrypts files, offers key verification via fingerprints and provides a secure login. ”

Unfortunately, CryptoSMS is only available for J2ME-based phones today, which Android is not. There is a J2ME emulation app for Android, but it is a terrible user experience. What this is all adding up to is that the Guardian Project must/will plan to contribute to and otherwise support porting efforts of CryptoSMS to Android… while the user experience and integration with Android OS concepts like intents and content providers will take some work, the core engine of CryptoSMS appears to be just what is needed.

If you are in the New York area, and would like to learn more about CryptoSMS, you can attend a workshop this Thursday evening, August 13th, at The Change in Williamsburg, Brooklyn. More information available here…

Guardian-approved: Walkie-Talkie App for Android

As part of rolling out the first-phase of The Guardian Project, I will be writing short reviews of existing applications for Android-based mobile phones that share our general goals or desired functionality. The goal of Guardian, in short, is to enable safe and secure communication for activists, organizers and advocates working for good around the world through the mobile phones they carry in their pockets.

The Guardian project has no official relationship with these apps or their creators, but as we work towards developing our own unique software, we want to make sure to shine the spotlight on existing efforts that we admire and which are currently available. We’d also happily collaborate with any of them (or *you* if you are a developer reading this), and have them join our open-source efforts.

The first application is Walkie Talkie Push to Talk, which is a great alternative take on real-time VOIP or standard phone calls. Physical walkie talkie radios and Nextel-style PTT services have long been a valuable tool for many activists, and this application bring that capability to a global scale. Walkie Talkie can be used over GRPS, EDGE, 3G or Wifi networks, as well – whatever is available at the time.

Here’s a short description from the developer:

Walkie Talkie Push to Talk is a mobile application that allows walkie talkie style voice communications. Simply hold down the “Record & Send” button and speak. Messages can be sent to a group of people. Received messages are automatically played. If program is running, incoming messages arrive as soon as 15 seconds. If program is not visible, it polls in the background every 1 minute (to save battery).

The back-end messaging system used by this application is actual POP or IMAP, in other words email! If you utilize a secure IMAP/S connection with the application, then the voice communications are transmitted securely over the wireless network and Internet. If you use a service like Gmail (which offers secure IMAP access), then your access is hidden within the millions of other users accessing Gmail, as well.

Not drawing attention to your network traffic is often as important as securing your data. Also, while Gmail isn’t always the ideal service to use if you wish to retain full control of your data, it is much more difficult for an authority to block than a single proxy or a private server.

A few screenshots below:

Learn more about Walkie Talkie and download it from the Android Market today.