How to secure phone against state actor?

13 points by daveorzach 3 years ago | 16 comments

A friend is traveling abroad with sensitive information that a foreign government may want or may target after they learn it was shared. Are there any guides for securing a Android or iPhone against state actors?

grepcat 3 years ago |

The most simple answer is don't. Divorce it from the device, fully encrypt it and transfer it separately from your friend.

Then, when traveling, have your friend carry a separate completely clean phone. If he's suspected and the phone is compromised, it won't be found.

When you say state actor, it implies that they're efforts are funded with and armed with the vast resources of a nation which means they could manipulate regular citizens, police forces, or potentially bring a considerable military force to bear against this problem, so the most effective approach would be to separate the person from the information entirely.

joshxyz 3 years ago | |

this. keeps it simple, air gap.

brudgers 3 years ago |

To put it in perspective, state actors have departments full of people who spend their work weeks figuring out how to act on behalf of the state and then executing upon those methods.

Those people are more organized than you. They are more motivated. They often have the resources to align Apple's and Google's interests with their own.

And they are more motivated than you. They are patriotic and surrounded by people who are patriotic and paid to be patriotic.

A state actor can travel to your state and get the information when just beating it out of you isn't the better option...but if you're in its state, beating the information out of you is probably the simplest thing that might work.

The revolution will not happen on your smartphone. Those days are past and the Arab Spring taught states all they needed to know.

Good luck.

quickthrower2 3 years ago | |

They can only target you if they know you are worth targeting though. In some sense a run of the mill phone might be the best bet. Something too fancy and hard to crack will stand out.

brudgers 3 years ago | | |

They don’t have to know anything, because the purpose of the work is to know more when they are done.

Or maybe just to communicate their stance with regard to some matter so others are discouraged.

Don’t bet that they are following rules that respect your integrity.

aborsy 3 years ago |

Governments (such as Saudi Arabia) often buy expensive hacking software from the companies abroad (such as NSO in Israel), needless to say with citizens tax money. Such software can hack into any phone, even with zero click. A mere phone number would be enough. They also have internal hacking teams and APTs, with own hacking tools.

Further, if you are in a country that manufactures key closed source components of the phone, you should assume that the government of that country can access the phone with the help of a backdoor or zero days embedded in the closed source software or hardware. iPhone is a good example.

Sandboxing in desktop is worse. Still you can better lock down a laptop if you know what you’re doing, since a computer is not linked to a phone number and you can leverage the flexibility.

quickthrower2 3 years ago | |

What if you remove the sim? Probably they can still hack with the account (apple id, google account) somehow given enough resources.

toast0 3 years ago |

Leave the phone in their home country? Bring a burner phone for communications while traveling, and don't connect it to accounts.

cookiengineer 3 years ago |

Opsec mandates to buy throwaway devices for such purposes.

The easiest way to travel state borders is to buy something like an old Dell Latitude (core2duo generation) with libreboot and a LUKS encrypted Linux on it.

Don't take your phone with you, especially if it's necessary for 2FA or can be (ab-)used for recovery of accounts.

Use a phone that's easily reflashable in case it gets compromised. Fairphone 3/3+ or Pinephone come to mind, depending on whether or not you want to deal with mobile Linux. Otherwise Xiamo Redmi Note 8/8T or devices with a MediaTek CPU. MediaTek ARM CPU has developer tools which have been leaked, and is a rootkit that can uninstall/reflash other rootkits :P

Note that there are already some rootkits in the ARM space so you also need to make sure the ARM blob hasn't changed, which is why I would not recommend a device that hasn't been integrated with the upstream kernel or hasn't got their blobs available.

Never use broadcom based wireless Hardware, because of broadpwn and bluepwn. Change the laptop's wifi card to an Atheros one.

hayst4ck 3 years ago |

I would give this a watch:

https://www.pbs.org/wgbh/frontline/documentary/global-spywar...

Journalists, your parents, your friends... every contact can be weaponized.

You can attempt to trust apple's new features, but I don't think the world knows how effective they are yet. Going through a border with enhanced security features to defend yourself from state actors at great cost of convenience is going to make a person stand out.

QuarterReptile 3 years ago |

As others have alluded, the attack surface on a smartphone is too large to ever be secure against sophisticated and wealthy adversaries. The regimes most inclined to spy are the same ones who spend the most on point-and-shoot exploits to own your phone.

Best answer from a US perspective is Michael Bazzell's work, with product specific to mobile phones having just been released: https://inteltechniques.com/book7a.html