With reports that the witnesses in today’s murder by ICE were all detained (and their phones presumably confiscated), I’ve been thinking nonstop about if I were to record ICE or the cops doing something, how could I ensure that any videos I record are not able to be deleted, assuming my phone was confiscated? I’m talking about specific tactics.
My phone runs iOS. I already have a strong passcode which hopefully makes brute forcing difficult. I use ADP and the only thing I back up automatically are photos and videos. In theory, I think my setup is fairly secure, since it would be hard to get into my phone or my iCloud account. But I don’t know what vulnerabilities or tools I may be missing.
I’m asking for iOS, but I think it’s good to discuss Android and GrapheneOS as well.
Encryption is good but even better is uploading it somewhere as soon as humanly possible
set up the cloud app of your choice to upload automatically as soon as the files come in. i’d recommend anything from outside the jurisdiction you are protesting against, just in case. ideal scenario is a trusted party has access.
A live streaming drone would be ideal.
but somewhat impractical
Auto upload to a remote location (e.g. VPS), ideally somewhere out of the country to really minimise chances of deletion. Could also have it auto upload to several places. You’ll need good enough internet connection to upload it though, so if they’re using signal jammers at a protest that could be a problem.
In terms of preventing deletion on the phone itself, you can’t really stop them from “losing” your phone, even if they can’t get into it.
Set up syncthing on your phone and whatever other device (laptop/pc/another phone at home/etc). Point it to your photos/videos folder and sync to your device at home(or friend’s house). If your phone is confiscated and they manage to get it deleted from the cloud, you’ll have a copy on your device. Make sure you enable settings like trashcan or versioning so the files deleted on your phone aren’t auto deleted on the device.
This. One-way sync to a home server/NAS or secure cloud storage that is not logged into on your phone (e.g. if you sync to NAS or a cloud service, don’t be logged in on other apps/web).
if your phone is taken while filming, it Won’t upload until it’s done recording. The agents will probably hit stop, then delete. you’d have to do some testing to see if that will stop the sync.
if you sync to NAS or a cloud service, don’t be logged in on other apps/web
what?
The agents will probably hit stop, then delete.
I don’t think there will be a reliable work around for this. It will take a while to upload anyway.
chopping it up into short videos or livestreaming it could be a workaround.
set the fs watcher delay to something small in the advancdd folder settings in syncthing.
https://docs.syncthing.net/users/config?version=v1.29.6#config-option-folder.fswatcherdelays
It is my understanding that iOS does not support Syncthing.
Mayne that’s old? My quick google show Mobius Sync and Synctrain are two syncthing clients that work on ios.
Lots of discussion around encryption states at boot / disabling FaceID
For iOS, Invoking the shutdown dialog (Lock+Volume) or activating Emergency Mode (Lock 5x Fast) puts the device into a “Lockdown” state where FaceID no longer works, PIN authentication is the only means to unlock the device.
Take a burner and live stream. Do not keep any sensitive info or log into anything other than the live streaming platform.
If you have your personal phone on you TURN IT OFF when law enforcement is nearby. The most secure state for your phone is before you unlock it after it boots up. The first unlock decrypts it and makes it much more vulnerable.
Where do you livestream? I’m trying to find a service that isn’t shit.
Live stream
If your phone is confiscated, you can’t count on getting it back. Upload the video to a server or another nearby machine (maybe another phone) as you shoot it. There are apps for that purpose of course.
My videos already sync to iCloud. My concern is if the cops were to get into my phone, they could just go to the Photos app and delete it from the device and my iCloud account.
Disable faceID and secure your phone with a strong alphanumeric pin (which can include spaces to make it easy to remember) of at least thirty characters before going into any sort of situation where you know henchmen will be.
If henchmen get the drop on you and you’re not prepared, then ideally keep a six-digit pin at all times. It’ll be easier to get into, but it’ll still take them lots of work.
All of this can be bypassed on most devices except Graphene OS using the tools they now have available.
Ah fuck.
Well, they’re not immune to getting killed.
I was looking for the image to see if I saved it, but apparently not. There was a image floating around of a private meeting slide presentation that showed the various phones and their vulnerabilities. IIRC, the main things were some issue with the number of allowed log in attempts when all the mobile devices are in the initial boot lock versus regular lock state. The other was how the default USB behavior is handled in the locked state. These are default locked down in Graphene. Additionally, there are tools like a second lock screen password that factory resets the device completely in the background, and automatic reboots so that the phone goes into the initial boot locked state regularly.
If they can’t get into the device, they will probably just steal it.
iOS has lockdown mode. If you have proof of this being bypassed I’d love to see it.
How to activate?
Settings > Privacy & Security > Lockdown Mode
I’m not so sure this is the case, at least not trivially, but I’m no pro. There’s a reason the feds sued Apple trying to get them to unlock that one guy’s phone. Same goes for Android, the most important part is not using biometrics (face, fingerprint) and set a 6 digit pin (or whatever max it allows for).
Before going somewhere hot like a protest, make sure the screen locks automatically when you click power off button, and screen timeout to minimum. Make sure beforehand that your phone has device encryption turned on.
If you use something like google drive or whatever, make it auto-upload your photos/videos, and rather take many shorter videos than one long one, if you find it too technical to set up syncthing or similar, so finished film gets uploaded in the background while you take new one.
Instant screen lock is the most important I think, that way if the pigs come for you, just click the power button and your chances of keeping the vid are pretty solid. Oh, set “automatically backup over data” also, often by default it just does over wifi.
Send it to someone else maybe, so there is a copy of it that can’t be deleted from your phone.
Oh that’s interesting. Can you reach your iCloud stuff from a remote computer? Just have something on the remote machine auto-uoload the video from iCloud to some storage outside the US.
If you have access to another device, you can log into icloud.com and remotely log out of the phone.
Files “deleted” from icloud can also be restored on icloud.com/recovery for up to 30 days after deletion.
Try Proton. It’s based in Switzerland, is encrypted, and way more secure than using anything associated with Apple or Google, aka the fascist regime.
I pay for a Proton account already, this is a great suggestion, I’m going to look into this (can’t believe I forgot this)
set up a local VPN on your NAS/file server and add your phone to the VPN. Next, map a local drive on your phone to the NAS. Dunno if you can do that on iOS, but at least on android you can. Disable modify and delete permissions on the NAS folder, so that the phone can only write/read from it, then use a camera app that lets you choose the save location and set it to record video to the network drive. Requires a pretty solid connection, but is extremely robust.
Keeping a live stream going on a burner phone is a good idea, removing biometrics and identifying information from main phone where possible, remote backup to a different location (preferably 1-way) keeping them both in the fully off locked state when not in use. Burner phone should only have your livestream/1-way backup passwords, nothing else. I hope you don’t have to experience this, but better safe than sorry
As a few people have said, using mobile data to sync to a remote server is susceptible to local jamming of your mobile signal. So you might want to sync by wifi to some nearby device(s) instead. I guess it depends on the location, whether you can have a car parked nearby, etc. Or if it’s near your home or office, maybe you can have a fixed camera watching the scene.
ADP is good. Use the iCloud foto upload. In the settings of the fotos app enable unlimited mobile data. In the mobile network settings enable „more data over 5G“. After recording if possible go to the fotos app and tell it to continue syncing if it stops because you are on battery or not on wifi, which it still sometimes does despite the settings. Before someone takes your phone click the side button five times. That disables faceid and makes it harder to unlock with spy tools.
Also in the Face ID settings:
Disable masks
Enable require attention (if the phone still accepts faceid and someone holds it to your face to unlock it, close your eyes and keep them closed. Don’t squint.)
Enable „erase data“ (after 10 attempts. Makes it practically impossible to bruteforce the phone).
would be nice to have an ‘instant sync to remote location’ shortcut, i kinda have this on android with termux and rsync but not sure for ios
a live streaming method would be good too, also a burner phone
The ACLU used to provide an app & service specifically for such situations, but they discontinued it a year ago.
https://en.wikipedia.org/wiki/ACLU_Mobile_Justice
