With reports that the witnesses in today’s murder by ICE were all detained (and their phones presumably confiscated), I’ve been thinking nonstop about if I were to record ICE or the cops doing something, how could I ensure that any videos I record are not able to be deleted, assuming my phone was confiscated? I’m talking about specific tactics.
My phone runs iOS. I already have a strong passcode which hopefully makes brute forcing difficult. I use ADP and the only thing I back up automatically are photos and videos. In theory, I think my setup is fairly secure, since it would be hard to get into my phone or my iCloud account. But I don’t know what vulnerabilities or tools I may be missing.
I’m asking for iOS, but I think it’s good to discuss Android and GrapheneOS as well.
If your phone is confiscated, you can’t count on getting it back. Upload the video to a server or another nearby machine (maybe another phone) as you shoot it. There are apps for that purpose of course.
My videos already sync to iCloud. My concern is if the cops were to get into my phone, they could just go to the Photos app and delete it from the device and my iCloud account.
Disable faceID and secure your phone with a strong alphanumeric pin (which can include spaces to make it easy to remember) of at least thirty characters before going into any sort of situation where you know henchmen will be.
If henchmen get the drop on you and you’re not prepared, then ideally keep a six-digit pin at all times. It’ll be easier to get into, but it’ll still take them lots of work.
All of this can be bypassed on most devices except Graphene OS using the tools they now have available.
Ah fuck.
Well, they’re not immune to getting killed.
I was looking for the image to see if I saved it, but apparently not. There was a image floating around of a private meeting slide presentation that showed the various phones and their vulnerabilities. IIRC, the main things were some issue with the number of allowed log in attempts when all the mobile devices are in the initial boot lock versus regular lock state. The other was how the default USB behavior is handled in the locked state. These are default locked down in Graphene. Additionally, there are tools like a second lock screen password that factory resets the device completely in the background, and automatic reboots so that the phone goes into the initial boot locked state regularly.
If they can’t get into the device, they will probably just steal it.
iOS has lockdown mode. If you have proof of this being bypassed I’d love to see it.
How to activate?
Settings > Privacy & Security > Lockdown Mode
I’m not so sure this is the case, at least not trivially, but I’m no pro. There’s a reason the feds sued Apple trying to get them to unlock that one guy’s phone. Same goes for Android, the most important part is not using biometrics (face, fingerprint) and set a 6 digit pin (or whatever max it allows for).
Before going somewhere hot like a protest, make sure the screen locks automatically when you click power off button, and screen timeout to minimum. Make sure beforehand that your phone has device encryption turned on.
If you use something like google drive or whatever, make it auto-upload your photos/videos, and rather take many shorter videos than one long one, if you find it too technical to set up syncthing or similar, so finished film gets uploaded in the background while you take new one.
Instant screen lock is the most important I think, that way if the pigs come for you, just click the power button and your chances of keeping the vid are pretty solid. Oh, set “automatically backup over data” also, often by default it just does over wifi.
Send it to someone else maybe, so there is a copy of it that can’t be deleted from your phone.
If you have access to another device, you can log into icloud.com and remotely log out of the phone.
Files “deleted” from icloud can also be restored on icloud.com/recovery for up to 30 days after deletion.
Oh that’s interesting. Can you reach your iCloud stuff from a remote computer? Just have something on the remote machine auto-uoload the video from iCloud to some storage outside the US.
Try Proton. It’s based in Switzerland, is encrypted, and way more secure than using anything associated with Apple or Google, aka the fascist regime.
I pay for a Proton account already, this is a great suggestion, I’m going to look into this (can’t believe I forgot this)