Digital Sovereignty

Preface

• A journey, not a switch
• A challenge to Core Beliefs
• Especially relevant to Bitcoiners

NYT Expose (2019)

New York Times purchased "anonymous" location data to show how easily individuals could be tracked, such Senior Defence Officials (and families)

source

SS7 Software (2023)

• $250 per day or $8000 for permanent access
• Intercept SMS and voice calls
• SimSwap and take over entire phone (and online accounts)

source

AI Errors (2023)

• Arrested due to AI mismatch
• In jail for one week
• Jeep was towed & impounded

source

AI Voice Clone Extortion (2023)

• "help, help me mum"
• Extortion attempt through cloned voice

source

Kidnap & Torture (2023)

• Kidnapped at 5.20am in Australia by 6 men
• Tortured over 6 days, teeth pulled out
• $5m demanded from crypto-trader relative

source

Captcha for Robots (2023)

• AI uses TaskRabbit platform to hire a human to solve a captcha
• Human asked if the employer was a robot
• AI replies "no, I have a vision impairment"

source

Big no-nos

• alexa / blink / oculus home camera & microphone systems
• gmail / hotmail / yahoo emails
• facebook / twitter / reddit social media

These companies take your data and sell it to anyone they can.

Avoid these four companies

• Facebook (Whatsapp, Insta, Oculus, fb.com)
• Google (Search, OS, GCS, Calendar, Drive, Docs, Domains)
• Microsoft (OS, Teams, Outlook, Office, Github)
• Amazon (Store, AWS)

Social Media

Opt for a platform that lets you:

• Choose your client
• Choose your server
• Keep your network

Recommend: Nostr, Mastodon

If you can be banned or locked out, it's NOT YOUR ACCOUNT

Email

• Use own domain (can switch provider)
• Self-host option (own your data)
• "Catch all" allows unique email for every service

Recommend: protonmail, mail-in-a-box, cloudron

Chat

• Should be no reliance on a phone number (or shitcoin)
• Should not depend on a 3rd party server
• Open Source

Recommended:

• Simplex Chat (avoid whatsapp, signal, telegram)
• Matrix (avoid discord, slack, teams)

Security

• Use a Password Manager (self-host)
• Always use 2FA (VaultWarden)
• Use a FIDO2 device wherever possible (Trezor, Bitbox)

Laptop / Desktop

• Linux (POP OS!, Ubuntu, Debian/Fedora, Qubes)
• Intel Management Engine disabled
• For sensitive stuff - Tails

VPN Hardware

• Protects all devices (unlike hotspot)
• Connect over cable or https

Recommended:

• Nitrowall NW4J3
• Mudi Travel Router with Blue Merle
• Jameson Lopp Guide

VPN Software

• 99.99% of providers are BULLSHIT
• Jurisdiction and Reputation are important

Recommended:

• Mullvad (Pay with lightning)
• ProtonVPN (Pay on-chain)
• Tor (free but slow)

Phones - How You Are Tracked

• Cellular - IMEI / IMSI (handset / sim)
• Wifi - MAC address
• Sensor capture - GPS, Motion, Bluetooth, Microphone, Camera...

Phones - General Advice

• Remove apps (use web apps)
• Review Privacy settings (app by app - remove microphone, location, contacts)
• Use PAYG, unregistered SIM in a different device!!

Remote, Silent, 0 day exploit of a handset, over the internet, using only a phone number (patched in March 2023)

Phones - from Terrible to Awesome

Manufacturer Android
Google Android
iPhone
De-Googled non-Graphene
Graphene OS

Phones - Max Privacy

• GrapheneOS (Pixel 6 or 7) without sim
• VPN 3G Router using PAYG SIM
• Always in Airplane Mode
• If you must use Google Services, install in separate profile
• Crypton.sh for SMS
• Keep an emergency phone (with SIM) in a Faraday Bag

Benefits of Privacy Software

Candian court orders Nunchuk to disclose customer records

source

Links

• https://pluja.github.io/awesome-privacy/
• https://www.privacyguides.org/en/tools/
• https://inteltechniques.com