OSINT for Journalist and Activist
This page contains a guide for activists and journalists who work in the field and in cyberspace.
In the crowd
Turn on airplane mode
Turning on airplane mode, this aims to ensure security in your signal such as GSM, if you know about signal intelligence such as jammer, imsi catcher or what I have previously made in the wiki or resources or you are a technical person, especially a telco person, then you must be familiar with this technique, out there, especially in crowded places, you need to be careful with your GSM signal or other signals, turn off anything that smells of signal to reduce tapping and signal hacking if you are in certain places, there are also those who have installed jammers so that they cannot communicate
Eject your SIM card
This is the same as before, but it depends on your conditions in the field. If removing the SIM cannot be done, then what you have to do is turn on airplane mode.
Enable 2FA
Enable 2FA on every platform such as social media, account settings on your smartphone, lock the application if you want to open it. 2FA can be useful if at any time you lose your smartphone or are tapped, it should be noted that the addition of 2FA I recommend using the 2FA application not via SMS or calls, so all authentication activities are controlled by a third party, namely the application. If you later experience abuse of power or hacking and tapping activities, it will be difficult for attackers to enter your account because there is 2FA, make sure 2FA by phone number such as SMS or calls is disabled
Turn of Bluetooth
Turn off your Bluetooth signal, there are several other techniques besides GSM signals that can have the potential for wiretapping or other things, namely through Bluetooth, for example Bluesnarfing and other techniques, this has serious potential to wiretap you, so what you have to do is turn off Bluetooth, this is the most appropriate step rather than hiding your Bluetooth address. And for additional security, add a PIN when pairing.
Turn of Wifi
Turn off wifi, wifi signal also has the potential to be tapped, for example evil twin or other techniques, they can duplicate the same SSID address to trap you into connecting to their network, so what you have to do is turn off the wifi signal or change the wifi settings so that it does not always join (disable automatic join), so you have to manually connect to wifi. We never know what OPSEC they use when spying, so just in case do it like that
Bring own internet wifi
Always bring your own internet using a modem device, so when you are connected to the internet, use a modem, not your GSM signal, and make sure your modem device and your number are not connected to any social media or data, just for the internet. These are tips for you to use the internet in a crowd.
Bring own a drink and your beverage (snack)
Bring your own supplies, don't buy food and drinks in the crowd. Make sure you have brought your own supplies at home such as drinks, food and other equipment, we don't know if the sellers there are affiliated with OPSEC or other bad things. So bring your own supplies and mark your supplies, for example if you bring a bottle, mark the bottle using paint or a permanent marker so that it is not exchanged or easily exchanged, so always mark and bring your own supplies
Use a long-sleeved t-shirt and toothpaste and mask
Use a face mask and bring toothpaste, we don't know the conditions later whether there will be burning actions, anarchic actions so that law enforcement shoots tear gas into the crowd or pepper powder and others, bring toothpaste to apply near your eyes and a mask to reduce pollution that is spread during crowds
Always be aware of your surroundings
Beware about rioters and spy, when we are in the field we do not know who the people around us, from what I have read and the information was found, when in the field there will definitely be riots and informants (spies) who could disturb you, both journalists and activists, for your additional security, when in the field make your own group and do not separate from your group, so that if anything happens there is a reduction in the risk that occurs in the field and make sure to always be aware. Always pay attention to jammer devices such as GSM signal jammers, Wifi, Drones and other frequency signals, usually if there is a crowd like that there is a jammer
Turn of Air drop (Ios)
Turn off the airdrop feature on your iPhone, this is just in case we don't know if this iOS has a zero day that can be used by law enforcement and exploit your device
Force disable 2G and 3G
If you understand about signaling, 2G and 3G networks are not secure and there is no authentication, try reading journals about signaling for additional information, therefore disable the network if you are connected to 2G and 3G, in demonstration activities or demonstrations there is a possibility of imitation of fake BTS such as evil twins where the fake BTS performs DFU mode for 2G and 3G network connections on your cellphone, this is possible for tapping of calls and SMS, see information about signal intelligence or all about signaling there are references that you can read
Turn on Iphone Lockdown Mode
If your iPhone device turns on the lockdown mode feature for double security and security from client side attacks, but there are some functions that will not work and the iPhone will check the privacy of your phone, for details see this page
Backup the data
Always remember to back up your data, you can do offline backup using a hard disk or other hardware, but if you want it easy, back it up via the cloud such as icloud and your device, backup is important
How was the my phone taken?
If your phone is confiscated or taken by law enforcement or lost, do this, access your cloud account to lock your phone like an iPhone and delete all data on the phone online, for double security, you can work with a team and make sure your team is ready and not on site and need communication, divide tasks with your team, if something like that happens, your friend who is not caught can lock your phone or delete your data online, remember not to use your personal email for work and don't be alone when in a crowd during a demonstration
Install trusted applications
Install trusted applications, don't install strange applications such as keyboards that have internet access, keyboard mods, camera applications and others, hackers can tap you through the application, therefore always install trusted applications only and turn on auto download and install on 3rd parties and don't root your phone and allow permission from unknown applications
Disable metada on file media
If you turn on the iPhone lockdown mode, the iPhone will automatically disable metadata on all media such as photos, videos, and others. Or you can disable it manually in the camera application or delete it manually via exiftool as I have taught before
Add app lock on your smartphone
Add a lock to the application on your smartphone, this is to ensure that if your phone is lost or stolen, there is additional security on the application, for example when you want to access Gmail, there must be a password on the application like the lockscreen on your smartphone, check on your device to activate this feature
Understand their OPSEC
If a riot occurs, whether in the field or in cyberspace, there will definitely be wiretapping and surveillance carried out by law enforcement, for example there are drone jammers, GSM jammers, other signal jammers, so that you cannot connect to the network or signal, there are also those who do fake BTS like evil twins who force 2G and 3G networks that are not secure and have no encryption and your cellphone is connected to their network, this will involve wiretapping and surveillance. Protect your OPSEC too and always be up to date on enemy OPSEC and update your OPSEC
Buying the right tools and hardware
Buying hardware such as devices or good software to support your OPSEC for journalistic , there are many telecommunication brands that have provided end-to-end encryption in their frequencies similar to military grade but I can't explain in detail and the brand, but in my opinion if your company is in this field buy your own tools to support your journalists in the field, such as communication tools that are not easily tapped and communication software that is equipped with end-to-end. Or you can make your own software
In the cyberspace
OSINT for Journalist
Proctect that fingerprint
Prevention and tips
5W + 1H
Analysis
Geolocation
Insider
Bewaare Propaganda
Knowing the pattern
Desc Parsing waktu untuk melawan akun bot
Buzzer (Bot account)
Archive the data or evidence
Last updated