originally published here
Signal is an amazing resource and a great tool for many groups of people to connect and communicate with each other. The intent and purpose of these groups can vary widely, from making dinner plans to organizing the next display of collective power. If you aren’t already using signal, you should be!
But simply using Signal isn’t enough to keep you and your friends safe. Our collective security is only as good as the individual with the least safe practices. So we outlined a few guidelines and protocols to help tighten your individual and collective practices.
/////////When creating a new group/////////
Be intentional about the purpose and who you add. Something to keep in mind before adding everyone on your contact list: you can’t remove someone once they are a part of the loop without abandoning the thread entirely or asking them to leave. Folx will not be able to actively voice their concerns once the group has been created.
Consider what you would do with someone who gets unilaterally added at the beginning that maybe isn’t double vouchable or that someone has concerns about. Also, don’t add people to sensitive groups without getting their consent first.
After the group is created, state the purpose of group and take roll call right away. Roll call,(name, city, group, pronouns), should be completed before conversation begins.
Do not add new people to threads without asking group first, and give people a designated amount of time to be able to voice their concerns ie: 24 hrs., since many folx can not be active on their phones every minute of the day. Encouraging questions or elaboration about a proposed new member can help create a better dialog than simply saying “vouch.”
Do a new roll call each time a new person is added so they know with whom they are talking.
/////////VOUCHING/////////
According to the dictionary, to vouch means “to support as being true, certain, reliable” or “to attest; guarantee; certify.” In the political context, to vouch for someone means to state that you believe someone to be committed to the purpose of the group, trustworthy, reliable, and accountable.
Such “vouches” are important for groups of people working together who may not have previous experience working together, and require a certain level of trust and safety to comfortably and effectively work together. A vouching system allows 1 or more (the more the better) people to use the trust that they’ve earned from the group and extend it to someone they want to bring in. The necessity of vouches varies depending on what it is you are working on. Remember that a vouch is a personal reflection upon you, it is advised to not throw vouches around as it can undermine the safety, trust and cohesion of the group if it is an irresponsible vouch.
A vouch for if someone should be able to access a group’s members, conversations, goals and objectives, should be considered within the context of the objectives and risk of the group. The other members of the groups are trusting you to use discerning judgement when providing a vouch.
Some criteria that people have used for vouches include:
- having met in person a certain number of times
- have worked together on political projects for a certain period of time
- knowing a certain number of people who have worked with the person for a certain period of time
- knowing someone’s strengths and weakness (personally and politically) and how they act under pressure or in the face of repression
- knowing how someone responds to criticism or feedback and how well they hold themselves accountable for their behavior
- knowing someone’s extended family, childhood friends, and entire life story (just kidding…maybe…)
Vouches should be given for: people who you know and trust, who you know understands the objectives and degree of security required for the particular group, and who you know participates in solid security culture.
Vouches should not be given simply for “knowing they exist and do work” or “had a good conversation once or twice” though those things are a part of knowing and trusting someone.
The stringency of a vouch will vary based on the sensitivity of the information and the risks that the group is taking. If this is something you have not considered, please read up on security culture.
Whatever criteria or standard you use for vouching people, it is important that it be communicated to everyone in the group ahead of time, and that everyone is on the same page. Vouching is a word that gets thrown around often without elaboration, and people often have divergent ideas about what it means.
Digital security is no substitute for relational security. All the security culture/infosec protocol in the world can’t help you if one of the people you decide to trust with sensitive information turns out to be malicious, reckless, careless, or unaccountable.
/////////Protocol & Etiquette/////////
When installing Signal or getting a new phone number – inform groups beforehand so that they know to accept new security key. Or if you can’t let them know before hand let them know immediately after. Depending on level of security, meet in person or send screen shots of security numbers to verify new security numbers.
When using an android, always have a password on Signal app and a timeout feature. Unfortunately iOS doesn’t have this security feature yet. At a minimum, set a complex alphanumeric password for your entire phone. Shapes, patterns, and thumbprints/biometrics are not secure from a legal standpoint and the State can legally compel you to produce a thumbprint to access your data. Encrypt your phone as well.
Utilize the disappearing messages feature. Sometimes disappearing messages can get turned off automatically when someone reinstalls or a new person gets added. Make sure to reactivate disappearing messages.
Leave all groups and uninstall signal if you are attending an action or are in a situation that may lead to arrest and you have your phone with you. BUT… do not bring your personal phone into these situations if at all possible. You can read more about the danger of bringing your phone to actions here and a guide to if you are arrested here.
Leave all groups and uninstall Signal if you are crossing an international border. Laws protecting you from searches and seizures generally don’t apply at international borders. Strongly STRONGLY consider not taking your regular phone/tablet/laptop/etc. if you are traveling abroad.
If there is a security breach, such as if you are arrested with your phone or your home is raided, designate someone to start a new thread and leave the old one immediately (aka burn the thread). Make sure the threat is not transferred to the new loop. Designate one person to stay on the old thread to make sure everyone leaves. After you leave the thread, delete it. Delete threads regularly.
In case of a lost/stolen phone or police confiscation, report immediately to a person you are in a thread with for them to alert others that they need to ditch the old thread with your number and restart.
/////////Checking in on Membership////////
Some groups are ephemeral and exist for a specific, short-term purpose and should be deleted after its purpose is complete. Groups that have an indefinite lifespan should regularly check in on membership to help eliminate loose ends.
Consider establishing requirements for checking-in/participating in the group discussion. Some groups regularly re-vouch their email lists or signal loops on a regular basis. Asking people to restate their interest in being on the list, and ensuring that no security concerns have arisen. Some groups may also choose to have requirements for people to check in or participate on a regular basis. Not hearing from someone for a certain designated period of time could indicate a security breach.
Remember: Sometimes even when people leave groups, they will continue to receive messages from the group (due to software glitches). If the groups information is sensitive, people leaving a group should be treated as a security breach and the thread should be burned.
Discussion of sensitive material – past, present, or future – should be only on a need to know basis, not an “I trust you” or “I think you’re cool” basis. Bragging, gossiping, and rumoring about illegal activities are dangerous behaviors that have no place in our movements, much less our signal loops.
Planning of actions should occur face to face – never digitally. All digital security has weaknesses and vulnerabilities. The more you know the weakness and limitations of your digital security, the better you can protect yourself.
originally published here
Signal is an amazing resource and a great tool for many groups of people to connect and communicate with each other. The intent and purpose of these groups can vary widely, from making dinner plans to organizing the next display of collective power. If you aren’t already using signal, you should be!
But simply using Signal isn’t enough to keep you and your friends safe. Our collective security is only as good as the individual with the least safe practices. So we outlined a few guidelines and protocols to help tighten your individual and collective practices.
/////////When creating a new group/////////
Be intentional about the purpose and who you add. Something to keep in mind before adding everyone on your contact list: you can’t remove someone once they are a part of the loop without abandoning the thread entirely or asking them to leave. Folx will not be able to actively voice their concerns once the group has been created.
Consider what you would do with someone who gets unilaterally added at the beginning that maybe isn’t double vouchable or that someone has concerns about. Also, don’t add people to sensitive groups without getting their consent first.
After the group is created, state the purpose of group and take roll call right away. Roll call,(name, city, group, pronouns), should be completed before conversation begins.
Do not add new people to threads without asking group first, and give people a designated amount of time to be able to voice their concerns ie: 24 hrs., since many folx can not be active on their phones every minute of the day. Encouraging questions or elaboration about a proposed new member can help create a better dialog than simply saying “vouch.”
Do a new roll call each time a new person is added so they know with whom they are talking.
/////////VOUCHING/////////
According to the dictionary, to vouch means “to support as being true, certain, reliable” or “to attest; guarantee; certify.” In the political context, to vouch for someone means to state that you believe someone to be committed to the purpose of the group, trustworthy, reliable, and accountable.
Such “vouches” are important for groups of people working together who may not have previous experience working together, and require a certain level of trust and safety to comfortably and effectively work together. A vouching system allows 1 or more (the more the better) people to use the trust that they’ve earned from the group and extend it to someone they want to bring in. The necessity of vouches varies depending on what it is you are working on. Remember that a vouch is a personal reflection upon you, it is advised to not throw vouches around as it can undermine the safety, trust and cohesion of the group if it is an irresponsible vouch.
A vouch for if someone should be able to access a group’s members, conversations, goals and objectives, should be considered within the context of the objectives and risk of the group. The other members of the groups are trusting you to use discerning judgement when providing a vouch.
Some criteria that people have used for vouches include:
Vouches should be given for: people who you know and trust, who you know understands the objectives and degree of security required for the particular group, and who you know participates in solid security culture.
Vouches should not be given simply for “knowing they exist and do work” or “had a good conversation once or twice” though those things are a part of knowing and trusting someone.
The stringency of a vouch will vary based on the sensitivity of the information and the risks that the group is taking. If this is something you have not considered, please read up on security culture.
Whatever criteria or standard you use for vouching people, it is important that it be communicated to everyone in the group ahead of time, and that everyone is on the same page. Vouching is a word that gets thrown around often without elaboration, and people often have divergent ideas about what it means.
Digital security is no substitute for relational security. All the security culture/infosec protocol in the world can’t help you if one of the people you decide to trust with sensitive information turns out to be malicious, reckless, careless, or unaccountable.
/////////Protocol & Etiquette/////////
When installing Signal or getting a new phone number – inform groups beforehand so that they know to accept new security key. Or if you can’t let them know before hand let them know immediately after. Depending on level of security, meet in person or send screen shots of security numbers to verify new security numbers.
When using an android, always have a password on Signal app and a timeout feature. Unfortunately iOS doesn’t have this security feature yet. At a minimum, set a complex alphanumeric password for your entire phone. Shapes, patterns, and thumbprints/biometrics are not secure from a legal standpoint and the State can legally compel you to produce a thumbprint to access your data. Encrypt your phone as well.
Utilize the disappearing messages feature. Sometimes disappearing messages can get turned off automatically when someone reinstalls or a new person gets added. Make sure to reactivate disappearing messages.
Leave all groups and uninstall signal if you are attending an action or are in a situation that may lead to arrest and you have your phone with you. BUT… do not bring your personal phone into these situations if at all possible. You can read more about the danger of bringing your phone to actions here and a guide to if you are arrested here.
Leave all groups and uninstall Signal if you are crossing an international border. Laws protecting you from searches and seizures generally don’t apply at international borders. Strongly STRONGLY consider not taking your regular phone/tablet/laptop/etc. if you are traveling abroad.
If there is a security breach, such as if you are arrested with your phone or your home is raided, designate someone to start a new thread and leave the old one immediately (aka burn the thread). Make sure the threat is not transferred to the new loop. Designate one person to stay on the old thread to make sure everyone leaves. After you leave the thread, delete it. Delete threads regularly.
In case of a lost/stolen phone or police confiscation, report immediately to a person you are in a thread with for them to alert others that they need to ditch the old thread with your number and restart.
/////////Checking in on Membership////////
Some groups are ephemeral and exist for a specific, short-term purpose and should be deleted after its purpose is complete. Groups that have an indefinite lifespan should regularly check in on membership to help eliminate loose ends.
Consider establishing requirements for checking-in/participating in the group discussion. Some groups regularly re-vouch their email lists or signal loops on a regular basis. Asking people to restate their interest in being on the list, and ensuring that no security concerns have arisen. Some groups may also choose to have requirements for people to check in or participate on a regular basis. Not hearing from someone for a certain designated period of time could indicate a security breach.
Remember: Sometimes even when people leave groups, they will continue to receive messages from the group (due to software glitches). If the groups information is sensitive, people leaving a group should be treated as a security breach and the thread should be burned.
Discussion of sensitive material – past, present, or future – should be only on a need to know basis, not an “I trust you” or “I think you’re cool” basis. Bragging, gossiping, and rumoring about illegal activities are dangerous behaviors that have no place in our movements, much less our signal loops.
Planning of actions should occur face to face – never digitally. All digital security has weaknesses and vulnerabilities. The more you know the weakness and limitations of your digital security, the better you can protect yourself.