Security Culture

Because Fuck Jail

...and fuck these guys.

What Is Security Culture?

A security culture is a set of customs shared by a
community, some of whose members may engage in,
logistically support, or have knowledge of illegal or
sensitive activities, the practice of which minimizes the
risks of such activities being subverted or targeted.
Security Culture Is Safety

Sensitive Activities

Un-permited march
Disrupting a speaker or a sit-in
Civil Disobedience
Direct Action

Civil Disobience:
Breaking An Unjust Law

Direct Action:
Stopping, Impeding, or Subverting
Unjust Actions

Security is a Culture of Safety:

Everyone Participates

Part 1

Social Movements & Counterinsurgnecy

(a very brief introduction)

McCormick's Diamond

Social Movements

Composed of:

A large passive support base

A substantial active support base

Radical actors

Goals: eliminate the gray zone between supporters and the government,
grow the passive support base, and move passive supporters into active
support, move active supporters into radical action.
Endgame Type 1: Achieve Policy Objectives
Examples: African American Civil Rights Movement, LGBTQ Rights
Movement

Endgame Type 2: Erode State Authority/Legitimacy > State Collapse

Examples: Algerian Civil War, Vietnam War, End of Apartied in South Africa

Counterinsurgency

(a very brief introduction)

Counterinsurgency

Identify & Isolate: radicals, active

supporters, & passive supporters

Eliminate radicals

Buy off active supporters

Placate & persuade passive supporters

Deter further resistance

Establish legitimacy

Further Reading:

Learning To Eat Soup With A Knife, Nagl

From Dictatorship To Democracy, Sharp

Revolutionalry Change, Johnson

The Seven Pillars of Wisdom, Lawrence

Spec Ops, McRaven

Small Wars Manual, USMC

US Army Unconventional Warfare Manual,

2010, US Army

Part 2

Staying Out of Prison

But I'm not doing anything illegal!!!

It doesn't matter.
If you are at a protest or direct action, you are a
target on the adversary's priority spectrum.
The cops and courts are only as restrained as the
population force them to be.
Cops and Prosecutors advance their careers with
arrests and convictions. They don't care about
whether you are a nice person.
Anyone can be charged with a felony at a protest:
it's your word against a police officer's.
Prosecution is selective: agressive prosecution for
civil disobedience can ruin your life.

First they ignore you, then they laugh at

you, then they fight you, then you win.
-Mahatma Gandhi

Political Repression Political Effectiveness

Martin Luther King

17,000 Page FBI File

If you disrupt the status quo,

you will be targeted.

Independent
Filmaker
Lived in Iraq and
Covered the Iraq
War
Was interrogated
over 40 times
crossing the US
border

If you disrupt the status quo,

you will be targeted.

Tom Hayden
Registered African
American voters in
the south
Organized with the
Student Non-Violent
Coordinating
Committee
22,000 page FBI file

Think you have nothing to hide?

Do you have vulnerabilities?
-is your employer fine with your activism?
-is you landlord?
-can you be deported?
-are you on financial aid for college?
-do you work for the government?
-do your friends have vulnerabilities?
If you are targeted, your friends are more
vulnerable.

The Law Is Only One Tool To Silence You

Risk Assessment

Security Posture Risk

Security Posture
(risks you take) x (risk environment)

Security Is Everyone's
Responsibility

Security Culture Works

When We Work Together
Protecting YOURSELF
=
Protecting your FRIENDS

Stay Off Their Radar

Law Enforcement
Targeting:

Examples:

FIND: Collect priority

information.

FIX: Link the priority

information to a target &
collect a profile of the
target. Track the target.
FINISH: Eliminate the
target.

An informant hears you

bragging about an action. You
send a tweet about an action.
The informant befriends you
or the FBI targets and
analyzes email accounts and
phone numbers linked to
your twitter account.
You are targeted for arrest
and/or aggressive
prosecution.

Stay Off Their Radar

Once you have been targeted by law
enforcement, it is much harder to protect
yourself and your friends.
PROTECT YOUR IDENTITY.
-your full name
-where you live
-your online identity
-sensitive identifying information

WHEN IN DOUBT, STFU.

Stay Off Their Radar

Law Enforcement Is Selective
Anyone can be charged with a felony.
Resisting arrest or assaulting a police
officer is just your word against theirs.
If you have been targeted you have
already lost your greatest asset:

ANONYMITY

Stay Off Their Radar

If they don't know who you are, they can't FIND you.

If they can't FIND you, they can't FIX (track) you.

If they can't FIX you, they'll never FINISH you.

PROTECT YOUR IDENTITY.

WHEN IN DOUBT, STFU.

Medics Are Not Exempt

Medics Are Targets

Street medics are on the finish portion of the

adversary's priority spectrum.
Medics are often targeted for arrest first because:

Medics are key to maintaining protestors' safety and

morale.

Medics prevent crowd panic with their calm demeanor.

Medics can be sources of accurate info about police

movements, since medics often have a networked
communication infrastructure.

Medics, as caretakers, are confidants; medics may

know sensitive information about planned actions,
even if they do not take part.

Protests & Actions Are

Dangerous

Going to a large protest is dangerous. Even if you have

done nothing illegal, you could be charged with a serious
felony, such as resisting arrest, felony riot, or even
assaulting a police officer.
Such charges might not stick, but can be stressful to deal
with or explain to family and friends. Or, you may be
prosecuted vigorously on false charges, as was the case
with Cecily McMillan.
The most serious danger at a large protest is entrapment. If
you have a big mouth and are unfortunate enough to cross
paths with an undercover cop, you are in serious straights.

This is what assaulting a

police officer looks like:

Infiltration

Undercover cop

A plain clothes police officer

FBI agent
Manages informants
Performs surveillance & interrogations

Informant

Civilian bribed or coerced to provide

information

Cooperating Witness

A co-defendant who agrees to testify

against you in return for leniency

These are cops at a protest:

This is what happened to

their targets:

8 Years In Prison
For talking big and being stupid.
Don't be stupid.
PROTECT YOUR IDENTITY
STFU

Stay Safe
DON'T brag, gossip, or joke about
illegal activiy.
DON'T TRUST people who brag,
gossip, or joke about illegal acvitity.
Whether they are informants
trawling for victims
or just fools is irrelevanttheir behavior is unsafe.

AVOID THESE PEOPLE AT ALL COSTS.

These guys joined Occupy

Cleveland

They met a super radical

friend...
...who gave them free beer
and had a plan to destry capitalism...
...by blowing up some random bridge
(because that makes sense).
Their friend even provided
complimentary explosives!

Their friend was an FBI

informant.

Stay Safe
DON'T TRUST PEOPLE who are eager to
commit illegal acts, especially pointless or
extreme illegal acts.
PROTECT YOUR IDENTITY
IF IT FEELS OFF
JUST WALK AWAY
STFU

This is Daniel McGowan

He cares about the environment.

He joined the Earth Liberation Front.

Then he and some friends

did stuff like this:

Years later...

One of his old friends visited him...

He wanted to reminisce
about their rad exploits together...

Turns out...
This friend had been
arrested for heroin
charges and had
become an informant
to escape a lengthy
prison sentence. He
was wearing a wire.
Daniel went to prison
instead :(

Stay Safe
FREEDOM FIGHTING
Don't talk about your illegal activity
more than is absolutely necessary
to plan an action and debrief.
That's it. Shut the fuck up.

This is Aaron Swartz

He used a webscraper to download

academic articles from JSTOR.

This is Quinn Norton

She was compelled by subpoena

to testify before a grand jury.

Quinn Norton is a journalist who covers

Anonymous.

And if the prosecutor took my computer, I would have to go to jail

rather than turn over my password. I had no choice.

Stay Safe
ONLY TELL PEOPLE WHO NEED TO KNOW
Whenever you tell your friend
About illegal activity
You are asking them to go to jail for you.
Be a good friend:
STFU

Surviving Arrest

Surviving Arrest

The primary weapons of the police are FEAR and

DECEPTION.
Your best defense is personal calm and knowledge:

Remind yourself that you are peacefully fighting for a

more just world; do not internalize the police perspective.

Learn about the arrest & booking process if you are

planning to risk arrest. Find out which precinct you will be
taken to. If possible, speak with people who have been
taken there. This knowledge will help you keep your
bearings and normalize what is happening to you.

Breathing exercizes, singing songs, yoga or stretching,

and comforting others are all effective means of
maintaining morale.

Resisting Interrogation
The Three Phases of Technical Interviewing:

Establish Rapport

mirror the subject

deflect the subject's prominence in the investigation

Questioning

establish a baseline

pointed questioning

theme development

Summary and/or Confession

using established themes and deflection, elict a

confession or useful imformation from the subject

Resisting Interrogation
Invoke your right to remain silent. Demand access to an attorney.
Say nothing else.

Establish Rapport

Construct a psychological barrier between yourself and the interrogator; imagine

a sound proof wall between yourself and them.

Cultivate a contempt for your interrogator, but show no outward sign of either
contempt or identification: remain blank.

If the interrogator tries to induce you to talk by making small talk or sympathizing
with your ideals, my daughter is a vegan, etc, continute to ignore them.

Questioning

Do not respond to accusatory provocations.

Do not try to clear yourself by correcting the interrogator.

Do not believe any evidence of your guilt that is presented to you.

Do not believe any reports that your friends are cooperating.

Do not respond to belittling provocations designed to prey on your ego.

Summary and/or Confession

Continue to remain mute and/or invoke your right to remain silent.

Skilled interrogators are professionals.

They train and do this everyday.
It's not about who's smarter:
practice makes perfect.
Don't be arrogant. STFU.

Real Talk

If someone proposes an illegal act to you, and you don't

disavow it on the spot, you could be considered a part of a
criminal conspiracy and charged for the acts that were
planned, even if you never did anything yourself!
If someone has confided in you, or if you have knowledge of
an illegal act they are planning or have committed, you could
be compelled to testify against them. If you refuse, you could
be held for up to 18 months in prison for contempt of court.
If your friends are charged under a terrorism statute, you
could be charged with material support for terrorism.
Does your employer know about your political activity? How
would they react if someone told them? The FBI has been
known to ask after activists at their place of work to damage
their reputation.

More Real Talk

Undercover cops at protests are very real.

Undercover cops target impressionable people and try
to get them to go along with their more radical plans
so that they can charge them with felonies.
The police will try to blackmail anyone they can. Many
otherwise decent people who became informants did
so because they were arrested on drug charges and
had to choose betweeen a lengthy prison sentence and
betraying their friends.
Informants can be friends who have been turned or
strangers paid to screw you. They don't necessarily
look or act like cops.
The cops can lie to you, and they will.

I'm paranoid now!

Good.
You should be a little paranoid.
Paranoia doesn't work retroactively,
It only works proactively.
1.) PROTECT YOUR IDENTITY
2.) ONLY PLAN ACTIONS WITH CLOSE FRIENDS
OR WITH PEOPLE WHO DON'T KNOW WHO YOU ARE
3.) IF THEY DON'T NEED TO KNOW: THEY DON'T NEED TO KNOW

The Golden Rule

STFU

Tear Gas Break

Part 3: Counterintelligence

Beyond Staying Out of Jail:

The Art of Protecting Yourself
& Social Movements From
Surveillance

How Does Intelligence

Collection Work?

State security analysts collect information pieces about an

activist group.
As the analyst learns more, they leverage their existing
assets to develop both individual target profiles and a
nuanced understanding of the activist group as a whole.
Analysts then collate this information into a mosiac to build
a composite image of the activist group's human terrain.
State security then implements a counter-insurgency
strategy:

Identify hardline radical elements.

Target radicals, deter active supporters from involvement in the

movement, & co-opt the base of passive supporters.

Finish the radicals, pacify the remaining population with a

combination of deterance and inducement: divide and conquer.

What kind of Intelligence is

Collected?

Human Intelligence (HUMINT): Information gathered by

people, about people, usually via informants.
Geospatial Intelligence (GEOINT): Information about your
physical location, usually via your cell phone.
Open Source Intelligence (OSINT): Information about you
that is publicly available, usually your social media
accounts, newspaper articles about you, and your public
profile on the web.
Signals Intelligence (SIGINT): Information gathered from
electronic communication, such as internet communication,
cell phone communication, and radio communication.

What is
Counterintelligence?

Information gathered and activities

conducted to protect against adversary
intelligence gathering.

ACTIVE:

hunting & turning

informants
disinformation
& deception

COLLECTIVE:

discerning
adversary
capabilities

PASSIVE:

defending
against
collection
OPSEC

What is OPSEC?

OPSEC means
operational security.
OPSEC is the process
of protecting critical
information from an
adversary.
OPSEC keeps you safe
and the cops in the
dark.

Laws of OPSEC
1.) If you don't know the THREAT, how do
you know WHAT to protect?
2.) If you don't know WHAT to protect, how
do you know you are PROTECTING it?
3.) If you are not PROTECTING it, the
adversary wins.
4.) When in doubt, STFU.

Components of OPSEC
COMSEC

Your
communication
Things you say
Emails, texts,
phone calls, etc.

INFOSEC

Your information

Things you know

Data you have

PERSEC

Your personal
location
Your home
Your hotel / hostel /
safe house near a
protest

What are the THREATS?

Federal Agencies: The FBI, DHS, and other federal agencies

keep lists of dissidents, whom they monitor. You don't need to
break any laws to be on these lists. The artist Molly Crabapple,
who was involved with OWS, has an FBI file over 3 thousand
pages. It is in your interest to stay off these agencies' collective
radar as long as possible.
Law Enforcement: Post 9/11, local police share with, and are
privy to, information from federal agencies more than ever before.
Private Intelligence & Security Firms: Corporations may retain
the services of capable private intelligence and security firms to
track activists who threaten their interests. These firms may have
relationships with, and access to, local police departments and/or
federal agencies and their databases.

What Do They Want?

Identity of group memebers
Information about the group's operational details
Information about social connections between
activists: who is experienced, influential, who has
connections to allied organizations
Information about the group's culture
Information about any activitiy that can be
prosecuted

Went to OWS. Made art.

3K PAGE FBI FILE.

DHS Fusion Centers

Local Law Enforcement

Private Intelligence Firms

...and their intelligence

products:

What Is A Movement Or
Group PROTECTING?
Who participates in direct action
Tactical plans & intentions for direct actions
Who has knowledge and experiece
Who is inexperienced or impressionable

Why Do You Protect It?

To prevent the targeting of group members
based on the risk-level of their activities or their
vulnerability to entrapment
To protect surprise plans from compromise

What Is A Movement or
Group Not Protecting?
Who is involved in legal advocacy
The time and place of meetings to discuss and
plan legal advocacy
Strategic plans or ideals: stop the pipeline or
protect the environment

How Does A Movement Or

Group PROTECT IT?
Don't identify people who are involved in direct
action in mixed company. People with similar
ideals should blend together.
Don't discuss tactical plans with people who
don't need to know.
Influential and experienced individuals should
camoflauge themselves to avoid targeting. This
is easier to do in horizontal groups that
encourage participation and learning.
Protect newcomers by teaching them OPSEC.

What are you PROTECTING?

Your
Your
Your
Your
Your

identity
plans & intentions
movements
capabilities
vulnverabilities

When do you PROTECT IT?

Personal Space:

Operational Space:

Your private life outside Your activist life at highof high-risk protests and risk protests and actions
actions
Protect It!
You Can Relax

How do you PROTECT IT?

Problem: you are you.

If
If
If
If

you
you
you
you

have friends, there is HUMINT.

have a cell phone, there is GEOINT.
use social media, there is OSINT.
communicate electronically, there is SIGINT.

Unless you are an Amish hermit, you are fucked.

Anonymity Works

Anonymity Works

If they don't know who they're looking for,

it's awfully hard to find you.
It's even harder if they're looking
for someone who doesn't exist.

Your comrades can't inform on you

if they don't know who you are!
(and visa-versa)

How do you PROTECT IT?

Solution: be someone else.

If you make friends, they're not your friends.

If you have a cell phone, it's not your cell phone.
If you use social media, it's not your social media.
If you communicate electronically, never allow it to be
linked to you.

It's called compartmentalization.

When do you comparmentalize?
In Operational Spaces

How To Compartmentalize

How Do You PROTECT IT?

In Operational Space, PROTECT:
Identity
Plans & Intentions
Movements
Capabilities
Vulnerabilities

How Do You PROTECT IT?

Conceal your real identity. Don't tell other protesters

sensitive details, such as where you live or work.
Only discuss your plans and intentions with people you trust
who need to know about the plan to execute it.
Conceal your movements. Only tell people who need to know
where you are going. Leave your real phone at home. Don't
use your credit card while travelling to or from a protest or
direct action. Don't tell anyone where you and your fellow
medics are staying. This is your safe house.
Don't advertise your capabilites. If a stranger asks do the
medics have radios? You don't know. That person doesn't
need to know.
Conceal your vulnerabilities. If a cop asks you and your
medic buddy so, you're the only ones out here? Say: I don't
know. or some medics prefer not to mark themselves.

But that's crazy!

I can't do that all the time!
That's ok, you won't have to :)

How To Compartmentalize

How To Compartmentalize
Personal Space:

Your home

Your friends

Your workplace

Your phone
Your real online
identity

Operational Space:

A mass protest (such

as the RNC, G8, NATO
Summit, etc)
A high-risk direct
action (such as an
Earth First action
camp)

How To Compartmentalize
Personal Identity:

Your real name

Where you are from

Where you work

Your phone

Who your friends are

Any personally
identifying sensitive
information

Operational Identity:

You may develop a medic

identity cover complete
with a seperate name,
email addresses, burner
phone, etc.
It is also valid to just
protect your full name,
keep your phone at home,
and STFU about sensitive
identifying information.

How To Compartmentalize

Do not CONTAMINATE your identities: anything that

links your real identity to your medic identity is
contamintion.
If the adversary learns one piece of information about
your real identity, it's usually easy to unravel the rest.
You are not an Amish hermit. You leave digital footprints
everywhere.
Keep It Simple:

When you're a medic, don't talk about your

personal life.
In your personal life, don't talk about your
medic life.

How To Compartmentalize
Examples of CONTAMINATION:
-Don't turn on your burner phone in your own house.
-Don't check your real email while at an action (without using Tor).
-Don't pay for gas on the way to an action with your real credit card.
-Don't tell protestors your medic name but give them your real
email address.
-Don't log in to your medic email address from your home (unless
you use Tor).
-Don't tell your co-workers your medic name or that you are going
to a protest.

How To Compartmentalize
INTEL TYPE:

SELECTOR:

HUMINT

YOUR NAME

GEOINT

YOUR PHONE #

SIGINT

YOUR EMAIL,
SOCIAL MEDIA
ACCOUNTS, IP
ADDRESS

Identity:
An Asset & A Liability

Someone with a real

job, backstory, family,
non-activist friends,
personal interests, etc
is less likely to be an
undercover officer.
Sharing this
information can build
trust.

The more people know

about you, the more
vulnerable you are.
Treating activism like a
job and building
boundaries with fellow
activists keeps you
safer by making it
harder for law
enforcement to target
you.

Some of my friends are

also fellow activists,
How do I compartmentalize?
Security Posture Risk

Protest vs. Direct Action

Your action is
planned openly
The adversary
knows what's
coming
Before the action
the adversary knows
who will hit them
and how

Your action is
planned secretly
The adversary
doesn't know what's
coming
After the action the
adversary may not
know who hit them
or how

Low Risk vs. High Risk

Action
Low

Medium

High

Risk

Risk

Risk

-you don't intend to

risk arrest

-you intend to get

arrested

-you intend to evade

arrest

-the adversary learns

the names of the
direct participants

-the adversary does not

learn the names of the
the direct participants

Security Posture Risk

Low Risk

Medium Risk

Small legal protest

Civil Disobedience
Non-Violent Direct Action

Medium Risk

High Risk

Large high-profile protest

Property Distruction,
Sabotage, Network
Exploitation

Security Posture Risk

Low Risk

Medium Risk

Limited

Compartment

Compartmentation

From
Strangers

Medium Risk

High Risk

Compartment
From

Compartment

Strangers

Completely

Risks Add Up
Medium Risk + Medium Risk = High Risk
High Profile Protest + Civil Disobedience = High Risk
If you have a record of convictions for
protesting,
civil disobedience
and direct action,
you are at High Risk for aggressive prosecution.

Security Posture Risk

Good judgement is the foundation of any security posture.

If you are going to a low-profile action, you might choose to relax compartmentation
(like taking your phone).
It's ok to tell medics who are friends your real name. Just don't assume all medics are
your friend.
Even if you're not looking for trouble, good security keeps you safe by keeping you off
law enforcement's radar and helps to keep your friends off their radar as well.
Having a medic name protects you from stalkers at protests as well as the police.
If you contaminate your alias with your real identity, this may prevent you from safely
participating in higher risk actions in the future (paranoia only works proactively,
never retroactively).
If you are involved or interested in high-risk activity, never compromise or
contaminate your real identity. Become an OPSEC fiend. Read books about OPSEC
and INFOSEC.
Once you set up an alias identity, it's easier to use it consistently, even at low-profile
actions.
No one ever regretted practicing too much OPSEC.

Security Posture Risk

Security Posture
(risks you take) x (risk environment)
Your risk environment may change.
Your choices may change.

Paranoia Doesn't Work

Retroactively
Amatuers Practice Until
They Get It Right.
Professionals Practice Until
They Can't Get It Wrong.
Get In The Habit Of Wearing A Seatbelt
You Can't Put It On After An Accident

Friends Practice OPSEC

It's not just about you.
One person with good judgement
who implements and encourages OPSEC
is worth 50 demonstraters to a cause,
and is priceless to their friends.
Help keep your friends safe: tell them to STFU.

Ten Rules of Security

1.) Never talk to the cops. Don't lie to the cops; they're better at it than you are.
STFU.
2.) Don't talk about illegal activity in front of strangers or make jokes about illegal
activity.
3.) Break one law at a time: activism doesn't mix well with other vulnerabilities.
4.) Don't claim to be a part of an underground group, or claim that someone else is.
5.) Don't discuss illegal activity any more than you absolutely have to in order to plan
an action. Telling uninvolved friends or partners can put them in danger, or put
them in an advantageous position to blackmail you.
6.) Don't ever talk about the action after the action debrief, with anyone.
7.) Only plan actions with a small group of people you deeply trust or with people
who don't know your real identity.
8.) Don't contaminate facts about your real identity with your cover identity.
9.) If you suspect someone of being an informant, discuss your concern in private
with a close friend; witch hunts for imaginary informants are incredibly destructive
to activist communities and breed isolation and distrust. Informants themselves
often accuse others of being informants to sow discord and errode the group's
capacity to act.
10.) Don't discuss illegal activity via electronic means unless you really know what
the fuck you are doing.

TL;DR

Never miss a chance to shut the fuck up.

Assume everone will betray you.
Never talk to the cops.

Appendix: Crypto

Security Culture > Tools

Tools Won't Save You.

Hipster Security

Hipster Security

Never confuse social signaling and ingroup popularity games with real security
culture.
Good security is not a band you've
probably never heard of. Good security is
not using Qubes over Debian or Mutt over
Thunderbird (although Qubes is awesome).
Tools won't save you.

Sad Truths

The state has the advantage.

Even if your movement succeeds, your
chances of making it as an individual are
slim.

History is a graveyard full of idealists.

Good luck.