Emergency Preparedness: A Plan for Worst Case Scenarios
If we were to place security, privacy, and anonymity onto a sliding scale from 1-100, nobody is going to be able to achieve all 100s. It is just not feasible to attain a perfect score of safety. Knowing this, we need to be ready for the “What ifs” and the scenarios when shit hits the fan and we are literally dealing with the repercussions of something serious. I’m not going to comment on what may have gotten you into this position, but I will try and help you get out of it.
For starters, this entire section (like most of what is included in this Edward Snowden? category) is going to be speculation. I would love to give you so much more information and write without restrictions, but my safety has to be included. I’ll leave it at “legal”.
We have to think about what might happen in the worst possible scenario and then REALLY think about what would happen in that scenario. Maybe it includes a swat team and the sentence “You have the right to remain silent…” or maybe it just means getting fired from your job. In any situation, it is important to think ahead and have a plan of action ready for when you need it.
The first step I think is going to be revisiting (AGAIN), how important Full-Disk Encryption is on your devices and being able to turn those devices off in a hurry. A device that is properly encrypted is the strongest when it is off without any keys being left in RAM. This also includes your mobile devices, but thanks to Apple, your iPhone is already secure even if it is powered on; so long as it is locked of course. A few pages above, I talked about DBAN and how I always like to keep a USB formatted with it handy for those “just in case” scenarios. It isn’t going to be a quick wipe by any means, but at least with a fully encrypted drive, you could just pop in the USB, set it to wipe everything, and leave. You wouldn’t have to worry about someone halting the process because your drive was already full disk encrypted to begin with.
Another neat tool that you should check out is “swatD”. I won’t do really any explaining about it and leave all the reading/research up to you but will say this. Imagine what you could do with this program and some cameras in your computer room? See: https://github.com/defuse/swatd and https://thetinhat.com/blog/2015/01/24/get-swatd.html
But what are the consequences of actually going through with a tactic like this and purging all of your data. You would literally lose everything on the devices you wiped! This includes things like your PGP Keys, SSH Keys, and encrypted containers. In knowing this, it might be a good idea to have an external hard drive that is fully encrypted where you can backup a lot of crucial files every month and then store it in a secure place (maybe even off location incase the unthinkable does happen). You could also consider encrypting your sensitive files in say a VeraCrypt container or with your PGP key and then backing up those files to a cloud service. This would give you access to them virtually anywhere as long as you had access to a computer where you could install VeraCrypt. If you chose to encrypt them with your PGP key, it might add some security, but wouldn’t be as easy to decrypt them if needed (taking into account that your private key would have to be backed up somewhere completely different).