Station 4) On the go with your mobile (travel and on-the-go tips)

CRYPTO FRIEND(S): Amy C

Point: Events like conferences (lots of people in the same place, juicy targets), traveling to protests, and traveling internationally (new networks and jurisdictions) make you more vulnerable to surveillance after your information.

Domestic travel

Disable auto-connect and Bluetooth on your devices when in public areas
Back up your electronic files.
Remove sensitive data.
Ensure antivirus software is up-to-date.
Enable security measures like PINs and two-factor authentication. Or better yet, biometric passwords like a fingerprint reader (for example, Yubiko)
Wifi:
- Do not use the public Wi-Fi to make online purchases or access bank accounts.
- When logging into any public network, shut off your phone's auto-join function.
- While using a pubic Wi-Fi network, periodically adjust your phone settings to forget the network, then log back in again.
- Try purposely logging onto the public Wi-Fi using the wrong password. If you can get on anyway, that's a sign that the network is not secure.
- Don’t volunteer any PII (personal identifying information) as a prerequisite for logging on.
When your phone is not actively in use, consider a Faraday Bag
Don’t use public charging stations as there is a potential to compromise your device. Carry a battery pack to avoid emergencies instead. Use a data blocker any time you need to connect your device to a power/data source
Avoid public computers, they may not have up-to-date anti-virus software and could even have keylogger malware installed

International

Before your trip:

Domestic travel tips above all apply
Consider your threat profile and whether or not to travel with your personal phone, or turn off the biometric password feature (e.g., finger print or face ID password). Border control in the US cannot compel you to give up your passcode, but they can compel you to put your finger (or face) on or near your device to unlock it. Know your rights.
Consider traveling with a “clean” laptop that does not contain loads of personal data and make sure that it is encrypted and as protected as possible. More on border-related safety.