GrapheneOS & activism

dafy

I am an activist. I don't protest much anymore, but in the past I did a lot of graffiti, participated in civil disobedience actions, etc.
Our organisation forbids us from using even GrapheneOS: phones are banned. This is partly to prevent our phones from being searched while in police custody, and partly to prevent our phones from being turned into spying devices for some three-letter organisation during our actions.
I'm going to switch to GrapheneOS in a few days because this is the third time in a row that I've been subjected to full body searches and interrogations (no access requested to my electronic devices, however?) before being allowed through airport security.
Yet I have only been administratively arrested by the police once (my lawyer got me released because there were ultimately no charges against me), and that was a long time ago (no direct link).
I'm not sure what to think anymore, and I don't know how much GrapheneOS can help me.

I live in the EU.

MetropleX

dafy I did a lot of graffiti,

For brevities sake and for obvious reasons should people find this response and believe otherwise, we neither condone nor promote GrapheneOS use by people taking part in criminal activity, regardless of seriousness etc inclusive of vandalism. Stated without prejudice or judgement.

I believe a few features in this list may be of interest:
https://grapheneos.org/features

If you want to discuss specifics please feel free to ask any further questions.

DeletedUser550

dafy I am an activist. I don't protest much anymore, but in the past I did a lot of graffiti, participated in civil disobedience actions, etc.
Our organisation forbids us from using even GrapheneOS:

You engaged in unlawful actions by your own admission, then you come to GrapheneOS and ask for help, are you perchance some sort of stool pigeon, trying to show GrapheneOS in a bad light, you work for some EU, against free speach anti encryption Government? ... No help from me.. Goodbye.

oci3o

dafy Our organisation forbids us from using even GrapheneOS: phones are banned. This is partly to prevent our phones from being searched while in police custody, and partly to prevent our phones from being turned into spying devices for some three-letter organisation during our actions.

But what do they recommend? GOS is possibly the best at defending against this, unless they have unlocked access.

dafy but in the past I did a lot of graffiti

Don't do this, if its an approved art wall, go nuts, but don't to public places, its expensive to get cleaned off, and can damage reputations of businesses / lower the area value, plus, if your crap at art, it looks like crap, but don't do it.
Look at the stop oil protestors in the UK, all they achieved was pissing off the population, and it further damaged their reputation likely beyond repair.
Anyway, this isn't a political forum.

dafy the third time in a row that I've been subjected to full body searches and interrogations

Why though, are they giving a reason? I get generic searches when I go through airports, but nothing unusual, although one of my old bosses (he was Indian) was routinely stopped at airports, although carrying two phones (personal and work) didn't help, and wearing a hat indoors either.

GOS could in theory attract more attention to you, especially if you're on some list of watched persons as they could suspect you're using a hardened OS to hide evidence of crimes, or some other info, GOS isn't used by what I would call the "general population", and inherently increases suspicion towards certain crowds, unfortunately, despite their countless statements saying they do not support unlawful activities.

If you want to use GOS, multiple profiles could be one way, but if the officer knows what to look for, it would raise even further suspicion as to why you are using them, the general rule of thumb is have a "flat config" on, just some apps everyone would use, and don't have any data on the device, maybe you have something like Spotify on to listen to music on your flights, and something else like Netflix for movies, then load it with data afterwards, this is a common thing done by security experts, they will often use Chromebooks with basically nothing on, when they land reset the device and login again with the "real" profile.
One feature that comes to mind is the ability to essentially disable the USB port, but then if they plug it into a device, it would raise alarm bells as this is not a standard feature, it requires Googles Advanced Protection Program on Android, and Lockdown mode on iOS, obviously GOS has it natively, but still.

As @MetropleX said, look at the FAQ and see what GOS offers, but as mentioned, if your on a watchlist, using GOS may bring extra heat to you, especially with France attacking the GrapheneOS project.

n3t_admin

dafy I'm not sure what to think anymore, and I don't know how much GrapheneOS can help me.

Help you with what? Concealing crimes you may have committed? If yes, sure, probably. But no one here is going to defend it or encourage it. There is a very thin line between activism and crime and it gets overstepped way too often.
The folk around here are mostly passive; watching out for their personal privacy and security, journalists or generally VIPs who have much to lose if their devices were compromised.

dafy

n3t_admin Concealing crimes you may have committed?

DeletedUser550 You engaged in unlawful actions by your own admission,

My comments are not to encourage these activities or imply GrapheneOS is for them.

oci3o But what do they recommend?

Nothing. No phones. No talkie-walkie, we have a plan, everyone has a role, and we stick to the plan. It makes communication harder, but hey, we can live without phones for a few days!
But indeed, out of action, you make contacts and there, I suspect that some of my messages got intercepted from my phone or one of my contacts phone. Maybe I'm paranoid but few of us among my friends seems that we got those issue with airports.

Now that I have made my argument, back to GrapheneOS.

MetropleX I believe a few features in this list may be of interest:
https://grapheneos.org/features

Thank you!
What are particular features to protect from state surveillance? (If it's possible even...)
What about Google sandboxed app, if I decide to install it, how much data does it precisely leaves to Google (and through PRISM program, the U.S. / Fourteen eyes / E.U surveillance) ?

oci3o oad it with data afterwards, this is a common thing done by security experts, they will often use Chromebooks with basically nothing on, when they land reset the device and login again with the "real" profile.

You mean that if I go to a destination where I can be certain that I will have strict controls (let's say the U.S.), then I should have nothing suspicious, makes sense!
I know for computers but what about GrapheneOS, is it possible to make kind of backup that you can load after your entry in the country? How would that work?

oci3o if your on a watchlist, using GOS may bring extra heat to you

That's what I fear... How? Shouldn't it protect myself better?

de0u

oci3o Don't do this, if its an approved art wall, go nuts, but don't to public places, its expensive to get cleaned off, and can damage reputations of businesses / lower the area value, plus, if your crap at art, it looks like crap, but don't do it.

Wait wait wait. Have I been doing it wrong all this time? Was I wrong to view the "GrapheneOS" name as a thin veil for "GraffitiOS", the OS for taggers? Is "LineageOS" not intended for people who do line drawing? I may have a lot of rethinking to do.

Blastoidea

Is this really the place for such a discussion?

I think the best response is none.

Don’t engage.

dafy

Blastoidea
I don't say that people necessarily have to agree with me.
Everyone's experience is different, and it is essential to respect that.
We can limit ourselves to questions concerning GrapheneOS and the risks that an activist encounters that GrapheneOS can mitigate.

raccoondad

dafy Not sure really what you would need GOS for if phones were already banned and that was functional during your adventures.

MetropleX

Cleaned of political discussion and sanitised of individual focused content.

GrapheneOS isn't a band of activists but rather an open source privacy project. It's a non-profit project supported by our non-profit foundation in Canada. We build privacy and security technology to protect against corporate and state surveillance. We aren't political activists.

Source: https://nitter.net/GrapheneOS/status/1993631564370989564

The focus should remain on the following without the additional context provided.

What are particular features to protect from state surveillance? (If it's possible even...)

Better question what features from our documentation don't protect from state surveillance at the operating system level? I believe what your real questions should focus on is providing us what you want to do and need to do on the device and figure out how if at all your actions reduce the protections from GrapheneOS default OOTB setup.

What about Google sandboxed app, if I decide to install it, how much data does it precisely leaves to Google

Only what you provide them based on the permissions you give it and the apps you install that are from it or built with them as dependencies or use them for things like push notifications etc.

We need more granular focused questions. We do not say GrapheneOS is impenetrable or unexploitable, there is always the unknown unknowns to consider. What we do claim is on the website. Everything from there is a PEBCAK or PEBPAK one.

JollyRancher

dafy
Your actions have gotten you onto the list. Whenever you cross a border where identity checks are a thing you are flagged as a person of interest.

GOS isn't going to help with that issue, nothing will.

Would GOS, properly set up and with decent user OpSec, protect the data on your phone from law enforcement? Sure. None of the standard phone forensic tools can compromise GOS without a user mistake/cooperation.

Does that realistically matter? No.

Take the US border for example. Unless you are a US citizen, you have NO legal right to enter the US. Customs & Border Patrol (and the federal government more broadly) can condition your potential entry on turning over your device with the associated passwords/credentials, refuse to provide them and you will be denied entry to the US and the government will seize your device(s) anyways. If you are a citizen they can still seize the device but can't deny entry.

It doesn't matter how technically secure a device is if you are required to hand over the security keys.