Sign in Subscribe
Programs

Internet Security advice for persons of interest

CCT

5 min read
Internet Security advice for persons of interest
Photo by FlyD / Unsplash

Good Ancestor provides pro-bono last mile assistance, security advice, and referrals to volunteers and professionals for security targeted individuals who face nation state actor or commercial spyware threats to get connected with the help they need.

VIPs we've assisted include our grantees, donors, and ecosystem partners, former heads of state in exile, human rights activists and their families, AI safety leaders, policy experts, journalists, semiconductor CEOs and others facing threats from APTs, as well as more mundane actors. We receive these requests through our ecosystem partners and donors, and connect them to volunteers and resources.

You may also fill out this interest form or if needed reach out to us through our Contact page.

For Human Rights Activists and Journalists:
If you are in an emergency, contact https://www.accessnow.org/help/ a full service help line that can even help you recover stolen email and social media accounts. Citizen Lab can also help in some cases. Having a live security person to help you is ideal. If that's not feasible read below for general guidance.

Recommendations for Security Concerned Persons


If you are concerned about an incident we recommend doing the following things in the following order.

#1 - Establish your physical safety

- Understand that your cell phone is a real-time tracking and listening device, even if it appears off. If you are on an apple device go to Settings -> privacy and security -> safety check, then to manage sharing and access and follow the instructions.

Sweep or change locations: Consider if you are more or less safe in your current location or somewhere else.

Before moving, consider securing your mobile devices to reduce the odds that your location change is monitored. Consider also the devices of those traveling with you, and your vehicle itself. If staying in your home, evaluate if you are wise to unplug local devices like smartTVs, and secure anything containing microphones or cameras before discussing your location change or other important matters.

#2 - Be careful what you click (if at risk of cyber attack)

- First we strongly suggest you do not click URL shortened links, or any links, files, or videos sent to you via SMS, iMessage, Whatsapp, email or similar, even if from a friend.

- If you are at risk of cyber attack - Avoid the use of SMS entirely, or clicking links sent in SMS (such as package tracking or boarding passes, especially while traveling)
- Do not click any links or play any media sent by unknown persons and if possible even known persons
- Do not open any unusual emails or attachments over messaging apps
- The best messaging app to use is signal

#3 - Secure your Mobile Device

Lockdown Mode - If on an Apple device turn on "lockdown mode" at the bottom of security and privacy settings. We leave this on all the time, but you can also turn it on when leaving the country. This reboots your phone.

Reboot and Update - Shockingly, rebooting your phone will erase many kinds of malware. Update your operating system if there is an available update. This is more important than it seems, given the use of exploits broadens substantially once they are burned via disclosure and patching.

Scan - (optional) Download iVerify Basic (free), run a device scan to see if it can detect your device is compromised. If you have received iVerify Elite from us, you can contact iVerify directly. This is not a guarantee your device is clear. (you may choose to do this step before rebooting if your priority is forensics)

Stow temporarily - (optional) If you worry your device is compromised don't type passwords into it or say your location or passwords around it. You may wish to turn it off and move it into another room or location (or the microwave) temporarily. Turning it off does not guarantee it is actually off. Reserve it in case you need it for forensics later.

Secure Settings - If you feel good about your device and want to secure it now before your other accounts, go through iVerify's app under Guideline and complete each security activity. Otherwise we can do this later after securing key accounts.

The guidelines cover settings to
- Protect against theft
- Limit software exploits
- Review for Compromise
- Protect Wireless Data
- Protect your communications
- Prevent Ad Data Leakage

If time allows, consider following an iOS Hardening Guide, MacOS Hardening Guide, or this short list of iOS 26 settings.

#4 - Connect to a VPN on a device you trust

If you are not sure which device to trust, consider a Google Chromebook, or an iPad, over a Macbook, or Windows computer, or a phone, and choose someone else's device over yours if possible.

You may wish to turn on https://protonvpn.com/, or other free/paid VPNs and if possible use the NetShield blocker, and use it across all your devices

#5 - Secure your Email and Cloud on a device you trust

For G-Suite/Gmail Users: Google Advanced Protection
For iCloud Users: Cloud Advanced Data Protection

While you are doing this log any questionable or unnecessary devices out of your account. For example Google Account Security and Apple signed-in Devices.

If using Gmail, go to your gmail settings and turn on "Ask before displaying external images"

#6 - Secure your other key accounts via a trusted device


Change your key passwords and setup 2 factor auth via an app -
- If you do not already have a password manager, install Proton Pass or Bitwarden - Use a password manager to keep track of site unique passwords, which also checks your passwords against internet leak databases.
- Go through and update all your important passwords with unique generated passwords.
- Make sure to setup 2factor with an app like Ente Auth and proton auth and Authy rather than via SMS messages.
- You do not want to do this on a potentially compromised device as you could be watched with screenshots of your password

#7 - Consider a device upgrade for your primary devices

In particular an iPhone 17 or later on iOS 26 or later with Memory Integrity Enforcement, running in lockdown mode has a dramatic increase in security against nation state actors. For people with Google Pixel devices or who want the highest level of security see our GrapheneOS Setup Guide which includes detailed advice on setting up a secure phone.

If you are running a generic Android phone, we strongly suggest changing to a Google Pixel device (on Graphene) or an iPhone 17 and in some cases we have provide grants for organizations and individuals to upgrade phones to more secure models.

#8 - Take actions to maintain privacy

To learn more about what you can do visit our Privacy Guide.

#9 - Learn more about your scenario

Resources 

- Visit the Consumer Reports Security Planner and find more information on your scenario in places like Computer Security and Privacy .
- Visit our grantee Naomi Brockwell's Ludlow Institute on privacy and security to learn more and watch her youtube videos
- Consider reading blogs or books related to your scenario such as https://inteltechniques.com/books.html
- If you just want to learn more about the space you may enjoy podcasts from https://darknetdiaries.com/ and news from grantee 404 Media
- We provide Donors and VIPs a special access page with recommendations for paid tools (such as secure and high priority cell providers), and offer licenses of https://iverify.org/ mobile security software to donors and other targeted persons.

Sign up for more like this.

Enter your email
Subscribe