Here’s the collection of tips and ideas I came up with on short notice. It is by no means complete, but I felt it would be useful to publish these to a wider audience here on my blog. Finally, before you say “well couldn’t criminals and terrorists use these techniques too?”, I will refer you to an excellent Abuse FAQ page from the Tor Project which covers this very topic (“Criminals can already do bad things. Since they’re willing to break laws, they already have lots of options available that provide better privacy than Tor provides”).

Now, on to the topic at hand…

Changing Your SIM Card
Often the first thing that comes to mind when people think about reducing tracking of their mobile phone is to change their SIM card. Unfortunately, changing SIM cards isn’t a reliable solution to stop centralized tracking because each phone also has an IMEI (http://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity) that uniquely identifies the underlying phone hardware itself. This means that even if you change your SIM card, the phone’s unique identifier can still be tracked. Still a new SIM card would change the phone number that is displayed or logged on the receivers phone, which could buy someone time or throw off a lazy investigator.

You can check your IMEI by typing in: *#06# or something similar depending upon carrier or phone. There are a number of cheap Chinese phones on the market in some countries that have an IMEI of 000000000000, which can come in handy if they are those types of things available. It is illegal in most countries to change the IMEI or to use a phone with an invalid IMEI.

Airplane Mode Ain’t Just for Airplanes
If their phone has “Airplane Mode” or a way to disconnect from a network or manually choose a network, that usually works as well as taking the battery out. This is useful if they still want to take pictures, notes, record message, queue up SMS messages to be sent once they reconnect in a different location from where the data was captured.

To step back a bit, it is important to understand, that mobile phones are always in constant contact with the cellular towers in the area. As you move about, your phone is in constant negotiation with different towers to connect to the best single, check for incoming calls, SMS message and so on. In addition, the server provider is checking your identifiers to make sure your phone is valid to work on the network, that you have an activated account, that your hardware isn’t blacklisted (aka stolen, etc), and so on. In summary, even if you aren’t using your phone, your phone is being tracked for operational and billing purposes, not necessarily malicious. However, it must be understand that this same data can be used by authorities for whatever purpose they like and is legal in the current country or context.

In theory, if you put your phone into “Airplane Mode” all signals emanating from your phone are stopped.

Complicating Monitoring by Turning Text into Pictures
If picture messages or MMS is available, write a message/code on paper and take a picture of it instead of sending it as text. Harder to automatically filter/monitor, and that the small resolution on the screen harder to read… if they can get the message on a PC on the receiving end, it can be zoomed up, but if the sender is stopped by local authorities, they may not see it.

In addition, picture messages of colors can also be a code:

• Blue Sky = “okay”
• Red Sign = “problem”
• Brown Dirt = “Ballot Stuffing”

Your Very Own Secret Code
Come with a very basic text code that say involves ten digits, with each different representing 0-9 of possible states.

• 0-9: how long is the wait (in hours)
• 0-9: how bad is intimidation from militia (scale)
• 0-9: how good is the turnout (scale)
• 0-9: general code (0 = no problems, 1 = polling place closed, 2 = armed men outside, 3 = riot, 4 = no ballots available)

could then result in a code:

• 2190 <— this would be a pretty good polling place
• 9912 <—- this would be a report of trouble

You could easily write this on piece of paper and take a picture of it as well.

Again, this type of code would just look like gibberish at the local level, and perhaps buy some time at a state surveillance level until they got their own copy of the code. At the least you would be making them work some more to figure it out, and make them less able to filter by keywords.

Mobile Pyramid Scheme aka Improved Autonomy
Local groups can send to one local person, and then that person can forward each message to another level up the tree and so on. This would enable a bit more protection than all field election monitors texting to a centralized number. It introduces some other issues around reliability of the data and complexity of the process, but in exchange you help foster autonomy and decentralization, two great tools to improve safety and privacy in your overall network.

Managing What Gets Logged
By default, phones tend to log and track everything you do, in the name of convenience. This includes all the text messages you send. The problem is that if a person is detained, it can be difficult to quickly delete those messages before the detainers take away the phone to see what they can learn from it.

Most phones offer a way to NOT save outgoing SMS messages and also to potentially delete inbound after they are read. This feature should be utilized. In addition, numbers should be memorized and manually entered, instead of stored in an address book.

More Ideas?
If you are reading this post and have your own thoughts or firsthand experience to contribute to the discussion, please add them using the comment section below. I will make sure the right people see this information. Your insight and creativity can make a difference!

Our goal is to build all of these applications using a mobile web-based approach. This means instead of building apps in Java for Android, or Objective-C/Cocoa for iPhone, we use HTML5, CSS and Javascript. However, this does mean we have to spend some extra effort to make these web apps feel like actual, native mobile applications.

Fortunately, projects like JQTouch, a library that provides automatic formatting and interactivity tuned for the iPhone, make our lives much easier. However, with the release of the iPad this weekend, it has begun to hit us that that same old lists, menus and forms that make sense on the iPhone, may not be the best metaphor for the larger iPad screen. With that in mind, I’ve begun some basic prototyping focused on building a more tactile interface where the user can drag, pinch and swipe their way through all the legislative data they might want. Through using JQTouch, along with the JQuery Touch plugin, I was able to pull something together fairly quickly.

Here’s a video below of my first crack at this. You can also point your iPad or iPad Simulator device at http://m.nysenate.gov/ipad to play with it live. I’ll release some of this code shortly, but you can also view source on that same URL with any web browser.

Thanks to the open-source movement and the hard work of many Tibet supporters and typography experts, I am happy to announce that  rendering of Tibetan characters is now supported on the most fantastic of mobile smartphones, Google Android!!!

Tendor’s Yarlung Raging blog viewed on a T-Mobile myTouch3G Android Phone

While it only has a small alphabet of characters, the Tibetan language has been notoriously difficult to support on Mac, Windows and Linux due to some complexities in how one character can modify the next. Dedicated academics, volunteers and software engineers have stayed focused on solving this and the most recent versions of all major operating systems are able to render Tibetan and provide Tibetan character input tools. Google Android is based on Linux, and fortunately is able to support the use of the GPL-licensed Tibet Machine Unicode font.

However, by default Android only has a small number of fonts built-in, and doesn’t support the easy addition of new fonts or locales. It does however have something called the “fallback” font, which is used to render any encoded text it comes across that it doesn’t quite know what to do with.

What I realized is that you could replace this font with a Tibetan unicode font compatible with Linux, and that this would then enable Tibetan support in all applications on Android, including the web browser, email apps, instant messaging, and short messaging (SMS), among others.

The steps below outline the technical how to for Android users.


WARNING: This is not for novices. However, it isn’t rocket science either. Your average neighborhood mobile phone enthusiast should be able to figure out how to do this, and potentially help their friends do it too. Down the road, I hope we can make this process easier and/or Google will allow for the addition of any font to the system.

Step 1: Get Root on your Android device. You don’t need to mod your phone with a custom firmware, you just need root access to change system fonts. Here’s some places to start looking on how to (this changes weekly, btw, and differs for each type of Android phone):

• CyanogenMod: How To Root
• Android 1-click Root
• Android InstantRoot

Step 2: Download Tibet Machine Unicode font. You can learn more about the variety of Tibetan fonts available here.

Step 3: Make the system font folder writeable and backup the existing font
This can be done using desktop ‘adb’ tool from the SDK or the Android terminal app on the device

# su
# mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
# chmod 777 /system/fonts
# cd /system/fonts
# mv DroidSansFallback.ttf DroidSansFallback.ttf.bak
# exit

Step 4: Write the Tibetan unicode font as the new fallback font:
Using ADB Desktop tool with Android connected via USB

adb push TibMachUni-1.901b.ttf /system/fonts/DroidSansFallback.ttf

Using on-device terminal app:

#cd /system/fonts
#wget -o DroidSansFallback.ttf http://tinyurl.com/tibfont /system/fonts/DroidSansFallback.ttf

Step 5: Reboot your Android phone

Step 6: Point your Android browser at http://yarlungraging.blogspot.com, http://lobsangmonlam.org/ or http://tb.tibet.cn to verify the Tibetan font support is properly installed.

What’s Next

Two big steps from here… this is a call to action for Android developers out there:

• Develop a one-click app that can install Tibetan (or any other third-party language) font for any rooted device
• Port an existing Java-based Tibetan input utility into Android as an Input Method Editor so that you can have a way to write Tibetan character emails, SMS messages and blog posts.

Mobile phones in human rights monitoring is still relatively rare and there are few examples where mobile shave been used successfully in this field. In this video from the recent Open Mobile Camp in New York, three experts are discussing their projects and thinking on the use of mobiles in human rights work. Nathan Freitas discusses security issues in regard to using mobiles in this field and his project Guardian, Enrique Piraces from Human Rights Watch describes his thinking in regard to the use of mobiles in human rights work, and Emily Jacobi features Handheld Human Rights and the mobile tools that are part of the project.

I’d like to use this post to build up a list of useful guidelines for building mobile application user interfaces that can be effectively used during these situations. More specifically, with the capabilities of modern smartphones (large screen, capacitive/multi-touch touch, accelerometer, compass, camera and so on), what more can an application provide than just dumb entry forms and checkboxes.

Here’s my start… please add your own in the comments!

1. Applications must be INSTANTLY responsive. Not only is there no time to lose in these situations, but the patience of the user will be at an all time low. Any data lookup should be cached, paged or otherwise optimized.
2. Common tasks should be “shortcutable”… perhaps the user should be allowed to define their own shortcuts.
3. Any queries or searches should be auto-magically remembered and available via dropdown so that the same text doesn’t have to be remembered multiple times.
4. All actionable buttons/icons should be large… at least 64×64.
5. Lists of selectable, pre-populated options should always be used instead of freeform text entry to improve accuracy of data entry. If freeform is required, suggestions for existing matches of data should be provided.
6. Any network transmission of data or remote access should be done in the background without interrupting the work at hand. Again, remember the user should be expected to have ZERO patience.
7. All color palettes should be HIGH contrast – the lighting situations may not be good AND the device screen brightness will most likely be set to very low in order to maintain the best battery life
8. If the camera is expected to be used for image capture, remember that a 3 or 5 megapixel image can be quite large. Determine the need for resolution quality of the documented image and downsize that at capture time. Otherwise, loading, saving, and transmitting the captured photo could take up a lot of processor time and battery life.
9. Make sure your UI works in both portrait and landscape modes… you just want the app to work no matter which orientation the device is being held.
10. GPS – if you can use geolocation data to make the life of the user easier by prepopulating data or automatically geotagging items, then do it! However, they may need to turn off GPS in order to save battery life, so make sure to gracefully degrade.
11. Any persisted data should be stored on the external SDCard storage so that it can easily be removed, backed up, read on a PC, etc… the phone might die, but you should be able to pop out the card and put it into a SDCard reader for any device to read. This may mean that instead of using the SQLite database on the device, you instead use an XML, JSON or CSV format on the card.
12. If you need to record audio notes, a bluetooth or wired headset should be used. The built-in mics aren’t very good on most devices out today.
13. Swiping, multi-touch or other gestures can be very natural and intuitive UI control mechanisms if used properly. If your applications lends itself to these, make sure you work closely with users to make sure they work… they should be almost natural for a user to do (like swiping photos left and right in a photo gallery) as opposed to some complex secret handshake.

Any more? Please add your ideas in the comments below…

However, there is still much work to be done… read on!

1) Tor 0.2.2.5-alpha release contains all the necessary code for building the Tor binary exe using the Android C SDK. I utilized http://github.com/tmurakam/droid-wrapper toolchain wrapper scripts to make life easier. This will produce the output Tor exe that can run on Android w/o needing root.

Update: Thanks to Jake, you can now read the updated Orbot BUILD doc for the step by step build how to.

(thanks to ioerror for the pic)

At this point, we are pretty convinced that the performance and efficiency of the C binary is quite significantly better than the Java-based ports of Tor running within Dalvik… this translate to a better experience for the user, with no noticeable increase in battery drain or lag on the rest of the device while Tor is running in the background.

2) Orbot – this is the new Android app which bundles the Tor binary, handles its proper installation on the device and then provides a gui for starting/stopping, view the log and torrc, etc. It also provides a built-in HTTP Proxy and is licensed under the Tor license.

Just to be clear – we aren’t using the NDK or a shared library… we are actually extracting a binary and managing it via Runtime.getRuntime().exec() calls. This is 100% supported – who knew?! More info on how to do this here

The first code is up here… all is working, but def needs much polish:
https://svn.torproject.org/svn/projects/android/trunk/Orbot/

This post is in part a call for developers to contribute to the continued development of Orbot, so we can get it to a 1.0 state. The other big task is to modify the open-source, privacy focused Shadow browser, from the University of Cambridge DTG group, in order to make it work with our HTTP proxy. That would be a really great step forward, as right now, we have to ask users to set their global APN (read: https://svn.torproject.org/svn/projects/android/trunk/Orbot/INSTALL)

Thanks for everyone’s help and support to get here. I’d like to keep pushing on to a public release via the App Market very soon. Let me know if you’d like to contribute in any way – code, screen designs, icons, testing….

Domo arigato, Mr. Orbot-o!!

I greatly appreciate the opportunity to participate in this hearing. Thank you to the members of the commission for the invitation to appear here today, and for your interest in this very important topic. I come here today as a representative of the many, many technology advocates, experts and educators who believe that the most amazing innovations of our generation should be used for more than just acquiring more wealth or as simply new channels entertainment or distractions. I am also a longtime member and former board chair of the international non-profit group Students for a Free Tibet, led by Tibetan activists Lhadon Tethong and Tenzin Dorjee.

From my perspective, the latest wave of new media protest technology began in 2004, with an open-source web service called TXTMob. TXTMob was first developed by MIT’s Institute for Applied Autonomy for protesters at the 2004 Democratic National Convention in Boston and the Republican National Convention in New York. I was part of a team that utilized TXTMob to broadcast thousands of short messages to over 10,000 people on the streets of New York, letting them know what was happening moment by moment. Later in 2004, during the Orange Revolution in the Ukraine, students utilized the service to coordinate their spontaneous protests or flashmobs, strikes and sit-ins. In 2005, two of my colleagues who had been involved TXTMobs use during the RNC went to work for the company that became Twitter, where they showed the demonstrated the power of TXTMobs and short message broadcasting to their coworkers around the office. It was in those times, that Twitter was born. It is not an accident that things have come full circle, with Twitter now being the standard go-to tool for activists around the world.

In my activism work, my areas of focus are Asia and the Americas. I have specific experience traveling in and working with organizations focused on China, Tibet and India. I have developed patented technology, focused on the exchange of data between mobile devices over wireless networks. I am also teaching at NYU’s Interactive Telecommunications Program this semester – a new graduate course I’ve designed entitled “Social Activism using Mobile Technology”.  My personal path in this sphere, as a developer, practitioner and instructor in the use of new media technologies within social movements, is built upon a very long tradition that goes back to the first time someone figured out how to use drums, fire and birds to send signal messages.

During the second world war and the cold war, inventors, mathematicians and the earliest digital computers played a critical role in helping the allies stay one step ahead of the axis. In recent years, open-source hackers, nerds and geeks have gravitated towards the social justice, environmental and human rights movements, creating unique alliances and very rich opportunity for innovation. Four guys in a garage in Silicon Valley, is now multiple activists communicating in realtime through Twitter, Skype, Facebook, all using their iPhones, Blackberries and Google Android phones, to weave together human rights campaigns using true grassroots organizing and tested non-violence tactics with open-source software, cloud-based web services and very powerful, yet very cheap hardware gadgets.

Take the case of Burma in 2007. Video journalists and I.T. student organizations teamed up to provide their own coverage of the Saffron Revolution. As their footage began reaching the outside world, they become bolder and more targeted by the junta. While the revolution never fully materialized, and many of the monks and activists who participated have been imprisoned, tortured or worse, the “VJ” model of Burma is largely considered to have been successful due to the global attention the protests received. A similar model is being used in Iraq, through the well known citizen journalist video service, “Alive in Baghdad”, that works to cover and disseminate stories of the every day lives of Iraqis. We have also seen this model used with simple camera phones in the Kashmir and most recently in Iran, where a single clip of video of an innocent dying girl instantly clarified the issue for a global audience and brought overwhelming sympathy and support to the side of the Iranian people. The power of the moving image is unavoidable.

In many cases, the authoritarian states power proves too formidable for adhoc efforts with new media technology. In Tibet, the largely peaceful uprisings in March 2008, were perceived by the outside world as being “riots”, due to China’s ability to control the story by severely restricting news media access and blocking telephone and internet communication. Thousands of Tibetans were detained, many died, and hundreds were given lengthy sentences, many convicted through evidence gathered via close-circuit security cameras, mobile phones, PCs and the Internet. There are countless stories of Chinese, Tibetan and other activists within China being incriminated through their use of email, Skype and other tools. The evidence gathered by the state is often done in collaboration with the technology providers – Yahoo!, eBay, and so on.

In August of 2008, over seventy activists from around the world traveled to Beijing to protest for Tibetan human rights and independence during the Olympic games. New media tools played a major role during this effort. It provided a loosely coupled link between the various independent activists who were traveling to Beijing to participate. It enabled a team of citizen journalists to document the many different protest that occurred (since mainstream press was mostly unable to due to their “close” relationship with Chinese security agents) – all utilizing broadcast quality HD video cameras, small mobile computers and uploading photos and footage for publishing and broadcast around the world. The Beijing authorities eventually caught on, arresting and detaining for a week, six American citizens who had been documenting the protests. During their detention, they were told that the crimes they were guilty of, documenting and spreading media of protests, was far worse a crime than actually participating in the protest itself. Fortunately, due to their American passports, they were treated fairly and made it home.

During last years presidential elections, I was a member of an adhoc team of people who came together to build “Twitter Vote Report”, a nation wide web 2.0-style election monitoring system that tied together google maps, wikis, and iPhones with human resources on the ground from watchdog groups and the media. Over 30,000 citizens reported from outside their polling places, providing a real time view and instant notice of any long lines, hanging chads and potentially voter fraud. The data captured that day was released freely to the Internet for analysis and research by academic institutions. The open-source code from this project, as well as a few others, has been utilized in India and Afghanistan, and we hope to see it become a standard tool in the fight against election fraud.

As you can tell, I am very enthusiastic and active participant in the use of new media tools for social good and in the fight against authoritarianism. However, the use of these tools also brings about the possibility of serious risk to the user, their friends, family and broader movement. As a friend of mine said, “You cannot twitter your way out of a bludgeoning by security goons”. Mobile phones are unique, always broadcasting personal identifiers; changing SIM cards does nothing, phones are tracked easily tracked by their hardware IDs. Laptop computers are often full of incriminating documents, web caches and email addresses. Digital viruses that deliver actual spy-ware such as GhostNet are common and becoming more powerful and more invisible every day – one slip and your entire email inbox can be copied by an adversary. Use of new media and social networks reveal one’s “social graphs”, buddy lists, friends & followers… in a free country, these provide benefit, amplifying your ability to communicate and connect. In an authoritarian state, these reveal your human networks, make the job of cracking down easier and more efficient. It often takes an entire generation to rebuild when an activist network is decimated. The protests of 2007 and 2008 in Burma and Tibet were at level not seen since 1988 and 1989. That twenty year gap is no accident.

While the free world is easily enamored of applications of new media tools within dictatorships and authoritarian states far way, our own federal, state and local law enforcement are often quite fearful and hostile towards their use within domestic movements. Tad Hirsch, creator of TXTMob, is the subject of a subpoena by the City of New York in connection with several active lawsuits against the City that allege police misconduct during the 2004 Republican National Convention. Elliot Madison, a 41 year old social worker, was been arrested in Pittsburgh on Sept. 24 and charged with hindering apprehension or prosecution, criminal use of a communication facility and possession of instruments of crime. The Pennsylvania State Police said he was found in a hotel room with computers and police scanners while using the social-networking site Twitter to spread information about police movements. Just this week it was announced that In-Q-Tel, the CIA’s venture capital arm, has invested in a company whose technology is capable of powerful data mining from any information openly published on Twitter, Facebook and other social networking sites. In summary, acts taken to secure our homeland from violent terrorists often have similar justifications to acts taken by authoritarian governments to squelch dissent and democracy. Our government needs to be mindful of these contradictory positions on the benefit of new media within our own democracy.

Finally, I would like to briefly emphasize the comments from Mary Joyce of DigiActive, who could not be here today, on the topic of embargoes. In the digital age, where a “good” is a string of code that can be delivered anywhere in the world with the click of a mouse, even today’s smart sanctions are not smart enough.  By preventing access to blogging platforms, social networks, and other types of new media, current embargo policies harm the very activists who are furthering our common goals of democracy promotion, while leaving authoritarian governments free to spread propaganda through a range of state-controlled media outlets.

Referenced URLs of note:
TXTMob: http://en.wikipedia.org/wiki/TXTMob
Alive in Baghdad: http://aliveinbaghdad.org/
TwitterVoteReport: http://twittervotereport.com
Beijing Olympics Protest Coverage: http://freetibet2008.tv
GhostNet: http://en.wikipedia.org/wiki/GhostNet

“Twitter against Tyrants: New Media in Authoritarian Regimes”
Thursday, October 22, 2009, 2:00 p.m.
1539 Longworth House Office Building

This briefing will consider the ways in which new media and Internet communication technologies affect the balance of power between human rights activists and authoritarian governments. Panelists will focus on new media’s role in protests and elections, the ways in which it empowers civil society activists, and the darker side: how dictators use new technology to control and repress their citizens.

The following panelists are scheduled to speak:

• Daniel Calingaert, Deputy Director of Programs, Freedom House
• Nathan Freitas, Adjunct Professor, New York University Interactive Telecom Program;
developer of groundbreaking technology for protests
• Evgeny Morozov, Yahoo! Fellow at Georgetown University’s E.A. Walsh School of
Foreign Service; contributing editor, Foreign Policy
• Chris Spence, Chief Technology Officer, National Democratic Institute

Read more about the briefing… Hope to see you there!

Another exciting week at ITP. This week the classes was visited by Evan Henshaw-Plath aka Rabble, who both spoke of his personal experiences with mobile technology and activism, and also provided critical feedback to students on their projects during our first Speed Geek.

The second half of the class focused on preparing for the development of actual mobile applications and services. While students are free to choose any software or hardware approach they want, the two platforms that will be covered in class are IMified and Google Android.

Here is the audio of the second hour of class as I walk through the links and slide presentations embedded below:

Referenced links:

• Building an IM Bot for the NY Senate OpenLeg API
• NY Senate Bill Bot source code for the IMified platform
• gReporter: Android application source code
• Android Market app examples: TwitterVoteReport and Inauguration Report

This first presentation provides an overview on approaching the development of mobile applications considering all of the unique factors of using a small, portable device on the go:

The second presentation uses the gReporter application to discuss the development of location and media-capture applications on the Google Android platform.

Finally, for beginning to design and mockup applications, here’s a list of solutions for the iPhone (thanks to TechJini blog)  that can also apply to Android:

1. Use Interface Builder or Dashcode (Mac only)
2. Use Balsamiq mockup tool (Mac, windows, linux) – http://www.balsamiq.com (http://www.balsamiq.com/blog/2009/03/01/iphone-controls-new-icons-and-much-more/)
3. Use Omnigraffle (Mac only) and import an iPhone stencil – (http://www.omnigroup.com/applications/omnigraffle/download/ and http://www.graffletopia.com/search/iphone)
4. Use paper and a stencil- http://www.designcommission.com/shop/iphone-stencil-kit/
5. Use a pre-printed sketch paper – http://labs.boulevart.be/index.php/2008/06/05/sketch-paper-for-the-mobile-designer/
6. Use photoshop and the iPhone PSD – http://www.teehanlax.com/blog/?p=1628
7. Use Adobe Fireworks – http://blogs.adobe.com/fireworks/2008/08/iphone_gui_as_adobe_fireworks.html and http://www.building43.com/videos/2009/06/23/mockup-iphone-app-adobe-fireworks/
8. Although not there yet, you can try http://iphonemockup.lkmc.ch/
9. Use the stencil kit from Yahoo! which is available in a variety of formats – http://developer.yahoo.com/ypatterns/wireframes/
10. Use the sketchbook available at http://www.mobilesketchbook.com/