Originally published here:

https://listed.dja.la/22179/archerships

Why care about censorship?

Why bother, you might ask? Between work, kids, and chores, you don't have time to be an anarchist. You don't do drugs, turn tricks, or sell guns. You're not a member of Antifa or Proud Boys. You're not a BLM protester, a Covid-skeptic, or QAnon believer.

Interview opposum

In fact, you rarely make political posts at all. Maybe you use Facebook mostly to a) keep in touch with the customers of your handcrafted mittens, b) share pictures of your kids and c) spam your friends with cat memes.

Thankfully, the FBI doesn't care about your Bridgerton binges.

But maybe you have conservative views, and you're worried about being banned from Facebook/Twitter. Maybe those services are a crucial marketing channel for your mitten business.

Or maybe you're a sex worker, and you're currently accepting payments via Paypal or Square. And you're worried that a disgruntled client will dispute a charge, causing your payment processer to close your account.

Or maybe you're a Black Lives Matter activist, and you're worried that your online writing will come to the attention of your boss, and get you fired.

Such fears are not unwarranted. Here's a few historical examples of governments and private companies censoring unpopular people, both in the US and abroad:

But even if you personally don't face any of those risks, are you sure none of your loved ones do? Maybe you have a brother who is a political firebrand. Or maybe your Mom is an anti-vaxxer. Facebook has started censoring not just those who themselves make controversial posts, but those who associate with too many "bad" people.

Facebook also uses artificial intelligence software to flag and censor "bad" posts/people. While such software has remarkable ability to make human-like decisions, sometimes the software has bugs or glitches, and people who are completely innocent are flagged or banned.

Can you afford to lose contact with your customers because a relative or friend posted something that Facebook didn't like? Are you willing to lose access to years of posts and photos in an instant, due to a glitch, or intemperate remarks from your brother?

What is censorship? Censorship-resistance?

Censorship is the suppression of speech (and other forms of communication), because the censor considers the speech obscene, politically unacceptable, or a threat to security.

Although censorship by governments is much more dangerous, censorship by private companies can also cause great harm. Therefore, in this essay, I'll refer to attempts by both governments and private organizations to suppress speech as censorship.

And while censorship-resistance, privacy, and anonymity are interrelated concepts, they're not exactly the same.

Something can be secure from most outside attackers, but not at all private to the vendor. For example, Gmail is very secure against attackers outside Google, but not at all secure from spying by Google itself.

Encrypting your email will help protect you not just from the spying eye of Google (increasing your privacy) and censorship-resistance (Google can't censor what it can't see). But it won't help protect your anonymity (Google still knows who you are).

Despite these differences, in what follows, for brevity's sake, I'll refer to "censorship-resistance", "anonymity", and "privacy" as "security" or "computer security".

Don't try to do to much at once.

Computer security is a large and complex field. Some people devote their entire careers to it. Think of improving your security like climbing a long, tall hill. If you think about the entire journey all at once, you might feel overwhelmed and give up.

Instead, just focus on taking small, easy steps at a leisurely pace. Pick one topic, and learn a bit about it, maybe once a week or once a month.

For example, on week one, you might open a Protonmail account, and start gradually using it as your main email account. On week two, you might start collecting your Facebook contacts and backing up your account.

One of my goals in writing this tutorial is to lay out a slow, easy, path for the average person to improve their security over time, without getting overwhelmed.

Manage your expectations.

The FATMAG companies--Facebook Apple Twitter Microsoft Amazon and Google--deploy billions of dollars and armies of highly paid engineers devoted to making their services as bug-free and easy to use as possible.
Whereas the people who make software and services that don't surveil/censor you are often working with budgets in the tens of thousands, if that. In many cases, they're working for no money at all, and doing it for fun or for the principle.

As a result, their software isn't nearly as polished. Be prepared for clunky UI's, software crashes, and confusing or non-existent documentation.

Be kind to the developers. Be patient. Think of yourself and the developers as distant friends collaborating in a shared effort to protect you both from powerful enemies.

If something goes wrong, don't demand an immediate response, or get upset if they can't/won't help you as soon as you'd like. Unless you've signed up for a paid service contract with them, they don't owe you anything. Instead, do your best to try to provide detailed, courteous bug reports.

Also, be patient with friends and family. Most people are very resistant to change, and don't want to even think about switching to a new service. They won't be interested unless they or someone they care about suffers censorship or loss. Be kind, be informed, and be there if/when they're ready to change.

Be prepared to pay.

If you're not paying for a product or service, you are the product.

Many of the FATMAG companies rely heavily on advertising dollars for their revenue. Your attention, and a detailed profile of your likes/dislikes, purchasing history, etc. are all quite valuable. When you use a "free" service like Facebook you're trading that valuable attention/information for the service.

As a rule, FATMAG companies are incentivized to keep their users happy. However, because they make money by selling information about you, they're not at all incentivized to protect user privacy or defend their freedom of speech, if they think it will piss off advertisers or draw excessive regulatory attention.

Therefore, if you want more privacy/freedom of speech, paid services are much more incentivized to treat you as the customer, and keep you happy, than "free" services.

Principles of censorship-resistance

  • If at all possible, use open source apps / services. Don't get locked in. Keep control over your data (writing, photos, connections, etc). If you control your data and software, if you don't like how you're being treated by a vendor, you can switch to a new vendor.

  • Demand transparency. Open source software allows independent security audits. It's difficult to hide spyware and other malware in open source software.

  • Demand open standards. Future proof your data. If you've ever tried to open a Visicalc file from the 1980's, you know how easy it is to lose your data if a proprietary company goes bankrupt or discontinues a product. Open source projects tend to use open, non-proprietary data formats that will be as readable in 100 years as they are now.

  • Don't allow a single point of failure. Keep backups. Keep multiple domains at the ready. Learn how to spin up a new copy of your services quickly. That way, if you get banned by one provider, you can easily spin up again somewhere else.

  • Use peer-to-peer (P2P) and selfhostable services, if at all possible. Software that doesn't depend on centralized companies is much more costly for an adversay to shut down. It's much easier to put the squeeze on a few banks and large companies, than it is to try to hunt down millions of individual customers.

  • Practice the "Publish (on your) Own Site, Syndicate Elsewhere" philosophy. Publish to your own website first, then distribute to other services. Becoming censorship resistant doesn't mean that you have to altogether stop using proprietary services like Twitter, Gmail, Youtube, or Facebook. It just means that if those services end their relationship with you, you will survive relatively unscathed. You can continue to use such services even as you build up your network on services you control.

  • Use private cryptocurrencies. One of the main techniques that governments use to crush dissidents is to cut off their income and access to their savings. Cryptocurrencies, like gold and cash, are peer to peer and can't be easily shutdown without shutting down the internet itself. And if you have to flee, you can store an unlimited amount of crypto currency in your own head.

  • Become a prepper. Keep food and water supplies on hand to last you at least a year. That way, if you get blackballed, you can survive for a long time until you find another job.

  • Get out of debt. Don't buy a house or expensive car. The lower your expenses, the less leverage your employer has over you. If you have to move, it's much easier and less costly to break a lease than it is to sell a house.

  • Choose a portable profession. Nurses, accountants, programmers, engineers are always in demand and can find work almost anywhere.

  • Identify a lawyer and pay them before you need their help, ie put them on retainer. If you suffer legal attack, your bank accounts might be shut down and/or your assets seized, leaving you little with which to defend yourself.

  • Keep some gold and silver on hand. Although cryptocurrencies have many advantages over precious metals, many people don't understand them or accept them as payment. Gold and silver are accepted nearly universally.

  • Buy and learn how to use a gun for self defense. Many censorious organizations can and will physically attack you and your family.

  • Plan your route of escape, before you need it. Keep your visas, passports, and other paperwork up to date.

  • Maintain your relationships with friends and family. Attend events (Porcfest, Ephemerisle, Burning Man, Anarcapulco, FreedomFest) where like-minded people will be attending. Humans are social animals, and it's much easier to stay upbeat, motivated, and on task if you have friendly collaborators and supporters.

  • Educate others. Host podcasts, write tutorials, make videos. Donate to pro-free speech, pro-open source organizations such as Institute for Justice, EFF, Framasoft, NikNet, Calyx Insitute, FIRE, and Decriminalize Sex Work.

  • Homeschool/unschool your kids. Vote for pro-school choice politicians. Anti-free speech idealogy has infiltrated most government schools and universities. Don't let them indoctrinate your kids.

  • Buy pro-free speech products and services. Stop financially supporting companies that spy and censor you.

  • Learn how to drive, fly, and sail. If you need to flee, then it's helpful if you can transport yourself rather than rely on services where you might be stopped and/or arrested.

You'll know you're censorship resistant if:

  • ...your bank account is frozen, but you still get paid and can buy groceries.
  • ...all the FATMAG companies cut you off from their services, but you can still communicate with your friends, family, and customers.
  • ...Google, Cloudflare, and Amazon stop routing DNS to your website, but people can still find your website and/or webstore.
  • ...you can flee the country with most of your assets intact.

That said, getting to that level of censorship resistance is no small task. If you stoke the wrath of sufficiently powerful adversaries--such as the FBI or CIA--you will be hard pressed to to remain uncensored. (At the limit, they can kill you. Or arrest you and put you in a secret prison overseas.)

https://xkcd.com/538/

Edward Snowden, for example, is only free right now because he successfully fled to Russia, and the Russian government decided it was in their interests not to extradite him to the US. Otherwise, he'd be in prison like Chelsea Manning, Ross Ulbricht, or Julian Assange.

However, at least in the US and other mostly liberal democracies, the average person is not going to be worth attacking directly. Instead, governments rely on private companies to do the policing for them. And private companies typically don't want to play the role of policeman, as it costs them money .

Therefore, the more you can increase the cost of censoring you, the less willing and able adversaries will be able to censor you.

52 weeks to greater censorship-resistance.

Over the next year, I'll be publishing a weekly series of articles on how to achieve greater censorship resistance.

In what follows, I'm aiming for the intelligent layperson--someone who can follow instructions, is willing to invest some time in a new UI, and has somepatience. All software is a tradeoff between ease-of-use, cost, speed, and complexity, and my suggestions will attempt to weight those tradeoffs in way that will appeal to the average person.

These are not the right suggestions for someone who is highly technophobic.

In most cases, they're also not the right suggestions for someone who has state level threats leveled against them. The more secure a product is, the higher demands it makes on your time and attention. Since most people don't face state level threats, I'll be weighting ease of use fairly highly, not just security.

Although I've ordered each action as a sequence of single, simple actions you can take once per week, feel free to jump around. In most cases, each step is independent of the others. You may decide to focus on those topics that are most relevant to you rather than strictly follow the sequence.

For example, if you're most worried about losing your Facebook account, your first priority may be to get the contacts of your friends and family, so you can communicate with them off-Facebook. Maybe install Signal and invite them to join you there.

Although I make some recommendations below, in almost every case, there are many other options. For example, I recommend replacing Facebook Messenger/Whatsapp with Signal. But Deltachat, Element, or Session could also be reasonable alternatives. If you don't like my suggestion, try one of the many other alternatives and see if you like it better.

Polite questions, comments, and suggestions are welcome. Feel free comment here, or contact me privately here:

cryptobin.co/d18884p8

Password: Mdwl3psZKOdnO0lk8EPtIu+3oSVIsUCWXc55OFW/jPFqoMp1/FpDTEmXwy5KBAaS

  1. Download a backup of your Facebook account.
  2. Download an archive of your Twitter account.
  3. Download an archive of your email.
  4. Install the QuiteRSS RSS feed reader.
  5. Install Bitwarden password manager. http://smbc-comics.com/comic/2012-02-20
  6. Sign up for a free Protonmail account. If you continue to use Gmail use Flowcrypt to encrypt messages between yourself and sensitive contacts.
  7. Install Signal.
  8. Invite your friends on Facebook to give you their phone and email.
  9. Install the Wasabi Bitcoin wallet.
  10. Install the MyMonero wallet.
  11. Buy a Trezor.
  12. Sign up for a Coinbase account. Buy some Bitcoin.
  13. Sign up for Mullvad VPN
  14. Buy some Monero via Morphtoken.
  15. Buy a domain name.
  16. Buy and install Standard Notes.
  17. Sign up for a listed account.
  18. Buy a VPS.
  19. Replace iPhone or Android Phone with Librem 5 or Pinephone
  20. Start an Althea Network in your neighborhood.
  21. Replace Windows/Mac laptop with System76
  22. Install the Tor browser.
  23. Create a Tor or Loki website.
  24. Buy something from a darknet market.
  25. Buy Monero on Bisq.
  26. Install XBrowsersync.
  27. Install BrightID app and get verified.
  28. Buy a cryptosteel and store your Monero wallet's keys.
  29. Buy an Amazon gift card from Bitrefill
  30. Sign up for a Bitpay Bitcoin Mastercard.
  31. Setup backup for your files on Hetzner
  32. Apply for a passport.
  33. Buy some gold and silver coin.
  34. Buy a year's supply of food and water.
  35. Make a bugout bag.
  36. Plan an escape route / identify a bugout location.
  37. Host a letter writing party for political prisoners (Ulbricht, Assange, sex workers, etc).
  38. Hire a lawyer on retainer.
  39. Pick a free speech / open source project and set up a recurring donation.
  40. Sign up for a healthsharing ministry.
  41. Identify a bugout location overseas.
  42. Create accounts for all of the sites / Federations you want to syndicate to: Mastodon account, Peertube, Odyssey, Minds, Gab, MeWe, Twitter, Flickr, Youtube, Vimeo. And syndicate your blog posts, podcasts, and videos to those services.
  43. Set up a newsletter with Mautic/Sympa.
  44. Get a concealed carry permit.
  45. Buy a gun.
  46. Buy a dry fire practice system.
  47. Bake some cookies for your neighbors.
  48. Take a sailing course.
  49. Host a holiday Christmas/Thanksgiving/Halloween party
  50. Host a recurring dinner for like-minded friends and family.
  51. Sign up for the Mr. Money Mustache forums.
  52. Set up a recurring deposit to your 401K/IRA.

Open source alternatives to spyware/censorware

If your life or business depends on a proprietary service, then you're vulnerable to censorship if the staff of that business decide they don't like you. Therefore, it might be a good idea to gradually shift your business to software and services that respect your privacy and don't try to lock you in. Here's a few open source alternatives to common proprietary services. Note that I've not tried all of them myself.

| Proprietary Service | Open Source Alternative | Notes | | -------- | -------- | -------- | | Discord | Element or Deltachat || | Facebook | Scuttlebutt || | Facebook Messenger | Signal or Deltachat || | Facebook Whatsapp | Signal or Deltachat || | Google Analytics | Matomo || | Google Android | e || | Google Android App store | F-Droid or Unhosted apps || | Google Calendar | Thunderbird + Lighting plugin || | Google Chrome | Brave browser || | Google Drive or Dropbox | Nextcloud + Hetzner || | Google Gmail | Thunderbird + Protonmail account || | Google Groups | Sympa || | Google Office | Cryptpad || | Google Maps | OpenStreetMaps || | Google Search | DuckDuckGo || | Google Youtube | Odysee || | Facebook Events | Mobilizon || | Github | radicle || | IFTTT | huginn || | Instagram | Pixelfed || | Keybase | Keyoxide || | Mailchip | Mautic || | Patreon | OpenCollective, Flipstarter or Fosspay || | Reddit | Lotide/hitide || | Slack | Element || | Stripe or Square | BTCPayServer, Coinpayments, Vigla or Globee || | Telegram | Element or Deltachat || | Trello | Taiga || | Twitter |Twxtxt || | Wikipedia | Tiddlywiki or Miraheze || | Zoom | Jitsi-Meet ||