Mobile phones 2

  • Objective(s): Introducir herramientas y recomendaciones para mejorar la seguridad que tienen las participantes, ya familiarizadas con conceptos básicos de seguridad digital, con sus celulares.
  • Length: 50 minutes
  • Format: Session
  • Skill level: Intermediate
  • Required knowledge:
  • Related sessions/exercises:
  • Needed materials:
    • Slides (with key points included below)
    • Laptop/Computer and Projector setup
  • Recommendations: If possible, try to know before the training begins what kinds of phones participants use – for instance, this could be a question on a pre-training assessment survey. this will help you tailor your session content to the specifics of the devices/operating systems participants already use. before you start the session, remind participants of some basic digital security practices that can be implemented for mobile phones such as: mobile antivirus software, mobile vpns, checking app settings and permissions. have participants perform a backup of the files they have on their devices before starting this session! since they will be using their own devices for this session, it is important that they back their data up just in case.

Leading the session

Part 1 – Encryption for Mobile Devices

  1. Remind participants of previous sessions that have touched upon the concept of encryption, especially the Introduction to Encryption session – you may have also discussed encryption previously in the context of full disk encryption during the How to Secure Your Computer session. Note to participants that the latest versions of iOS and Android (May 2017) now have encryption turned-on by default.

Part 2 – Using GPG on a Mobile Device

  1. If participants are already familiar with GPG encryption, introduce them to the K-9 email client and to APG. Discuss the pros and cons of using GPG on a mobile device (especially the risk of keeping a private GPG key stored on a smartphone versus the unique vulnerabilities of mobile devices) – the idea here is to reinforce that these decisions can vary from one context to another; participants will need to decide on their own whether the pros of using GPG on a mobile device outweigh the cons.

    Optional: Give participants time to install and practice using K9 and APG during this session - they may want to try using the new keypairs that they create as they get familiar with the tool.

Part 3 - Is Your Phone Tracking You?

  1. Ask participants - How much information do our phones know about us? Phones are a medium for many of our conversations, and thus have access to most if not all their contents; likewise, phones also keep track of not just content but also contacts – every conversation can be connected to specific individuals.

  2. You may also want to discuss with participants how the kind of tracking a phone performs could be considered a form of surveillance, and how surveillance can take place through more than just the usual, anticipated methods. Ask the group about what kinds of threats or risks they feel might be posed by their mobile devices, specifically in the context of their work as WHRDs.