Chapter 1

Security 101

Scroll down to the end to find the list of post under this chapter.

What is Security?

As Radical Militants, many of our ways of action either are “Illegal” (under the current system’s moral compass, which is profoundly wrong) or in a “Grey Area”.

Many times we think of Security when planning an action or protest and want to avoid Legal Repression. We need to replace that thought pattern, we need to think of Security as a way to build trust between comrades, open the doors to do challenging actions without being stopped before, envision a world Post-Surveillance Capitalism.

We are under surveillance, and we have generally a wrong understanding of what it might encompass. It is not about only stopping our actions, it is about:

  • Understanding our relationships between each other;
  • Discovering weaknesses that can be exploited later on to crush the movement;
  • Understanding how we communicate, what specific language is used by whom and which group/collective;
  • Understanding our tactics and what motivates/inspires us;

Most surveillance is either about Intelligence Gathering (either to prepare Legal Processes against people or to prepare for an upcoming action) or Intimidation (the sole thought of being under surveillance might (in some cases) be enough to dissuade someone from acting against an unjust system).

Chapter Articles

List of posts and guides under this chapter:

Subsections of Security 101

security-101 security-culture

Building Security practices

Building Security practices is hard, most of the times it is stressing and it is a common reaction to freeze or give up. It is also very common to feel an individualistic approach, where there is no community nor collective work being done. We want to challenge that view, therefore our guiding principles (a description of each is below the list) are:

  1. Failing better next time;
  2. Security is a process, not a checklist;
  3. Security is a collective care practice;
  4. This is a learning space;
  5. Open-Sourcing Security;

Failing better next times

The traditional western thought and learning process is based on either being able to do something or to not be able to perform it. This leads to people giving up on security or people thinking that they will never be able to understand it.

We want to purpose a “new” (many other places and organizational cultures have been following this practice for years) practice, based on knowing that we will eventually fail, and using each failure as an opportunity to actually learn, not only from textbooks or exercises but from experience.

This also means to celebrate our small victories in creating and supporting each other on the Security Culture process.

Security is a process, not a checklist

You have probably been to a camp, or massive action, that had a “Security Culture Guide” (or something similar), that presented policies (or bullet points) to follow, without explanation or collective reasoning behind. Some of the policies may be fit for the specific context, while others might seem out of place (especially when multiple organizational practices and methods come together to converge on one action/camp). Most of the times it lacks an actual analysis of what surround us, and is unable to flow to the needs of everyone in the space and to the specific threat model.

The adherence of a good Security Culture comes from the collective feeling of ownership of that proposal, not from a checklist that someone wrote. It is also far better to explain the thinking behind the proposal, for new members that were not present.

Processes are evolving, they are not a “one time deal”. We cannot spend 2 days working on our Security Culture, drafting protocols and guides and then proceeding to the next task. Building a Security Culture means working constantly (as a collective) to address bad practices, find new vulnerabilities, and creating ways to get stronger.

Security is a collective care practices

Security is about many different things. It is about being able to build a better world, fighting state surveillance and being able to actually plan for a future and present. It is about protecting comrades and compas, not endangering them. It is about allowing at risk people to join you, while taking care of their needs.

Security is sometimes used as a way to either silence or shut-down people, we need to work on that. We cannot build a transformative Security Culture where Patriarchal behavior is used in justification of “Security”.

I recommend everyone to read the following article, it was written driven by an unfortunate situation but it is essential to read. It is Why Mysoginists Make Great Informants by Courtney Desiree Morris.

This is a learning space

As with most projects around security, this is a learning space for you and for the project. I (Larus Argentatus) don’t know everything, will make eventually mistakes and want to learn from them. I come from a specific Organizational Culture that might reflect on some of the things I write. At the same time, I try to read from other collectives and comrades that have developed strategies around Security and Building Security Culture. I want to learn about topics that I know and don’t know and I hope that you feel the same way.

Open-Sourcing Security

In software development there are two major approaches:

  • Open Source;
  • Proprietary / Closed Source;

The biggest difference between them is that in Open Source software anyone can check the code, build the application and discover security vulnerabilities, while with Proprietary software only the company developing the software has access (at least lawful access) to the source code.

Most of the Security related software and protocols are open-source for a simple reason, more people looking at the code generally means that security vulnerabilities are easier to detect and you do not have to necessarily trust the developers. 1

The same approach can be done with our Security Practices, security trough obscurity generally doesn’t work and you will be spending much more energy trying to keep it secret than actually protecting yourself / the collective.

As such, we will also recommend Open-Source Software that is actively maintained when reccomending software and new tools.

  1. On the other end of the spectrum, Proprietary Protocols are just seen by those that develop them, this obviously doesn’t work very well. You can look at the TETRA:BURST disclosure to see what happens when no one looks at a protocol besides the people that created it. ↩︎

security-101 security-culture surveillance

Situational Awareness

One of the main bases of good security is being aware of what surrounds us, and what is happening around us. It is the skill, built over time, that allows us to detect real time threats and act accordingly.

There are a plethora of exercises that can prepare you for common situations, even though you cannot always prepare for everything. Before going into the exercises, let’s do a quick theoretical introduction.

Physical Surveillance 101

Most of the physical surveillance happens for 3 general reasons:

  • Information Gathering (next steps for the movement, future actions, information about specific militants (address, work, close people and comrades), meetings and members of an organization,) - it is mainly used to understand who you are and what is the movement;
  • Intimidation - the thought/feeling of being surveilled might be enough to discourage whatever plans you have;
  • Process - the state might be following you to understand your schedules, to arrest you at a later time;

No matter what is the reason behind the surveillance, it is always essential to find the balance between continuing to act, taking precautionary measures and to not feel paranoid.

The general tips to be aware of your surroundings are:

  • Follow your Instinct - If you feel that something is wrong / out of place, even when you cannot pinpoint why, you should follow your instincts and get away from that situation (it might be a meeting you are going to that feels strange, the place where you are going to act that seems to have more police/security than when you scouted it…);
  • Being aware of your surroundings - In the common places of your life (home, university / workplace, movement spaces) try to memorize what exists there and find the things that feel out of place. Physical Surveillance has to start somewhere and these are some of the most common places to start.
    • Be aware of the people - People that seem out of place, people that are always there but don’t interact with you, people that appear in multiple places of your life (in front of your house, at work, in a leftist space) that you don’t know;
    • Be aware of the objects - Strange devices plugged into walls (Ears and Eyes is a really good project to present some of the surveillance technology being used against anarchist militants), cars and vans parked on the street regularly without anyone from your street/collective;
  • Create a communication plan - If you are being actively surveilled, how will you communicate to your companions what is going on?
    • With whom will you communicate?
    • What will you say?
    • Will you do it covertly? Is there a specific phrase that you can use to not raise suspicion?
    • What is your response plan? Do you have a burner phone (for example) to communicate with key people? What are your steps after understanding that you are being surveilled?

Situational Awareness (SA) is based on a cycle between:

  • Observe;
  • Decide;
  • Act;

This only works if you know what to Observe, what to Decide to be able to Act.

There is a collection of common Reactions on the page about Understanding Risks

Practical Training

Besides training for specific situations, you also need to train your own eyes to detect new information.

Some of these exercises come from Protest Games, a really interesting resource to find games and affinity building exercises for activists.

Observation Skills

Object Game

One simple exercise to get used to observing and memorizing information is:

  1. Someone gets 10-15 objects and lays them out on a table;
  2. They give you 1 minute to memorize the objects in that table;
  3. They cover the objects;
  4. You tell them as many objects as you remember;

The first few rounds might be hard and you might only get some of the objects, but with time your eyes and brain will start to get better at memorizing them.

After a while, you might also want to try to memorize the conditions of the objects (such as color, marks, maker…).

People “Memory” Game

This exercise is really useful to create a collective sense of “the surveillor”. It can be useful if multiple people feel that they are being surveilled and can describe the person, creating a clearer picture of who is watching and who is being whatched.

  1. One person picks an image of someone (might be a family member or a random picture from the Web);
  2. That person shows the picture to the group for a while (30 seconds to 1 minute);
  3. Each person from the group tries to write down a description of the person;
  4. You compare the descriptions between the group and then you show the image;

It is normal for people to notice different things, the main purpose of the exercise is to get you to notice on as many things as possible, and to be able to describe them clearly for other people.

Solo-Exercise - Peripheral Vision

Most of us walk looking at our screens, this creates a tunnel vision that will shorten what our eyes can actually see.

This is a simple exercise that you can do while waiting for someone, or while waiting for the train to arrive.

In order to be able to train your Peripheral Vision, you can:

  1. Without moving your head, scan your surroundings from left to right, covering mostly what is right in front of you;
  2. Describe what you saw;
  3. Refocus and try to go a little further to what is far away from you, and more to the side;
  4. Describe what you saw;
  5. Repeat this process as many times as you can, trying to always go further to the back and to the sides;
  6. When you get the hang of it, you can try to describe objects or people that only show up for a brief second on your side view;

Protest Scavenger Hunt

If you go to a protest with an affinity group but don’t plan to do anything besides being there, you can use that time to train your observational skills.

  1. In your group, decide who will be the “Treasure Finder”
  2. The “Treasure Finder” will have 10-15 minutes to go into the march, find signs and banners and note them down;
  3. The Scavengers will then write all of the “treasures” and try to take a picture of them (always ask for consent while photographing other demonstrators). You can also play this exercise without phones, noting down which treasures you found;
  4. Everyone gets back together and changes the “Treasure Finder”;

You can also play this game in other places, like at the Social Center’s party or in the street;

Commuting

One easy and quick exercise you can do daily is to try and memorize who is on your Public Transport commute regularly (extra points if you greet them and create solidarity with other members of our class).

You can always complexify your task, trying to memorize where they leave the bus or what bag where they carrying.

Little Brother

Taken directly from Protest Games

Your aim is to take covert photos or film of the other players. If spotted taking footage, you must stop immediately. For footage to count, a player must be recognisable in it – either by clothes or by facial features, according to mutual agreement.

Play for at least half an hour at any kind of protest. Limit each recording to less than ten seconds for practicality and battery saving. At the end of the time limit, compare footage.

The player who took the most footage wins the Cop Award.

The player who appears in the most footage wins the Mask Up Prize, and any players who appear in no footage win the Covert Award.

If you win both the Cop and the Covert Award, apply to your nearest government intelligence agency or infosec division.

Advanced Mode: Play for a week. Expert Mode: Never stop playing.

Exits and CCTVs

Another simple exercise that you can do most of the days, to train your Situational and Spatial Awareness is, while entering into a new building, memorize the Exit routes and try to find most of the CCTVs (this exercise is especially useful to train for Direct Actions).

Role-play

Role-playing might sometimes be useful to put yourself into new scenarios that you hadn’t thought before.

A simple exercise would be:

  1. In a group, one person presents the scenario;
  2. Everyone gets a role in the scenario;
  3. You do the scenario;
  4. Debrief, you talk about what happened, what could be different, what new thoughts came from the exercise;
  5. Optional - You might repeat this with new inputs, discovering new thoughts and practices;

Some of the scenarios you might want to role-play are:

Final notes

Most of these exercises, if done regularly, can improve your Situational Awareness by a lot. YOu should try to do them with comrades and share your progress and celebrate victories.

Be aware that different presenting people does not necessarily mean that an undercover operation is going on, and that someone “dressed as an activist” might be an undercover police/informant. This also applies to the way someone speaks (if they do not know the local activist lingo). You should, as an organizer, be aware that new people might need to adapt or not fit instantly. More resources on infiltrators will be shown especially on the Organizational Security section and on articles about Security Culture.

risk security-101 security-culture threat-model

Understanding Risk

Risk can generally be presented with the following formula:

$Risk=\frac{Threats \times Vulnerabilities}{Capacities}$

Where:

  • Risk is “the possibility of an event resulting in damage (psychological, legal, financial, personal, organizational, physical)”;
  • Threats are the “indication, suspicion or declaration of intention to create damage (psychological, legal, financial, personal, organizational, physical)”;
  • Vulnerabilities are the “factors that inhibit damage or that exponentiate the final result”;
  • Capacities are the “factors (*resources, technological capacities, mental state, support people and specific abilities) that mitigate the possibility of damage or reduce the impact of it”;

When talking about security measures, there are 3 major approaches/strategies, these approaches inform us on what we should focus on (based on the formula above):

  • Acceptance - focused in reducing threats, creating consensus in society about the work you are doing and negotiating with the other actors in society to neutralize those that might become enemies (reducing Threats);
  • Dissuasion - focused in intimidating threats, using legal, public relations or political repercussion to those that threaten your movement. This approach works mostly when you have power or strong allies;
  • Protection - focused on protecting your collective and actions, with a strong emphasis in Security Culture, functional and informed Operational Security and robust Organizational Security to deal with repression, surveillance and infiltration (improving Capacities);

In general, the strategy that we follow is the Protection strategy, even though that different moments, and specific actions might have a different strategy underlying it.

Reactions

One of the biggest necessities to understand when talking about Situational Awareness and Risk is how will you react (Decide) to what you observe. In general, there are 5 common reactions to threats:

Reaction Description
Freezing Stopping what you are doing, not knowing how to react, not knowing how to communicate with other people about the threat.
Ignoring Continuing your work without acknowledging the threat, belittle the threat, not acting.
Coping Mechanisms Being aware of the threat even though you don’t act against it. Using other ways to deal with it (ex. Alcohol).
Analyzing In the moment of the threat, being able to communicate and make space to analyze the situation with other members/comrades.
Calmness Before the threat, analyzing possible threats and creating Response plans to act upon if they materialize.

There are plenty reasons why someone might react, from the mental state, to energy in the moment, material conditions… including previous training, experience and preparations.

Tips for Analysis

To make it easier to understand the Analysis of a Threat, you can follow the following list: (This analysis might start as an individual practice and then be shared with the collective.)

  1. Why does this Threat exist?
  2. What is the history of similar Threats? (If you were ordered to go to court with an accusation, what happened to other activists that had that same accusation?);
  3. Who is affected by this Threat (are you going to meet with an affinity group? is it the whole collective? is it a specific group of people?…);
  4. What happens when the threat becomes real? (what is the impact? does an action collapse? will 10 people be arrested if “X” happens?);

Extra - You might want to think about resiliency and the Bus Factor (if you were run over by a bus today, what would happen to the tasks you have? are there other informed people that can make decisions and act on if you are missing?).

Final notes

Based on understanding Risks, Security Strategies and common Reactions, we purpose some exercises you might do (personally or in collective).

Risks Table

You might do a table like this for each action / task that you have. Afterward the people from the collective might share them and analyze them collectively, detecting common risks and necessities.

Example Table

Risks Vulnerabilities Existing Capacities Missing Capacities
Being Kidnapped Living Alone Good Home Security (alarms, fence, cameras) // Neighbors that are awake during the night // I have a place to stay if there is a high Threat Getting a guard dog // One person knows where I am trough the day // Creating the habit of communicating with one comrade twice a day to tell them I am okay
Arrest Fake Accusations I know my rights // I have a lawyer briefed and ready to act // My home and office do not have incriminating documents in case of searches after an arrest Memorize my lawyers number in case they apprehend my phone
Arrest Specific medical condition I have medication to deal with it Always carry the medication

Risk Matrix

Besides understanding the risks and what we might to if something happens, it is always to understand the actual probability of the risk to happen and the impact if that materializes.

To do that, we might use the Risk Matrix
Very High 🟩 🟨 🟨 🟥
High 🟩 🟩 🟨 🟥 🟥
Impact Medium 🟩 🟩 🟨 🟨 🟨
Low 🟩 🟩 🟩 🟩 🟨
Very Low 🟩 🟩 🟩 🟩 🟩
Very Low Low Medium High Very High
Probability

With the Risk Matrix done, we can understand and focus our energies on addressing the risks in top-right corner first, and then proceed to mitigate the other ones.

security-101 security-culture threat-model

Threat Modeling

We live in complex times (as most people that engaged in Radical Action lived). We live in times where change has to be done by us before everything changes against us.

The stakes are high, repression is expanding, not only on the physical realm, but also on the digital one.

Governments, fossil fuel companies and the far right mobilize against us and try to intimidate us.

That is why we must create good Threat Models to inform our security practices.

What is a Threat Model?

A Threat Model is an analysis tool that answers:

  1. What are we protecting;
  2. Why are we protecting it;
  3. From whom are we protecting it;

The what, why and from whom informs what do we need to do and sets up the bar for revolutionary discipline in our day to day life, concerning security.

It is a structured approach to identify and prioritize potential threats and creating useful and functional mitigations to neutralize those threats.

When doing a threat modeling, you should also take into consideration your current structure, how you communicate internally and how do you communicate to the general public.

Creating a Threat Model

Find time to do this collectively since the threat model is the analysis that justifies your security practices.

Threat modeling should be done before major actions for specific practices and threats, but you should also have a threat model for your collective / organization, it should be updated regularly and known by all the members.

When starting, you should begin from the inside out. Therefore, start by answering the what. Some of the main guiding questions around it are:

  • Are there meeting places that need to be kept hidden?
  • Where are the objects (speakers, banners, megaphones …) of the collective stored?
  • Are we trying to hide the identity of the members of the collective?
  • What are our next steps? Are they public?

Afterwards, to create common understanding on why there are security practices. collectively discuss why are you protecting that information, you might discover that some of it is critical, while other information is already public.

Using the input of the exercises from Understanding Risk (Risks Table and Risk Matrix) try to understand who would be able to turn those Risks into a reality. Those are the people that you are protecting from. It is advised to go as specific as possible (is it a Working Group from the Local Law Enforcment Agency? is it a specific Far-Right Organization, what is their common modus operandi?).