Quick DFP Guide

A fast reference for essential privacy and security tools. For the full guide, see the Digital Force Protection Guide.

Privacy Resources

Guides & Documentation

Communities

Privacy & Security Tools

Pre-Browsing Checks

Verify your configuration before sensitive activities:

DNS / IP Leak Test - Confirm your location is masked
Cover Your Tracks (EFF) - Check browser fingerprinting
Browser Cookie Tester
InAppBrowser - Test in-app browser privacy
AdBlock Test - Verify ad blocking

Password Managers

Recommended:

Manager	Platforms	Notes
Bitwarden	iOS \| Android \| Desktop	Cloud sync, open source
KeePassXC	All Platforms	Local storage, open source

Avoid:

LastPass (multiple security breaches)

Multi-Factor Authentication (MFA)

Best (Hardware):

YubiKey Security Key - Hardware U2F is most secure

Good (App-based):

2FAS - iOS | Android | Browser
OTP Auth - iOS
Aegis - Android

Avoid:

Authenticator	Why
SMS	Vulnerable to SIM-jacking attacks
Authy	Requires phone number, not open-source
Google Authenticator	Cloud sync is not end-to-end encrypted

VPN

Top VPNs for privacy:

VPN	Key Features
MullvadVPN	No email needed, accepts cash/crypto, proven privacy record
iVPN	No logging, transparent policy
ProtonVPN	Free tier available, proven privacy record

VPNs to Avoid:

ExpressVPN
PIA VPN
CyberGhost
Zenmate

These are all owned by KAPE Technologies, which has questionable privacy practices.

Secure Messaging

App	Best For	Phone # Required?
SimpleX	Most private — PREFERRED for protests	No
Signal	General secure messaging	Yes
Element	Decentralized, Matrix protocol	No

Why SimpleX for protests:

No phone number = no identity link
Works on wifi-only devices (kids’ tablets, old phones)
Multiple profiles for different contexts
Decentralized — harder to shut down or surveil

Secure Browsing

Browsers:

Firefox with privacy extensions
Tor Browser for anonymity
Brave for everyday privacy

Essential Extensions:

uBlock Origin (ad blocking)
Privacy Badger (tracker blocking)
HTTPS Everywhere (force encryption)

Critical: Anti-Surveillance Settings

Quick Security Checklist

Phone

PIN/password lock (not biometrics)
Notifications hidden on lock screen
Location services disabled when not needed
2G disabled (critical for anti-surveillance)
SimpleX or Signal installed and configured

Accounts

Unique password for each account
Password manager in use
MFA enabled on important accounts
Recovery codes stored securely

Browsing

VPN active
Private/incognito mode for sensitive searches
Ad blocker enabled
Cookies cleared regularly

Communication

SimpleX for protest coordination (no phone number required)
Signal for general secure conversations
No sensitive info over SMS/regular calls
Aware of who can see your messages
SimpleX set up on family members’ devices (works on wifi-only)

Emergency Actions

If You Feel Unsafe or Are Being Surveilled

Power off your phone immediately — This is your best defense
Powering off forces passcode on restart (no biometric bypass)
A powered-off phone cannot be tracked or remotely accessed
Leave the area if safe to do so

If Phone May Be Compromised

Power off immediately — Do not try to investigate while it’s on
Remove SIM if possible
Do not unlock or use until assessed
Change passwords from a different device

If Phone May Be Seized

Power off NOW — This is critical
Do NOT unlock it for anyone
Say “I do not consent to a search”
A powered-off phone is much harder to extract data from

If Account May Be Compromised

Change password immediately
Revoke all active sessions
Check for unauthorized access
Enable/reset MFA

For more detailed guidance, see the full DFP Guide.