I recently volunteered to teach an “intro to mobile security” class, in-person, at a local shul (Jewish prayer/study space) in my rural, aging community. I’m going to do one class for activists and one for the general public. I know I want to end with a list of privacy-friendly alternatives and habits, but I’m kinda stuck getting started. How do I introduce this topic, especially to older folks? Links, resources, personal thoughts welcome. Lmk if you don’t want to be credited.
A good start would be ‘how to develop a threat model’. There are very useful guide about it like the one written by EFF.
Security planning helps you to identify what could happen to the things you value and determine from whom you need to protect them. When building a security plan answer these five questions:
- What do I want to protect?
- Who do I want to protect it from?
- How bad are the consequences if I fail?
- How likely is it that I will need to protect it?
- How much trouble am I willing to go through to try to prevent potential consequences?
About Android’s security;
I’d never heard of the EFF until now, what a great resource! They’ve got a whole section for educators
I’m taking a intro cyber security class at Helinski U mooc, and those questions are almost verbatim from our week one class! Guess i am learning correctly!
Only problem is… They aren’t security planners.
Make the threat model for them with your experience as a baseline for them. Perhaps some of them will expand from there but make it easy for them
For older people, a password manager is a must. With their ageing brain, it gets way harder to remember things. I got my my parents to use bitwarden, and now I don’t need to reset their passwords anymore. Cloud sync helps them use them on all their devices too.
Unlock the password manager with fingerprint and everything is safely stored. No need to remember password/PINs and codes.
OK, yeah! I generally warn against biometrics and cloud storage for activists, but they’re probably a very good idea for older non-activists.
Not to be a downer…but can one be private on a mobile device? I’m older (and if in your area, probably a target participant, sorry that I can’t actually help) but, my understanding is that mobile would be impossible to be private due to constant triangulation etc.
Right, I’m definitely gonna cover that. There are ways to limit triangulation and the amount of data that can be collected, but you’re correct: the best mobile device security is not having one. The subtitle of the class is going to be, “a 101 for people who need phones,” so I will be working on the assumption that getting rid of the phone is not a viable precaution. (Also, my co-presenter is also an older person, so don’t sell yourself short!)
Threat model guide https://lemmy.ml/post/34223
Smartphone hardening guide https://lemmy.ml/post/54596
I hope this helps.
Awesome, thank you!
I don’t have much experience with browsing on smartphones, but the basics (like using a (hopefully) privacy-friendly search engine, avoiding Facebook and the rest, deleting cookies, etc.) are worth mentioning. If they’re ~completely new to the Internet, it might be useful to mention things like email scams.