➡ In case of an emergency, it’s important to have a communication plan that doesn’t leave a digital trace. This can be achieved by using techniques like the “dead drop,” a method used by spies during the Cold War, but adapted for digital use. Avoid using phones, the internet, and digital payments, as these can reveal your location. Instead, use a Linux computer, a de-Googled phone, cash or crypto for payments, and be aware of facial and voice surveillance to maintain privacy.
➡ To protect your privacy, use a laser-listening device to monitor sounds inside your house, secure your Wi-Fi with a VPN, and manage your passwords with a tool like KeyPass. You can use KeyPass to store not just passwords, but also notes, contact info, and secret messages. If you need to share sensitive information, you can upload an encrypted KeyPass file to a secure internet site that doesn’t require two-factor authentication, like Braxmail. For ongoing secure communication, use the Session app, which hides metadata and doesn’t require a phone number.
➡ This text talks about using a Brax virtual phone for secure communication, which doesn’t leave a record of calls and isn’t tied to cell towers. It suggests using a VPN for location privacy and Tor for added security. The author also mentions their products like the Brax 3 phone, Brax Mail service, and Brax Router VPN, which are designed for privacy. They thank their community of over 100,000 people who discuss privacy issues daily.

In an emergency, do you have a plan in place so you can communicate if you needed to go off-grid? Think of this as more of a prepper project, so you can use it for privacy learning. You don’t actually need to think you’ll be off-grid. A couple of years ago, I made a video titled, How to Escape Like Jason Bourne. I thought it would have made an interesting series, but apparently my viewers thought otherwise and it did not get a lot of views. What is interesting in that scenario was that the protagonist, Jason Bourne, had to go out of town quickly and without warning and there was no time to communicate with family.

And in the early stages, the main problem was that he needed to talk to family to get funds and get help. Well, as that video shows, if you watch it, Jason fails over and over because just about every normie channel of communication is being watched. He tries multiple ways to reach his wife and he constantly fails. And the reason he fails over and over is that there was no pre-established way to communicate. He needed to have planned like a proper and have a method established in advance. My premise here is to plan a way of communicating that does not create metadata.

Thus, any kind of surveillance even by three-letter agencies will not suggest that a communication was made. So I will teach you an example method. You could use this as a framework for what to do. The basis of this is covert tradecraft and the starting technique is called the dead drop. In other words, this is a technique used by spies. So if they think it is effective, we should learn how to do it too. Are you interested? This could be a fun exercise. Even if you’re not expecting to use this, it is actually a lesson in privacy since you can learn how governments might find you.

Stay right there. The dead drop was a covert method that was used quite extensively during the Cold War to pass information, instructions or objects like film between agents. The idea of a dead drop was that it does not use face-to-face communications. The technique is based on having pre-arranged locations and a signal was sent that a drop needed to be picked up. The signals are subtle and common so that no one suspects anything unusual. For example, there could be gum on a lamppost, a chalk mark or a particular car is positioned differently. Then one agent drops the package in the dead drop.

For example, a hole in a concrete wall and then later without any physical encounter, the second agent will pick up the package. This is what I want to emulate as a model for establishing a line of communications, but to do it digitally. So we will teach Jason a few technological tricks so he can emulate this dead drop digitally. But first, Jason needs some basic guidance. There are behaviors we perform in normal life that will zuck you in a big way and reveal your location quickly. So here are some big red flags to be aware of. Number one, no phones, no phone calling, no SMS.

It should be obvious that any phone call is logged into the PSTN, the Public Switch Telephone Network, and every SMS text message has a copy kept by the government. So this may be redundant information, but it needed to be stated upfront. Jason alone carrying a phone could be subject to cell tower triangulation, Wi-Fi triangulation, and on an iPhone, location tracking even with the phone off. Also with a regular phone, locations are tracked in the Google sensor vault, so a history of locations can be pretty easily acquired by the government. So Jason has to drop his phone in the garbage, hopefully not near where he intends to be.

Number two, no burner phone. Jason must not purchase a burner phone to call his wife. This will fail. The reason is that the authorities will simply wiretap all the phones of the people Jason knows. How do they do this? Very easily. They look at the records of Jason’s calls historically in the PSTN. A history of all calls has been passed to the NoSuch Agency for a long time using the prison program that Snowden already revealed. In addition, additional databases make this available to every law enforcement officer via the FBI DCIS database. If an unknown phone number calls Jason’s wife, then that metadata will already reveal that it’s Jason calling, especially if the call is not a short wrong number kind of call.

The authorities would also quickly know it is a burner phone and then the approximate location will already be known since it would be cell tower triangulated. So the police would know it’s a small area, maybe one half mile square or less. Number three, no car. Maybe Jason uses the burner phone to tell his wife where to meet him. So if the wife takes her car to the location, well it should be a simple matter for authorities to put a tracker on the car, even an air tag, and they will follow her. But for both Jason and his wife, the streets of large cities like Los Angeles have license plate readers everywhere.

There’s a ton where I am. Then the streets here also have cameras that gives tickets out using facial recognition. So driving around in a known car is a big no-no. Number four, no talking on the internet. The most obvious methods, of course, would be to use apps like Signal because you think you have end-to-end encryption. However, the new AI See What You See technology would allow authorities to see what you see and interrogate your computer’s AI. So any new device using Windows, macOS, iOS, Google, Android could be subject to client-side scanning. The only devices that would be safe would be those using Linux and a de-Googled OS, or some old version of those popular OSes.

It should also be obvious that a public presence on social media is a big no-no. Many of these apps will track your location. Number five, no credit cards, no PayPal, no Venmo. Any kind of digital payment will automatically signal where you are to a government. The transaction will indicate the vendor, and that vendor could be where you just tried to purchase a burner phone, a store with a surveillance camera. So just like in the movies, you can use these. Fortunately, because we’re here to have fun, we can pre-plan our escape plan and there are certain strategic technologies that have to be in place ahead of time.

Number one, Linux OS 4. For Jason’s wife, there has to be access to a Linux computer in the house. Preferably, it should be a device that’s commonly used because a sudden change in device during a crisis is metadata that shows some pattern. So let’s say that Jason’s wife is using a Windows computer. Perhaps it can be configured as a dual-boot computer so it can be started with Linux. For this exercise, you do not want to run Linux in a virtual machine. And the reason is that the new See What You See technology or client-side scanning can see the screen and can see the Linux window from the host windows or Mac OS.

So it should be running standalone Linux. Number two, the Google phone. For Jason, it would be really handy if his daily driver phone is running a de-Google OS phone like a Brax 3. Here’s why. These phones do not report location to any party so the threats of a Google sensor vault does not exist. Next, to neutralize the cell tower triangulation, just remove the SIM card and throw it away. In fact, I would not use a SIM card in it from then on. Wi-Fi only from there. Then the phone will actually be safe. Number three, cash and crypto.

You will need cash to make quick moves so it should always be critical to carry a large enough sum of money for emergencies. Nowadays, the average young person will not even carry 10 bucks. It is an essential part of prepping to change this bad habit. If you’re even smarter, you would have cash stashed secretly away elsewhere so you can get some in case of an emergency. It can’t be at your house since you should expect your house to be surveilled. The easy alternative is to have some amount of Bitcoin available to you. While it is hard to spend large amounts of Bitcoin online, small amounts are still doable and can keep you surviving.

Number four, countering facial recognition. Unfortunately, you do not even have to verify your face in front of a camera to avoid facial recognition. There are too many cameras around, including even being in the background of a photo taken for social media. So the solution is to have new habits, have sunglasses, a hat, and in winter, perhaps a scarf. Just some quick way to change your appearance. Or a face mask to make people think you have COVID. Number five, voice surveillance. Jason and his family needs to be aware of the possibility of voice surveillance.

For example, Alexa Echo devices should be eliminated. In emergencies, everyone in the family should be aware that TVs can be turned into microphones and someone can listen in. And you better dump your ring cameras. There is a laser-listening device that can be pointed at glass windows from outside and it can be used to listen to sounds inside a house. The laser picks up sound vibrations. Number six, VPN. I would also be aware that a powerful opponent can easily hack your Wi-Fi and be on your network. So you have to almost assume that your house could be like a public network.

The solution is to put all your devices on a VPN. Or to simplify it further, put your entire network on a VPN router. The VPN encrypts the traffic so even someone on the local area cannot intercept it. Number seven, password manager. I leave this for last, but this will actually be key. You need to learn to regularly use a password manager because later this is what we will use as the dead drop package. Later I will explain why this is actually a pretty easy way to get sophisticated without having to learn complicated tricks. The dead drop procedure.

Number one, the package. The first tool in our dead drop arsenal is the password manager database, which will be our drop package. For this example, I will use the password manager KeyPass XC. For Android, look for a version called KeyPass to Android. So I advise that you install this on all your computers and phones. Most will have the capability to work with KeyPass in some way. KeyPass keeps its credentials in a database file with a KDBX extension. The interesting thing about a KeyPass KDBX file is that it is completely encrypted and the key is based on your master password.

Assuming your password is sufficiently long, like 12 to 15 characters with upper, lower numbers and special characters, then it should be pretty uncrackable in our lifetimes. Now here’s the other interesting detail. While KeyPass is used primarily to store passwords, there is absolutely no reason you can use it to keep any information you want. You can use it to keep notes, give instructions to family, keep crypto seeds, give secret contact info, etc. So our premise is that we will use a password manager to pass ultra-secret messages. Again, when you save your entries in KeyPass XE, it saves it to a database KDBX.

You could create a separate KDBX file for emergency use, or you could put your instructions in your regular password manager. And hopefully your family will know how to get into your password manager. So discuss this in advance. Here’s another interesting detail. You really don’t have to be afraid of putting a KDBX file somewhere on the internet because it’s unhackable anyway. But you don’t want to be obvious with this either by putting it in Google Drive or by passing it as a Gmail attachment. Remember that Google Drive and Gmail are tied to a Google ID which is attached to you.

The other thing about a password manager is that it is in common use. So if you’re always using a password manager, then there wouldn’t be any metadata suggesting some new behavior. Secondly, password is protected in the US by the Fourth Amendment. You definitely cannot be required to reveal it to anyone. The dead drop site. The idea of a dead drop site is that it should be easily accessible by all. For example, Jason is running around somewhere possibly without a computer or even a phone. So there may not be access to advanced technological tools or to do anything sophisticated.

He may even be forced to use a normal phone though without a SIM card as his computer. So Jason and his wife needs to first establish basic communications without getting too sophisticated. My recommendation is to put instructions for the first dead drop site in their regular password manager database itself. So think ahead now and plan it and then put it into effect. You need to find some internet site that will allow you to upload a file. The site must not require two-factor authentication since Jason will not have a SIM card nor access to any other account and the account should not expire.

One potential easy solution is if you have some webmail based email account. For this example, I will use Braxmail. Braxmail can be accessed directly from a browser and unlike Gmail, it will never force you to give two-factor authentication. Then what I would do is to create a message to yourself as I show here. Let’s see how we can use this. And then the message will have an attachment and the attachment will be the password manager KDBX file. Now instead of sending this, I will just leave the message in the draft folder by saving it.

This then will be our starting point. This KDBX file can be downloaded from any location and can be the packaging for the drop. The drop. In an emergency, the first thing I would do as Jason then would be to download the KeePass file and open it on my device. Then I would edit the emergency entry I made on the password manager file and then I would pass the new message I want. For example, I can explain what has happened and what you intend to do and what your immediate needs are. Then I would upload that same KDBX file up to the draft folder again.

Let’s create a sample scenario here on KeePass XC. I will create a new mail and then include the KDBX file as an attachment and then I will hit save and not send. The pickup. Assuming your wife has read the emergency instructions in the password manager file before, she will know how to read it again when you turn up missing and then she can log in to the webmail of the same email address. So both you and your wife will access the same email account. But neither of you will mail out any new mail.

Just so you know, any new message on email will be easily detected if that email is being tracked. But if no external mail is sent, like that being saved in a draft folder, then there is no danger. If you accidentally email the message to yourself instead of saving it to draft, no danger as intradomainmail does not leave the server. So your wife should see a new updated draft message in the draft folder. This she can then download and open up on her hopefully Linux device and then read the emergency entry using KeyPass XE.

Variants. Now I want to make clear that a variant to this method was used by General Petraeus back in the day when he was having an affair. They used to pass messages to each other using the email draft method. But in this case we don’t have any readable message since the only thing being uploaded is an encrypted password manager database. So our approach has more deniability. Here’s a variant I want to introduce though. The idea is that the account should not be obvious. What I don’t like about the email method is it’s obvious since it would be tied to your family’s purchases.

The more obscure way but requires a little bit more training is to set up a pseudo anonymous account on social media and upload a file there. Again using services I run I will use Braxme as an example though you can really use any platform that accepts a file to upload as long as they allow a pseudo anonymous identity and no 2FA. On Braxme you can set up a free account. It’s there forever and you can upload a file to your My Files folder. Assuming you’re using Tor or a VPN to access the platform then no one should know who the account belongs to even from metadata.

All you have to do is to put the login information with that username and password and the platform. And in this example Braxme will be the drop location in the password manager emergency notes. And you can then pass a new file upload on that account when needed. If you want to be more obscure you could rename the file from database.kdbx to database.bin or something. So at least it wouldn’t be obvious what it is. But this could add complexity and depends on how techie your family is. Next step. Next once the communication is established I would actually switch communications to another method.

And if the equipment allows it I would recommend the Session app. Session is excellent for communications by whistleblowers for example. It is an end-to-end encrypted app that I’ve been recommending as better than Signal. You can’t use Signal if you’re on the run without a SIM card. But Session does not require a phone number and it works on all operating systems. The unique thing about the Session app is that it is the best I’ve found at hiding metadata. For me the Session communications occur over an onion routing network like Tor. Session uses the LokiNet network. And no identifiers are used that can imply who the parties are in a conversation.

So for a permanent method I would have more complex conversations on Session. You can pass the initial Session ID in the keypass password manager in the original drop and then you can continue talking in a more secure way after that. You can even keep deleting Session when you want it hidden and then reinstall it when you want to. That’s a good technique for example if traveling abroad. Nothing on the phone to compromise you. Virtual phone. I’ll mention this on the side as being relevant here. If you have a Brax virtual phone account it can be called by another SIP device directly without going through the PSDN.

It’s basically like extension to extension calling. I have a video demonstrating this. So between two Brax virtual phone accounts quiet communication can occur. And because it’s not tied to cell towers there is no side location. A VPN should be sufficient protection to hide locations and even encrypt traffic. There should be no record of the call just like there is no record of calls doing extension to extension calling in an office. Using Tor. While Jason’s wife is just fine using a VPN at home, Jason himself should stick mostly to using Tor. A quick Tor browser can be used on Brave using the Tor Window option.

On Android you can use the app called Orbot. For someone on the run Jason would be like Snowden and Snowden has stated that he uses Linux Tails OS which communicates over Tor. As I suggested I’m not necessarily expecting any of my followers to be on the run but it is important prepper knowledge to have ahead of time. It also informs you of techniques that show where privacy breaches are and how to evade them. Folks, this channel is supported solely by this community. Thank you to those that support us on Patreon, locals and YouTube memberships. I don’t acknowledge you publicly for privacy reasons but you are appreciated.

Most of you support us by using our products and services. Our most recent product is the Brax 3 phone which will be available shortly. This phone is invisible to Big Tech and is a primary privacy tool. It is available on indiegogo.com for now and later on Braxtech.net. We have other products that are available on our store. The key one is the Brax Virtual Phone. You can have multiple numbers that require no ID or KYC. We have the Brax Mail service which allows for unlimited aliases and many obscure domains. We have ViteVPN and the Brax Router VPN and Tor Router.

All these products are on our store on BraxMe. Join the over 100,000 people who are part of our community and talk about privacy issues daily. Thank you for watching and see you next time. [tr:trw].

See more of Rob Braxman Tech on their Public Channel and the MPN Rob Braxman Tech channel.