Tor for Dissidents: Digital Safety in Authoritarian Environments

State surveillance in authoritarian countries typically includes: legal authority to access all domestic internet provider data, deep packet inspection at national network gateways, social media monitoring with facial recognition linking accounts to identities, mobile phone tower data providing location history, physical surveillance and informant networks, and device seizure with compelled password disclosure under legal or extralegal pressure. Tor addresses the network surveillance component by encrypting traffic and routing through relays outside national territory. It cannot protect against device seizure (mitigated by encryption and Tails OS), physical surveillance (mitigated by operational security), or social informants (mitigated by need-to-know information sharing).

Direct Tor connections are blocked in many authoritarian countries. Bridge type selection should match the specific national filtering system. obfs4 is effective against most national filtering that targets Tor's standard TLS fingerprint. Snowflake (WebRTC-based) is effective against countries that cannot block video conferencing infrastructure without major business disruption. WebTunnel is effective against sophisticated DPI that can identify obfs4's traffic patterns in some countries. For China, Iran, and Turkmenistan - countries with the most sophisticated censorship - prioritize Snowflake or WebTunnel, using multiple bridge types as fallback. Request bridges from organizations like Access Now (accessnow.org/help) which maintain private bridge pools for high-risk users in priority countries.

Device configuration for high-risk dissident use should prioritize: full disk encryption (FileVault on macOS, BitLocker or LUKS on Windows/Linux) to protect data on device seizure, strong unique device passcodes (not biometric which can be compelled), Tails OS (amnesic live USB) for the most sensitive activities, regular secure deletion of sensitive files not needed for ongoing work, and separate devices or user accounts for different risk-level activities. Never use devices linked to real-name accounts (work computers, family devices) for dissident activity. Treat every device as potentially seized at any time - maintain operational security even when the risk seems low.

Dissident communication networks must minimize exposure through operational security. Use Signal with disappearing messages (1 week maximum) for organizing communications. Verify Signal safety numbers in person with key contacts to prevent man-in-the-middle attacks by state intelligence. Use Briar for communications that work even when internet is partially disrupted (Briar can use Bluetooth and WiFi direct). Use Tor Browser for all external information access. Avoid using real names in communication group membership - use established pseudonyms that do not link to other identities. Compartmentalize: participants should know only what they need for their specific role, limiting damage if any individual is compromised.

International border crossings present acute device security risks. Many authoritarian countries require device passwords at border checkpoints. Prepare for border crossings: back up essential data to encrypted remote storage before travel, factory reset devices or use clean travel devices with minimal data, restore from backup after arrival in safe territory. For emergency erasure: enable remote wipe capability before crossing (Apple Find My for iPhones, Google Find My Device for Android, or third-party solutions for other devices). Memorize a few key contacts' communication details rather than storing in addressbook. After crossing into safer territory, assess whether devices may have been compromised during inspection and take appropriate precautions.