https://sudoroom.org/mediawiki/api.php?action=feedcontributions&feedformat=atom&user=The+DoctorSudo Room - User contributions [en]2026-04-27T16:47:27ZUser contributionsMediaWiki 1.37.2https://sudoroom.org/mediawiki/index.php?title=Cryptoparty/2014/March&diff=7926Cryptoparty/2014/March2014-04-24T19:43:28Z<p>The Doctor: /* Gratuitous Link Dump */</p>
<hr />
<div>This month's cryptoparty will take place on 16 March 2014.<br />
<br />
=Agenda=<br />
*Encrypting hard drive (Mac)<br />
*GPG Keysigning party + protocol<br />
*Step-by-step resources<br />
*OTR sessions keys<br />
*Encrypted email on phone<br />
**K9 for Android (sucks), and putting PGP keys on phone is not a good idea - though if you're not being targetted<br />
**Phones are just broken. Generally.<br />
*Mobile security (Redphone, TextSecure)<br />
<br />
=Workshops=<br />
*Hard drive encryption<br />
*Email encryption<br />
<br />
=Notes=<br />
*Outreach to other communities<br />
**Hold a cryptoparty at a mosque?<br />
**Infoshops<br />
*Upgrade Mac OS due to broken SSL certs<br />
**Do not store private key in iCloud!<br />
*Try out ChatSecure for XMPP<br />
*OTR generates ephemeral keys for each session<br />
*Tails auto wipe + shutdown when key is pulled<br />
*VPN to friendly jurisdiction --> VPN to Riseup --> Tor out of there<br />
**Can one go through Tor to the VPN?<br />
***Too slow<br />
*OpenShift gives out free SSH tunnels on demand<br />
*Keysigning party<br />
**[http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html HOWTO]<br />
**[http://herrons.com/keysigning-party-guide/ Keysigning Party Guide]<br />
**[https://en.wikipedia.org/wiki/Zimmermann%E2%80%93Sassaman_key-signing_protocol Zimmerman-Sassaman Keysigning Protocol]<br />
<br />
=Gratuitous Link Dump=<br />
*https://fixubuntu.com - <br />
*http://kernelconcepts.de/ - Purchase magcards and USB sticks for hosting your public key<br />
**[http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=42 OpenPGP Smartcard V2]<br />
***Generates and hosts up to 4096-bit PGP keys<br />
***Can store up to three (3) PGP keypairs<br />
***Can store login credentials in a separate datastore<br />
***User PIN must be entered correctly to encrypt or sign<br />
****Three failed attempts locks the card<br />
***Admin PIN must be entered correctly to unlock or edit card.<br />
****Three failed attempts fries the card<br />
***Standard smartcard formfactor<br />
***Contacts and chip can be punched out to form what is basically a [http://shop.kernelconcepts.de/images/opgpv2.jpg SIM card]<br />
**[http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=119 Gemalto Shell Token v2]<br />
***USB key form factor<br />
***Unlock, slide SIM card-punchout from smartcard in, relock<br />
***Works just like a smartcard plugged into [http://shop.kernelconcepts.de/product_info.php?cPath=1_26&products_id=124 a USB smartcard reader]<br />
**Works with GnuPG (gpg-agent), requires pcsclite, pcsc-tools, libusb, libusb-compat to operate.</div>The Doctorhttps://sudoroom.org/mediawiki/index.php?title=Cryptoparty/2014/March&diff=7925Cryptoparty/2014/March2014-04-24T19:32:00Z<p>The Doctor: /* Notes */</p>
<hr />
<div>This month's cryptoparty will take place on 16 March 2014.<br />
<br />
=Agenda=<br />
*Encrypting hard drive (Mac)<br />
*GPG Keysigning party + protocol<br />
*Step-by-step resources<br />
*OTR sessions keys<br />
*Encrypted email on phone<br />
**K9 for Android (sucks), and putting PGP keys on phone is not a good idea - though if you're not being targetted<br />
**Phones are just broken. Generally.<br />
*Mobile security (Redphone, TextSecure)<br />
<br />
=Workshops=<br />
*Hard drive encryption<br />
*Email encryption<br />
<br />
=Notes=<br />
*Outreach to other communities<br />
**Hold a cryptoparty at a mosque?<br />
**Infoshops<br />
*Upgrade Mac OS due to broken SSL certs<br />
**Do not store private key in iCloud!<br />
*Try out ChatSecure for XMPP<br />
*OTR generates ephemeral keys for each session<br />
*Tails auto wipe + shutdown when key is pulled<br />
*VPN to friendly jurisdiction --> VPN to Riseup --> Tor out of there<br />
**Can one go through Tor to the VPN?<br />
***Too slow<br />
*OpenShift gives out free SSH tunnels on demand<br />
*Keysigning party<br />
**[http://cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html HOWTO]<br />
**[http://herrons.com/keysigning-party-guide/ Keysigning Party Guide]<br />
**[https://en.wikipedia.org/wiki/Zimmermann%E2%80%93Sassaman_key-signing_protocol Zimmerman-Sassaman Keysigning Protocol]<br />
<br />
=Gratuitous Link Dump=<br />
*https://fixubuntu.com - <br />
*http://g10code.com/ - Purchase magcards and USB sticks for hosting your public key</div>The Doctorhttps://sudoroom.org/mediawiki/index.php?title=User:The_Doctor&diff=7701User:The Doctor2014-03-16T22:48:43Z<p>The Doctor: Cleaning up my profile.</p>
<hr />
<div>Crytography and privacy advocate. Jellyfish. Social activist. OSINT and OPSEC researcher and trainer, specializing in journalists and activists.<br />
<br />
Core developer, Projects Byzantium (http://byz.im/) and Exocortex (https://github.com/virtadpt/exocortex).<br />
<br />
Homepage: https://drwho.virtadpt.net/<br />
<br />
Bio: https://about.me/drwho</div>The Doctor