Difference between revisions of "Cryptoparty"
Peteforsyth (talk | contribs) |
(anony zebra) |
||
Line 1: | Line 1: | ||
[[File:Anonyzebra.jpg|thumb|frameless|'''Anony Zebra''', the official Cryptoparty mascot, protecting herself from [http://grevyszebratrust.org/stripe-recognition.html Stripe Recognition]]] | |||
=February 2014= | =February 2014= | ||
This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :) | This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :) |
Revision as of 18:41, 9 March 2014
February 2014
This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :)
Areas of Interest
- Mobile security
- Backups (especially photos)
- Cyanogenmod
- Threat Modelling
- VOIP
- Installing Linux
- Installing KeePass2, a password vault program
- Running DNSSEC
- Playing with alternative, secure email systems
- Chat/OTR on Android
- Image metadata
Agenda
- Intros and what you're looking to get out of this cryptoparty
- Why security is important
- Split up into groups:
- Mobile security
- Lastpass (password management)
- Threat modelling (eg; activists on the street)
Takeaways
- GPG
- Tails is hard to get running on my machine
- TextSecure is easy!
- Helped people set up secure chats, emails, and texting
- Great one-on-one conversations
- Learned a good deal about KeePass2 (and other variants like KeePassX) and got it running with help!
- Learned about F Droid - an app store for procuring APKs without going through Google Play
- Made a self-signed certificate and locked down CalDav
- Threat modeling - we're not much better prepared than we were with Occupy. As an iPhone user, I'm pretty screwed no matter what. Need to talk to lawyers re: handing over keys and such
- DNSSEC sucks! DNS is already terrible, but DNSSEC makes it worse! Clients don't use it, registrars don't accommodate it, and if you try to use it you're in for a headache.
- The latest version of Cyanogenmod forces you to use their cloud for your contacts, which now must be sync'd with a cloud.
- Suggestion: Cryptoparty Movie Night!
- Suggestion: Linux Install Parties
- Feedback: Splitting the group into "let's do this now" and general discussion was a great idea!
- Homemade vs. commercial Faraday cages for phones, and general physical security
- How to make this knowledge more palatable to the general public? Comics etc;
- Best cryptoparty yet! Folks came with specific questions; paired off really smoothly; no uber-techie debates taking place; specific tasks and breakout topics.
Gratuitous Link Dump
- LastPass for secure password management.
- F-Droid
- How to Use Enigmail with Thunderbird
- OpenPhoto (facilitates backing up photos to your own server)
- Frontline SMS
- AppOps - permissions for Android
VOIP Services
Custom Android ROMs
December 2013
The next Cryptoparty is Sunday, December 15th at Sudo Room from 2-5pm!
For this Cryptoparty, we will have handouts!
- Tools for Protecting Against Online Snooping
- Security Overview (work in progress, don't print)
- Minimum Security Requirements
Agenda
Presentations (rolling; starting at 2pm):
- History of Cryptography and Cryptoparties by Aestetix
- How They Get You: A Survey of Attack Surfaces / Privacy Vulnerabilities for Users by Yardena
- SecureDrop: An Open Source Whistleblower Submission System by Legind
Workshops (running in parallel):
- PGP / E-mail Encryption
- Browser plugins
- Tails for activists
- Metadata scrubbing
October 2013
NOTES FROM OCTOBER'S CRYPTOPARTY
The next Cryptoparty is Sunday, October 20th at Sudo Room from 2-5pm!
We'll be covering the following:
- Get feedback from attendees about who they are, what they're interested in and what they want to get out of the event on that day.
- Do introduction activity to have folks explain to each other who they are and why they're at cryptoparty
- Use human barometer to determine different viewpoints and clusters on controversial and relevant topics.
- Start with a basic introduction, accessible.
- with LIVE EXPLOIT?! :D - Traffic Analysis of the local network as a demo, making it explicit
- Workshop-based format, break into smaller groups.
- HTTPS + SSL - protocol layer
- Mobile Security / Whisper Systems - Redphone / TextSecure / Guardian Project
- Verifiable Builds: https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise
- SSL Primer & Perfect Forward Secrecy (Rhodey)
- Include a demo, in the browser, etc. Show visual queues
- Certificate Authorities & scramble.io / hashed.im
- Understand why CA is broken
- Can demo, explain why it's secure.
- Understand why CA is broken
- General OTR
- GPG
- Speed geeking
- Thunderbird with PGP
- Unconference-style project demos
- Key-signing party
- Invite folks to Aaron Swartz Memorial Hackathon
August 2013
the BAY AREA PUBLIC SCHOOL & sudo room
presents
- WHAT IS INFORMATION
LIVESTREAM
YouTube LIVE Stream http://youtu.be/x3V1xv9XoE0
Google Hangout https://plus.google.com/hangouts/_/691eaeb3b509844d46cf43c82af3e9ba4b37b6e1
Schedule
3-6pm: LIGHTNING TALKS, WALKABOUT, and DISCUSSION:
ADD 25 MINUTES TO ALL LISTED TIMES Thex 50.0.83.158 16:55, 31 August 2013 (PDT)
- (15:00) THREE PM Introduction
- Emerging Technologies of Oppression and Liberation
by David Keenan (Bay Area Public School)
- (15:15) THREE-FIFTEEN PM Understanding "Big Data"
- Andrew (engineer)
- (15:30) THREE-THIRTY PM WALKING INFOTOUR OF Oakland's NEW camera surveillance network / Domain Awareness Center
- Becky Hurwitz, Emi Kane, Sarah Reilly, Salima Hamirani (security activists)
- (16:10) FOUR-TEN PM Citizen Science: From Institutions to Community
- Craig Rouskey (SUDO GETit Project)
- (16:30) FOUR-THIRTY PM Creating a Network Commons: The Oakland Community Mesh Project
- Marc Juul and Jenny Ryan (SUDO Room)
- (16:45) FOUR-FOURTYFIVE PM Security Activism: What We Know Works, What We Know Doesn't, and What We Don't Know But Probably Should Know Better
- Danny O'Brien (Electronic Frontier Foundation/EFF)
- (17:00) FIVE PM PANEL DISCUSSION
- Moxie Marlinspike (Open WhisperSystems/RedPhone)
- Bill Budington (Electronic Frontier Foundation)
- and the other attendees! This will be amazing
8:00 till 11PM : Summer School week CLOSING PARTY! DANCIN'! DRINX! FEATURIN' DJ Public Frenemy (Liam O'Donoghue!)
[LINK TBD]
,gggg, ,88"""Y8b, I8 I8 d8" `Y8 I8 I8 d8' 8b d8 88888888 88888888 ,8I "Y88P' I8 I8 I8' ,gggggg, gg gg gg,gggg, I8 ,ggggg, gg,gggg, ,gggg,gg ,gggggg, I8 gg gg d8 dP""""8I I8 8I I8P" "Yb I8 dP" "Y8gggI8P" "Yb dP" "Y8I dP""""8I I8 I8 8I Y8, ,8' 8I I8, ,8I I8' ,8i ,I8, i8' ,8I I8' ,8i i8' ,8I ,8' 8I ,I8, I8, ,8I `Yba,,_____,,dP Y8,,d8b, ,d8I ,I8 _ ,d8' ,d88b,,d8, ,d8' ,I8 _ ,d8' ,d8, ,d8b,,dP Y8,,d88b,,d8b, ,d8I `"Y88888888P `Y8P""Y88P"888PI8 YY88888P8P""Y8P"Y8888P" PI8 YY88888PP"Y8888P"`Y88P `Y88P""Y8P""Y88P"888 ,d8I' I8 I8 ,d8I' ,dP'8I I8 I8 ,dP'8I ,8" 8I I8 I8 ,8" 8I I8 8I I8 I8 I8 8I `8, ,8I I8 I8 `8, ,8I `Y8P" I8 I8 `thex __ _ _______. ___ .___________. __ __ .______ _______ ___ ____ ____ ___ ___ ____ __ __ _ / \/ | / | / \ | || | | | | _ \ | \ / \ \ \ / / / _ \ / /|___ \ /_ | / \/ | |_/\__/ | (----` / ^ \ `---| |----`| | | | | |_) | | .--. | / ^ \ \ \/ / | (_) | / / __) | | | |_/\__/ \ \ / /_\ \ | | | | | | | / | | | | / /_\ \ \_ _/ > _ < / / |__ < | | .----) | / _____ \ | | | `--' | | |\ \----.| '--' | / _____ \ | | | (_) | / / ___) | | | |_______/ /__/ \__\ |__| \______/ | _| `._____||_______/ /__/ \__\ |__| \___/ /__/ |____/ |_| ___ ___ .__ __. _______ .______ .______ ______ ___ _______ ____ __ ____ ___ ____ ____ |__ \ |__ \ | \ | | | \ ___ | _ \ | _ \ / __ \ / \ | \ \ \ / \ / / / \ \ \ / / ) | ) | | \| | | .--. | ( _ ) | |_) | | |_) | | | | | / ^ \ | .--. | \ \/ \/ / / ^ \ \ \/ / / / / / | . ` | | | | | / _ \/\ | _ < | / | | | | / /_\ \ | | | | \ / / /_\ \ \_ _/ / /_ / /_ | |\ | | '--' | | (_> < | |_) | | |\ \----.| `--' | / _____ \ | '--' | \ /\ / / _____ \ | | |____| |____| |__| \__| |_______/ \___/\/ |______/ | _| `._____| \______/ /__/ \__\ |_______/ \__/ \__/ /__/ \__\ |__| .__ __. _______ ___ .______ __ ___ _______..___________. .______ ___ .______ .___________. | \ | | | ____| / \ | _ \ /_ | / _ \ / || | | _ \ / \ | _ \ | | | \| | | |__ / ^ \ | |_) | | | | (_) | | (----``---| |----` | |_) | / ^ \ | |_) | `---| |----` | . ` | | __| / /_\ \ | / | | \__, | \ \ | | | _ < / /_\ \ | / | | | |\ | | |____ / _____ \ | |\ \----. | | / / .----) | | | | |_) | / _____ \ | |\ \----. | | |__| \__| |_______|/__/ \__\ | _| `._____| |_| /_/ |_______/ |__| |______/ /__/ \__\ | _| `._____| |__|
From David Brazil via Archives: http://lists.sudoroom.org/pipermail/sudo-discuss/2013-August/003476.html
[sudo-discuss] THIS SATURDAY, 8/31 : WHAT IS INFORMATION + DANCE PARTY @ 2141 ! (SUMMER SCHOOL 2013)
Dear Friends :
Please join us for the culminating session of SUMMER SCHOOL 2013 at the BAY AREA PUBLIC SCHOOL (2141 Broadway) :
WHAT IS INFORMATION (co-presented with Sudo Room)
an all-day session on information, privacy, surveillance & resistance !
We hope you will join us for what we expect to be a tremendous event !
Love & solidarity -- David Brazil (for the Summer School organizing committee)
From Jenny via Archives: http://lists.sudoroom.org/pipermail/sudo-discuss/2013-August/003471.html
[sudo-discuss] Cryptoparty + Lightning Talks, this Saturday at Sudo Room!
The last day of the Bay Area Public School / Sudo Room's weeklong Summer School program, Information Day kicks off with a 3-hour Cryptoparty starting at 12pm. We'll be showing people how to run Tor (anonymous browsing), set up private and public keys for authentication, use encrypted chat, and secure their phone calls. All skill levels welcome!
We'll conclude the evening with free drinks and dancing!
Sudo Room is located at 2141 Broadway St, two blocks from the 19th St Oakland BART. Curl left around the corner at 22nd - the entrance is on 22nd St. We'll be running from 12-6, so drop in anytime. Flier attached.
Come and party like it's 1984! :P Jenny
Ways To Volunteer For Non Coders
Translation Efforts:
- https://www.transifex.com/projects/p/Cryptocat/
- https://www.torproject.org/getinvolved/translation-overview.html.en
- https://tails.boum.org/contribute/how/translate/
- https://www.transifex.com/projects/p/torproject/resources/
Art:
- https://www.torproject.org/getinvolved/volunteer.html.en
- https://tails.boum.org/contribute/how/graphics/
Writing (documentation + press releases):