Cryptoparty/2014/February
Revision as of 21:25, 13 March 2014 by Tunabananas (talk | contribs) (Moved February 2014 cryptoparty notes to their own page)
This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :)
Areas of Interest
- Mobile security
- Backups (especially photos)
- Cyanogenmod
- Threat Modelling
- VOIP
- Installing Linux
- Installing KeePass2, a password vault program
- Running DNSSEC
- Playing with alternative, secure email systems
- Chat/OTR on Android
- Image metadata
Agenda
- Intros and what you're looking to get out of this cryptoparty
- Why security is important
- Split up into groups:
- Mobile security
- Lastpass (password management)
- Threat modelling (eg; activists on the street)
Takeaways
- GPG
- Tails is hard to get running on my machine
- TextSecure is easy!
- Helped people set up secure chats, emails, and texting
- Great one-on-one conversations
- Learned a good deal about KeePass2 (and other variants like KeePassX) and got it running with help!
- Learned about F Droid - an app store for procuring APKs without going through Google Play
- Made a self-signed certificate and locked down CalDav
- Threat modeling - we're not much better prepared than we were with Occupy. As an iPhone user, I'm pretty screwed no matter what. Need to talk to lawyers re: handing over keys and such
- DNSSEC sucks! DNS is already terrible, but DNSSEC makes it worse! Clients don't use it, registrars don't accommodate it, and if you try to use it you're in for a headache.
- The latest version of Cyanogenmod forces you to use their cloud for your contacts, which now must be sync'd with a cloud.
- Suggestion: Cryptoparty Movie Night!
- Suggestion: Linux Install Parties
- Feedback: Splitting the group into "let's do this now" and general discussion was a great idea!
- Homemade vs. commercial Faraday cages for phones, and general physical security
- How to make this knowledge more palatable to the general public? Comics etc;
- Best cryptoparty yet! Folks came with specific questions; paired off really smoothly; no uber-techie debates taking place; specific tasks and breakout topics.
Gratuitous Link Dump
- LastPass for secure password management.
- F-Droid
- How to Use Enigmail with Thunderbird
- OpenPhoto (facilitates backing up photos to your own server)
- Frontline SMS
- AppOps - permissions for Android