Cryptoparty/2014/March
This month's cryptoparty will take place on 16 March 2014.
Agenda
- Encrypting hard drive (Mac)
- GPG Keysigning party + protocol
- Step-by-step resources
- OTR sessions keys
- Encrypted email on phone
- K9 for Android (sucks), and putting PGP keys on phone is not a good idea - though if you're not being targetted
- Phones are just broken. Generally.
- Mobile security (Redphone, TextSecure)
Workshops
- Hard drive encryption
- Email encryption
Notes
- Outreach to other communities
- Hold a cryptoparty at a mosque?
- Infoshops
- Upgrade Mac OS due to broken SSL certs
- Do not store private key in iCloud!
- Try out ChatSecure for XMPP
- OTR generates ephemeral keys for each session
- Tails auto wipe + shutdown when key is pulled
- VPN to friendly jurisdiction --> VPN to Riseup --> Tor out of there
- Can one go through Tor to the VPN?
- Too slow
- Can one go through Tor to the VPN?
- OpenShift gives out free SSH tunnels on demand
- Keysigning party
Gratuitous Link Dump
- https://fixubuntu.com -
- http://kernelconcepts.de/ - Purchase magcards and USB sticks for hosting your public key
- OpenPGP Smartcard V2
- Generates and hosts up to 4096-bit PGP keys
- Can store up to three (3) PGP keypairs
- Can store login credentials in a separate datastore
- User PIN must be entered correctly to encrypt or sign
- Three failed attempts locks the card
- Admin PIN must be entered correctly to unlock or edit card.
- Three failed attempts fries the card
- Standard smartcard formfactor
- Contacts and chip can be punched out to form what is basically a SIM card
- Gemalto Shell Token v2
- USB key form factor
- Unlock, slide SIM card-punchout from smartcard in, relock
- Works just like a smartcard plugged into a USB smartcard reader
- Works with GnuPG (gpg-agent), requires pcsclite, pcsc-tools, libusb, libusb-compat to operate.
- OpenPGP Smartcard V2