Cryptoparty/2014/March

From Sudo Room
Revision as of 11:43, 24 April 2014 by The Doctor (talk | contribs) (→‎Gratuitous Link Dump)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This month's cryptoparty will take place on 16 March 2014.

Agenda

  • Encrypting hard drive (Mac)
  • GPG Keysigning party + protocol
  • Step-by-step resources
  • OTR sessions keys
  • Encrypted email on phone
    • K9 for Android (sucks), and putting PGP keys on phone is not a good idea - though if you're not being targetted
    • Phones are just broken. Generally.
  • Mobile security (Redphone, TextSecure)

Workshops

  • Hard drive encryption
  • Email encryption

Notes

  • Outreach to other communities
    • Hold a cryptoparty at a mosque?
    • Infoshops
  • Upgrade Mac OS due to broken SSL certs
    • Do not store private key in iCloud!
  • Try out ChatSecure for XMPP
  • OTR generates ephemeral keys for each session
  • Tails auto wipe + shutdown when key is pulled
  • VPN to friendly jurisdiction --> VPN to Riseup --> Tor out of there
    • Can one go through Tor to the VPN?
      • Too slow
  • OpenShift gives out free SSH tunnels on demand
  • Keysigning party

Gratuitous Link Dump

  • https://fixubuntu.com -
  • http://kernelconcepts.de/ - Purchase magcards and USB sticks for hosting your public key
    • OpenPGP Smartcard V2
      • Generates and hosts up to 4096-bit PGP keys
      • Can store up to three (3) PGP keypairs
      • Can store login credentials in a separate datastore
      • User PIN must be entered correctly to encrypt or sign
        • Three failed attempts locks the card
      • Admin PIN must be entered correctly to unlock or edit card.
        • Three failed attempts fries the card
      • Standard smartcard formfactor
      • Contacts and chip can be punched out to form what is basically a SIM card
    • Gemalto Shell Token v2
      • USB key form factor
      • Unlock, slide SIM card-punchout from smartcard in, relock
      • Works just like a smartcard plugged into a USB smartcard reader
    • Works with GnuPG (gpg-agent), requires pcsclite, pcsc-tools, libusb, libusb-compat to operate.