Difference between revisions of "Cryptoparty"

From Sudo Room
Jump to navigation Jump to search
(updated with summer 2018 cryptoparty meeting notes)
 
(26 intermediate revisions by 6 users not shown)
Line 1: Line 1:
=February 2014=
'''Update August 2018: A group of sudoers recently met to discuss rebooting digital security workshops. Please [http://lists.sudoroom.org/listinfo/cryptoparty join the mailing list] for updates and to get involved!'''
This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :)
==Areas of Interest==
*Mobile security
*Backups (especially photos)
*Cyanogenmod
*Threat Modelling
*VOIP
*Installing Linux
*Installing Keypass
*Running DNSSEC
*Playing with alternative, secure email systems
*Chat/OTR on Android
*Image metadata


==Agenda==
Every Third Sunday of the month from 2-5pm, Sudo Room hosts an afternoon of co-learning and teaching about digital security. The driving motivation of our cryptoparties is to learn about end-user security in a fun, welcoming and inclusive environment. Popular topics include: why digital security is important; strategies for activists and journalists; encrypted email; encrypted text messaging; encrypted phone calls; encrypting your hard drive; off-the-record instant messaging; secure web browsing; mesh networks; and presentations on newer projects. All skill levels welcome - bring your phone and/or laptop!
*Intros and what you're looking to get out of this cryptoparty
*Why security is important
*Split up into groups:
**Mobile security
**Lastpass (password management)
**Threat modelling (eg; activists on the street)


==Takeaways==
[[File:Anonyzebra.jpg|thumb|frameless|'''Anony Zebra''', the official Cryptoparty mascot, protecting herself from [http://grevyszebratrust.org/stripe-recognition.html Stripe Recognition]]]
*GPG
*Tails is hard to get running on my machine
*TextSecure is easy!
*Helped people set up secure chats, emails, and texting
*Great one-on-one conversations
*Learned a good deal about Keypass and got it running with help!
*Learned about F Droid - an app store for procuring APKs without going through GOogle Play
*Made a self-signed certificate and locked down CalDav
*Threat modeling - we're not much better prepared than we were with Occupy. As an iPhone user, I'm pretty screwed no matter what. Need to talk to lawyers re: handing over keys and such
*DNSSEC sucks! DNS is already terrible, but DNSSEC makes it worse! Clients don't use it, registrars don't accommodate it, and if you try to use it you're in for a headache.
*The latest version of Cyanogenmod forces you to use their cloud for your contacts, which now must be sync'd with a cloud.
*Suggestion: Cryptoparty Movie Night!
*Suggestion: Linux Install Parties
*Feedback: Splitting the group into "let's do this now" and general discussion was a great idea!
*Homemade vs. commercial Faraday cages for phones, and general physical security
*How to make this knowledge more palatable to the general public? Comics etc;
*Best cryptoparty yet! Folks came with specific questions; paired off really smoothly; no uber-techie debates taking place; specific tasks and breakout topics.


==Gratuitous Link Dump==
=Archive=
*[https://lastpass.com/ LastPass] for secure password management.
*[[Cryptoparty/2018/June|June 2018]]
*[https://f-droid.org/ F-Droid]
*[[Cryptoparty/2014/October|October 2014]]
*[https://securityinabox.org/en/thuderbird_encryption How to Use Enigmail with Thunderbird]
*[[Cryptoparty/2014/April|April 2014]]
*[http://openphoto.net/ OpenPhoto (facilitates backing up photos to your own server)]
*[[Cryptoparty/2014/March|March 2014]]
*[http://www.frontlinesms.com/ Frontline SMS]
*[[Cryptoparty/2014/February|February 2014]]
*[https://play.google.com/store/apps/details?id=fr.slvn.appops&hl=en AppOps - permissions for Android]
*[[Cryptoparty/2013/December|December 2013]]
===VOIP Services===
*[[Cryptoparty/2013/October|October 2013]]
*[http://code.google.com/p/csipsimple/ CSIP Simple]
*[[Cryptoparty/2013/August|August 2013]]
*[http://code.google.com/p/sipdroid/ SIPDroid]
===Custom Android ROMs===
*[http://www.teamdirt.me/ Dirty Unicorns]
*[http://paranoidandroid.co/ Paranoid Android]
=December 2013=
The next Cryptoparty is '''Sunday''', December 15th at Sudo Room from 2-5pm!
 
For this Cryptoparty, we will have handouts!
* [[Tools for Protecting Against Online Snooping]]
* [[Security Overview]] (work in progress, don't print)
* [[Minimum Security Requirements]]
 
==Agenda==
Presentations (rolling; starting at 2pm):
* History of Cryptography and Cryptoparties by Aestetix
* How They Get You: A Survey of Attack Surfaces / Privacy Vulnerabilities for Users by Yardena
* SecureDrop: An Open Source Whistleblower Submission System by Legind
 
Workshops (running in parallel):
* PGP / E-mail Encryption
* Browser plugins
* Tails for activists
* Metadata scrubbing
 
=October 2013=
[[File:Cryptoparty flyer.png|thumb|(png) A flyer for hosting a cryptoparty at sudo room. Download [https://sudoroom.org/wiki/File:Cryptoparty_flyer.svg source svg file].]]
 
[[Cryptoparty/October_2013|NOTES FROM OCTOBER'S CRYPTOPARTY]]
 
The next Cryptoparty is '''Sunday''', October 20th at Sudo Room from 2-5pm!
 
We'll be covering the following:
*Get feedback from attendees about who they are, what they're interested in and what they want to get out of the event on that day.
*Do introduction activity to have folks explain to each other who they are and why they're at cryptoparty
*Use human barometer to determine different viewpoints and clusters on controversial and relevant topics.
*Start with a basic introduction, accessible.
**with LIVE EXPLOIT?! :D - Traffic Analysis of the local network as a demo, making it explicit
*Workshop-based format, break into smaller groups.
**HTTPS + SSL - protocol layer
***https://www.moserware.com/2009/06/first-few-milliseconds-of-https.html
**Mobile Security / Whisper Systems - Redphone / TextSecure / Guardian Project
**Verifiable Builds: https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise
**SSL Primer & Perfect Forward Secrecy (Rhodey)
***Include a demo, in the browser, etc. Show visual queues
**Certificate Authorities & scramble.io / hashed.im
***Understand why CA is broken
****Can demo, explain why it's secure.
**General OTR
**GPG
*Speed geeking
**Thunderbird with PGP
**Unconference-style project demos
*Key-signing party
*Invite folks to Aaron Swartz Memorial Hackathon
 
=August 2013=
 
[[File:Cryptopartyinfoday.jpg|thumb|Cryptoparty flyer.]]
 
'''the BAY AREA PUBLIC SCHOOL & sudo room'''
 
''presents''
 
:WHAT IS INFORMATION
 
==LIVESTREAM==
YouTube LIVE Stream
http://youtu.be/x3V1xv9XoE0
 
Google Hangout
https://plus.google.com/hangouts/_/691eaeb3b509844d46cf43c82af3e9ba4b37b6e1
 
==Schedule==
3-6pm: LIGHTNING TALKS, WALKABOUT, and DISCUSSION:
 
ADD 25 MINUTES TO ALL LISTED TIMES [[User:Thex|Thex]] [[Special:Contributions/50.0.83.158|50.0.83.158]] 16:55, 31 August 2013 (PDT)
 
* '''(15:00) THREE PM''' Introduction
** Emerging Technologies of Oppression and Liberation
by David Keenan (Bay Area Public School)
* '''(15:15) THREE-FIFTEEN PM''' Understanding "Big Data"
** Andrew (engineer)
* '''(15:30) THREE-THIRTY PM''' WALKING INFOTOUR OF Oakland's NEW camera surveillance network / Domain Awareness Center
** Becky Hurwitz, Emi Kane, Sarah Reilly, Salima Hamirani (security activists)
* '''(16:10) FOUR-TEN PM''' Citizen Science: From Institutions to Community
** Craig Rouskey (SUDO GETit Project)
* '''(16:30) FOUR-THIRTY PM''' Creating a Network Commons: The Oakland Community Mesh Project
** Marc Juul and Jenny Ryan (SUDO Room)
* '''(16:45) FOUR-FOURTYFIVE PM''' Security Activism: What We Know Works, What We Know Doesn't, and What We Don't Know But Probably Should Know Better
** Danny O'Brien (Electronic Frontier Foundation/EFF)
* '''(17:00) FIVE PM''' PANEL DISCUSSION
** Moxie Marlinspike (Open WhisperSystems/RedPhone)
*** [https://whispersystems.org/ whispersystems.org]
** Bill Budington (Electronic Frontier Foundation)
*** [https://eff.org eff.org]
** and the other attendees! This will be amazing
 
8:00 till 11PM : Summer School week CLOSING PARTY! DANCIN'! DRINX!
FEATURIN' DJ Public Frenemy (Liam O'Donoghue!)
 
[LINK TBD]
 
 
<pre>
    ,gggg,                                                                                                       
  ,88"""Y8b,                                  I8                                                  I8               
  d8"    `Y8                                  I8                                                  I8           
d8'  8b  d8                                88888888                                            88888888         
,8I    "Y88P'                                  I8                                                  I8           
I8'          ,gggggg,  gg    gg  gg,gggg,    I8    ,ggggg,  gg,gggg,      ,gggg,gg  ,gggggg,  I8  gg    gg
d8            dP""""8I  I8    8I  I8P"  "Yb    I8    dP"  "Y8gggI8P"  "Yb    dP"  "Y8I  dP""""8I  I8  I8    8I
Y8,          ,8'    8I  I8,  ,8I  I8'    ,8i  ,I8,  i8'    ,8I  I8'    ,8i  i8'    ,8I  ,8'    8I  ,I8,  I8,  ,8I
`Yba,,_____,,dP    Y8,,d8b, ,d8I ,I8 _  ,d8' ,d88b,,d8,  ,d8' ,I8 _  ,d8' ,d8,  ,d8b,,dP    Y8,,d88b,,d8b, ,d8I
  `"Y88888888P      `Y8P""Y88P"888PI8 YY88888P8P""Y8P"Y8888P"  PI8 YY88888PP"Y8888P"`Y88P      `Y88P""Y8P""Y88P"888
                            ,d8I' I8                            I8                                            ,d8I'
                          ,dP'8I  I8                            I8                                          ,dP'8I
                          ,8"  8I  I8                            I8                                        ,8"  8I
                          I8  8I  I8                            I8                                        I8  8I
                          `8, ,8I  I8                            I8                                        `8, ,8I
                          `Y8P"  I8                            I8                                          `thex 
 
 
  __  _    _______.    ___  .___________. __    __  .______      _______      ___  ____    ____      ___        ___ ____    __    __  _   
/ \/ | /      |    /  \  |          ||  |  |  | |  _  \    |      \    /  \  \  \  /  /    / _ \      /  /|___ \  /_ |  /  \/ |   
|_/\__/  |  (----`  /  ^  \ `---|  |----`|  |  |  | |  |_)  |    |  .--.  |  /  ^  \  \  \/  /    | (_) |    /  /  __) |  | | |_/\__/   
          \  \      /  /_\  \    |  |    |  |  |  | |      /    |  |  |  |  /  /_\  \  \_    _/      > _ <    /  /  |__ <  | |           
      .----)  |    /  _____  \  |  |    |  `--'  | |  |\  \----.|  '--'  | /  _____  \  |  |        | (_) |  /  /    ___) |  | |           
      |_______/    /__/    \__\  |__|      \______/  | _| `._____||_______/ /__/    \__\  |__|        \___/  /__/    |____/  |_|           
                                                                                                                                               
___    ___  .__  __.  _______                .______  .______        ______        ___      _______  ____    __    ____  ___  ____    ____
|__ \  |__ \  |  \ |  | |      \      ___      |  _  \  |  _  \      /  __  \      /  \    |      \ \  \  /  \  /  / /  \  \  \  /  /
  ) |    ) | |  \|  | |  .--.  |    ( _ )    |  |_)  | |  |_)  |    |  |  |  |    /  ^  \    |  .--.  | \  \/    \/  / /  ^  \  \  \/  / 
  / /    / /  |  . `  | |  |  |  |    / _ \/\  |  _  <  |      /    |  |  |  |  /  /_\  \  |  |  |  |  \            / /  /_\  \  \_    _/ 
/ /_  / /_  |  |\  | |  '--'  |  | (_>  <  |  |_)  | |  |\  \----.|  `--'  |  /  _____  \  |  '--'  |  \    /\    / /  _____  \  |  |   
|____| |____| |__| \__| |_______/    \___/\/  |______/  | _| `._____| \______/  /__/    \__\ |_______/    \__/  \__/ /__/    \__\  |__|   
                                                                                                                                               
.__  __.  _______      ___      .______          __    ___          _______..___________.  .______        ___      .______    .___________. 
|  \ |  | |  ____|    /  \    |  _  \        /_ |  / _ \        /      ||          |  |  _  \      /  \    |  _  \    |          | 
|  \|  | |  |__      /  ^  \    |  |_)  |        | | | (_) |      |  (----``---|  |----`  |  |_)  |    /  ^  \    |  |_)  |  `---|  |----` 
|  . `  | |  __|    /  /_\  \  |      /        | |  \__, |        \  \        |  |        |  _  <    /  /_\  \  |      /        |  |     
|  |\  | |  |____  /  _____  \  |  |\  \----.    | |    / /    .----)  |      |  |        |  |_)  |  /  _____  \  |  |\  \----.  |  |     
|__| \__| |_______|/__/    \__\ | _| `._____|    |_|  /_/      |_______/        |__|        |______/  /__/    \__\ | _| `._____|  |__|     
                                                                                                                                               
</pre>
 
 
 
''From David Brazil via Archives: http://lists.sudoroom.org/pipermail/sudo-discuss/2013-August/003476.html''
 
'''[sudo-discuss] THIS SATURDAY, 8/31 : WHAT IS INFORMATION + DANCE PARTY @ 2141 ! (SUMMER SCHOOL 2013)'''
 
Dear Friends :
 
Please join us for the culminating session of SUMMER SCHOOL 2013 at the BAY AREA PUBLIC SCHOOL (2141 Broadway) :
 
WHAT IS INFORMATION (co-presented with Sudo Room)
 
an all-day session on information, privacy, surveillance & resistance !
 
We hope you will join us for what we expect to be a tremendous event !
 
Love & solidarity -- David Brazil (for the Summer School organizing committee)
 
 
''From Jenny via Archives: http://lists.sudoroom.org/pipermail/sudo-discuss/2013-August/003471.html''
 
'''[sudo-discuss] Cryptoparty + Lightning Talks, this Saturday at Sudo Room!'''
 
The last day of the Bay Area Public School / Sudo Room's weeklong Summer School program, Information Day kicks off with a 3-hour Cryptoparty starting at 12pm. We'll be showing people how to run Tor (anonymous browsing), set up private and public keys for authentication, use encrypted chat, and secure their phone calls. All skill levels welcome!
 
We'll conclude the evening with free drinks and dancing!
 
Sudo Room is located at 2141 Broadway St, two blocks from the 19th St Oakland BART. Curl left around the corner at 22nd - the entrance is on 22nd St. We'll be running from 12-6, so drop in anytime. Flier attached.
 
Come and party like it's 1984!  :P
Jenny


=Ways To Volunteer For Non Coders=
=Ways To Volunteer For Non Coders=
Line 252: Line 40:
*http://tacticaltech.org
*http://tacticaltech.org
*http://prismbreak.com
*http://prismbreak.com
* [https://ssd.eff.org/ EFF's Surveillance Self-Defense]
* [https://www.eff.org/wp/know-your-rights EFF's Know Your Rights]
* [http://liberationtechnology.stanford.edu/ Liberation Tech] ([https://mailman.stanford.edu/mailman/listinfo/liberationtech mailing list], [https://twitter.com/liberationtech twitter])
* [http://www.mozilla.org/security/ Mozilla Security notes]
* [http://www.americanscientist.org/issues/pub/2012/5/alice-and-bob-in-cipherspace/ Alice and Bob in Cipherspace - Fully Homomorphic Encryption]
* [http://mashable.com/2012/09/27/internet-censorship/ Which Countries Actively Suppress Internet Freedom?]
==Recommended Software==
'''Warning''': This table is intended as a starting point for new users.  Mobile devices (iOS, Android), Web-based solutions, Pidgin, CryptoCat, and ChatSecure all have known flaws or associated risks that need to be considered.
{| class="wikitable"
|-
! !! Android !! iOS !! Windows !! OS X !! Linux !! Cross-platform or Web
|-
| Email || [https://help.riseup.net/en/k9 K9] || ?? || [http://www.scribd.com/doc/110143089/Using-GPG-on-Windows-with-Thunderbird-and-Enigmail Thunderbird+Enigmail] || [https://www.macupdate.com/app/mac/9417/gpg-suite/ GPGSuite] [http://www.mozilla.org/en-US/thunderbird/all.html Thunderbird], [http://www.enigmail.net/download/ Enigmail] || [http://www.mozilla.org/en-US/thunderbird/all.html Thunderbird], [http://www.enigmail.net/download/ Enigmail] || [https://help.riseup.net/en/webmail riseup webmail]
|-
| Chat || [https://guardianproject.info/apps/gibber/ GibberBot], [https://play.google.com/store/apps/details?id=org.thoughtcrime.securesms TextSecure (sms)] || [https://whispersystems.org/blog/iphone-rsn/ TextSecure (sms)] || [http://chrisballinger.info/apps/chatsecure/ ChatSecure] || [http://www.cypherpunks.ca/otr/ Pidgin], [http://trac.adium.im/wiki/OTREncryption Adium] || [http://www.cypherpunks.ca/otr/ Pidgin] || [https://project.crypto.cat/ CryptoCat]
|-
| Network Anonymity || [https://play.google.com/store/apps/details?id=org.torproject.android Orbot], [https://play.google.com/store/apps/details?id=info.guardianproject.browser OrWeb] || [https://www.torproject.org/download Tor] || [https://www.torproject.org/download Tor] || [https://itunes.apple.com/au/app/onion-browser/id519296448?mt=8 Onion Browser] || [https://www.torproject.org/download Tor] || [https://www.torproject.org/download Tor]
|-
| Disk Encryption || [http://www.guyrutenberg.com/2012/06/29/some-thoughts-about-androids-full-disk-encryption/ Available in 4.0+] || ?? || [https://truecrypt.org/ TrueCrypt] || [http://en.wikipedia.org/wiki/File_vault Available in 10.7+] || [https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup LUKS] || [https://github.com/freedomofpress/securedrop SecureDrop], [https://tahoe-lafs.org Tahoe LAFS]
|-
| Password Management || [https://www.keepassx.org/ KeePassX], [https://play.google.com/store/apps/details?id=org.fedorahosted.freeotp FreeOTP] || [https://fedorahosted.org/freeotp/ FreeOTP], [https://www.keepassx.org/ KeePassX] || [https://www.keepassx.org/ KeePassX] || [https://www.keepassx.org/ KeePassX] || [https://www.keepassx.org/ KeePassX] || [https://www.keepassx.org/ KeePassX]
|}
== Videos==
* [https://www.youtube.com/watch?feature=player_detailpage&amp;v=YEBfamv-_do#t=85s Diffie-Hellman Key Exchange]
* [http://www.excivity.com/ComputeCycle/howtorworks/ How Tor Works]
* [http://www.udacity.com/overview/Course/cs387/CourseRev/apr2012 Udacity: Applied Cryptography (cs387)]
* [http://www.khanacademy.org/science/brit-cruise/cryptography khan academy: Journey into Cryptography]
* [https://www.youtube.com/watch?v=HHoJ9pQ0cn8 Anti-Rep workshop (1/2) - Jacob Applebaum]
* [https://www.youtube.com/watch?v=s9fByRmAHgU Anti-Rep workshop (2/2) - Jacob Applebaum]
* [https://citp.princeton.edu/event/arvind-narayanan/ What Happened to the Crypto Dream?]
==Books==
* [http://en.wikipedia.org/wiki/The_Codebreakers The code breakers - david kahn]
* [http://www.stevenlevy.com/index.php/books/crypto crypto - steven levy]
* [http://simonsingh.net/books/the-code-book/ the code book - simon singh]
* [http://en.wikipedia.org/wiki/The_Cuckoo's_Egg_(book) The Cuckoo's Egg - clifford stoll (fiction)]
==Online Courses==
* [https://www.coursera.org/course/crypto Cryptography]
* [https://www.coursera.org/course/crypto2 Cryptography II]
* [https://www.coursera.org/course/digitaldemocracy Securing Digital Democracy]
=Hosting A Cryptoparty=
*Cryptoparties are best when some planning takes place before. Hold a planning meeting 1-2 weeks before the event and ping the [https://lists.sudoroom.org/listinfo/cryptoparty mailing list] to recruit folks who've expressed interest in helping out.
*There are handouts linked to above that can be printed out at sudo - they generally live in a clear document holder / trapper keeper labelled 'Cryptoparty' located in a crate of other trapper keepers on the middle shelf between the workshop and the bike station in sudo.
*Try to reach out to communities that should be using crypto and are generally not connected to the sudo room social network. Activists, journalists, immigrants + expats, POC, etc; Consider hosting the cryptoparty in an entirely different location.
*At least a week before the cryptoparty, get the word out:
**Tweet/FB posts via Sudo Room's accounts (ask Jenny for info)
**Send an announcement to the following mailing lists:
***[https://lists.sudoroom.org/listinfo/sudo-discuss sudo-discuss]
***[https://lists.sudoroom.org/listinfo/cryptoparty cryptoparty]
***[https://lists.noisebridge.net/listinfo/noisebridge-discuss noisebridge-discuss]
*Come half an hour to an hour earlier to set up:
**Put the sudo room sandwich board out
**Tape up some signage on the doors if so inclined (there are some paper signs in the clear trapper keeper)
**Find a good spot for your expected # of attendees. Check with Public School; often we have split up into several working groups using different areas of the common space, sudo room proper, and the public school room.
*Starting the cryptoparty:
**Take notes on the wiki - set up a separate wiki page for that month's event [eg; /wiki/Cryptoparty/YEAR/MONTHNAME
**Allow 15-30 minutes to get to a good group size to start
**Go around the room and ask folks to introduce themselves, their level of skill w/ crypto, what they're interested in discussing or working on that afternoon.
**Create an agenda ad-hoc and split the group as needed (pairs work great for things like helping someone set up disk encryption)
**Have fun! Encourage wide-ranging discussion but step in if things start to get to technical. Keep focus on those who are newer to the topic and have specific things they want to accomplish.
=Flyers and Handouts=
* [[Tools for Protecting Against Online Snooping]]
* [[Security Overview]] (work in progress, don't print)
* [[Minimum Security Requirements]]
==Current Flyers==
A flyer for hosting a cryptoparty at sudo room every "3rd Sunday":
<gallery mode="nolines">
File:Cryptoparty flyer.png|(png)
File:Cryptoparty flyer.svg|(svg)
File:Cryptoparty flyer pdf.pdf|(pdf)
File:Cryptoparty flyer plain.svg|(plain svg)
</gallery>
==Historic Flyers==
[[File:Cryptopartyinfoday.jpg|thumb|none|Cryptoparty flyer.]]
[[Category:Events]]
[[Category:Events]]

Latest revision as of 16:21, 24 August 2018

Update August 2018: A group of sudoers recently met to discuss rebooting digital security workshops. Please join the mailing list for updates and to get involved!

Every Third Sunday of the month from 2-5pm, Sudo Room hosts an afternoon of co-learning and teaching about digital security. The driving motivation of our cryptoparties is to learn about end-user security in a fun, welcoming and inclusive environment. Popular topics include: why digital security is important; strategies for activists and journalists; encrypted email; encrypted text messaging; encrypted phone calls; encrypting your hard drive; off-the-record instant messaging; secure web browsing; mesh networks; and presentations on newer projects. All skill levels welcome - bring your phone and/or laptop!

Anony Zebra, the official Cryptoparty mascot, protecting herself from Stripe Recognition

Archive

Ways To Volunteer For Non Coders

Translation Efforts:

Art:

Writing (documentation + press releases):

General Resources

Recommended Software

Warning: This table is intended as a starting point for new users. Mobile devices (iOS, Android), Web-based solutions, Pidgin, CryptoCat, and ChatSecure all have known flaws or associated risks that need to be considered.

Android iOS Windows OS X Linux Cross-platform or Web
Email K9 ?? Thunderbird+Enigmail GPGSuite Thunderbird, Enigmail Thunderbird, Enigmail riseup webmail
Chat GibberBot, TextSecure (sms) TextSecure (sms) ChatSecure Pidgin, Adium Pidgin CryptoCat
Network Anonymity Orbot, OrWeb Tor Tor Onion Browser Tor Tor
Disk Encryption Available in 4.0+ ?? TrueCrypt Available in 10.7+ LUKS SecureDrop, Tahoe LAFS
Password Management KeePassX, FreeOTP FreeOTP, KeePassX KeePassX KeePassX KeePassX KeePassX

Videos

Books

Online Courses

Hosting A Cryptoparty

  • Cryptoparties are best when some planning takes place before. Hold a planning meeting 1-2 weeks before the event and ping the mailing list to recruit folks who've expressed interest in helping out.
  • There are handouts linked to above that can be printed out at sudo - they generally live in a clear document holder / trapper keeper labelled 'Cryptoparty' located in a crate of other trapper keepers on the middle shelf between the workshop and the bike station in sudo.
  • Try to reach out to communities that should be using crypto and are generally not connected to the sudo room social network. Activists, journalists, immigrants + expats, POC, etc; Consider hosting the cryptoparty in an entirely different location.
  • At least a week before the cryptoparty, get the word out:
  • Come half an hour to an hour earlier to set up:
    • Put the sudo room sandwich board out
    • Tape up some signage on the doors if so inclined (there are some paper signs in the clear trapper keeper)
    • Find a good spot for your expected # of attendees. Check with Public School; often we have split up into several working groups using different areas of the common space, sudo room proper, and the public school room.
  • Starting the cryptoparty:
    • Take notes on the wiki - set up a separate wiki page for that month's event [eg; /wiki/Cryptoparty/YEAR/MONTHNAME
    • Allow 15-30 minutes to get to a good group size to start
    • Go around the room and ask folks to introduce themselves, their level of skill w/ crypto, what they're interested in discussing or working on that afternoon.
    • Create an agenda ad-hoc and split the group as needed (pairs work great for things like helping someone set up disk encryption)
    • Have fun! Encourage wide-ranging discussion but step in if things start to get to technical. Keep focus on those who are newer to the topic and have specific things they want to accomplish.

Flyers and Handouts

Current Flyers

A flyer for hosting a cryptoparty at sudo room every "3rd Sunday":

Historic Flyers

Cryptoparty flyer.