Cryptoparty/2014/February

From Sudo Room
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :)

Areas of Interest

  • Mobile security
  • Backups (especially photos)
  • Cyanogenmod
  • Threat Modelling
  • VOIP
  • Installing Linux
  • Installing KeePass2, a password vault program
  • Running DNSSEC
  • Playing with alternative, secure email systems
  • Chat/OTR on Android
  • Image metadata

Agenda

  • Intros and what you're looking to get out of this cryptoparty
  • Why security is important
  • Split up into groups:
    • Mobile security
    • Lastpass (password management)
    • Threat modelling (eg; activists on the street)

Takeaways

  • GPG
  • Tails is hard to get running on my machine
  • TextSecure is easy!
  • Helped people set up secure chats, emails, and texting
  • Great one-on-one conversations
  • Learned a good deal about KeePass2 (and other variants like KeePassX) and got it running with help!
  • Learned about F Droid - an app store for procuring APKs without going through Google Play
  • Made a self-signed certificate and locked down CalDav
  • Threat modeling - we're not much better prepared than we were with Occupy. As an iPhone user, I'm pretty screwed no matter what. Need to talk to lawyers re: handing over keys and such
  • DNSSEC sucks! DNS is already terrible, but DNSSEC makes it worse! Clients don't use it, registrars don't accommodate it, and if you try to use it you're in for a headache.
  • The latest version of Cyanogenmod forces you to use their cloud for your contacts, which now must be sync'd with a cloud.
  • Suggestion: Cryptoparty Movie Night!
  • Suggestion: Linux Install Parties
  • Feedback: Splitting the group into "let's do this now" and general discussion was a great idea!
  • Homemade vs. commercial Faraday cages for phones, and general physical security
  • How to make this knowledge more palatable to the general public? Comics etc;
  • Best cryptoparty yet! Folks came with specific questions; paired off really smoothly; no uber-techie debates taking place; specific tasks and breakout topics.

Gratuitous Link Dump

VOIP Services

Custom Android ROMs

Retrieved from "https://sudoroom.org/mediawiki/index.php?title=Cryptoparty/2014/February&oldid=7650"