[Cryptoparty] Cryptoparty Notes!

Jenny Ryan tunabananas at gmail.com
Sun Feb 16 18:57:07 PST 2014


Thanks for everyone who came and participated today! Good fun, many learns
:)

Posting this to sudo-discuss as well - join the Cryptoparty mailing list
here: https://lists.sudoroom.org/listinfo/cryptoparty

Reposted for posterity at: https://sudoroom.org/wiki/Cryptoparty

=February 2014=
This cryptoparty took place on 16 February 2014 with no less than 20
engaged attendees :)

==Areas of Interest==
*Mobile security
*Backups (especially photos)
*Cyanogenmod
*Threat Modelling
*VOIP
*Installing Linux
*Installing Lastpass
*Running DNSSEC
*Playing with alternative, secure email systems
*Chat/OTR on Android
*Image metadata

==Agenda==
*Intros and what you're looking to get out of this cryptoparty
*Why security is important
*Split up into groups:
**Mobile security
**Lastpass (password management)
**Threat modelling (eg; activists on the street)

==Takeaways==
*GPG
*Tails is hard to get running on my machine
*TextSecure is easy!
*Helped people set up secure chats, emails, and texting
*Great one-on-one conversations
*Learned a good deal about Keypass and got it running with help!
*Learned about F Droid - an app store for procuring APKs without going
through GOogle Play
*Made a self-signed certificate and locked down CalDav
*Threat modeling - we're not much better prepared than we were with Occupy.
As an iPhone user, I'm pretty screwed no matter what. Need to talk to
lawyers re: handing over keys and such
*DNSSEC sucks! DNS is already terrible, but DNSSEC makes it worse! Clients
don't use it, registrars don't accommodate it, and if you try to use it
you're in for a headache.
*The latest version of Cyanogenmod forces you to use their cloud for your
contacts, which now must be sync'd with a cloud.
*Suggestion: Cryptoparty Movie Night!
*Suggestion: Linux Install Parties
*Feedback: Splitting the group into "let's do this now" and general
discussion was a great idea!
*Homemade vs. commercial Faraday cages for phones, and general physical
security
*How to make this knowledge more palatable to the general public? Comics
etc;
*Best cryptoparty yet! Folks came with specific questions; paired off
really smoothly; no uber-techie debates taking place; specific tasks and
breakout topics.

==Gratuitous Link Dump==
*[https://lastpass.com/ LastPass] for secure password management.
*[https://f-droid.org/ F-Droid]
*[https://securityinabox.org/en/thuderbird_encryption How to Use Enigmail
with Thunderbird]
*[http://openphoto.net/ OpenPhoto (facilitates backing up photos to your
own server)]
*[http://www.frontlinesms.com/ Frontline SMS]
*[https://play.google.com/store/apps/details?id=fr.slvn.appops&hl=en AppOps
- permissions for Android]

===VOIP Services===
*[http://code.google.com/p/csipsimple/ CSIP Simple]
*[http://code.google.com/p/sipdroid/ SIPDroid]

===Custom Android ROMs===
*[http://www.teamdirt.me/ Dirty Unicorns]
*[http://paranoidandroid.co/ Paranoid Android]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sudoroom.org/pipermail/cryptoparty/attachments/20140216/0b50bc23/attachment.html>


More information about the Cryptoparty mailing list