Cryptoparty/2014/February

From Sudo Room
Jump to navigation Jump to search

This cryptoparty took place on 16 February 2014 with no less than 20 engaged attendees :)

Areas of Interest

  • Mobile security
  • Backups (especially photos)
  • Cyanogenmod
  • Threat Modelling
  • VOIP
  • Installing Linux
  • Installing KeePass2, a password vault program
  • Running DNSSEC
  • Playing with alternative, secure email systems
  • Chat/OTR on Android
  • Image metadata

Agenda

  • Intros and what you're looking to get out of this cryptoparty
  • Why security is important
  • Split up into groups:
    • Mobile security
    • Lastpass (password management)
    • Threat modelling (eg; activists on the street)

Takeaways

  • GPG
  • Tails is hard to get running on my machine
  • TextSecure is easy!
  • Helped people set up secure chats, emails, and texting
  • Great one-on-one conversations
  • Learned a good deal about KeePass2 (and other variants like KeePassX) and got it running with help!
  • Learned about F Droid - an app store for procuring APKs without going through Google Play
  • Made a self-signed certificate and locked down CalDav
  • Threat modeling - we're not much better prepared than we were with Occupy. As an iPhone user, I'm pretty screwed no matter what. Need to talk to lawyers re: handing over keys and such
  • DNSSEC sucks! DNS is already terrible, but DNSSEC makes it worse! Clients don't use it, registrars don't accommodate it, and if you try to use it you're in for a headache.
  • The latest version of Cyanogenmod forces you to use their cloud for your contacts, which now must be sync'd with a cloud.
  • Suggestion: Cryptoparty Movie Night!
  • Suggestion: Linux Install Parties
  • Feedback: Splitting the group into "let's do this now" and general discussion was a great idea!
  • Homemade vs. commercial Faraday cages for phones, and general physical security
  • How to make this knowledge more palatable to the general public? Comics etc;
  • Best cryptoparty yet! Folks came with specific questions; paired off really smoothly; no uber-techie debates taking place; specific tasks and breakout topics.

Gratuitous Link Dump

VOIP Services

Custom Android ROMs