This month's cryptoparty will take place on 16 March 2014.

Agenda

• Encrypting hard drive (Mac)
• GPG Keysigning party + protocol
• Step-by-step resources
• OTR sessions keys
• Encrypted email on phone
  • K9 for Android (sucks), and putting PGP keys on phone is not a good idea - though if you're not being targetted
  • Phones are just broken. Generally.
• Mobile security (Redphone, TextSecure)

Workshops

• Hard drive encryption
• Email encryption

Notes

• Outreach to other communities
  • Hold a cryptoparty at a mosque?
  • Infoshops
• Upgrade Mac OS due to broken SSL certs
  • Do not store private key in iCloud!
• Try out ChatSecure for XMPP
• OTR generates ephemeral keys for each session
• Tails auto wipe + shutdown when key is pulled
• VPN to friendly jurisdiction --> VPN to Riseup --> Tor out of there
  • Can one go through Tor to the VPN?
    • Too slow
• OpenShift gives out free SSH tunnels on demand
• Keysigning party
  • HOWTO
  • Keysigning Party Guide
  • Zimmerman-Sassaman Keysigning Protocol

Gratuitous Link Dump

• https://fixubuntu.com -
• http://kernelconcepts.de/ - Purchase magcards and USB sticks for hosting your public key
  • OpenPGP Smartcard V2
    • Generates and hosts up to 4096-bit PGP keys
    • Can store up to three (3) PGP keypairs
    • Can store login credentials in a separate datastore
    • User PIN must be entered correctly to encrypt or sign
      • Three failed attempts locks the card
    • Admin PIN must be entered correctly to unlock or edit card.
      • Three failed attempts fries the card
    • Standard smartcard formfactor
    • Contacts and chip can be punched out to form what is basically a SIM card
  • Gemalto Shell Token v2
    • USB key form factor
    • Unlock, slide SIM card-punchout from smartcard in, relock
    • Works just like a smartcard plugged into a USB smartcard reader
  • Works with GnuPG (gpg-agent), requires pcsclite, pcsc-tools, libusb, libusb-compat to operate.