August Penguin 2013
oh hai
Yuval Adam (@yuvadm)
Independent Web Dev, Infra and Ops
"because everything sounds better when someone promises there will be beer"
Crypto - help people use privacy and anonymity software
Party - make it fun, simple and easy to use
Free / Community-organized / Non-commercial
cryptoparty
Since August 2012
100's of cities
Dozens of countries
2 Events in Tel Aviv so far
Need more people involved
privacy and anonymity trends
- Data retention laws
- Corporate / govt. data hoarding
- Journalists under gag
- Whistle-blower persecution
- PRISM / Biometric Database / [Insert FUD here]
'i've got nothing to hide'
skip the implementation details
encryption / decryption
keys
plaintext / ciphertext
symmetric / asymmetric
That's it.
USERS NEED PRACTICAL ADVICE.
the tools
- PGP - encryption toolkit
- Tor - anonymity network
- OTR - secure chat
- Tails - isolated bootable USB
- Full-disk encryption
endorsed = FOSS && peer-reviewed
and the low hanging fruit
- HTTP security
- TLS/SSL
- password management
- 3rd party tracker/malware blocking
- Secure mobile VoIP and text (the proverbial "app")
- Wi-Fi security
choose your battles
Define your own threat model
Give users the freedom to choose
And the right tools to defend themselves
cryptoparty handbook
Work-in-progress attempt to compile all tutorials into a definitive point of reference
https://github.com/cryptoparty/handbook
It's in markdown!
(compiles to HTML, PDF, EPUB, MOBI)
organize a cryptoparty!
You don't need anyone's permission.
sudo leadership
expressed goal: bridge the gap, enable users
backdoor message: crypto as a political action
:s/crypto/free software