New beginnings in your digital life

July 14th, 2019

Relax => Reboot => Recover

Outline:

  • Introduction
  • Rules n’ Such
  • Current Events
  • Best Practices
  • Mini Workshops
    • Backup Backup!
    • Changing Defaults
  • Thank You/Resources

Who are we? Who are you?

  • We are the…
    • The Cypurr Collective: A group of folks that organize cybersecurity workshops and socials, looking to spread knowledge and talk about privacy rights!
  • ...and you are?
    • Name
    • Pronouns (i.e. he/him, she/her, they/them, etc)
    • In a few words, what brings you here today?

A few rules for this workshop …

  • Share the space!

    • Ask a question, give a comment, leave room for others to speak

  • Stack!  Raise your hand, we will queue speakers

  • Saf(er) Space

    • We DO NOT tolerate language or behavior purposefully meant to demean or harm others

    • Don't pressure anyone to discuss their experience/threat model/situation

    • Consent: Ask before helping someone out, e.g. before taking their device

  • Photo/Video- No photo/video without asking!

  • Reporters/Researchers: Make yourself known

  • Bonus Rule: Don't invalidate experiences!

     

Current Events

"Best" Practices

  • Inspired by CryptoHarlem Presentation (@geminiimatt)
  • Best =  Best for you
  • Quick recommendations that should work for most NYers
  • Focus today is on "fresh start" over "recover"

~New Laptop~

Easy: Try Stethoscope

  • Checkup on default settings
  • ragtag.org/stethoscope

Hard: Wipe the OS

  • Ensures less bloat and best settings
    • Reinstalling windows
    • Trying Linux

New Phone

(who dis?)

 

Somewhat hard: Go through all the settings!

 

Secure texts and calls?

Easy: Install Signal, F-Droid, 1.1.1.1

 

Secure video conferencing?

Fairly Easy: Jitsi or Wire

 

Safe SIM

Hard: Never use your SIM phone #

  • Google Voice or Burner instead

New Email

Easy:

Encryption only works within the services, PM is more popular so usually better

Encrypting files

With Online services:

 

 

Locally

 

(e.g. a flash drive):

Sending files

OnionShare

(encrypt first)

 

or

 

Firefox Send

(under 2.5gb)

New Browser

Or

With

cookies autodelete

New Collaboration

New Passwords

 Use a a manager!

 

Key to good passwords is length and complexity

 

For your brain, use *passphrases*

6+ random words

2FA gives your a new second p/w with every login, use an authenticator app or yubikey!

New Passwordsx2

2FA gives your a new second p/w for your most important accounts

 

Authenticator app

Or

Yubikey!

FreeOTP

Mini Workshops

Backup! Backup!

2. Changing Defaults

Backing up

Threat #1: You

Defend yourself from yourself: maintain good backup practices

Common Examples:

  • Saving a file while you are working on it
  • Saving copies for different versions
    • realFINAL-FINALcopy(2).docx
  • Saving to external HDD or Flash
  • Printing a copy
  • Emailing to self
  • Uploading Dropbox/Gdrive/OneDrive for Business

Backup Strategies: Crunch v. Maintenance

Designing a backup strategy

  1. Prioritize/Threat Model: What do you need?
  2. Standardize: Find a naming/saving style that works
    • eg. Title_2018-11-12.doc
    • eg. Embrace the desktop clutter
  3. Minimum of "3 - 2 -1 Backup"
    • 3 copies of a file
    • 2 forms of storage
    • 1 off-site location
  4. Automate as much as possible

$ bash

Levels of backup

  • Full disk clone
    • 'dd' in commandline
    • Clonezilla
  • File/Folder auto-backup
    • On a PC:
      • Duplicati
      • borg
    • On a Network:
      • Syncthing
    • Across the web:
      • Duplicati
      • rClone/Cryptomator
      • IFTTT
      • NextCloud

Example File Actor Map

You

Your PC

Your Phone

Your server space

Peer's server space

Peer

Peer's PC

Peer's Phone

ISPs

Online storage

Public or Private?

Maintain authorship?

Maintain authorship?

Data at Rest

  • Access
    • Who controls the hardware?
    • Who has access to your files?
      • Air gap
    • Check the settings
    • Strong passwords
  • Encryption
    • Veracrypt
  • Collaboration
    • Establish an access protocal
    • Establish a moving protocol

Data at Rest - Know your Rights

  • Access
    • Passwords are protected by 5th amendment
    • biometrics (i.e. fingerprint) are NOT.
    • Forced access: 0days, GrayKey, etc
    • 4th amendment, but not on the border
      • Border includes 100 mi from international airport
  • Collaboration
    • Tools like TOR now = probable cause
  • Subpoena-proof Standard
    • Includes Signal Messenger, Private Internet Access VPN

Scenario:

  • Crossing the border with sensitive data
    • What do you do before your trip?
    • What do you bring?
    • How do you store/more data during your trip?
  • Harm-reduction model

Thank You and Resources

  • CyPurr Collective

    • https://www.cypurr.nyc

    • Facebook & Twitter

  • Sign up to our email list too, we won’t spam ya!

  • Further Resources

    • NYC CryptoParty Meetup/CryptoParty Harlem (Meetup)

    • HackBlossom (Hackblossom.org)

    • ctrlshift.space I/O

    • Tactical Tech Collective- Holistic Security, MyShadow, Data Detox

  • EFF- Surveillance Self Defense (ssd.eff.org)

  • Freedom of the Press Foundation (Freedom.press)

Upcoming

  • Open Meeting Tuesday! July 16, 6pm
  • securiTEA time July 21st
  • Here again on August 4th
  • Find more on Facebook/Twitter/ email list

Thank You!

Made with Slides.com