Differences

This shows you the differences between two versions of the page.

--- cygnet [2015/11/04 03:16] – created cygnet_tas
+++ cygnet [2022/05/08 11:42] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-Date and time to be confirmed.
+====== Cygnet Crypto Party ======
-Tentatively scheduled for the 20th December 2015 @ Cygnet Town Hall Supper Room
+Everyone is invited to attend a Crypto Party!
-All Welcome!
+===== Privacy matters =====
+Quote from the official **Crypto Party Handbook**
+"Privacy is a fundamental human right. It is recognised in many countries to be as central to individual human dignity and social values as Freedom of Association and Freedom of Speech. Simply put, privacy is the border where we draw a line between how far a society can intrude into our personal lives."
+===== When & Where =====
+pm to 5pm **Sunday 20th December 2015** **Cygnet Town Hall** upstairs in the Supper Room [[https://www.openstreetmap.org/#map=18/-43.16177/147.07613|Open Streetmap]]
+===== What is it? =====
+[[https://www.cryptoparty.in/|Party like it is 1984]]
+  * A Crypto Party is a chance for people to learn about the digital landscape in relation to privacy and security
+  * If you want there will be people who will help you install and become familiar with privacy tools and techniques
+===== Reasons why? =====
+  * I have nothing to hide!
+    * But I have a bad feeling about my privacy and security
+===== What's your level of interest? =====
+In anticipation that their will be different levels of knowledge and interest there will be two sections
+==== Hungry for information ====
+  * A group for people who want background information
+    * Brief background talk
+    * Videos to watch
+    * Videos, documentation & software to download from local server onto USB drives if those attending wish to learn or experiment at a later date
+    * Lots of discussion (Questions & Answers, sharing stories)
+==== Ready for action? ====
+  * A group for those wanting to set up their devices for better privacy
+    * There will be a local server with authenticated software packages for you to install onto your devices with guided assistance if required.
+    * Bring your phone, laptop and a USB disk (don't forget your power supply)
+    * Detailed information on tools and links below
+===== Tools & techniques =====
+//topic summary//:
+  * Privacy & Identity authorisation (OpenPGP), Virus & mal-ware, Password management, Tracking & Meta-data, Anonymity & pseudo-anonymity, Security: not as a //panacea// but a //process// recognising that compromises or trade-offs prevent total security, Dark Web, Deep Web, Crypto Currencies
+===== Topics details =====
+==== Passwords ====
+  * Recommend passphrases
+    * Pasword managment and further recommendations
+==== Cryptography ====
+  * Basic Concept //summary//
+    * Public key cryptography = public Key (encrypts) & private key (decrypts) versus conventiaonal secret-key = one key is used both for encryption and decryption = Asymmetric versus Symmetric
+    * Public Key Infrastructure (PKI) = security, authentication, confidentiality, integrity, non-repudiation and access control +Certification Authorities = Cryptographic certificates: trust is built into your browser
+    * Encryption and Decryption = information is obfuscated by encryption. Can be a message, a file, a disk (storage medium) or //anything// that can be codified
+    * Common software tools are PGP (Pretty Good Privacy) & the open source GnuPG (or GPG = Gnu Privacy Guard) is a complete and free implementation of OpenPGP
+    * Secure Sockets Layer (SSL) https
+    * GnuPG or OpenPGP signatures - use a private key to sign a file. Anyone who has the corresponding public key can check whether the file was signed by the private key. Anyone who doesn’t have the private key cannot forge such a signature
+  * Verifying a file
+    * [[http://en.wikipedia.org/wiki/Cryptographic_hash_function|File checksum]]
+  * Wireless security
+    * WAR driving risks
+    * Mac address spoofing
+  * [[https://canarywatch.org/faq.html|Canary watch]]
+    * Method by which a communications service provider informs its users that the provider has not been served with a secret United States government subpoena
+  * Government surveillance +PRISM
+  * Big data
+    * Corporate risks
+    * Pay wave
+  * International Crime Syndicates +Lack of data security - Target, Sony Madison etc
+    * [[https://www.torproject.org/docs/faq.html.en|Tor]]
+    * Born out of the [[http://www.onion-router.net/|onion routing project]] run by the Naval Research Lab
+  * VPN's
+    * Virtual Private Networks - encrypted communications via IP tunnels
+  * Dark Web
+    * Accessed via Tor using directories or shared links from trusted collegues rather than search engines
+  * Deep web
+    * The large protion of the Internet behind firewalls or part of a secure Wide Area restricted network
+    * Requires login & generally accessed via a VPN (Virtual Private network)
+  * Crypto currency
+    * Bitcoin and the block chain
+    * Distributed public ledger
+===== Live Distibutions =====
+List of known certification allowing booting from Secure Boot (UEFI = Unified Extensible Firmware Interface) BIOS
+  * Ubuntu and it's derivitaves (Mint)
+  * Debian
+  * Arch
+===== Demonstrations =====
+  * [[http://map.norsecorp.com/v1/|Hacking live map & table]]
+  * [[https://addons.mozilla.org/en-US/firefox/addon/lightbeam/|Lightbeam plugin]]
+  * [[https://panopticlick.eff.org/|Browser fingerprint]]
+  * [[https://www.howsmyssl.com/|How's My SSL?]]
+===== Tools & resource links =====
+**Do your part to resist Government surveillance and take back your privacy:**
+==== Computer Software ====
+  * Browser Privacy: [[https://www.eff.org/https-everywhere|HTTPS Everywhere]], [[https://addons.mozilla.org/en-US/firefox/addon/ublock/|UBlock]] or [[https://github.com/gorhill/uBlock|gorhill/uBlock · GitHub]] + [[https://www.disconnect.me/|Disconnect]], [[http://noscript.net/|NoScript]] (FireFox), [[https://chrome.google.com/webstore/detail/notscripts/odjhifogjcknibkahlpidmdajjpkkcfn?hl=en|NotScript]] (Chrome)
+  * VPNs: [[https://help.riseup.net/en/vpn|Risup.net]][[https://www.privateinternetaccess.com/|Private Internet Access]] (US), [[http://btguard.com/|BTGuard]] (Canada), [[http://www.itshidden.eu/|ItsHidden]] (Africa), [[https://ipredator.se/|Ipredator]] (Sweden), [[http://faceless.me/|Faceless.me]] (Cyprus / Netherlands)
+  * Internet Anonymity: [[https://www.torproject.org/|Tor]], [[https://www.torproject.org/projects/torbrowser.html.en|Tor Browser Bundle]], [[http://i2p2.de/|I2P]]
+  * Disk Encryption: [[http://www.truecrypt.org/|TrueCrypt]] (Windows / OSX / Linux), [[http://support.apple.com/kb/ht4790|File Vault]] (Mac).
+  * File/Email Encryption: [[https://www.gpgtools.org/|GPGTools]] + [[https://www.gpgtools.org/gpgmail/index.html|GPGMail]] (Mac), [[http://www.gpg4win.org/|GPG4Win]] (Windows), [[http://www.enigmail.net/home/index.php|Enigmail]] (Windows / OSX / Linux) * Instant Messaging (IM) Encryption: [[http://www.pidgin.im/|Pidgin]] + [[http://www.cypherpunks.ca/otr/|Pidgin OTR]]
+  * IM/Voice Encryption: [[http://mumble.sourceforge.net/|Mumble]], [[https://jitsi.org/|Jitsi]]
+  * Phone/SMS Encryption: [[http://www.whispersystems.org/|WhisperSystems]], [[https://guardianproject.info/apps/ostel/|Ostel]], [[https://myceli.al/projects/spore-android-client|Spore]], [[http://threema.ch/en/|Threema]], [[https://silentcircle.com/|Silent Circle]] ($$$)
+  * Google Alternative: [[https://duckduckgo.com/|DuckDuckGo]], [[https://startpage.com/|StartPage]]
+  * Digital P2P Currency: [[http://bitcoin.org/|BitCoin]]
+  * Live Anonymous/Secure Linux: [[https://tails.boum.org/|TAILS Linux]]
+==== Android Smart Phone ====
+  * [[https://f-droid.org/|F-Droid]]
+==== Resourses & Information ====
+  * General: [[https://ssd.eff.org/|EFF's Surveillance Self-Defense Project]], [[https://myshadow.org/|Me and my Shadow]], [[https://www.privacytools.io/|privacy tools - Privacy.io]], [[https://www.tacticaltech.org/|Tactical Technology Collective]], [[https://www.frontlinedefenders.org/|Front Line Defenders]], [[https://nofakeinternet.org/|No Fake Internet]]
+  * For Journalists:[[http://www.tcij.org/|Information Security for Journalists- Centre for Investigative Journalism]].[[https://www.schneier.com/blog/archives/2015/11/the_rise_of_pol.html|The Rise of Political Doxing - Schneier on Security]][[https://witness.org/|WITNESS | Human Rights Video]]
+  * Coders:[[https://vimeo.com/131115865|NDC Conference Keynotespeaker Bruce Schneier]]
+  * Passwords: [[http://xkcd.com/936/|xkcd: Password Strength]]
+  * [[https://en.wikipedia.org/wiki/Nineteen_Eighty-Four|Nineteen Eighty-Four]]
+  * Activists: [[https://www.frontlinedefenders.org|Digital Security and Privacy for Human Rights Defenders]]
+===== Quotes =====
+"You're making some herd immunity for the people who really do need it, for the people doing that work, because their traffic blends in with yours." [[http://www.zdnet.com/article/lessons-from-a-sydney-cryptoparty/#!|Tom Sulston]]
+"Security is complicated, it's more about operational security."
+"Surveillance and freedom are compatible = not"
+"Privacy is a matter of individual choice as to what to reveal about one’s behaviour to others, whereas anonymity, in the modern commercialised celebrity-driven world, is assumed to represent a harsh societal dismissal of individual worth."
+"The public’s willingness to voluntarily—nay, enthusiastically—sacrifice privacy is fuelled by a very modern fear of being ignored in a culture where the most observed are the most valued."
+The main price paid by turning the war on terror into a war on the public’s right to know, a bipartisan crusade, is that it destroys the foundation of democracy—an informed public."
+"If you're not the customer you are the product" **is an older saying** "Now you are the customer and the product"
+"Secret orders based on secret interpretation of secret law"
+"Data is the pollution of the information age"
+====== Cygnet CryptoParty Poster ======
+{{:cygnet:ccp.pdf|Cygnet CryptoParty Poster}}
+{{:cygnet:ccp-flyer.pdf|Cygnet CryptoParty Flyer}}