Newcastle-upon-Tyne, United Kingdom (Planning Page)

Poster and some visuals currently hosted on Flickr at https://www.flickr.com/photos/137781729@N08/albums/72157667234594126.

Groups Contacted

Which groups have we already contacted with our call for volunteers?

Record alpahbetically who you've emailed so we don't hit the same group more than once:

  • aktivix-discuss
  • cryptoparty GBR list
  • dfs3
  • durham linux user group
  • hacktionlab
  • ORG North East
  • owasp newcastle uk chapter
  • star and shadow volunteers

Past Events

2016-03-07, Planning Meeting

A meeting to plan a cryptoparty.

Where: the former Crèche room on level 2, Newcastle City Library (Charles Avison building), Newbridge Street [map]

When: 6PM, Thursday March 17th 2016. Please be prompt as we need to finish before the library closes.

Agenda:

  1. Introductions
  2. An overview of the cryptoparty idea and what we are trying to achieve
  3. Take stock of our resources - people, spaces, other
  4. Make a decision about where & when to hold a cryptoparty
  5. Decide on priorities for content delivery at the party
  6. Publicity - volunteers to make materials, who has access to channels
  7. Roles on the day
  8. Summary & close.

Potential Current / Future Party Topics

Security Topics

Topic Notes Person
Two Factor Authentication Google/Facebook etc. (with mention of why you might want to completely avoid goo / fb)
HTTPS Everywhere / Ad-Blocking Browser Extensions http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/
Full Disk Encryption How? Is there a good audited Windows solution? - TrueCrypt 7.1a has the privilege escalation vulnerabilities (CVE-2015-7358,CVE-2015-7359) and the forks (VeraCrypt etc.) haven't received as much scrutiny from the security community as may be desired.

Linux - use dmcrypt / LUKS, easily done as part of installation however beware the Evil Maid attack, e.g. keep your boot partition on a USB key. For removable media, use cryptsetup from the command line, or gnome-disk-utility
NoScript Advanced! - but will probably at least need touching if we're going to be covering the Tor Browser Bundle.

Browsing Privacy

Topic Notes Person
Tor Browser Bundle
TAILS
Privacy Protecting Browser Addons
Orbot + Orfox Tor Browser for Android. Are there iOS equivalents?

Communications Privacy

Topic Notes Person
PGP Encrypting and signing email.
Signal OpenWhisperSystems' Signal will be focused on at the party, but LibreSignal may be mentioned for users who are already using third-party app repositories and have already enabled running third-party APKs on their phones. (It's not appropriate to recommend this to everyone, since they'd probably also need to know how to set up a gradle build environment on the basis that LibreSignal isn't available in F-Droid and will need to be built from source).
Ricochet Most secure - No metadata analysis possible, but IM only.
Jitsi Probably the most effective “drop-in Skype replacement” at the moment but I'd want to be careful not to mislead anyone into thinking that metadata analysis wasn't possible with this - it is, due to its use of centralised XMPP services.
XMPP+OTR This has been popular at CryptoParties for a while, but the additional security offered by Ricochet means it is effectively deprecated. Can be covered if people think it is particularly a good idea.

Regarding the various different instant messengers, there's an accessible and up-to-date blog post here: https://blog.grobox.de/2016/briar-next-step-of-the-crypto-messenger-evolution/

Miscellaneous

Topic Notes Person
Linux This is a pretty involved topic - do we try and make an effort to cover it and its advantages? Perhaps we could just have table for FLOSS advocacy, including Gnu/Linux, with some live distros available to try? (e.g. TAILS)
Free and Open Source Software Potential benefits of using FLOSS. Cover “Why Firefox vs Chrome” etc.
Phones Special considerations regarding the spy in your pocket, e.g. FSFE's 'free your android' project

Experimental / Emerging Technologies

These are not likely to be covered in current CryptoParty events, but group members might like to keep an eye on them in case they mature into projects that are worth demonstrating at future parties.

Topic Notes Person
ZeroNet / IPFS Peer-to-Peer websites.
Tor Messenger A similar project to Ricochet, but with the direct blessing of the Tor Project team.
Ring A possible alternative to Jitsi, but using direct peer-to-peer connections instead of connections via XMPP. Currently doesn't support group chat and the client is pretty lacking in features that would be familiar to a Skype user.
Libreboot A fantastic fully-free BIOS replacement that aims to work around potential issues with non-free motherboard firmware. I'd love to cover this, but it's in this section because it just isn't currently viable with the tiny 'supported device' list. The most recent devices (which are still fairly old) require extensive knowledge and hardware flashing.

Definitely one to watch for the future though, and the ultra-nerds amongst you may well salivate at the forthcoming 'Talos Secure Workstation' which is a Libreboot-supported 8-core/64-thread POWER8 workstation designed from the ground up to be fully free.