tfp
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
tfp [2013-09-05 12:15] – update jane | tfp [2013-10-15 16:35] – jane | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ===== Tinfoil | + | ====== Tinfoil |
- | Overall goal: | + | |
- | Date: 2013-10-11 | + | Overall goal: Increase capability of citizens to create privacy.\\ |
- | Venue: Main room of the Edinburgh Hacklab | + | Date: 2013-10-18 or 2013-10-25\\ |
+ | Venue: Main room of the Edinburgh Hacklab\\ | ||
+ | |||
+ | ===== Intro ===== | ||
+ | |||
+ | We get our tinfoil hats on to save us from the cosmic death rays, and talk crypto for a night to keep the aliens out of our business. If you want to learn how to manage your privacy in the cloud better, this event would be a perfect place to start. On the first night we will introduce the complicated myth of online privacy, and talk about GPG, the Web of Trust, and encrypting emails to introduce a false sense of security. Tinfoil hats will be provided, but be sure to have your laptop at hand. | ||
+ | |||
+ | ===== Structure ==== | ||
+ | |||
+ | First night: | ||
+ | * Disclaimer: the tools presented in the workshop are only useful if the rest of the system is well protected, too. This means the system' | ||
+ | * analyze e-mail headers to raise awareness(? | ||
+ | * GPG - janem | ||
+ | * Keysigning party! | ||
+ | |||
+ | Second night: | ||
+ | * Truecrypt - rsdy | ||
+ | * Tor - ? | ||
+ | |||
+ | Length: ~3h | ||
+ | |||
+ | ===== Good old e-mail ==== | ||
- | ====Good old e-mail==== | ||
Conduct a workshop that raises awareness that methods to send and receive encrypted emails are on hand. Train people with no public key, to generate a key pair with the applicable attributes. Enable them through a workshop to incorporate their key into the open source e-mail client [[http:// | Conduct a workshop that raises awareness that methods to send and receive encrypted emails are on hand. Train people with no public key, to generate a key pair with the applicable attributes. Enable them through a workshop to incorporate their key into the open source e-mail client [[http:// | ||
- | ===What is needed to make it happen=== | + | ===== What is needed to make it happen ===== |
* Participants (max 10 people) | * Participants (max 10 people) | ||
* What OS is used | * What OS is used | ||
Line 13: | Line 34: | ||
* Trainings material | * Trainings material | ||
* 3h | * 3h | ||
- | * | + | |
- | == update | + | ===== Update ===== |
We discussed to provide a workshop about disc encryption at the same evening. | We discussed to provide a workshop about disc encryption at the same evening. | ||
The challenge here is, that on top of providing applicable training material about disc encryption, more resource are needed to get a neat USB sticks done. | The challenge here is, that on top of providing applicable training material about disc encryption, more resource are needed to get a neat USB sticks done. | ||
I am not entirely sure if we have the capacity to do this on the first night. (Maybe an other go in Nov.) | I am not entirely sure if we have the capacity to do this on the first night. (Maybe an other go in Nov.) | ||
- | I am planning to limit the workshop content just to Thunderbird. I know there are x millions e-mail clients out there but I don't have the time to lock into all of them. It might be the best to promote the event early and see if enough participants would go for this selection. | + | I am planning to limit the workshop content just to Thunderbird. I know there are x millions e-mail clients out there but I don't have the time to look into all of them. It might be the best to promote the event early and see if enough participants would go for this selection. |
What is lacking is play: what do people belief is private/ | What is lacking is play: what do people belief is private/ | ||
Line 28: | Line 50: | ||
An other way is looking into OpenCV, to check if a lib. supports multiple face recognition. | An other way is looking into OpenCV, to check if a lib. supports multiple face recognition. | ||
- | Also I don't like this [[http:// | + | Also I don't like this [[http:// |
- | I know everyone is in for NSA, but I am tired of that. The wish to have privacy was around before and will be after. | + | I know everyone is in for NSA, but I am tired of that. The wish to have privacy was around before and will be after. |
- | We are not aware about the extend our private data are used for or against us but somehow this tech is also something we can hack and use for our purposes. (end of the bla bla part :)) | + | This includes as well the skill to access information. [[The Open Net Initiative |https:// |
+ | |||
+ | We are not aware about the extend our private data is used for or against us but somehow this tech is also something we can hack and use for our purposes. (end of the bla bla part :)) | ||
Anyway, maybe you have some ideas, how to hack ideas/ | Anyway, maybe you have some ideas, how to hack ideas/ | ||
- | I am moving now for a few weeks to Germany. I am looking forward | + | |
- | This Sunday | + | ===== Disk encryption/ |
+ | |||
+ | ==== Truecrypt ==== | ||
+ | |||
+ | Talk about the use of TrueCrypt and the best practices about store encrypted data. The goal would be to have everyone set up an encrypted container on their laptops, and copy files into it. Talk about the possible attack vectors and adversaries (usecases), that should be considered when using encrypted storage. Talk about picking a cypher/hash algo to feed conteo trolls, and talk hidden volumes | ||
+ | |||
+ | ==== GPG ==== | ||
+ | |||
+ | Part 2 should be based on the GPG part, for storing/ | ||
+ | |||
+ | |||
+ | ==== Draft Tin foil hat party announcement ==== | ||
+ | |||
+ | The reason why we keep certain information private, when and to whom we disclose it, is a private choice. | ||
+ | The Edinburgh Hacklab hosts this month the first tin foil hat party to investigate together how you can hack your daily routine to limit access to this information (Yes, it is a cryptoparty.in with a hat). | ||
+ | |||
+ | The event has three parts to it: talk and workshop require booking and are limited to seven to nine participants. | ||
+ | The last part is the key signing party, which is open to all and kicks of at 9pm. All parts of the event are free to attend. This is brought to you by regular membership fees and donations to the Hacklab. (Look a donate button :)) | ||
+ | |||
+ | Here is the agenda for the night: | ||
+ | Talk: | ||
+ | Disclaimer: the tools presented in the workshop are only useful if the rest of the system is well protected, too. This means the system' | ||
+ | |||
+ | Workshop 2 1/2h: | ||
+ | Setting up a GnuPG RSA 4096-bits key pair | ||
+ | Encrypt and decrypt e-mails using Thunderbird | ||
+ | |||
+ | Reference: | ||
+ | securityinabox.org/ | ||
+ | cryptoparty.in/ | ||
+ | |||
+ | Here is what you need for the key signing party | ||
+ | * Be there: physical attendance (with tin foil hat). | ||
+ | * Have your passport/ | ||
+ | * Have your key ID, key type, fingerprint, | ||
+ | |||
+ | |||
+ | Here some notes: | ||
+ | The timing | ||
+ | |||
+ | ==== You would like to wear your tin foil hat at home? ==== | ||
+ | |||
+ | Some advice on how to bypass online censorship | ||
+ | http:// | ||
+ | |||
+ | ==== Sticker idea ==== | ||
+ | * edinburghhacklab: | ||
+ | * edinburghhacklab: | ||
+ | * edinburghhacklab: | ||
+ | * edinburghhacklab: | ||
+ | |||
+ | ==== Thunderbird with Enigmail ==== | ||
+ | |||
+ | Thunderbird with Enigmail is available on all major OS platforms (Linux, Mac, Windows) and is therefore | ||
+ | |||
+ | Alternative you become a customer and (which can be used by Thunderbird). | ||
+ | Start Thunderbird: | ||
+ | Menu -> Internet -> Thunderbird | ||
+ | Set up your new e-mail account in Thunderbird to use IMAP. (In the example, Yahoo Mail is used, but the method is the same for Gmail.) Make sure your firewall allows ports 993 (IMAP) and 465 (SMTP) and 11371 (HKP). | ||
+ | Thunderbird -> file -> New -> Mail Account... -> (Enter Your name, Email address, Password) | ||
+ | -> IMAP: Access folders and messages from multiple computers (ticked) -> Create Account | ||
+ | | ||
+ | Thunderbird -> OpenPGP -> Key Management -> Generate -> New Key Pair -> (fill in desired passpharase, | ||
+ | -> Advanced -> Key Size: | ||
+ | -> "We highly recommend | ||
+ | This method will use pre-selected key servers stored | ||
+ | Thunderbird -> OpenPGP -> Preferences -> Keyserver -> Specify your keyserver(s): | ||
+ | Turn off HTML in messages: | ||
+ | Thunderbird -> (Email Account ID) -> Composition & Addressing -> Compose messages in HTML format (unticked) -> OK | ||
+ | Send and sign encrypted email with your OpenPGP key. | ||
+ | Thunderbird -> Write -> (compose message) -> OpenPGP -> Sign Message (ticked) -> Encrypt Message (ticked) -> Send |
tfp.txt · Last modified: 2015-10-05 15:55 by 127.0.0.1