An interesting movement gaining momentum is cryptoparties, which is about learning and sharing fundamental survival skills.
I say “survival skills”, because it is about learning the fundamentals of communicating securely and privately. In some places in the world, this is a very tangible survival skill – right here, right now. People who don’t master this survival skill… disappear. In several places, it is outright social darwinism: people who master these skills survive, others don’t.
In other parts of the world, it can very quickly become a survival skill. The European Union and the United States alike are going down a path towards similar societies quickly – and Odin knows what will happen on the United States’ impending collapse 5-10 years from now when it runs out of new creditors.
From Cryptoparty.org:
CryptoParties are meetups to share and learn basic cryptographic tools such as PGP/GPG, Tor, OTR, TrueCrypt, etc. At CryptoParty, we teach, learn and share.
These are skills that will never be taught in official curriculums, so they must spread in the underbrush by necessity – just like the skills for sharing culture and knowledge using BitTorrent and similar tools have spread in the underbrush and now have reached 250 million Europeans and 150 million Americans, just like the skills on reflashing your Android phone with Cyanogenmod has spread to over a million in the underbrush.
It is all our duty to support that underbrush. Our own survival depends on other people we can communicate with securely, so it is in our interest that other people, too, know how to communicate without being wiretapped and… disappeared.
This movement has significant similarities to the early PGP keysigning parties, where people would meet to sign each other’s keys to establish a so-called cryptographic trust chain, but those assumed a much higher level of up-front knowledge about cryptography and public-key technology. The cryptoparties are more about learning the necessary skills from a fundamental level.
If you want a cryptoparty in your home town, why don’t you request one and tap into the community?
All my devices are walk-away safe: no confidence placed in me will be leaked if my phone, pad or notebook are stolen or forgotten. All my firewire ports are glued shut and disabled at the bios level. All my iron locks up on power loss and requires manual unlocking. I use encrypted, unwiretappable and untraceable voice communications and text communications. I use my own mail server and encrypt anything sensitive I put on Dropbox. I use Bitcoin for unseizable funds and money transfers. Today, these are survival skills. If you don’t know why, you should attend a cryptoparty.
(Hat tip to Asher Wolf and several others.)
Just out of curiosity, what software are you using for your encrypted voice/text communication (outside of the obvious mail/gpg). Also, what do you mean by “all my iron”? http://www.mobileiron.com ?
When I say “all my iron”, I mean all my stationary computers (servers in particular).
I use TextSecure for encrypted SMS messaging and RedPhone for encrypted voice communications over the telephone network (POTS).
I made some promotional pictures about cryptoparties, feel free to use them:
http://fav.me/d5bkpw7
http://fav.me/d5dck29
http://fav.me/d5djta6
http://fav.me/d5diqoj
This is fabulous.
“Bitcoin exchange BitFloor suspends operations after $250,000 theft”
http://www.theverge.com/2012/9/5/3293375/bitfloor-bitcoin-exchange-suspended-theft
Obvious cryptography, PGP etc. is no protection from a truly repressiive regime, as they can treat the use of cryptography as suffient graounds to make someone disapear. Similarly use of TOR is not safe under such regimes, as the use alone is against the regimes intrests in monitoring its citizens The communication has to avoid raising suspicions, which is where .Steganography come into play. Exchanging family photographs, or posting to and browsing a photosharing website gives such cover.
Hopefully cryptoparties can help to encourage widespread use of encryption for mundane purposes, so that it is no longer cause for suspicion.
It is true today that one could treat the use of PGP as ground for suspicios behaviour, but thats only because the use is so rare. If we take SSL who also uses cryptography, not even a truly repressiive regime can go and arrest every user. If every email was automatically encrypted, then it would be pointless to arrest every users who has encrypted emails. you would have to arrest every person in a country who uses the internet.
No need to arrest everybody to drive out the use of encryption, just ‘educate’ them by punishing the use of encryption by blocking emails, cutting of Internet access if cryptography is used etc. This would soon reduce use to a level that more direct action could be taken against the hold outs.
ONe technical error:
encrypt anything sensitive
Delete “sensitive”. Encrypt everything. Make Encryption standard. Anything wich does not securely encrypt must become lead in the warehouses.
> “These are skills that will never be taught in official curriculums”
Nonsense. See: https://www.coursera.org/course/crypto
Uh, did you read the course curriculum? An academic crypto course will not teach you about TrueCrypt, TOR, GPG, etc. An academic network security course however may, and also more obsolete tools such as mix-nets etc.
Related topic, forum for protection against malware, firewalls etc.:
http://www.wilderssecurity.com/
http://encrypteverything.ca/index.php/Cell_phone_privacy_guide_%28Android%29
“Assume your device can and will be compromised, completely, if lost or stolen.”
http://encrypteverything.ca/index.php/Cell_phone_privacy_guide_%28Android%29
Great article, but I do have a question: when you say “I use my own mail server”, what advantage does that, alone, give you?
I’ll elaborate: in my case, and I suspect, in that of an increasing number of people, over 90% of the mail sent or received, goes to or comes from gmail. So, either way, the mail will end up in google’s servers. If it’s not encrypted, that’s essentially the same as using gmail directly. And if it is encrypted—as it ought to be—whether it ends up stored is irrelevant.
Errata. in the previous comment, where “whether” is written, it should be “where”
Have anyone been ‘disappeared’ in Sweden? Anyway, in UK (and USA?) hackers have been ‘disappeared’, as in covertly assasinated by the government, if the hacker(s) who leaked the FBI list of IOS UDID:s is to be believed. (They don’t specifically say that the own govt. is the culprit, but it is hinted)
From Pastebin message from Anonymous/Antisec “In July 2012 NSA’s General Keith Alexander (alias the Bilderberg Biddy) spoke
at Defcon, the hacker conference in Las Vegas, wearing jeans and a cool EFF
t-shirt (LOL. Wtf was that?). He was trying to seduce hackers into improving
Internet security and colonoscopy systems, and to recruit them, ofc, for his
future cyberwars. It was an amusing hypocritical attempt made by the system to
flatter hackers into becoming tools for the state, while his so-righteous
employer hunts any who doesn’t bow to them like fucking dogs.
Well…
We got the message.
We decided we’d help out Internet security by auditing FBI first. We all know
by now they make Internet insecure on purpose to help their bottom line. But
it’s a shitty job, especially since they decided to hunt us down and jail our
friends.
It’s the old double standard that has been around since the 80’s. Govt Agencies
are obsessed with witchhunts against hackers worldwide, whilst they also
recruit hackers to carry out their own political agendas.
You are forbidden to outsmart the system, to defy it, to work around it. In
short, while you may hack for the status quo, you are forbidden to hack the
status quo. Just do what you’re told. Don’t worry about dirty geopolitical
games, that’s business for the elite. They’re the ones that give dancing orders
to our favorite general, Keith, while he happily puts on a ballet tutu. Just
dance along, hackers. Otherwise… well…
In 1989 hagbard (23yrs old) was murdered after being involved into cold war spy
games related to KGB and US. Tron, another hacker, was
murdered in 1998 (aged 26) after messing around with a myriad of cryptographic
stuff (yeah, it’s usually a hot item) and after making cryptophon easily
accesible for the masses. And then you have Gareth Williams (31), the GCHQ
hacker murdered and “bagged” inside a MI6’s “safe” house (we’d hate to see what
the unsafe ones look like) in August of 2010 after talking about being curious
about leaking something to Wikileaks with fellow hackers on irc. And the list
goes on. It’s easy to cover up when they want to, hackers often have complex
personalities, so faking their suicide fits well.
You are welcome to hack what the system wants you to hack. If not, you will be
punished.
Jeremy Hammond faces the rest of his productive life in prison for being an
ideological motivated political dissident. He was twice jailed for following
his own beliefs. He worked until the end to uncover corruption and the
connivance between the state and big corporations. He denounces the abuses and
bribes of the US prison system, and he’s again facing that abuse and torture at
the hands of authorities.
Last year, Bradley Manning was tortured after allegedly giving WikiLeaks
confidential data belonging to US govt… oh shit. The world shouldn’t know how
some soldiers enjoy killing people and even less when they kill journalists. Of
course, the common housewife doesn’t deserve to know the truth about the
hypocrisy in the international diplomacy or how world dictators spend money in
luxury whilst their own people starve. Yep, the truth belongs only to the
elite, and if you are not part of them (forget it, that won’t happen), fuck
yourself. ”
They claim that the UDID:s are sufficiently anonymized, but I won’t take the chance and spread it, because I know that de-anonymizing data sometimes can be easier than one might think, and I don’t have the time to extract and decrypt it in order to check anyway. If Rick wants to know, answer in this comment field, I won’t enter my email address unless it’s necessary, because I can’t seem to find a free secure email service. I guess I should attend a Cryptoparty!
Careful, there – your tinfoil hat is showing.
That is a rather surprising answer from someone who reads Falkvinge’s blog. Especially as my question is in response to his own words: “In some places in the world, this is a very tangible survival skill – right here, right now. People who don’t master this survival skill… disappear.”
Or are you talking about the part about de-anonymisation? I’m not sure where I read that, but very often two or more sets of seemingly anonymous data is actually identifying when combined.
[…] http://falkvinge.net/2012/09/05/cryptoparties-to-learn-essential-survival-skills/ TwitterFriendicaGaragePunkMoreFacebookLike this:LikeBe the first to like this. […]