Sounds great - I'd love a copy. I'm trying to consolidate experiences against experience levels and in my case ~regional~ options under disparate groups of IRGC monitoring and control.
Thanks for the offer - look forward to it. And will report back thoughts on the use-cases I was thinking on. -Ali On Tue, Aug 7, 2012 at 8:39 AM, Eric S Johnson <[email protected]>wrote: > The donor-funded Information Security Coalition is the largest > digital-security-for-activists project, so its mentors / cybersecurity > officers are among the best repositories of activists & journos’ > experiential information that is key to outlining an online-freedom threat > model for each target country. But it would be hard to get consensus among > all the possible actors in this field; the techsec training I recently held > for Zim activists might lead me to different conclusions than those of the > (at least two, just counting folks on LibTech) others who were there, > independently of each other and me, doing similar work just in the last > couple months. And that’s just one country. (Or maybe we’d agree. There’s a > surprising lack of cooperation/communication among the main players, even > though their absolute number is rather small.)**** > > It’s my impression that the biggest disagreement is over > whether we should be trying to teach everyone the maximum (on the > assumption that the bad guys are practically omnipotent, or could be), or > whether we should come to terms with the fact that if the solutions we > provide are too hard, no one will use them, which leads us to settling for > some version of “good enough.” (A classic example might be IM: some insist > we teach Pidgin+OTR (or Psi+OpenPGP, or whatever), which is the nuclear > option but which trainees, practically speaking, don’t end up using; others > settle for Skype, for which we can describe theoretical attacks but which, > in practice, has so far proved secure from inline interception, and which > trainees do use because its UI’s great one’s interlocutors are probably > also on it (Metcalfe’s law).)**** > > ** ** > > I know of about two dozen “guides for activists to stay safe online” (by > RSF, CPJ, EFF, RSF, etc.; they’re enumerated in my own 8p 30-point > cheat-sheet aggregation of data on this topic (aka “the SIDA PDF”), which > I’m happy to share with anyone who requests it—many of you have seen / > contributed to it), but the leading one is probably “Security in a Box” > (aka SiaB, by TTC+FLD) (currently (constantly?) being updated). Most of > these guides are informed by a lot of field experience (e.g. I’ve worked > in/on almost all the hostile countries—I even live in one of them).**** > > ** ** > > Best,**** > > Eric**** > > PGP<http://keyserver.pgp.com/vkd/DownloadKey.event?keyid=0xE0F58E0F1AF7E6F2> > **** > > ** ** > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Ali-Reza Anghaie > *Sent:* Tuesday, 07 August 2012 04:40 > *To:* Luke Allnutt > *Cc:* [email protected]; > [email protected] > > *Subject:* Re: [liberationtech] What I've learned from Cryptocat**** > > ** ** > > On Tue, Aug 7, 2012 at 4:25 AM, Luke Allnutt <[email protected]> wrote:** > ** > > > With Frank's message in mind, do list members have thoughts about the best > dumbed-down guide for activists to stay safer online? > > I know EFF, MobileActive, and Movements.org have done some good work in > this field, but wondered whether there is a consensus on a good short, > easy-to-understand document for activists? **** > > ** ** > > If there is an existing consensus - it's bound to be part of the problem.. > **** > > ** ** > > Snark aside, I'm serious.**** > > ** ** > > The biggest problem I've seen w/ any of these is the total lack of > understanding how all of these same target users dealt with Government > surveillance ~before~ us and what carryover behaviors still work for them > now.**** > > ** ** > > Set aside the Cryptocat project, where do the list managers or various > Faculty and Staff suggest we can gather the "requirements" from all of our > personal experiences. At least we have them to then start categorizing and > consolidating into a "message" for those trying to help the activists under > fire. -Ali**** > > _______________________________________________ > liberationtech mailing list > [email protected] > > Should you need to change your subscription options, please go to: > > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > If you would like to receive a daily digest, click "yes" (once you click > above) next to "would you like to receive list mail batched in a daily > digest?" > > You will need the user name and password you receive from the list > moderator in monthly reminders. You may ask for a reminder here: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > Should you need immediate assistance, please contact the list moderator. > > Please don't forget to follow us on http://twitter.com/#!/Liberationtech >
_______________________________________________ liberationtech mailing list [email protected] Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech
