*Hello Everyone,
firstly greetings from CryptopartyLondon our second big meetup is coming up
on the 19th October. I will be so happy to share that PDF
https://cryptoparty.org/wiki/CryptoPartyHandbook and I have been trying my
best to keep my computer on to see the torrent
https://cryptoparty.org/wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10/10/2012 06:10 AM, Julian Oliver wrote:
> Seth, your comments about the Quantum Crypto text are excellent
> and, on looking more closely, factually correct. I personally don't
> think such material has a place in a handbook like this but with
> y
..on Wed, Oct 10, 2012 at 03:08:25PM +0200, Sacha van Geffen wrote:
> Hi Julian,
>
> On 10/10/12 13:41, Julian Oliver wrote:
> > Hey Sasha,
> >
> .
> >
> > The book is a handbook, so it should contain the HOWTOs alongside
> > introductions
> > to core concepts, threats, etc. There was a lot
Hi Julian,
On 10/10/12 13:41, Julian Oliver wrote:
> Hey Sasha,
>
.
>
> The book is a handbook, so it should contain the HOWTOs alongside
> introductions
> to core concepts, threats, etc. There was a lot missing from Basic Internet
> Security that needed to be covered for it to be a guide f
Hey Sasha,
..on Wed, Oct 10, 2012 at 01:08:22PM +0200, Sacha van Geffen wrote:
>
> congratulations with the cryptoparty book;
>
> On 10/10/12 12:10, Julian Oliver wrote:
>
> > Indeed the unchecked references to PPTP were unfortunate, imported from the
> > book
> > Basic Internet Security (Gerb
Hi Julian,
congratulations with the cryptoparty book;
On 10/10/12 12:10, Julian Oliver wrote:
> Indeed the unchecked references to PPTP were unfortunate, imported from the
> book
> Basic Internet Security (Gerber, Hassan, Stein, van Geffen, van Santen, van
> der
> Velden, den Tex, Schmidt et a
..on Wed, Oct 10, 2012 at 12:10:10PM +0200, Julian Oliver wrote:
>
> There's a conspicuous lack of OpenVPN clients out there for Smartphones.
Should've read:
There's a conspicuous lack of OpenVPN clients out there for non-rooted
Smartphones making L2TP/IPSec is the next best choice.
Cheers,
--
Hi list,
Great to be subscribed!
I'm one of the core group that spearheaded the CryptoParty Handbook here in
Berlin and thought I'd share a few words on its reception.
I'd like to emphasise that the point of the book is not as a static reference
guide but a text intended to grow in direct resp
On 12-10-09 1:53 PM, Jacob Appelbaum wrote:
Heather Marsh:
Yes, you are outlining two cases where you are communicating with people
you know as a person known to them. I am suggesting we (as in large
scale movements around the world) need to look more closely at data
driven (as opposed to person
ttscanada:
> On 12-10-09 10:41 AM, Jacob Appelbaum wrote:
>> ttscanada:
>>> On 12-10-09 4:23 AM, Bernard Tyers - ei8fdb wrote:
Sending a PGP encrypted e-mail to you mom, should be as easy as
sending an un-encrypted e-mail to your mom. But the education of
why you should be sending an
Case in point: I received an invitation under the names of five separate
organizations I am affiliated with (none of which are OWS related) to
fill this out. It originally said real name required, was changed to
alias after I objected publicly, but the rest still stands.
http://occupywallst.
On 12-10-09 10:41 AM, Jacob Appelbaum wrote:
ttscanada:
On 12-10-09 4:23 AM, Bernard Tyers - ei8fdb wrote:
Sending a PGP encrypted e-mail to you mom, should be as easy as
sending an un-encrypted e-mail to your mom. But the education of
why you should be sending an e-mail encrypted should also b
ttscanada:
> On 12-10-09 4:23 AM, Bernard Tyers - ei8fdb wrote:
>> Sending a PGP encrypted e-mail to you mom, should be as easy as
>> sending an un-encrypted e-mail to your mom. But the education of
>> why you should be sending an e-mail encrypted should also be given.
>> Granted, a valid threat-
Asher Wolf:
> On 9/10/12 10:36 PM, Jacob Appelbaum wrote:
>>
I did not work on the technical aspects of the book. I cannot. I do not
have the right skill set.
>
>> This attitude, I think, is a key issue this community and many others
>> face. You cannot? Or you will not?
>>
>> I believe
Bernard Tyers - ei8fdb:
>
> On 8 Oct 2012, at 23:46, Jacob Appelbaum wrote:
>
>> Asher Wolf:
>>> The argument everyone is politely avoiding - while pondering the
>>> numerous ways CryptoParty will expose already compromised
>>> individuals - is whether the masses SHOULD use crypto.
>>>
>
>> I'
On 12-10-09 4:23 AM, Bernard Tyers - ei8fdb wrote:
Sending a PGP encrypted e-mail to you mom, should be as easy as
sending an un-encrypted e-mail to your mom. But the education of why
you should be sending an e-mail encrypted should also be given.
Granted, a valid threat-model should be explain
On 9/10/12 10:36 PM, Jacob Appelbaum wrote:
>
>> > I did not work on the technical aspects of the book. I cannot. I do not
>> > have the right skill set.
> This attitude, I think, is a key issue this community and many others
> face. You cannot? Or you will not?
>
> I believe that you are totall
> I still haven't understood the canonical url for editing - can you tell
> me where the main book editing page is? I agree with Adam that Github
> won't involve the right people but if that is the only interface, I'll
> fork the book and send a pull request.
Thanks, please list issues here:
htt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 8 Oct 2012, at 23:46, Jacob Appelbaum wrote:
> Asher Wolf:
>> The argument everyone is politely avoiding - while pondering the
>> numerous ways CryptoParty will expose already compromised individuals -
>> is whether the masses SHOULD use crypto.
>
Katrin Verclas:
> Can I just say - I love you, woman. Go tell it to the rather narrow-minded
> boys.
Your email really underlines the tension between people in the overall
community. That tension is a very fair thing to underline.
Perhaps such a gender narrative doesn't create points of unity?
I
Asher Wolf:
> On 9/10/12 9:46 AM, Jacob Appelbaum wrote:
>
>> I'm sorry to say it but a lot of the users have been here for a while -
>> most people that use crypto just don't know they're doing it.
>> Ironically, if users don't get good advice, they'll just be in the same
>> spot - thinking they'
*is quietly drowning in nostalgia*
NK
On 10/9/2012 7:36 AM, Jacob Appelbaum wrote:
> Asher Wolf:
>>
>> Re: the book edit portal - I do not have control over the platform it is
>> being edited on. The handbook project was launched by people in Berlin's
>> CryptoParty, and I was brought on board at
Asher Wolf:
> My biggest concern is with getting insecure suggestion out of the book
> asap. Jake, if the entire chapter is worse than useless, please delete it?
>
I still haven't understood the canonical url for editing - can you tell
me where the main book editing page is? I agree with Adam tha
Asher Wolf:
>
> Re: the book edit portal - I do not have control over the platform it is
> being edited on. The handbook project was launched by people in Berlin's
> CryptoParty, and I was brought on board at a later point.
>
I think it isn't even clear where the portal is located. I think it
sh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 7 Oct 2012, at 22:35, Brian Conley wrote:
> Greg its called orbot and it runs on Android. Secondly I used to agree with
> you, but I'm increasingly coming to the conclusion that user education, not
> simplification, is the more important piece o
On Tue, Oct 9, 2012 at 9:00 AM, Andy Isaacson wrote:
> That's expected, because you're still going through the translation
> layer.
Ok, I now see the faulty assumption in my experiment — blocks are
added to the mapping only after being erased.
> If you had instead hooked up a microcontroller to
Can I just say - I love you, woman. Go tell it to the rather narrow-minded
boys.
On Oct 7, 2012 7:40 PM, "Asher Wolf" wrote:
> The argument everyone is politely avoiding - while pondering the
> numerous ways CryptoParty will expose already compromised individuals -
> is whether the masses SHOULD
On Fri, Oct 05, 2012 at 05:43:46AM +0200, Maxim Kammerer wrote:
> Did anyone try this with devices that are supposed to be resistant to
> file shredding due to wear leveling? I tried the following on two USB
> keys, one ~12 years old, another ~6 years old, both formatted as
> FAT32:
>
> echo test_
On 9/10/12 9:46 AM, Jacob Appelbaum wrote:
> I'm sorry to say it but a lot of the users have been here for a while -
> most people that use crypto just don't know they're doing it.
> Ironically, if users don't get good advice, they'll just be in the same
> spot - thinking they're safe when they're
My biggest concern is with getting insecure suggestion out of the book
asap. Jake, if the entire chapter is worse than useless, please delete it?
x. Asher
On 9/10/12 9:36 AM, Jacob Appelbaum wrote:
> The chapter that talked about using PPTP is straight up crazy talk.
> Anyone using PPTP is worse
Re: the book edit portal - I do not have control over the platform it is
being edited on. The handbook project was launched by people in Berlin's
CryptoParty, and I was brought on board at a later point.
On 9/10/12 9:30 AM, Jacob Appelbaum wrote:
>> @samthetechie
>>
>
> Why were you offended?
>
Asher Wolf:
> The argument everyone is politely avoiding - while pondering the
> numerous ways CryptoParty will expose already compromised individuals -
> is whether the masses SHOULD use crypto.
>
I'm not ignoring it and most of the world has been using crypto for
online stuff since SSLv2 was re
Greg Norcie:
> Any book written by non-experts about something as complicated as crypto
> will have imperfections.
>
> But sometimes security researchers become paralyzed with the need for
> something to be perfect. You need to look at it from a public health
> perspective.
Also - sometimes peopl
Samuel Carlisle:
> I was actually really offended by @ioerror's comment on twitter. Even if it
> was justified technically I think the mature approach is to use his
> personal reach and voice online to rally collaborators to help make the
> handbook better not declaim it for the sake of it... I nea
hi
Interesting discussion about the handbook.
Its great to see so much energy around this book. I read through all the
posts here and actually this conversation lead me to Liberation Tech
which I didn't know of before so happy to find it.
I agree with prior comments that if there are any issues
Edits to the #CryptoParty handbook can be made here:
https://github.com/cryptoparty/handbook
--
Unsubscribe, change to digest, or change password at:
https://mailman.stanford.edu/mailman/listinfo/liberationtech
The argument everyone is politely avoiding - while pondering the
numerous ways CryptoParty will expose already compromised individuals -
is whether the masses SHOULD use crypto.
Rain-check: it's happening - or at least, the users are are trying -
regardless of whether they're are doing it right, o
Greg its called orbot and it runs on Android. Secondly I used to agree with
you, but I'm increasingly coming to the conclusion that user education, not
simplification, is the more important piece of the user security and
privacy problem. That said, the tools do need to get more accessible, but
we a
Alec,
In the span of one hour twenty one minutes you've decided this is a place
to have the crypto debate?
Greg, first of all it already is as easy to use tor as use an ipod. It's
called
On 7 Oct 2012 23:07, "Alec Muffett" wrote:
> Sigh.
>
> The handbook is not perfect by any means, but someone
Sigh.
The handbook is not perfect by any means, but someone using it is
> probably better off than if they were simply going in blind.
>
...and "50 Shades of Grey" is better than nothing as far as relationship
manuals go?
Yes, that's flippant, but (eg) someone to whom I am talking has just
downl
Any book written by non-experts about something as complicated as crypto
will have imperfections.
But sometimes security researchers become paralyzed with the need for
something to be perfect. You need to look at it from a public health
perspective.
The handbook is not perfect by any means, but s
I was actually really offended by @ioerror's comment on twitter. Even if it
was justified technically I think the mature approach is to use his
personal reach and voice online to rally collaborators to help make the
handbook better not declaim it for the sake of it... I nearly tweeted back
with the
I think Jacob has some issues about the CryptoParty Handbook. As he
noted on Twitter:
"The #CryptoParty handbook is really unimpressive and fraught with
peril. A good idea and a nice effort but ultimately quite dangerous."
Would love to hear why.
Thanks,
Yosem
On Sun, Oct 7, 2012 at 12:09 PM,
I think this is a great project.
But I do think that a manual is a stopgap measure - it would also be
great if we worked towards making these tools usable enough that they
didn't need a manual.
If we can make an iPod so easy enough for our grandparents to use, we
should be able to do the same wit
* KheOps schrieb am 2012-10-05 um 14:17 Uhr:
> I was wondering if a LaTeX file + git repository could be a good idea?
> Any comment on this?
I think this is the best option.
--
Jens Kubieziel http://www.kubieziel.de
--
Unsubscribe, change to digest, or change p
On Fri, Oct 5, 2012 at 7:03 AM, Michael Zeltner wrote:
> Excerpts from Jonathan Corbet's message of 2012-10-05 15:52:31 +0200:
>> This seems like good stuff, but I have to ask one obnoxious question: what
>> is the actual license for the book? "Creative Commons" covers a wide
>> range of possibil
Excerpts from Jonathan Corbet's message of 2012-10-05 15:52:31 +0200:
> This seems like good stuff, but I have to ask one obnoxious question: what
> is the actual license for the book? "Creative Commons" covers a wide
> range of possibilities from truly free to nearly fully proprietary. I
> can't
On Thu, 4 Oct 2012 14:13:13 -0700
Andrew Mallis wrote:
> This 392 page, Creative Commons licensed handbook is designed to help those
> with
> no prior experience to protect their basic human right to Privacy in
> networked, digital domains.
This seems like good stuff, but I have to ask one obn
Good day to you all :)
On 10/05/2012 03:57 AM, Griffin Boyce wrote:
> Hey all,
>
> Considering both the complexity of material and the time constraints
> involved, the handbook came out beautifully. It's well-laid out and
> covers a surprisingly large number of topics step-by-step at a beginner
On Fri, Oct 5, 2012 at 8:33 AM, Eugen Leitl wrote:
> Wear levelling is a function of newer devices (your old
> USB flash sticks are unlikely to have it, but your new
> SSD definitely has) and it hides damaged blocks
> transparently by using the overprovisioned flash
> block pool (its size dependin
On Fri, Oct 05, 2012 at 05:43:46AM +0200, Maxim Kammerer wrote:
> Did anyone try this with devices that are supposed to be resistant to
> file shredding due to wear leveling? I tried the following on two USB
Wear levelling is a function of newer devices (your old
USB flash sticks are unlikely to
On Fri, Oct 5, 2012 at 2:06 AM, Seth David Schoen wrote:
> NIST and others have thought about what appropriate cryptographic key lengths
> are to respond to the phenomenon of computers getting faster. That's why
> current NIST recommendations call for using 2048-bit RSA instead of 1024-bit
> RSA
At the moment, public edit function on the crowd-sourced portal for the
CryptoParty Handbook has been removed due to ongoing attempts at
vandalism of the document.
If you would like to contribute, make edits or alterations, please
either email me at: asherw...@cryptoparty.org
On 5/10/12 12:11 PM
Andrew Mallis writes:
> This 392 page, Creative Commons licensed handbook is designed to help
> those with no prior experience to protect their basic human right to
> Privacy in networked, digital domains... Most importantly however
> this handbook is intended as a reference for use during Crypt
If someone wanted to make an edit, what is the best way to note that or
redistribute a derivative work?
Thanks for the hard work!
On Oct 4, 2012 9:27 PM, "Asher Wolf" wrote:
> As one of the people asked to participate in the writing in the
> CryptoParty Handbook, I was initially concerned about
Hey all,
Considering both the complexity of material and the time constraints
involved, the handbook came out beautifully. It's well-laid out and covers
a surprisingly large number of topics step-by-step at a beginner level.
Anyone who has a solid understanding of how to use the internet can be
For what it's worth regarding multiple passes to sanitize data:
http://www.infosecisland.com/blogview/16130-The-Urban-Legend-of-Multipass-Hard-Disk-Overwrite.html
http://cs.harvard.edu/malan/publications/pet06.pdf
On Thu, Oct 4, 2012 at 5:06 PM, Seth David Schoen wrote:
>
> I was also concerned b
As one of the people asked to participate in the writing in the
CryptoParty Handbook, I was initially concerned about the speed at which
it was being produced.
However, noting the need for crowd-sourced participation on the text,
and the number of attempts to vandalize the document, I do believe i
Andrew Mallis writes:
> FYI
>
> This 392 page, Creative Commons licensed handbook is designed to help
> those with no prior experience to protect their basic human right
> to Privacy in networked, digital domains. By covering a broad array
> of topics and use contexts it is written to help anyone
FYI
This 392 page, Creative Commons licensed handbook is designed to help those
with no prior experience to protect their basic human right to Privacy in
networked, digital domains. By covering a broad array of topics and use
contexts it is written to help anyone wishing to understand and then
60 matches
Mail list logo
