Search Mailing List Archives
[liberationtech] CryptoParty Handbook
asherwolf at cryptoparty.org
Mon Oct 8 23:36:55 PDT 2012
On 9/10/12 9:46 AM, Jacob Appelbaum wrote:
> I'm sorry to say it but a lot of the users have been here for a while -
> most people that use crypto just don't know they're doing it.
> Ironically, if users don't get good advice, they'll just be in the same
> spot - thinking they're safe when they're not - all over again!
That's what we want to avoid.
> I think that the real changes belong in the platforms - anything that
> requires configuration is probably already doomed to fail and screw a
That requires pushing developers to create user accessible, secure
>That's generally the approach that I've seen work - everything
> that requires 0) user education and 1) realistic honesty about threats
> or risks results in 2) denial or mistakes or a bork'ed tool shooting the
> user in the foot.
We don't know what we don't know. We're asking for help, and I at least,
appreciate your imput.
> Since clearly a few loud people were bent out of shape by my comments -
> they have no idea that I encouraged you or tried to help out; so let me
> set the record straight: go you!
Thanks, I appreciate the support. All of your contribution is appreciated.
> I think it is *great* to make the book and I think it is great to do it
> with a set of unifying principles - it will help to ensure that good
> stuff gets into the book and crappy stuff stays out of the book or is so
> noted as crappy or contentious. I think that means that peer review is
> essential before rushing to publish.
Agreed, and I did voice concerns at the short deadline for publishing.
> I really encourage you to put in a few chapters about the following:
> social and technical compartmentalization
> targeted exploitation realities (from Core Impact to Metasploit)
> threat modeling
> intention/goal based risk analysis
> physical security risks
> practical information on real surveillance/censorship systems
> getting involved
> going from a user (to a translator or...) to a developer
> outlining the currently missing tools that we need to build
This list is appreciated. Thank you for the feedback.
More information about the liberationtech