Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] CryptoParty Handbook

The Doctor drwho at
Thu Oct 11 12:47:18 PDT 2012

Hash: SHA1

On 10/10/2012 06:10 AM, Julian Oliver wrote:

> Seth, your comments about the Quantum Crypto text are excellent
> and, on looking more closely, factually correct. I personally don't
> think such material has a place in a handbook like this but with
> your clarifications it will at least render it great reference
> material. Your comments about journaled file-systems and
> shredders/wipers were super and so will be added to the next
> edition.

I think that quantum crypto needs to be explained in the 'book, at
least at a high level.  In some discussions I've had with people about
crypto, someone's always brought up "Quantum computers broke all
crypto anyway, so there's no reason to do all of this," followed by a
mostly uphill fight to convince them that there's no reliable evidence
that there are quantum computers at Ft. Meade pwning us all.

In other words, some solid ground to stand on when the trolls come
'round (and the do).  I've forked the repo on Github and when I get
some time this weekend I'll start working on some stuff.

> Missing chapters like Threat Modeling (introducing it to newbies,
> first of all)

This.  So much this.

> need to be written, as well as an unintimidating reference table
> for strength of encryption by type and threat context. This is
> something that came up in

I think there is some pretty reliable research out there that can be
referenced in the 'book.

> Still, I don't think it justifies those few security pros clumsily
> (and somewhat destructively) writing off the book entirely. Rather
> than being black and white

More 'dead duck' discussions, I take it?

> when it comes to security it's far more constructive to let people
> into the process of learning to think for themselves by
> understanding such particular risks; to be aware, agile and
> vigilant. Security itself is a process in constant

Toolkits, not cookbooks.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium:

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1

Sing loud!

Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the liberationtech mailing list