Created by Amber Adams / @amberadams aka @anarchival
Coders are the new Communists?
The Heartbleed bug is a programming
error in the OpenSSL library which
undergirds most of the
encrypted traffic on the Internet.
(speaking of encrypted traffic,
even once the bug is fixed,
you should be using
from the EFF).
They know you're pregnant,
Maybe even before your family does.
(you should install Privacy Badger from the EFF).
Creeps can use your own computer
to stalk you often with terrible consequences.
Sherlock Holmes reveals your IP, specs on your system
easy to find your location based on your IP
before even analysing the content of your unencrypted messages
Download and install the package.
Start the TOR browser, click Connect.
Use *only* the TOR browser
Use HTTPS (enabled by default)
Use bridges and/or find company
Don't torrent
Don't enable or install browser plugins
Don't open documents through TOR while online
Explore the Deep, Dark, Mysterious Net.
Host your own hidden services on a virtual machine.
Host your own torrents while you're at it, too.
Mac: Finder -> Applications -> Utilities -> Terminal
Linux: Browse to your Terminal application
(you probably already know where it is)
Windows: Install and use Cygwin
or partition your hard drive and dual boot to Linux
Linux Installfest @ PhreakNIC, Halloween weekend at the Maxwell House Hotel in Nashville.
A short introduction on the Web.
The man(ual) pages.
In the Beginning Was the Command Line by Neal Stephenson.
Mac: GPG Tools
Windows: GPG4Win
Linux:
gpg --version
sudo apt-get install gnupg
gpg --gen-key
--edit-key 12345678
adduid
gpg --armor --output mykeyname.asc --export
gpg --import pubkeyfile.asc
gpg --keyserver http://www.KeyServerUrl.com --keyserver-options honor-http-proxy --search-keys Email@Address.com
user@desktop$ cp -r ~/.gnupg /media/jumpdrive/
user@laptop$ cp -r /media/jumpdrive/.gnupg ~/
gpg --encrypt commies.list > commies.list.gpg
gpg --decrypt pink.list > pink.list
Enigmail plugin for Thunderbird
Evolution Mail: Edit -> Preferences -> Accounts -> Security Tab -> Key ID
gpg --output revoke.asc --gen-revoke 12345678
Encryption
No one else can read your instant messages.
Authentication
You are assured the correspondent is who you think it is.
Deniability
The messages you send do not have digital signatures that are checkable by a third party.
Perfect forward secrecy
If you lose control of your private keys, no previous conversation is compromised.
Install Pidgin.
Install OTR.
sudo apt-get install pidgin
sudo apt-get install pidgin-otr
Enable OTR plugin & generate key.
Manage permissions.
TOR
All software is configured to connect to the Internet through Tor. If an application tries to connect to the Internet directly, the connection is automatically blocked.
Use Anywhere, Leave No Trace
"Amnesic" because the only storage space it uses is the RAM on your computer, which is automatically erased when the computer shuts down.
Cryptographic Tools
LUKS, Linux standard for disk encryption
HTTPS Everywhere
encrypt and sign emails, documents with OpenPGP
protect IMs with OTR
securely delete files with Nautilus Wipe
Download the Tails ISO using bittorrent
Download and verify the Tails signing key.
Burn the ISO image to a disc.
Boot your computer from the disc.