[Noisebridge-discuss] CryptoParty! or, keysigning parties go all ScaryCaps
Quinn Norton
quinn at quinnnorton.com
Sat Sep 8 22:32:34 UTC 2012
On 9/8/12 11:09 PM, Jonathan Lassoff wrote:
> On Sat, Sep 8, 2012 at 3:01 PM, Quinn Norton <quinn at quinnnorton.com> wrote:
>> On 9/8/12 8:23 PM, Jonathan Lassoff wrote:
>>> Yeah, in more seriousness, I'm interested in more keysigning and
>>> preparation for a { present where we want to | future where we may
>>> need to } use more crypto.
>>>
>> I'm just going to point out that keysigning is a terrible idea. ARGUMENT:
>> BEGIN! :)
> What's so bad about them?
They create a social network. For me, this means they create a
convenient way for an attacker to hunt down and kill or arrest my
sources. And since they're persistent in time, if I have /ever/ been
connected to you, well, it means if anyone in the chain becomes
interesting, it puts the whole chain in danger.
>> But you know what would be awesome to add in to a cryptoparty? Discussions
>> of threat modelling!
> This is always fun to theorize and imagine about, but doesn't seem
> very productive.
Threat modeling is the start point to any good security culture. If you
don't even try to understand threats, you can learn all the tools you
want, you won't know when to use what. Threat modeling is a skill, but
it's a mental and cultural skill. It's learning about the environment
and updating your tools and tactics. Otherwise, we're all like surgeons
with a lot of cool knives and a patient, but no diagnose. Let's just cut
that fucker 'til he gets better!
But it's not saying "what if..." over a bottle of scotch until the sun
comes up (which is also fun and i recommend it, even though it's not
threat modeling) it's looking at the possible avenues of attack,
figuring out which attackers you care about and why, and designing a
security culture around that. For instance, whether you're in US
jurisdiction or not makes a big difference on whether you should be
guarding against the administrative subpoena. That's going to lead you
to tools that aren't so much cryptographic as non-logging. If we use
gchat OTR the gov can still find out every time we talked. if we use
chat in a Decent game, it may not be encrypted, but it's also not
persistent -- no persistence, no subpoena.
>> seewhatididthere?
> Troll detected? I can't tell.
>
By questioning keysigning, I kicked off a discussion about modeling when
and where threats come from. We should talk and think about what makes
some technologies good, and how or where they structurally fail for our
situation. Crypto is great, I fucking /love/ the idea of cryptoparties,
precisely because they are a chance to not just download packages, but
learn about and share security culture.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120908/1fc8e024/attachment-0003.html>
More information about the Noisebridge-discuss
mailing list