[Noisebridge-discuss] CryptoParty! or, keysigning parties go all ScaryCaps

Quinn Norton quinn at quinnnorton.com
Sat Sep 8 22:32:34 UTC 2012


On 9/8/12 11:09 PM, Jonathan Lassoff wrote:
> On Sat, Sep 8, 2012 at 3:01 PM, Quinn Norton <quinn at quinnnorton.com> wrote:
>> On 9/8/12 8:23 PM, Jonathan Lassoff wrote:
>>> Yeah, in more seriousness, I'm interested in more keysigning and
>>> preparation for a { present where we want to | future where we may
>>> need to } use more crypto.
>>>
>> I'm just going to point out that keysigning is a terrible idea. ARGUMENT:
>> BEGIN! :)
> What's so bad about them?
They create a social network. For me, this means they create a 
convenient way for an attacker to hunt down and kill or arrest my 
sources. And since they're persistent in time, if I have /ever/ been 
connected to you, well, it means if anyone in the chain becomes 
interesting, it puts the whole chain in danger.
>> But you know what would be awesome to add in to a cryptoparty? Discussions
>> of threat modelling!
> This is always fun to theorize and imagine about, but doesn't seem
> very productive.
Threat modeling is the start point to any good security culture. If you 
don't even try to understand threats, you can learn all the tools you 
want, you won't know when to use what. Threat modeling is a skill, but 
it's a mental and cultural skill. It's learning about the environment 
and updating your tools and tactics. Otherwise, we're all like surgeons 
with a lot of cool knives and a patient, but no diagnose. Let's just cut 
that fucker 'til he gets better!

But it's not saying "what if..." over a bottle of scotch until the sun 
comes up (which is also fun and i recommend it, even though it's not 
threat modeling) it's looking at the possible avenues of attack, 
figuring out which attackers you care about and why, and designing a 
security culture around that. For instance, whether you're in US 
jurisdiction or not makes a big difference on whether you should be 
guarding against the administrative subpoena. That's going to lead you 
to tools that aren't so much cryptographic as non-logging.  If we use 
gchat OTR the gov can still find out every time we talked. if we use 
chat in a Decent game, it may not be encrypted, but it's also not 
persistent -- no persistence, no subpoena.
>> seewhatididthere?
> Troll detected? I can't tell.
>
By questioning keysigning, I kicked off a discussion about modeling when 
and where threats come from. We should talk and think about what makes 
some technologies good, and how or where they structurally fail for our 
situation. Crypto is great, I fucking /love/ the idea of cryptoparties, 
precisely because they are a chance to not just download packages, but 
learn about and share security culture.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20120908/1fc8e024/attachment-0003.html>


More information about the Noisebridge-discuss mailing list