Digital Security Training 10.1. 11am R115 with Anne Roth

here’s some things that might be helpful for our training next Friday –
please forward to the participants.
Depending on what we’ll actually do it might be useful to have thought
about some new passwords in advance, also account names, if anyone wants
to create a new mail account or an encrypted chat (jabber) account.
I don’t invent passwords myself and I strongly advise against using the
same ones for several accounts. It’s much easier to do this with a
password manager that creates secure passwords and stores them. That way
you only need to remember one password and have easy but secure access
to many different ones.
The software I use and recommend is called Keepass, or KeepassX for Mac
users.
Windows: http://keepass.info/
iOS (and Linux): https://www.keepassx.org/
Some background reading:
https://securityinabox.org/en/chapter-3
A guide for installing and using it:
https://securityinabox.org/en/keepass_main
Anyone who would like to embark on the journex to encrypted chat rather
than using Facebook chat, Twitter DMs or Google talk and thus sending it
all to the NSA directly will need a jabber account. The account needs to
be on a jabber server. Most of us don’t run jabber servers ourselves and
if any of you did you wouldn’t need my help 😉
Unfortunately there is no easy answer to the question which server to
choose. Many people in Berlin use the CCC jabber server which is not
bad, but the people who run actually advise that not everyone should be
on this same server as it makes surveillance easier. Also it’s run by
volunteers so it’s not super reliable all the time.
Another option is to pick one out of this long list
https://xmpp.net/directory.php . It’s easy to see how well they
implement different important methods of encrypting the different steps
your chat communication goes. Have a look at them, choose one and
consider creating the account if that’s possible through the website
before installing the software. If the service you’d like to use doesn’t
allow that we can also do it later – it doesn’t make a difference, just
a preference by the people who run the server.
Software you might want to download (and possibly install) before Friday:
Mail encryption:
The mail client Thunderbird https://www.mozilla.org/thunderbird/
The Thunderbird add-on Enigmail https://www.enigmail.net/home/index.php
GPG4Win if you use Windows http://www.gpg4win.org/
GPGTools if you have a Mac https://gpgtools.org/
Chat:
Mac: https://adium.im/
Windows: https://pidgin.im/
Browsing:
Firefox https://www.mozilla.org/firefox

This entry was posted in Uncategorized. Bookmark the permalink.