This repo contains all our presentation materials that we've created for cryptoparties. They are:
- Powerpoint presentations for various cryptoparty topics--in the Powerpoints folder.
- HTML slides for most of the above topics--also in the Powerpoints folder.
- Handouts and PGP set-up guide
- This list!
Updated as of 06/2018
- privacytools.io — List of and recommendations for free privacy software
- Prism Break — List of open-source software projects
- That One Privacy Site — Analysis and comparison of the security/privacy of various email and VPN providers
- Diceware — Password generation list. An explanation of the EFF's improvements over the original Diceware file is here
- KeePass / KeePassXC — Password managers (they're very similar, just for different operating systems)
- Browser Extensions:
- uBlock Origin — Ad Blocker
- Privacy Badger — Ad/Tracking Blocker
- uMatrix — Advanced ad/tracker blocker from the maker of uBlock. Steep learning curve but maximum control.
- HTTPS Everywhere — Ensure encrypted website connection
- Decentraleyes — Uses local resources instead of downloaded ones from sites you visit, in case the site is distributing a form of malware (intentionally or otherwise)
- Canvas Defender — Protects your browser's canvas/rendering information
- Cookie AutoDelete — What it says on the tin
- Protect Your Choices — Automatically opts you out of interest-based advertising from members of the Digital Advertising Alliance. Kind of like "Do Not Track" browser setting
- Terms of Service; Didn't Read — Outdated text, but under development. Displays quick summary of sites' Terms of Service pros and cons
- DuckDuckGo Privacy Essentials — Simple extension/app providing HTTPS encryption, tracker blocking, and a "Terms of Service;Didn't Read" summary.
- Two-Factor Auth List – Enormous list of sites that offer two-factor authentication for account sign-ins, which protects against identity and account theft
- Authy / Yubikey — Both make two-factor authentication easier and more secure than SMS-texting codes
- Opt-out of Data Brokers (Even longer list is available here – Request data brokers scrub your entries from their records
- Tor Browser Bundle — Prevents any one from tracing this browser's website visits (if you're careful)
- Tails OS — Operating system that only operates in RAM and connects to the Internet through the Tor network
- Onion Share — File sharing over the Tor Network
- Ghost Bin — Encrypted pastebin service
- Veracrypt — Disk and file encryption utility
- Pretty Good Privacy (PGP) — Email encryption with public-key cryptography:
- Enigmail — Thunderbird add-on for implementing PGP
- Mailvelope — Browser add-on for PGP with webmail clients (like Gmail, Outlook)
- Let's Encrypt — Free site certificate authority
- Surveillance Self-Defense by the EFF
- Security in a Box by Tactical Tech Collective
- Holistic Security by Tactical Tech Collective
- CryptoParty Handbook
- Exposing the Invisible on metadata and its collection/erasure
- The Hand-Book of the Modern Development Specialist: Being a Complete Illustrated Guide to Responsible Data Usage, Manners & General Deportment by The Engine Room. For groups and researchers that want to collect, use, and store data responsibly
- Journalist Security Guide by the Committee to Protect Journalists
- Speaking Securely With Sources Guide
- Freedom of the Press Foundation
- DIY Cybersecurity for Domestic Violence: A resource of privacy + compassion by Hack * Blossom
- Crash Override Resource Center — Guide for preventation and harm reduction of digital harassment, as well as help line
- HeartMob — Network to provide support of all kinds to anyone being doxxed/trolled/harassed online
- #GamerGate Survival Guide
- Non-consensual Pornography — emphasis on self-protection in South American countries
- What is Security Culture? — Zine compiled by the Sprout distro for activists
- Basics of Movement Security — Book created from the author's workshops. The phrase "movement" is vague here, but the book has a lot of specifics about "combating the 'political police' or state security agencies"
- Dulles Rules — Informal rules of spycraft for the US government. Interesting and odd
- Holistic Security Trainer's Guide
- Level-Up
- Security Education Companion
- Digital Privacy Project — Teaches NYC librarians how to answer privacy questions and map concerns of patrons. Also has collection of curriculum materials
- Networks of New York by Ingrid Burrington
- The Recompiler — A feminist hacker magazine out of Portland that has a great collection of articles and book projects about digital privacy
- Critical Algorithm Studies Reading Guide
- Our Data, Our Selves by Tactical Tech Collective
- Online Harassment, Digital Abuse, and Cyberstalking in America by Data & Society
- Indigenous peoples and responsible data: an introductory reading list
- HaveIBeenPwned — List of major database attacks that might have leaked your email
- Panopticlick — Site that measures how trackable your browser is
- Map of US Govt. Data Collection/Sharing Programs
- SHODAN — Search engine for unsecured Internet of Things devices
- That One Privacy Site — Sortable table shows features to look for in email/VPN and how complicated that can be
- The Life of National Councillor Balthasar Glättli under Surveillance — A chronology and mapping of a Swiss politican who volunteered his data
- CryptoHarlem
- Cryptoparty NYC
- NYC Mesh
- NYC Resistor
- Electronic Frontier Alliance
- Hack * Blossom (on hiatus)
- t4tech
- AnarchoTech NYC
- Quiltbag++ (on hiatus)
This section is not a formal code of conduct, but a couple comments: We approach security as an emotional issue, not just a technical one. We want people at our workshops to come away with concrete steps they can take to make themselves be and feel safer, overall. To do that, we all need to be able to talk about our experiences, fears, and priorities freely. And that can only happen if people feel that they can speak without fear of getting shutdown or shamed for their concerns, or that they will be recorded in some way that they did not expect. For those reasons, we will interrupt or stop any kind of speech that demeans another workshop attendee, which includes sexist, racist, transphobic, ableist, or technocratic language. We also ask journalists and researchers to refrain from taking photos or recording audio without getting the permission of the entire room first.
For concrete suggestions on how you can help create a safe space, we very much like the Quiltbag++ Code of Conduct and The Recurse Center User Manual. And some open source project folks like The Contributor Covenant.
We try to announce our events in the following places (some are repeats of above):
- Our listserv (email cypurr@protonmail.com to join)
- @cypurrnyc twitter
- EFF emails (like their EFFector listserv)
- CryptoParty website
- NYC Cryptoparty Meetup
(ɔ) CyPurr Collective.