CryptoParty Like It's 1993

from the it's-a-secret,-pass-it-on dept

As Techdirt stories regularly report, governments around the world, including those in the West, are greatly increasing their surveillance of the Internet. Alongside a loss of the private sphere, this also represents a clear danger to basic civil liberties. The good news is that we already have the solution: encrypting communications makes it very hard, if not entirely impossible, for others to eavesdrop on our conversations. The bad news is that crypto is largely ignored by the general public, partly because they don't know about it, and partly because even if they do, it seems too much trouble to implement.

The CryptoParty movement hopes to do something about that by inviting people to come along to informal meetings to learn about crypto, how to install it and how to use it in everyday computing in order to strengthen their privacy and protect themselves from surveillance. The driving force behind the idea is the Australian digital rights activist Asher Wolf, well known on Twitter. The specific impetus came from approval of the Cybercrime Legislation Amendment Bill 2011 by the Australian Senate. Here's what it will do, as explained on the academic blog The Conversation:

The bill effects changes in the Telecommunications Act 1997 and Telecommunications (Interception and Access) Act 1979 and will force carriers and internet service providers (ISPs) to preserve stored communications, when requested by certain domestic authorities (such as the Australian Federal Police), or when requested by those authorities acting on behalf of nominated foreign countries.

This means a warrant will be needed before the police or security agencies can force carriers or ISPs to monitor, capture and store website use, data transmissions, voice and multimedia calls, and all other forms of communication over the digital network.
That's not quite as bad as mandatory logging of all online activity, but the Australian government is working on that too, as are many other countries. Against that background, the idea of self-organizing parties introducing people to the world of crypto spread rapidly around the world, as the wiki page listing past and future events indicates. One party, in Berlin, led to a new, complementary project: a manual on crypto for beginners:
The CryptoParty Handbook was born from a suggestion by Marta Peirano and Adam Hyde after the first Berlin CryptoParty, held on the 29th of August, 2012. Julian Oliver and Danja Vasiliev, co-organisers of the Berlin CryptoParty (along with Marta) were very enthusiastic about the idea, seeing a need for a practical working book with a low entry-barrier to use in subsequent parties. Asher Wolf, originator of the CryptoParty movement, was then invited to join in and the project was born.

This book was written in the first 3 days of October 2012 at Studio Weise7, Berlin, surrounded by fine food and a lake of coffee amidst a veritable snake pit of cables. Approximately 20 people were involved in its creation, some more than others, some local and some far (Melbourne in particular).
The well-known "book sprint" approach was used, together with open source software, and the final result was released as open content under a cc-by-sa license:
The facilitated writing methodology used, Book Sprint, is all about minimising any obstruction between expertise and the published page. Face-to-face discussion and dynamic task-assignment were a huge part of getting the job done, like any good CryptoParty!

The open source, web-based (HTML5 and CSS) writing platform Booktype was chosen for the editing task, helping such a tentacular feat of parallel development to happen with relative ease. Asher also opened a couple of TitanPad pages to crowd-source the Manifesto and HowTo CryptoParty chapters.
As might be expected with such a major project about a complex and sensitive topic put together so quickly, there has been some criticism of the results, notably the inclusion of the weak PPTP for creating Virtual Private Networks. Nonetheless, the CryptoParty movement and the associated Handbook show what can be achieved by committed volunteers coming together across the Internet in a very short time.

Of course, there's still the question of whether this project will have any major impact on the use of crypto by general users. After all, it's not as if people haven't been recommending the thoroughgoing application of encryption for everyday tasks before. As the by-now venerable Cypherpunk's Manifesto put it:

We must defend our own privacy if we expect to have any. We must come together and create systems which allow anonymous transactions to take place. People have been defending their own privacy for centuries with whispers, darkness, envelopes, closed doors, secret handshakes, and couriers. The technologies of the past did not allow for strong privacy, but electronic technologies do.
Those words were written back in 1993, and here we are in 2012, still fighting the same battles with the same tools. Will things be any different this time?

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: crypto, cryptoparty, encryption, privacy


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 11 Oct 2012 @ 8:30pm

    I only use secure encrypted communication and sharing programs for private sessions. If the government wants to spy on my communications, they'll have to earn their paychecks.

    Here is a new and really easy to use chat system:
    https://crypto.cat/

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 11 Oct 2012 @ 8:31pm

    Crypto: For people with something to hide :)

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 11 Oct 2012 @ 8:41pm

    Crypto party like techdiry.com has HTTPS support...

    All this talk about encryption and privacy, yet techdirt.com STILL has no support for HTTPS?! Common guys, put your crypto where you mouth is!

    link to this | view in thread ]

  4. identicon
    dude, 11 Oct 2012 @ 9:07pm

    Re:

    Clothes - for people with something to hide.

    link to this | view in thread ]

  5. identicon
    Digitari, 11 Oct 2012 @ 9:10pm

    Re:

    like using "Anonymous Coward" instead of your "real" name Hmmmmm :)

    (nothing to hide there, right?)

    link to this | view in thread ]

  6. This comment has been flagged by the community. Click here to show it
    identicon
    Digitari is an asshole, 11 Oct 2012 @ 9:52pm

    Re: Re:

    Your point has been made over and over again, and just ain't relevant. If Mike doesn't require people to sign up, why bother? Just to make you happy, I added a name on this post.

    Oh, are you Mr Digitari, or is it Digitari Smith?

    Nothing to hide, right asshole?

    link to this | view in thread ]

  7. icon
    robofog (profile), 11 Oct 2012 @ 10:23pm

    trojan > vpn

    What good is a VPN or any other encryption protocol if the end nodes are already compromised? Privacy is an illusion. Winston thought he was alone but the trees were listening...

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 11 Oct 2012 @ 11:21pm

    Re: trojan > vpn

    Can't wait for the rats

    link to this | view in thread ]

  9. icon
    Just Another Limey (profile), 12 Oct 2012 @ 1:24am

    Re: trojan > vpn

    .01

    link to this | view in thread ]

  10. icon
    Just Another Limey (profile), 12 Oct 2012 @ 1:24am

    Re: trojan > vpn

    .01

    link to this | view in thread ]

  11. icon
    Just Another Limey (profile), 12 Oct 2012 @ 1:24am

    Re: trojan > vpn

    .01

    link to this | view in thread ]

  12. icon
    Just Another Limey (profile), 12 Oct 2012 @ 1:24am

    Re: trojan > vpn

    .01

    link to this | view in thread ]

  13. icon
    Just Another Limey (profile), 12 Oct 2012 @ 1:24am

    Re: trojan > vpn

    .01

    link to this | view in thread ]

  14. icon
    Just Another Limey (profile), 12 Oct 2012 @ 1:24am

    Re: trojan > vpn

    .01

    link to this | view in thread ]

  15. icon
    The eejit (profile), 12 Oct 2012 @ 2:58am

    Re: Crypto party like techdiry.com has HTTPS support...

    I'm using HTTPS right now with the site.

    link to this | view in thread ]

  16. icon
    The eejit (profile), 12 Oct 2012 @ 3:00am

    Re: Re: trojan > vpn

    So if a .01 goes missing from the budget, will accountants scream in terror, as the terrorist .01 rampages across the vurtual space? What about a .06 that went missing and became al-Qa'.06?

    THE HORROR!

    link to this | view in thread ]

  17. icon
    Zakida Paul (profile), 12 Oct 2012 @ 3:06am

    Re:

    Cliches: For people with nothing interesting to say.

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 12 Oct 2012 @ 3:58am

    Gnu PGP

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 12 Oct 2012 @ 3:58am

    Re: Re: Crypto party like techdiry.com has HTTPS support...

    It's not supported by HTTPS everywhere.

    So I looked up how it works... It uses a whitelist (I guess that's obvious in hindsight, but makes keeping everything up to date a nightmare).

    So I tried looking up how to add my own personal entries...

    Turns out you can't (or it's needlessly complicated), you have to fill out a report or something to have it added for everyone else. Idk, I gave up at this point.

    Additional notes: Would be nice if google linked people to the https versions of sites when available.

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 12 Oct 2012 @ 5:08am

    Re: Re: Re:

    Nice. Went right for the ad hom, just because someone called you out for being an anonymous coward. Way to act mature. Or not.

    link to this | view in thread ]

  21. icon
    weneedhelp (profile), 12 Oct 2012 @ 7:06am

    Re: Crypto party like techdiry.com has HTTPS support...

    "https://www.techdirt.com/articles/20121009/06132920660/cryptoparty-like-its-1993.shtml#comments"

    You sure its not supported?

    link to this | view in thread ]

  22. identicon
    Anonymous Coward, 12 Oct 2012 @ 8:17am

    Crypto vrs Cristco

    It's was my first sip of my first cup of coffee and the headline about a Crisco Party jumped right at me.
    Now the rest of my day is ruined with all those flashbacks coming at me.

    Guess it's not too late to call in sick.


    Thanks for the memories.

    link to this | view in thread ]

  23. identicon
    Dave, 12 Oct 2012 @ 11:15am

    Curently too complicated

    If encryption is to be widely used, for most folk it's got to be something which is installed or used automatically. As we all know, there are an awful lot of non-techie users out there who have not got the foggiest notion of even how to use their computer on a day-to-day basis properly. (Firewalls and anti-virus, anyone?). There needs to be simplicity and education together, I reckon.

    link to this | view in thread ]

  24. identicon
    F!, 12 Oct 2012 @ 6:49pm

    Re:

    I think you mean either:
    GPG (Gnu Privacy Guard)
    or
    PGP (Pretty Good Privacy)

    They've both been around for awhile and are both widely trusted. Anyway, did you have a point I missed?

    link to this | view in thread ]

  25. identicon
    F!, 12 Oct 2012 @ 6:58pm

    Re: Curently too complicated

    I understand what you're saying, but it's merely a perception that it's too complicated. Setting up the Enigmail addon with Thunderbird is actually simpler than setting up your email account(s) on TB in the first place, for example.

    What's complicated is convincing your friends/family/colleagues to use encryption. That's really it's major failing, is that encryption doesn't work one-way. Both parties need to be set up for it to work.

    Transparent security is a bit of a holy grail (if not an apparent oxymoron).

    link to this | view in thread ]

  26. identicon
    gary, 12 Oct 2012 @ 9:18pm

    Re:

    For people who want privacy.


    FTFY

    link to this | view in thread ]

  27. identicon
    G.Rupa Vignesh, 27 Jun 2015 @ 8:53pm

    networks and telecommunications

    want to gain new updates and softwares related to my subject

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.