Open in your Browser => https://cryptoparty.pads.ccc.de/survive31c3 === TOPICS * https / TLS / MitM Attacks * wireless MITM (using 802.11X instead of open net) * password managers, e.g. https://keepassx.org/ * File encryption (e.g. USB Stick) * Never leave your Laptop/Device out of sight of a trusted person * Tails OS/special Linux Distribution/runs from USB Stick or DVD only (https://tails.boum.org/ ) * Jabber chat, encrypted with OTR and anonymized through TOR and Cryptocat * Cryptoapps on mobile devices (Jabber/OTR, TextSecure, Redphone, etc ...) === QUESTIONS ...put your questions here * What about mobile phone security? Android especially mobile self defense Saal 1 18:30 * paranoid mode: switch it off :) * possible. there's lots of tools, too: https://www.cryptoparty.in/overview_tools * Sunday: 14:00 "Secure your Android", Free Software Foundation Europe * Truecrypt: what's next ? * https://ciphershed.org/ * https://truecrypt.ch/ * using cloud services with encryption (e.g. Boxcryptor?) * Spideroak is working pretty well and quite easy and userfriendly. Downside: Only 2 gigs of space for free * is there a difference between keepassx and keepass? * yes, KeePass is one program and it has different "versions" for the different operating systems * and safetywise? same? * my admin told me to change to KeePassX because it is more secure * And how about Lastpass? * update your Browser: NoScript, httpseverywhere, Ghostery, Betterprivacy .. and ? * see https://www.cryptoparty.in/overview_tools ...it has a browser section, too - thx, great :) * Does TOR really help, or is it just a big conspiracy? * short version, yes it helps. a fact that not everyone likes;) * but what about the exit nodes run by $agency? * then $agency tries to mitm you with a bad cert you might be able to notice? (trust on first use, convergence.io ...) * Whats the best way to communicate with mobile devices? * Is there a good multi-user-capable password manager? I'm using KeePass on my Computer and the Password data base is saved on a Synology NAS, used the same time by 4 Persons and everyone can add or delete or change data and the others can sync. * Any tips on Paper based password generating/managing methods? * BINGO machine ;) * I know off https://www.grc.com/OffTheGrid.htm * On Win7 I cannot find 31C3 network... :( Does anyone know an alternative to google calendar? (drag and drop, multi-user friendly, ...) If you have access to webspace or are able to run a small server like raspberry pi eg, you can simply run owncloud and use calendar, adressbook, filesharing like dropbox. === LINKS CryptoParty * https://www.cryptoparty.in/31c3 * https://www.cryptoparty.in/location * https://www.cryptoparty.in/overview_tools Password Manager * https://www.keepassx.org/downloads/ Tails - Anonymous, Amnesic Linux...runs directly from a USB Stick * https://tails.boum.org/ TrueCrypt, what's next * https://ciphershed.org/ * https://truecrypt.ch/ XMPP / Jabber * https://xmpp.net/directory.php <-- list of public jabber servers (including security classification) Other Sessions and Talks * Day 1http://events.ccc.de/congress/2014/wiki/Static:Network#WPA2_802.1X.2C_encryption * Day 1 * iew_to * Day 1 * ols Jabber / OTR * Schritt 1: Pidgin installierenviews * LInux User: Über Paketmanagement * Windows User: https://pidgin.im/ http://portable-pidgin.de/ * Mac User: Adium https://adium.im/ * iOS User: https://itunes.apple.com/us/app/chatsecure/id464200063 * OSX User: Adium * Adroid: Xabber * Schritt 2: Jabber Konto erstellen * Jabber Server Riseup: https://help.riseup.net/en/pidgin * Jabber Server CCC: http://web.jabber.ccc.de/ * jabber.ccc.de hidden service: okj7xc6j2szr2y75.onion * OSX: https://macjabber.de/anleitung-adium/ Jabber über das Tor Netzwerk auf mobilen Geräten tunneln: https://guardianproject.info/