What next for CryptoParties? Rebuilding and Thriving

CryptoParty (https://cryptoparty.org/) was born in August 2012, personally I was unplugged and off grid at the time (http://youtu.be/JY-nTnD_I3E). Several twitter users from around the world had been discussing the Australian Cybercrime legislation and the National Security Inquiry, led to the birth of a series of decentralised skill sharing events with the common goal of sharing and discussing tools, methods and best practices for online anonymity and privacy, specifically using encryption methods.

The CyberCrime Bill which passed in August, amends the existing laws including multiple Criminal, Telecommunications Acts. But also extending to global cooperation via the Council of Europe Convention on Cybercrime. Of course the government used the usual excuse of for your safety from the evil Terrorist Pedobear Pirate Scamming BoogeyMans.

The National Security Inquiry, on the instruction of the Australian Attorney-General Nicola Roxon is yet to be drafted, however several concerns have been raised from the discussion papers, most well known the data retention, which would see Internet Service providers required to hold onto your data/or metadata, depending where you read it, for an extended period of time somewhere between 2 years and indefinitely.. The national security Inquiry is to protect you from the evil Tax Cheat Insider Trading Murdering Rapist Terrorist Pedobear Pirate Scamming BoogeyMans. Reference stolen from CCedRoxon video (http://youtu.be/QuiDxuVmmQU).

Without going into the specifics of the CyberCrime Bill (http://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r4575) or National Security Inquiry (http://www.aph.gov.au/Parliamentary_Business/Committees/House_of_Representatives_Committees?url=pjcis/nsl2012/index.htm) at this stage, I invite you all to raise any questions or concerns you have about them, as they both raise serious concerns for the privacy of every internet user and the threats to freedom of expression.

CryptoParty went viral – Whilst not a ‘new’ concept, taking the online world ‘offline’ has escalated in the past few years and is achieving revolutionary things. The speed, clarity and consistency of the message simultaneously reached every corner of the planet.. within weeks of the first tweet, CryptoPartys had been held in 40 odd countries, some hitting hundreds of people, some off-the-record private versions as well as online versions of CryptoParties.

As well as all these meetings a CryptoParty Handbook has been crowdsourced, and the first edition released with over 400 pages, If you have not already started reading, I do recommend you download a copy from the cryptoparty.org website and start reading, in addition if you have the skills and knowledge please also contribute with new material and corrections. Whilst only in the first addition it already contains information on tips, security and encryption for email, internet browsing tips, security and tools, Anonymous publishing, secure and encrypted phone calls and sms, encrypted file sharing, keeping your passwords safe and encrypting your computer’s hard drive.

A bit more on why we CryptoParty, Online anonymity and privacy isn’t an elaborate series of tools and methods to stop the police catching criminals.. rather groups such as Journalists and their sources, activists, computer coders/hackers and includes whistle-blowers and citizens of repressive regimes. The tools, methods and best practices discussed at CryptoParties are the same methods the could be the difference between history in China being erased, a citizen journalist in Syria being killed for publishing a video or an everyday Australian who is simply concerned about their online privacy, when things like their private diary, which they record their thoughts, is easily accessible to any single law enforcement officer in the country, with little to no judicial oversight or accountability.

I personally spend my spare time as an internet rights activist, mostly defending the WikiLeaks organisation. The reason I bring this up, is their model of a right to know information from Governments and Corporations raises a question, which again I hope will be discussed further tonight, about the difference between Government transparency and personal privacy. The protection of whistleblowers using off-the-record, private and anonymous methods are a key pillar in ensuring a civilised society, and put simply, keeping the bastards honest.

In contrast with personal privacy.. arguments like “If you’re not doing anything wrong, you have nothing to hide” are easily dismantled… may favourite is incredibly simple, respond with “Do you have curtains on your bedroom window”
The right to anonymity could potentially start a debate.. and we could end up talking about them nasty trolls.. I personally support everyones right to free speech, even them trolls, and I support their right to anonymity… and I respond to these arguments with the Oscar Wilde quote “Man is least himself when he talks in his own person. Give him a mask, and he will tell you the truth”.

There are very important threats to understand when using the internet, and a basic understanding of keeping yourself secure is a requirement, even if your only checking emails. Malware, keyloggers, hidden cameras and most importantly (in my opinion) social engineering. Social engineering is basically manipulating a person to release confidential information, weather it be a password, credit card number or an endless list of ways of accessing your devices or online services. We should all use common sense at CryptoParties, and this also goes for spotting snake oil, honeytraps etc.

CryptoParties have open agendas; a combination of speakers addressing the group both in person and via live video and audio links and group discussion, teach, share, learn.. You can also break off into smaller groups to discuss specific topics, beginners can learn the basic software they need, and have someone guide them through installing it on their laptop on the spot… Whilst the techies can collaborate and continue to improve the tools and resources to encrypt the internet.
Most importantly…

CryptoParty’s are about having fun, party like its 1984!

Late December of 2012, whilst the Chaos Computer Club was hosting 29C3 in Hamburg, Germany (https://events.ccc.de/congress/2012/wiki/Main_Page) Twitter commentator and internet rights activist Asher Wolf, who was instrumental in the idea of CryptoParty turning into a global movement (https://twitter.com/asher_wolf), raised serious concerns about misogyny, sexism, harassment and as Asher put it ‘down-right douche-baggery.’ On Asher’s blog post (http://asherwolf.net/dear-hacker-community-we-need-to-talk/101/) several people were named and shamed. An unfortunately for them, they were all accused as being sexist as this was the key title the article went viral using. I do not want to write-off this issue as it is definitely something that does need to be address in all groups, organisations and communities. However, I want to focus on rebuilding CryptoParties to be bigger, stronger and more open to everyone regardless of gender, sexual orientation, disability, physical appearance, body size, race, religion or technical ability.

Jacob Appaulbaum was named in Asher’s blog post, Jacob is a hero to many in the community as has achieved great things, notably his work with the Tor Project (https://torproject.org/) discussed during his key note speech at 29c3 (http://youtu.be/7mnuofn_DXw?t=23m40s), he discussed spilts in community groups and the damaging impact it can have. Jacob made a great reference to a single ‘binary blob’ in a persons actions like a single wrong line of code in an open source software, we shouldn’t get stuck on one thing when people have contributed great things to the community. I believe private dialogue should be used as a first step to address this to avoid smearing the names of people who otherwise have achieved great things, as we all know the beast that is the internet can have huge ongoing ramifications.

I call for more discussion on improving CryptoParties and helping reach the movements goals. And local groups forming organisations like Tor Servers (https://www.torservers.net/) or even just running a Tor Relay of your own or talking to your friends about encryption software that is user friendly. What can we do next, we have had many wins and the opportunity for more are on the internet are on the horizon, can we continue to thrive on the good spirit of our communities and not let movements destroy themselves from the inside.

“Respect, Honesty, Kindness, Politeness…. These four characteristics are the root of all good and bad people. I feel that the lack of these main attributes are the seeds of many others. When you lack respect, politeness, kindness and honesty; you open the doors for greed, hate, distrust and violence. When you have these four characteristics, you open the door for happiness, love, and peace.” ~unknown