Lessons from a Sydney cryptoparty
"A lot of what we're talking about tonight isn't 'Here's how to make yourself totally secure and defeat the NSA, and you'll never get spied on.' It's about 'If you do these things, and if we all do these things, [surveillance will] become more expensive, and more hassle'," said Tom Sulston over a cup of tea late Friday afternoon.
"You get a bit of a herd immunity, 'cos everyone's doing a bit more encryption." Sulston is a principal consultant with ThoughtWorks Melbourne, and he was speaking with ZDNet just before the company-sponsored cryptoparty in Sydney on Friday night. His words please me, because I'd been sceptical of the whole cryptoparty thing.
The basic idea of the cryptoparty was conceived in 2012 by Melbourne-based information activist Asher Wolf in the wake of Australia's latest batch of cybercrime laws and proposals for mandatory telecommunications data retention -- proposals which are now law. The concept is sound enough: get people together so they can learn to protect their privacy online by using the commonly-available tools. Usually that means the Tor network, virtual private networks (VPNs), PGP-encrypted email, and more recently off-the-record messaging (OTR) for encrypted chat. Installing those tools on people's devices is usually part of the cryptoparty's agenda.