Crypto Party
From HacDC Wiki
Suggested Software (software usable under multiple operating systems is normally listed under each operating system):
Note about Truecrypt-No complete audit has been done yet, people are currently collecting funds for a full audit - http://istruecryptauditedyet.com/
OS independent (Normally bootable iso images):
| Program: | Desc: | URL: |
|---|---|---|
| TAILS (The Amnesiac Incognito Live System) | Secure workstation LiveCD | https://tails.boum.org/ |
| DBAN | Secure storage media destruction. | http://dban.org/ |
If you require help burning ISO images, please join the HacDC Blabber mailing list (https://groups.google.com/a/hacdc.org/group/Blabber/subscribe) and ask how (make sure to include which operating system you are running when asking for help).
Linux and other Unix variants:
| Program: | Desc: | URL: |
|---|---|---|
| Truecrypt | Hard Drive Encryption, File encryption | http://truecrypt.org/ |
| Tor Browser Bundle | Anonymous web surfing (includes Tor & web browser) | https://www.torproject.org/download/download-easy.html.en |
| Thunderbird | Email Encryption | https://www.mozilla.org/en-US/thunderbird/all.html |
Windows:
| Program: | Desc: | URL: |
|---|---|---|
| Truecrypt | Hard Drive Encryption, File encryption | http://truecrypt.org/ |
| Tor Browser Bundle | Anonymous web surfing (includes Tor & web browser) | https://www.torproject.org/download/download-easy.html.en |
| Thunderbird | Email Encryption | https://www.mozilla.org/en-US/thunderbird/all.html |
| GPG4Win | GPG front-end for Windows | http://www.gpg4win.org/download.html |
| eraser | Secure Delete | http://eraser.heidi.ie/ |
Mac OS:
| Program: | Desc: | URL: |
|---|---|---|
| Truecrypt | Hard Drive Encryption, File encryption | http://truecrypt.org/ |
| Tor Browser Bundle | Anonymous web surfing (includes Tor & web browser) | https://www.torproject.org/download/download-easy.html.en |
| Thunderbird | Email Encryption | https://www.mozilla.org/en-US/thunderbird/all.html |
| GPGtools | Integrates GnuPG with MacOSX. | http://gpgtools.org/ |
Android:
| Program: | Desc: |
|---|---|
| Orbot | TOR for Android |
| Orweb | TOR web browser for Android (Orbot required) |
| APG | GPG Program |
| K-9 Mail | Email program for Android that can directly interact with APG |
iOS:
None added yet. Please give us suggestions.
Web Browser Plugins:
Safari:
| Noscript | Disable JavaScript, Java, Flash, Silverlight, XSS, Clickjacking, etc | http://noscript.net/ |
|---|---|---|
| Lastpass | Password manager | https://lastpass.com |
Firefox:
| Lastpass | Password manager | https://lastpass.com |
|---|
Chrome:
| Lastpass | Password manager | https://lastpass.com |
|---|
Opera:
| Lastpass | Password manager | https://lastpass.com |
|---|
Internet Explorer:
| Lastpass | Password manager | https://lastpass.com |
|---|
Links:
| Site: | URL: | Notes: |
|---|---|---|
| tormail.org | http://jhiwjjlqpyawmpjx.onion/ | Email service only available via tor |
| Mailvelope | http://www.mailvelope.com/ | In-browser PGP encryption for webmail |
| Encrypt Everything | https://www.encrypteverything.ca/index.php?title=Main_Page | Good resource on encryption for the web. Good resource for beginner to intermediate skill level. |
| Surveilance Self-Defense | https://ssd.eff.org/ | EFF's guide to protecting yourself from digital surveilance. Extremely in-depth and detailed. For the advanced (or very paranoid). Not light reading. |
| Qualys Browsercheck | https://browsercheck.qualys.com/ | Automated scanning of browser, plugins, and Windows updates for vulnerable, out-of-date configuration |
| SSL Labs | https://www.ssllabs.com/ | Tool for checking any site's SSL setup for bad practices and vulnerabilities |
| Calomel SSL Validation | https://calomel.org/firefox_ssl_validation.html | Firefox add-on for analyzing and verifying SSL configurations of sites you visit. |
| DEATH NOTE: L, ANONYMITY & ELUDING ENTROPY | http://www.gwern.net/Death%20Note%20Anonymity | A.k.a., why "metadata" matters and how much the NSA can really know about you from your phone records. |
| Using Metadata to Find Paul Revere | http://kieranhealy.org/blog/archives/2013/06/09/using-metadata-to-find-paul-revere/ | Illustration of how to use seemingly useless data points to pin charges on someone. Told from the perspective of a British intelligence officer looking for trators in collonial America. |
| crypto-log | http://www.uni-mannheim.de/studorg/gahg/PGP/cryptolog1.html | Updated 1996 |
| Intro level guide to Internet Security | http://qz.com/120946/the-complete-guide-to-not-being-that-idiot-who-got-the-company-hacked/ | A guide for non-technical denizens of the Internet on how not to be low-hanging fruit for hackers. |