Syllabus, Privacy Meetup: Learn TOR, VPN & VeraCrypt

Boston Area Meetup . . .

Privacy Meetup — Marlborough MA
Come on Wednesday August 8 or Aug 22

  
Learn TOR, VPN & VeraCrypt
Navigate DeepWeb / Darkweb
  Tools to enhance online privacy,
Anonymity  and  Anti-Forensics
Wed Aug 8 or Aug 22 in Marlborough
Click here for directions
Contact us for addional seminar dates
   

Register Now   —   Seating is limited
62% discount ends 5 days before seminar

 


 Syllabus — Jump to Section

Philip Raymond, seminar instructor

 

1. Why Privacy Must be a Fundamental Democratic Freedom
— for both individuals and organizations?

a) Corporations

• Customers, • Suppliers,
• Negotiation strategy
• Trade secrets

Trade secrecy beats patents for any product or service in which the proprietary process is not obvious in use.

b) Individuals

• Freedom and rights of the individual
• Rounding up Jews (Roma, gay, communists, trade unionists, handicapped, etc)
• Compare to today: BDSG-GDPR German privacy law
• Recognition that governments change, Neighbors change
(In every empire, there is often a lynching of the enemy within)

 

Why again?! Because…

• Interests of law enforcement should rarely trump the privacy of personal storage and communication, even during investigation.

• Poking through a disk, cell phone or personal emails should be no more frequent than strapping someone to a table and drugging them—or torturing a detainee to get at urgent information about an imminent disaster.

What about anonymity? Doesn’t it facilitate crime?

Dynamic IP addresses are traceable and subject to court orders. Your ISP would rather you encrypt and browse from the cloud.

By its very nature, privacy implies anonymity, because it must also protect relationships, thought, conflicts. Therefore it must extend to communication and stored data. Without protected paths, there is no privacy.

 

Clipper-Chip argument: Why not a backdoor or key escrow for legitimate forensic investigations?

Yeah, sure! Like that would never be hacked, misused, or monitored.
If Russians can hack Clinton’s emails, our government doesn’t need a head start on domestic spying.

 

References

• William Stallings, David Chaum, Philip Zimmermann

• Zimmermann — Why I Wrote PGP

• William Stallings — Introduction to PGP
(Governments tracking citizens, but then marginalizing or turning against them)

 

2. History of Cryptography

a) Symmetric Encryption: From runners in Ancient Greece to Enigma in WW2

b) RSA (asymmetric) Encryption: 1970s. A monumental breakthrough that enabled internet commerce. Without RSA, mail orders would still be rare and all your banking would be walk-in.

Privacy Tools** PGP and Philip Zimmermann **
—charged with Arms export. Browser key strength

Quantum Computers (a decryption threat?)
(not the threat that it is trumped up to be)

Quantum Cryptography: Irrelevant side note

c) Importance of End-to-End encryption

d) …But with the safety of Multisig.
Multisig overcomes flaws of backdoors and key escrow

 


3. Tools for Personal Empowerment

REMEMBER!

• Open source
• Encrypt end-to-end (otherwise, it ain’t secure!)
• Asymmetry (if sharing w/people you haven’t met)
• Multisig (to protect your legacy)
• Default encryption & anonymity: ubiquity=obscurity

This is what we
learn in class    »

a) Public VPN services (recommended: PIA)

Look for services that delete logs and have a
reputation based on reports, not endorsements.

b) TOR (Onion routing)
Now, trust is not necessary

c) VeraCrypt (open source; the gold standard)

• Creating a volume
• Mounting a volume

Advanced Encryption concepts:

• FDE (and sector encryption)
• Passphrases, Seed recovery, multisig

d) Password Storage & Maintenance
LastPass (Bonus unit—if time permits)

It’s not where you keep password that matters…
Key benefit of password manager: It verifies URL
of every account and membership site you visit.

Need still more identy and threat isolation?

e) Run a Virtual Machine

f) Download files to a seedbox anonymously