Participants: Anton, Graz, an.to_n-73 at riseup net, 0xA2A97D7D Petter, Umeå, pettter@acc.umu.se (XMPP/e-mail) 0xE1BF1597 DECT 2517 Christian, Berlin, dawning_sun@mailbox.org (E215 FA04 3B3A 5E0B E6A3 4E65 1816 EADC BA98 5D1E), Congress-GSM: 2610 notes: Introduction round, Collection of experiences Location: hackerspaces, problem: reputation Try to find neutral places General advice: Do not scare te particants too much Create a relaxed atmosphere Q: Quality control? How to check if the particiants are sucessfull in aplying the new knowledge? --> Offer contact via e-mail in case of questions. Check success b exchanging encrypted e-mails. CP is open movement, every group can conduct individual parties. Do not try to achieve perfection, is not possibe. Q: Marketing. Brest practice for content? What attracts people --> https://github.com/cryptoparty , repo for material for CP, recommended to use, makes preparation more easy Show PGP and OTR by practising and showing the application Privacy cafe: Set up latops ith practical examples, show that the programs are easy to use, recommend overview sites like https://prism-break.org . PR: Public libraries can make PR, use PR resources of public institutions (libraries, universities). Keep distance to hacker spaces. Target audience: IT students, law students, medicine students, Example Berlin: Public financial administration not able to handle enryption, hint on homepage. --> Letter are better than bad encryption. List of tools on cryptoparty page (https://www.cryptoparty.in/overview_tools) train the trainer sessions: drop by at the cryptoparty assembly any time Paris: Different communities coming to CP. CP go into commnities: Feminists, LGBT, people feel better in own community. Privacy cafe: Own tool list. https://privacycafe.nl . Teach people a mindset, create awareness, give background information. Do not do the technical work for the partipants, support them by doing it themselves. Explain metadata by tweet: Ratio of tweet-characters to metadata characters. Educational graphic from EFF https://www.eff.org/pages/tor-and-https Explain the basic problems. Care about the didactic, different kinds of learners, adopt to non-technical users. Offer text-based and graphics-based teaching material Graz: Do not focus too much on technical solutions. A letter can be the best solution for non-technical users for important communication. Privacy Cafe: Explain the internet to the people, how electronic communication works in principle. Ask them for their model about te internet. Explain the basics like browser, MUA, ... Use the resources on cryptoparty.in like the ORC channel for basic questions https://www.cryptoparty.in/communication/irc Paris: Smartphones. On group dealing with smartphones. Aberdeen: Protection from immediate tracking from shopping centers. RFCD tag on bus stops Paris: Advertisement screens scanning for smartphones Graz: Android Smartphones are a _basic_ privacy problem, how t make a compromise Privacy Cafe: Use F-Droid, good 1st step not to install spyware . Infosheet for smartphones Frankfurt: Don't use apps, use the website to ge the information https://fsfe.org/campaigns/android/android.en.html Berlin: Promote free software. Graz: In some cases free software is not applicable (Windows, Outlook ...) Privacy cafe: Small steps help, Firefox on Windows is better than IE or Chrome on Windows Aberdeen: Problem keybase.io. Demands the private key for the services --> bad idea. How to recommende mailproviders an webservices? Business related. --> Question of trust. --> Avoid cloud services where you need to be online to work. Loosing control of own data. Mailprovider: Choose one reliable and pay them with money. Then they earn money from you and not from your data. Comment: Main question is trust. Who can non-technical people trust? Problem: Terms of service, nobdy reads that https://tosdr.org --> Take part, they lack manpower Size of Cryptoparties: Not more than 5 participants per cryptopath Do not create confusion with the name: Cryptoparty is not only about partying, also about tech. But: Prepare some drinks and cookies (HA HA cookies :-) ). Duration: 2 h to half a day, participants filled up after 4 h. Create a party athmosphere, a social situation Number of participants hard to predict. Berlin: CP in different locations, rotating monthly. Do not be frustrated when 0 or 1 participants are there. Take it as an relaxed evening. Q: Registration for CP? --> Not a good idea. Much more participants than signed-in people. General: Objection against signup Registration for volunteers may be useful to make the preparation. Wikimedia Berlin offers offices for activists, they use Google Docs. Compromise: Setup an anonymous questionnaire: How many people, what special topics? Only optional registration Prohibit taking photographs. Example: Pirate Party making promotional CP with press. Q: Bad experiences with police or services? What are we afraid of? - 1 case: Deliverance of malware at CP (asked him to leave) - Berlin: Creepy people, possibly "fake journalists" from somewhere introductions Space - hackerspaces maybe not the best. Find a café, pub, university or library? PR - the space people can probably help with PR, if a Pub, they can help find the people who usually are there Inviting atmosphere, cbase focus on getting something working, not get bogged down in explaining everything have several tables, e.g. one for PGP, one for OTR etc. (1 see below) ~~ but don't call it GPG, OTR, but mail, chat etc. on the tables because people won't know what the names stand for, do not talk too much in the beginning, start quickly by doing === LINKS * "How to CryptoParty" (Sofia, April 2014): https://va.ludost.net/files/initlab/20140502cparty.mp4 * https://github.com/cryptoparty (e.g. table cards per topic (1), stickers, flyers, posters) * table cards are here: https://github.com/cryptoparty/handouts * tools overview: https://www.cryptoparty.in/overview_tools * Terms of Service; Didn't Read: https://tosdr.org/