[tclug-list] cybersecurity

Fri Dec 16 14:58:00 CST 2016

I co-founded a group called CryptoPartyMN a while back.

https://www.cryptopartymn.com/
https://twitter.com/CryptoPartyMN

We've done a number of parties so far. We also meet every other week in
Minneapolis. There's also a slack channel for the group that was
recently made.

This isn't the view of the group, but I personally believe that FOSS
(Free and Open Source Software) is the crucial foundation on which
secure software must be built.

Two messaging apps I'd like to name drop are Conversations (Android) and
ChatSecure (iOS). They both use OMEMO+XMPP, which I really think is
going to become the new bedrock standard for secure communication.
Conversations is free if you download it using the F-Droid App Store and
use a free server like DuckDuckGo. ChatSecure is about to release OMEMO
support in their upcoming 4.0 but they have a beta version out right now
that uses it. If you want to use OMEMO+XMPP on Gnu+Linux, there's a 3rd
party Gajim plugin.

In Solidarity,
Kurtis

Iznogoud:
> I liked Dee's points.
> 
> I am sure there are cybersecurity experts among us, and reading this list, so
> I am looking forward to some ideas.
> 
> My biggest concerns comes from the behavioural part of a computer user, not so
> much from the software aspect. This may seem unrelated, but go and read how
> Kevin Mitnick got access to systems back in the 90s. And a more relevant read
> is how the twitter handle "N" was taken away from its rightful user due to
> a single point of failure from Paypal. That was a damn fascinating read.
> 
> My point is that one cannot rely on software alone to be protected. Linux has
> many good tools, like encrypted containers, etc. With some care so that there
> are no back-door access gains when servers are virtualized, those can be very
> secure. All my hard-drives have encrypted containers, and your swap partitions
> should be too...
> 
> As for billions of accounts hacked, it is hard not to be part of this. Most
> people's email is handled by a third party, with exceptions of course. To the
> extent that one is careful with their passwords not being re-used, those kind
> of breaches should not be a huge problem. Now, avoiding password re-use is a
> whole different story... Guilty I am!
> 
> My 2 euro-cents.
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> tclug-list at mn-linux.org
> http://mailman.mn-linux.org/mailman/listinfo/tclug-list
> 