----- Forwarded message from Asher Wolf <asherw...@cryptoparty.org> -----
From: Asher Wolf <asherw...@cryptoparty.org> Date: Fri, 05 Oct 2012 13:26:09 +1000 To: liberationt...@lists.stanford.edu Subject: Re: [liberationtech] CryptoParty Handbook User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:15.0) Gecko/20120907 Thunderbird/15.0.1 Reply-To: liberationtech <liberationt...@lists.stanford.edu> At the moment, public edit function on the crowd-sourced portal for the CryptoParty Handbook has been removed due to ongoing attempts at vandalism of the document. If you would like to contribute, make edits or alterations, please either email me at: asherw...@cryptoparty.org On 5/10/12 12:11 PM, Nick M. Daly wrote: > Andrew Mallis <o...@ideograph.ca> writes: > >> This 392 page, Creative Commons licensed handbook is designed to help >> those with no prior experience to protect their basic human right to >> Privacy in networked, digital domains... Most importantly however >> this handbook is intended as a reference for use during Crypto >> Parties. > > Andrew, this is great work. I started reading it on the bus today and > found a few bits that could be updated or clarified. The numbers are > page numbers. > > - [ ] 5: Remove the link to opensourceecology.org. > > - [ ] 7: "as many or as few as two people" - an incomplete thought. > > - [ ] 12: add the "you've got no business in my business" argument: > Privacy exists because part of the human experience is personal, > intimate, even. Robbing people of that devalues human life and > experience. > > - [ ] 21: give time values to password lengths and predictability. > e.g.: a completely random 8 character password provides up to 12 > hours of privacy after your password is exposed, if attacked by > one average blackhat [0]. Attacked by a script kitten? Maybe > longer, depending on the strength of their graphics card(s). > Attacked by a nation-state? It's probably seconds. > > - [ ] 22: add grc.com/passwords as a link for fully random passwords. > > - [ ] 25: Lower threatenable area: consider POP3 for your email to move > it off the easily accessible servers as quickly as possible. If > it's inconvenient for you, it'll be even more so for your > attackers. > > Is there a preferred contribution method? I didn't see one mentioned in > the PDF, but I probably missed it. > > Nick > > 0: http://arstechnica.com/security/2012/08/passwords-under-assault/ > > > > -- > Unsubscribe, change to digest, or change password at: > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography