London CryptoFestival 2013 Schedule

Update - Some workshop materials such as slides and audio recordings of the panels are now available on the presentation materials page.

This is the (ever-mutating) schedule for London CryptoFestival 2013, taking place on 30 November 2013. Sign up (under your choice of name :) on eventbrite.

See below for more information on the listed panelists, workshops, and exhibitions. Note that London CryptoFestival is a DIY event operating with the CryptoParty principles of Do-ocracy.

NAB-LG01
[Lightning Talks]
NAB-LG02
[Presentations & Panels]
NAB-305
[Workshops]
NAB-314
[Core Workshops]
NAB-326 [Workshops] Atrium [Free Space]
11:00-11:30 -Ian Brown
-George Danezis
-Marianne Franklin
-Wendy Grossman
(Chair: Matthew Fuller)
OTR (infinity0) Digital Double (Btihaj Ajana) -Deckspace
-First-Viewer Television (Paolo Ruffino/IOCOSE)
-Swarming Talent Competition (Orsolya Bajusz+PR)
-Bring &Swap
11:30-12:00 Dog Ate My Cypto Keys 2.0 (HackerFantastic) Internet of Things (Alexandra Deschamps) File Encryption & Deletion (Simon V-C) Talk (xname)
12:00-12:30 TAILS - This session never happened (AlexP) Analysis of Surveillance (Arjen Kamphuis) Tor (@orwellslondon) tcpdump on mobiles (Graham Harwood)
12:30-13:00 Private VoIP (AlexP) OpenPGP (Simon S)
13:00-14:00 Intermission
14:00-14:30 The Surveillance Industry Index (Matt / Privacy International) -Ross Anderson
-Smári McCarthy
-Annie Machon
-Nick Pickles
(Chair: Dan McQuillan)
Infrastructo? - your electrosmog or theirs OTR (AlexP) Understanding Crypto Tools (infinity0)
14:30-15:00 QubesOS - A secure operating system (AlexP) Dangers of Metadata (Nikita) File Encryption & Deletion (Simon V-C)
15:00-15:30 Tell us your experience with digital security and crypto tools? Come and have your say! (Bernard) Safe Browsing Practices (Nikita) Tor (@orwellslondon)
15:30-16:00 Smartphone privacy (AlexP) Bitmessage OpenPGP (Simon S)
16:00-16:30 - A Primer on Physical Security (Nikita Mazurov) - - - -
16:30-17:00 - Wrap-up (Dan McQuillan) - - - -

Panel Participants

  • Ian Brown – Associate Director of Oxford University's Cyber Security Centre, and Senior Research Fellow at the OII. His research is focused on information security, privacy-enhancing technologies, and Internet regulation.
  • George Danezis – Reader in Security and Privacy Engineering at the Computer Science department of University College London. Key interests relate to the areas of computer security, privacy, and in particular anonymous communications, traffic analysis, statistical inference, smart metering and peer-to-peer security.
  • Marianne Franklin – With a background in History, Music, and Politics, her research explores ways in which developments in information and commuication technologies, society, culture, and politics collide and collude with one another from a macro and micro-perspective. Co-Chair of the Internet Rights and Principles Dynamic Coalition at the UN Internet Governance Forum.
  • Wendy Grossman – Journalist, blogger, and folksinger. Her 1998 book net.wars was one of the first to have its full text published on the Web. She was a member of the external advisory board of the Intellectual Property and Law Centre at Edinburgh University. She sits onthe Advisory Council of the Open Rights Group.
  • Ross Anderson – Professor of Security Engineering at the Computer Laboratory, University of Cambridge. Research topics include economics and psychology of information security, peer-to-peer and social network systems, reliability of security systems, robustness of cryptographic protocols, analysis and design of cryptographic algorithms, information hiding, security of clinical information systems, and privacy and freedom issues.
  • Smári McCarthy – Executive director at IMMI. He was a co-founder of the Icelandic Digital Freedoms Society in 2008 with the aim of promoting digital rights, free culture, free software, and free hardware in Iceland. He has worked on developing and spreading digital fabrication technology through Fab Labs and Hacker Spaces. He's very passionate about systems and information, and having grown up on the Internet, he feels it's very important to protect it. @smarimc
  • Annie Machon – Former intelligence officer for MI5, the UK Security Service, who resigned in the late 1990s to blow the whistle on the spies' incompetence and crimes with her ex-partner, David Shayler. Drawing on her varied experiences, she is now a public speaker, writer, media pundit, political campaigner, and PR consultant.
  • Nick Pickles – A Law graduate of the University of Durham, he joined Big Brother Watch as Director in September 2011, with a background in corporate public relations and technology. Before joining Big Brother Watch he worked with small SMEs and multinational companies in corporate communications. He has remained a commentator on a wide variety of issues including digital privacy and web-blocking, freedom of speech, civil liberties and terrorism legislation.

Workshops

  • File Encryption & Deletion – How to use TrueCrypt to encrypt your files, USB sticks, or even entire hard drives; and conversely, how to use Eraser to securely delete your files and Darik's Boot And Nuke (DBAN) to wipe entire hard drives.
  • Tor – How to use Tor to boost your anonymity when browsing the web and accessing other Internet services.
  • OpenPGP – How to use GnuPG (GPG) to encrypt your e-mails.
  • Dangers of Metadata – How to use ExifTool to both scrub your digital photos of any potentially identifying metadata like your camera's serial number, your name, your unedited versions of photos, or even your GPS coordinates, as well as how to properly inject erroneous data to befuddle and foil forensic analysis thereof.
  • Safe Browsing Practices – Starting with the fundamentals of strict cookie and script management, this workshop will then move beyond the basics to cover the risks of (and how to neutralize them) DNS prefetching, Local Shared Objects (LSOs), as well as introduce header spoofing and disabling (e.g. User-Agent and Referer modification).
  • Internet of Things – We're talking urban infrastructure, smart grid, open hardware, quantified self, open data, environmental monitoring, smart products, smart homes and more. Anything that puts a networked computer where none has gone before. (Internet of Things London Meetup)
  • Bitmessage – Introduction to Bitmessage. Bitmessage is a p2p, decentralized, trustless and encrypted messaging system. We will discuss how to send and receive messages, what are subscriptions and distributed mailing lists among other things. BM-2cT4RB7PJoVv1zsncLTSDTLkJykLe5PSmm
  • tcpdump on mobiles – How to use tcpdump on mobiles to sniff wireless traffic.
  • Digital Double – How to use the Digital Double mobile app to explore your online identity.
  • Understanding Crypto Tools – what all the buttons really do, and how they fit into the big picture that is your security. We will explain general security models in technical but non-mathematical terms. This is intended to give you a more precise awareness of what you accomplish during each phase of using a tool. We will teach a (sharp) bird's-eye view of security topics, rather than the specific mathematics of the underlying cryptography.
  • Kitten Groomer - Grooming the Kitten (or cleaning up possible malware from a USB using Raspberry PI)
  • Talk - is a visual communication program which copies lines from your terminal to that of another user. It first appeared in August 1983, included in the 4.2 release of BSD. Originally developed as a way for two users on a Unix network to converse via typing, talk is basically a communication between TTY (TeleTYpewriter). Although not secure on a LAN, unless the two machines are connected by a properly encrypted VPN, it is still an old school, simple way to communicate on a server, as safe as the server is. During this brief workshop we will demo the application, try to snoop it, then look at an alternative. Requisites: ssh access to a remote terminal, a friend to talk to, confidential data to be discussed, and the desire for (server) intimacy. xname - presents a workshop on the TALK protocol.
  • A Primer on Physical Security – An introduction to thinking about physec in two parts: I) how to find hardware bugs with a counter-surveillance budget of £0: creating a low-rent physical intrusion detection system; and II) taking document destruction seriously: shredder anti-forensics.
  • Private VoIP – How to have private voice and video conversations via the Internet. Jitsi, ZRTP, SIP, XMPP, csipsimple, Open WhisperSystems RedPhone, Zphone, SilentCircle.
  • TAILS - This session never happened – How to use an untrusted computer in a hostile environment while evading real-time surveillance or a forensic examination of your actions.
  • Smartphone privacy – Android (and some iPhone) privacy tips. The features and apps of each system that will protect you, as much as possible, from mass surveillance. Filesystem encryption, email encryption, VoIP encryption, SMS encryption, IM encryption, usability.
  • Dog Ate My Crypto Keys 2.0 – An overview of full-disk encryption solutions and lessons to learn in failures. We will discuss an open-source full-disk encryption setup, the de-facto best practice guidelines and then we will look at offensive security techniques that have been used to compromise full-disk encryption and explain mitigation strategies to help prevent unwanted eyes accessing your data.
  • Bring & Swap - If you want to participate in a Bring & Swap session, to help to confuse your digital communications and transport data trails, then bring along some PrePaid Oyster Cards, free / cheap mobile phone SIM cards, cheap prepaid mobile phone handsets or just some free webmail or social media usernames and passwords etc. which you can swap with other attendees contact Mark: info@cryptofestival.org.uk PGP ID: 0x72D22778909C6246 Bring and Swap slides .pdf .pptx
  • Tell us your experience with digital security and crypto tools. Cryptotools are like any other piece of software: they should be focused on what the user needs to do. Do you use cryptotools? Have you tried before but had problems? Come and have your say! A session where people can air the issues they have with crypto tools. The idea of the session would be to understand the problems people see, real or not - trust/lack of trust in the tools, complexity of tools, people’s understanding of what they do. This slot is focused on the user of the tool, *not* on the technology, and the people attending will decide the direction of the discussion.
  • Analysis of surveillance What is privacy really and why do we need it? Why is 'I Have Nothing To Hide' wrong on several levels (you life is not that boring!). We'll discuss the scope of surveillance problems, what can and can't (for now) be done about it and how to argue these issues with others (beginning with the tearing down of 'I Have Nothing To Hide'). Overview article on NSA/Snowden here, wider analysis of political context here and a piece on who else beside Snowden may have access to NSA capabilities and info here. Arjen Kamphuis is CTO of Gendo, a IT-strategy & security consulting firm and trains journalists and socially active people all over Eurasia in basic counter-surveillance techniques and methods. In NAB-305 from 12:00 to 13:00. Slides: PDF & PPT

Exhibitions

  • Deckspace don't miss OWN reSynced accompanying interactive in Atrium, with an Interlace (Robert Ochshorn) projection of Deckspace archives
  • First-Viewer Television First-Viewer Television is an online streaming of zero-view videos from YouTube, updated every 2 hours. Any video of the First-Viewer Television is automatically eliminated from the playlist once shown for its first time.Thus, every streaming is unique and unrepeatable, and shows only videos that had no previous viewers. First-Viewer Television is available at http://firstviewer.tv/ Further information about coding and how the project works is available at https://github.com/iocose/FirstViewerTV
  • Swarming Talent Competition – Swarming behaviours, artificial intelligence and abstractions, leaky integrators, information accumulation, the never preceded discrepancy between the agency of an individual and those in power. Nothing is between us and the drones, robots, stalking satellites etc. but abstractions and air. These abstractions are renegotiated, moulded, hijacked or strengthened, and they might seem trivial, because art and culture and mediation is so perversely proliferated and dogmatic, based on moralist dogmas from far away stages of capitalism. This performance is a staging of a chain of abstractions, in the bastardised format of a talent show and a corporate poolside entertainment event in a hotel or at a party.
  • ScareMail adds “scary” narratives to every email you send, forcing the NSA to look at algorithmically generated nonsense filled with NSA search keywords. Through this creation of false positives, the project turns NSA search systems against themselves, overwhelming them with two many needles from too many haystacks. ScareMail thus proposes an alternative model of privacy built on visibility and noise rather than encryption and silence. Try ScareMail online http://bengrosser.com/projects/scaremail/

Stalls

  • Pirate Party UK is a political party formed in 2009 that primarily promotes digital freedom, civil liberties, and copyright and patent reform. Pirate Party UK formed out of the wider international Pirate movement largely in response to the then-Digital Economy Bill. Since forming, the Party has stood in several elections, including the 2010 General Elections and taken part in ACTA protests. The Party has also been featured in the press on several occasions, both in technology and music industry press as well as national and international. http://www.pirateparty.org.uk/
  • Privacy International We investigate the secret world of government surveillance and expose the companies enabling it. We litigate to ensure that surveillance is consistent with the rule of law. We advocate for strong national, regional, and international laws that protect privacy. We conduct research to catalyse policy change. We raise awareness about technologies and laws that place privacy at risk, to ensure that the public is informed and engaged. https://www.privacyinternational.org/
  • Open Rights Group Open Rights Group is the UK’s leading voice defending freedom of expression, privacy, innovation, creativity and consumer rights on the Internet. ORG is a member organisation of European Digital Rights (EDRi). We campaign to change public policy whenever your rights are threatened, by talking to policy-makers, informing the public through the media, and mobilising our supporters. We work on issues ranging from e-voting to copyright, open data and privacy. https://www.openrightsgroup.org/
  • Radical Philosophy Radical Philosophy is a UK-based journal of socialist and feminist philosophy, the first issue of which appeared in January 1972. It was founded in response to the widely felt discontent with the sterility of academic philosophy at the time (in Britain, completely dominated by the narrowest sort of “ordinary language” philosophy), with the purpose of providing a forum for the theoretical work which was emerging in the wake of the radical movements of the 1960s, in philosophy and other fields. We will be bringing our net-politics/ critical theory issues. http://www.radicalphilosophy.com/