InfoSec: Lab

     

    Learn how to keep yourself, your source and your story safe online

    New Academic Building, Goldsmiths, University of London
    15 November 2014

    Room numbers:
    The morning session will be held in NAB LG01 (on the lower ground floor).
    The afternoon lab sessions will be held in NAB 102 and NAB 302 - you will be directed to either room depending on your Operating System. 

    This workshop will give an overview of the range of threats from public and private organisations and the various measures to deal with them. This event is free to attend as we don't want to exclude anyone, however, we welcome donations to help cover our costs and run similar events in the future.

    Course Outline

    You will be taught what tools to use (and not use) under certain conditions and how to overcome state-level attacks against your communications on a shoestring budget should you need it.

    While many of the threats to electronic communications have been discussed for decades, the revelations made by Edward Snowden last year have shown us the scope and scale of the intrusion on our basic rights as humans and journalists.

    As a journalist you need to be able to protect your sources, yourself and your story (in that order). This means securing both content and meta-data relating to any communications you have with them by electronic or other means.

    In the future the ability of a journalist to effectively do this could determine if sources come to them or not. Glenn Greenwald was almost passed over for the scoop of a lifetime because he did not have encrypted email on his laptop at the time Snowden was trying to contact him.

    Journalists have now begun to include their email encryption PGP/GPG key fingerprint and ID on their business cards and on their email signatures, so potential sources know there is the option of secure communication. Encrypting email will be one of the options you'll have at your disposal at the end of the workshop.

    After the introduction to basic theory and some discussion we will get hands on and set up various tools to browse anonymously - being aware of the metadata you leave behind, chat and mail with encryption and prevent data-loss from theft/confiscation of laptops and storage media. This will include the TOR-browser, Truecrypt, GPG, mailcrypto and other tools time permitting.

    Course outline:

    10.00-12.00 in Room LG01 

    TALK: Introduction to privacy and information security - This will be an overview and discussion of tools and concepts with time for Q&A.
    If you have not attended one our training events before on the subject, please do join us in the morning for an informed discussion on government and corporate surveillance capabilities in the wake of the Snowden leaks and what you need to know in order to protect yourself.

    13.00-17.30 spread between Room 102 and 302

    HANDS-ON: Practical sessions will continue through the afternoon.

    The software tools that will be shown and used are all free, open source tools and will work on Windows, Mac and Linux laptops. They will not work on iPads and Android tablets. Please bring a laptop you are able/allowed to install software on and contact us with any specific questions beforehand.

    Bookings

    Places are limited to ensure we can get through the tools mentioned for all participants. Instructions to download software will be given in advance.

    This event is free to attend as we don't want to exclude anyone, however, we welcome donations to help cover our costs and run similar events in the future.

    In order to book your place, please fill out this online booking form .

     

    About the Trainers

    Arjen Kamphuis is the co-founder and chief technology officer of Gendo, where he has worked since 2005. He has previously worked for IBM as an IT architect, trainer and IT strategy advisor. As CTO of Gendo he advises several national governments, non-profits and Fortune-500 companies on technology-policy. Since 2009 Arjen has been training journalists, politicians, lawyers, human rights workers and whistleblowers to defend their communications and data from government or corporate intrusions or manipulation.

    Basile Simon  is a hacker-journalist at BBC News Labs and the Bureau of Investigative Journalism. He writes and researches about privacy, infosec, and opsec, as well as about US modern warfare policies.

    Michael Rogers, is a researcher and software developer working with the Briar Project on secure communication tools for activists and journalists. He holds a PhD in Computer Science from University College London.

    Silkie Carlo is co-author of the CIJ Guide to Information Security for Journalists

    Simon Vans-Colina is an IT consultant and co-founder of CryptoCLASS (cryptoclass.net).