wiki:nyc_anarchist_book_fair_2008

Version 18 (modified by Jamie McClelland, 16 years ago) ( diff )

--

  1. Computer and communications security workshop at the 2008 …
    1. Logistical Details
      1. Schedule
      2. Introduction
    2. Underlying Ideas
    3. Framing Questions
    4. Use Cases/Case Studies
    5. Role Play
    6. Followup
    7. Materials
      1. Unaccounted for materials
    8. Outreach
    9. Evaluation

Computer and communications security workshop at the 2008 NYC Anarchist Book Fair

Discussion about this is going on on #590. Feel free to edit here, and put commentary on that ticket.

Logistical Details

This will be a 75 minute workshop on Saturday, 2008-04-12, from 12:45 to 14:00.

We're expecting around 20-25 people, most of whom will be non-techies, but anarchists and activists who are interested in how to better understand the online tools they use.

Schedule

  • Introduce presenters, basic overview: security is about making tradeoffs, not everything is right for everyone (~3 minutes) : jamie
  • Highlight ideas to keep in mind (see Underlying Ideas section below) (~3 minutes) : dkg
  • Tell major stories (see Case Studies section below) (~15 minutes) : micah
  • role play (~20 minutes) : takethestreets
  • discussion and wrapup (~30 minutes) : introduced by ???

Introduction

  • Welcome and introductions (if less than 20 people, full go around, if more than 20 only introduce workshop organizers)
  • Topic: security in activism, particularly around Internet and technology
  • Audience: intended for non-technical audience, please help create a space where people feel comfortable asking questions
  • Trade-off: Security is not absolute - it is always a trade off. Too much security makes communication cumbersome and involving new people difficult.
  • Varied: everyone's security needs are different, always consider what your particular needs in a given moment

Underlying Ideas

We want to help people to evaluate their online activities in reference to ideas that they're already somewhat comfortable with from their everyday life. Four useful ideas people can use to evaluate their communications strategies are:

Privacy
Who can see my communications? Is it only the people i expect? What does privacy mean when sending the same message to many people? Who can breach the privacy?
Authenticity
When i receive messages, how do i know who they're from? Are they really from that person? When i communicate messages where my identity is important and relevant, how can the people i'm communicating with know that my messages are really from me?
Anonymity
When i want to communicate without divulging my identity (whistleblowing, etc), how can i be sure that my identity is protected?
Reliability/Access
Is the communications medium i'm using something i can rely on? Who controls the medium? Can it be shut down or interrupted? Will it be there when i need it urgently?

Framing Questions

Get people to think about these questions, even if they don't know all the answers

  • what are you doing?
  • who are your adversaries?
  • what might they be capable of doing?
  • what parts of the themes are you concerned about?

Use Cases/Case Studies

We're interested in addressing particular common scenarios. We're not lawyers, so we won't get into legal advice.

Some scenarios that we will explicitly tell before the roleplay are:

  • "private" mailing list for NYC activist group on corporate provider being monitored by police
  • portside archive removal by yahoo groups
  • AttemptedSeizure of Seattle IMC servers during Quebec FTAA conference

Other scenarios:

  • Chinese dissident bloggers getting their personal info turned over to the authorities from their blog hosts
  • Upstream ISPs shutting down your site in response to a DMCA cease'n'desist or other threat of legal action (IndymediaDiebold)
  • Collusion between corporate e-mail providers and illegal government surveillance
  • E-mail encryption -- what does it mean?
  • IM encryption -- how does this differ from e-mail encryption?
  • Search engine queries and online purchases can be tracked to an individual
  • Metadata (in JPEGs, Microsoft Office files, etc.)

Role Play

Roleplay notes are at RolePlay

Followup

We should pass around a signup sheet asking for people to indicate interest in a followup workshop.

For OpenPGP, we should announce plans to have ongoing OpenPGP workshops at the No Rio Computer Center on Sunday afternoons, if that works for people.

Materials

What materials will we need to provide?

  • Paper, pens, identity signs, instructions, markers, envelopes for role play : takethestreets
  • butcher paper for presentation, more markers : dkg

Unaccounted for materials

  • signup sheets for followup
  • posters to invite people to the workshop

Outreach

How should we solicit participants for the workshop before/during the day it takes place? Are there mailing lists we should send out invites to? Blogs to post on?

Evaluation

Nice work everyone! The workshop came off well. Afterwards, the presenters spent 15 minutes debriefing and evaluating how it went.

Note: See TracWiki for help on using the wiki.