[[PageOutline]] = Computer and communications security workshop at the 2008 [http://anarchistbookfair.net/ NYC Anarchist Book Fair] = == Logistical Details == This will be a 75 minute workshop on Saturday, 2008-04-12, from 12:45 to 14:00. We're expecting around 20-25 people, most of whom will be non-techies, but anarchists and activists who are interested in how to better understand the online tools they use. === Schedule === * Introduce presenters (~2 minutes) * Highlight ideas to keep in mind (~2 minutes) * introduce role play (~2 minutes) * role play (~30 minutes) * discussion and wrapup (~30 minutes) == Underlying Ideas == We want to help people to evaluate their online activities in reference to ideas that they're already somewhat comfortable with from their everyday life. Four useful ideas people can use to evaluate their communications strategies are: Privacy:: Who can see my communications? Is it only the people i expect? What does privacy mean when sending the same message to many people? Who can breach the privacy? Authenticity:: When i receive messages, how do i know who they're from? Are they really from that person? When i communicate messages where my identity is important and relevant, how can the people i'm communicating with know that my messages are really from me? Anonymity:: When i want to communicate ''without'' divulging my identity (whistleblowing, etc), how can i be sure that my identity is protected? Reliability/Access:: Is the communications medium i'm using something i can rely on? Who controls the medium? Can it be shut down or interrupted? Will it be there when i need it urgently? == Role Play == We're going to lead a role play where each participant is issued an identity, objectives, and complicating restrictions. People in the room all stand in a circle, facing outward, away from each other, but with hands within reach. People do not walk around. Each person has a pad of paper and a pen, and is issued an "e-mail address". One subgroup of people in the room is a group of activists, trying to select a time for their next action (a surprise picket, say). They need to pick a time when as many of them can make it as possible, and they need to do this by writing notes on paper and handing them off around the room. Other scenarios/objectives? == Use Cases/Case Studies == We're interested in discussing particular common scenarios. We're not lawyers, so we won't get into legal advice. Some scenarios that we want people to think about are: * Chinese dissident bloggers getting their personal info turned over to the authorities from their blog hosts * Upstream ISPs shutting down your site in response to a DMCA cease'n'desist or other thread of legal action. * Collusion between corporate e-mail providers and illegal government surveillance * E-mail encryption -- what does it mean? * IM encryption -- how does this differ from e-mail encryption? * Search engine queries and online purchases can be tracked to an individual == Followup == We should pass around a signup sheet asking for people to indicate interest in a followup workshop -- for example, if there's a sense that the crowd really wants to learn how to use OpenPGP, we'd like to schedule a time that interested folks can actually get trainings. == Materials == What materials will we need to provide? * Paper, pens, identity badges (playing cards?), instructions, envelopes for role play * carbon paper for simulating a mailing list? * signup sheets for followup * posters to invite people to the workshop