Secure Blogging

Transcript

1. Secure Blogging Kyle Maxwell @kylemaxwell

2. All opinions are my own. I believe in free speech

   and the absolute right to secure, private communication. But don't be a jerk about this, okay? Disclosure Time

3. Threat model Who is your adversary? What can they do?

4. Technical Measures

5. Hiding your IP address Tor > VPN > Proxy http://www.megaleecher.net/uploads/secure-torrents.jpg

6. Operating systems Try not to use Windows. OS X or

   Linux or Chrome OS are better choices

7. Microblogging (Twitter) is useful for many Static blog platforms: Jekyll

   or Octopress Platform choices

8. Geolocation Go to your Twitter settings right now. "Tweet location:

   Add a location to my Tweets" Then "Delete all location information" Don't ever turn that back on.

9. Image metadata EXIF data isn't just about your camera &

   light conditions. It includes geolocation. http://photodb.illusdolphin.net/en/about/read-and-save-geo-location/

10. Operational Security

11. Pseudonymity (not anonymity) TELL NO ONE. NO ONE. And don't

    reuse it. This burns people every day.

12. Social Networks

13. Personal Metadata http://blog.shutupandcode.net/?p=460

14. Don't click that link Clicking leads to phishing. Phishing leads

    to exploiting. Exploiting leads to suffering.

15. Links https://mailman.stanford.edu/pipermail/liberationtech/ http://nationalsecurityzone.org/site/digital-security-basics-for-journalists/ https://www.eff.org/wp/blog-safely https://we.riseup.net/riseuphelp+en/radical-servers Contact [email protected] @kylemaxwell