Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secure Blogging

Kyle Maxwell
June 20, 2013
Technology
0
140

Secure Blogging

Presented at CryptoParty DFW.

Kyle Maxwell

June 20, 2013
Tweet

More Decks by Kyle Maxwell

See All by Kyle Maxwell
In the Lair of the Beholder
krmaxwell
0
97
Using Python to Fight Cybercrime
krmaxwell
2
220
Incident Patterns
krmaxwell
0
400
Hackertainment
krmaxwell
1
220
Threat Intelligence for Incident Response
krmaxwell
0
170
From Minion to Engineer
krmaxwell
0
120
Why XOR Crypto Sucks
krmaxwell
0
210
Open Source Threat Intelligence - Shakacon
krmaxwell
1
880
Grabbing fresh evil bits: Maltrieve
krmaxwell
1
150

Other Decks in Technology

See All in Technology
[CATS]Amazon Bedrock GenUハンズオン座学資料 #2 GenU環境でRAGを体験してみよう
tsukuboshi
0
140
LINE API Deep Dive Q1 2025: Unlocking New Possibilities
linedevth
1
160
AWS のポリシー言語 Cedar を活用した高速かつスケーラブルな認可技術の探求 #phperkaigi / PHPerKaigi 2025
ytaka23
7
1.5k
モンテカルロ木探索のパフォーマンスを予測する Kaggleコンペ解説 〜生成AIによる未知のゲーム生成〜
rist
4
1.1k
製造業の会計システムをDDDで開発した話
caddi_eng
3
950
Cline、めっちゃ便利、お金が飛ぶ💸
iwamot
19
18k
PostgreSQL Unconference #52 pg_tde
nori_shinoda
0
190
技術的負債を正しく理解し、正しく付き合う #phperkaigi / PHPerKaigi 2025
shogogg
7
1.8k
ソフトウェア開発現代史: なぜ日本のソフトウェア開発は「滝」なのか?製造業の成功体験とのギャップ #jassttokyo
takabow
2
1.5k
DevinはクラウドエンジニアAIになれるのか!? 実践的なガードレール設計/devin-can-become-a-cloud-engineer-ai-practical-guardrail-design
tomoki10
3
1.3k
新卒エンジニア研修の試行錯誤と工夫/nikkei-tech-talk-31
nishiuma
0
200
バックエンドエンジニアによるフロントエンドテスト拡充の具体的手法
kinosuke01
1
700

Featured

See All Featured
Build The Right Thing And Hit Your Dates
maggiecrowley
34
2.6k
Facilitating Awesome Meetings
lara
53
6.3k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
How to Think Like a Performance Engineer
csswizardry
22
1.5k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
118
51k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.2k
The Language of Interfaces
destraynor
157
24k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
129
19k
For a Future-Friendly Web
brad_frost
176
9.6k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
28
1.6k
A Tale of Four Properties
chriscoyier
158
23k

Transcript

  1. Secure Blogging Kyle Maxwell @kylemaxwell

  2. All opinions are my own. I believe in free speech

    and the absolute right to secure, private communication. But don't be a jerk about this, okay? Disclosure Time

  3. Threat model Who is your adversary? What can they do?

  4. Technical Measures

  5. Hiding your IP address Tor > VPN > Proxy http://www.megaleecher.net/uploads/secure-torrents.jpg

  6. Operating systems Try not to use Windows. OS X or

    Linux or Chrome OS are better choices

  7. Microblogging (Twitter) is useful for many Static blog platforms: Jekyll

    or Octopress Platform choices

  8. Geolocation Go to your Twitter settings right now. "Tweet location:

    Add a location to my Tweets" Then "Delete all location information" Don't ever turn that back on.

  9. Image metadata EXIF data isn't just about your camera &

    light conditions. It includes geolocation. http://photodb.illusdolphin.net/en/about/read-and-save-geo-location/

  10. Operational Security

  11. Pseudonymity (not anonymity) TELL NO ONE. NO ONE. And don't

    reuse it. This burns people every day.

  12. Social Networks

  13. Personal Metadata http://blog.shutupandcode.net/?p=460

  14. Don't click that link Clicking leads to phishing. Phishing leads

    to exploiting. Exploiting leads to suffering.

  15. Links https://mailman.stanford.edu/pipermail/liberationtech/ http://nationalsecurityzone.org/site/digital-security-basics-for-journalists/ https://www.eff.org/wp/blog-safely https://we.riseup.net/riseuphelp+en/radical-servers Contact [email protected] @kylemaxwell