Recently, cryptoparties have “gone viral” the world over. In short, they are gatherings where people with knowledge of crypto take the opportunity to spread that knowledge to others who has a need and/or interest, such as journalists, activists etc.
However, I hear from one of the originators, Asher Wolf, that the wiki has been changed by “experts”, who claim that “crypto is dangerous” in various ways. I will attempt to address these concerns quickly:
- Crypto, done wrong, leads to a false sense of security
This is definitely a concern, which is why these cryptoparties are good. They should teach not only what crypto can hide, but also what they cannot, and what you gain and lose from various kinds of crypto. Further, crypto done wrong is usually either strictly better than the alternative (plain text) or quickly discovered (through attackers or bungled demonstrations due to broken crypto).
- Teaching, and learning crypto is a political statement
This is a very dangerous mindset. In some sense, yes, crypto is political, because it posits that there are things that ought to remain private (such as communication between two individuals), but much more important is the blatant rise of authoritarianism that very few people openly welcomes. Crypto, like the ideas of a free press and independent judiciary, is something that few people can find fault with existing, as long as it’s ‘their’ side that is the persecuted one that benefits from it.
In other words, while crypto might be political, it is always political in favour of the current underdog. And unless you are sitting pretty atop a billion in gold bullion and a private army, chances are you or your descendants are going to be there at some point.
- Even showing up for a cryptoparty will put you on a government watchlist of some sort
This is probably the easiest argument to refute in theory, but the hardest in practice, as this is a simple matter of fear. Fear that your government will react badly to an independent person, making his own decisions and living her own life away from the prying eyes of the “state”. However, if your government has reached the point where even the simple act of learning about crypto would put you on a watchlist, then two things have happened: (1) Your government is acting against the best interests of the people, and (2) far too few people are using and learning about crypto. Solution: more cryptoparties! Tell your friends! Spread the knowledge and use of crypto at work, at school, everywhere you can reach! Supersaturate the surveillance net with crypto users, so that they actually have to use intelligent ways to find criminals instead.
- Everything is already compromised, so any crypto use will only give a false sense of security.
There are a large amount of mathematical proofs about trapdoor functions, information theory and general cryptographic findings that refute this directly and indirectly. Yes, keeping the government entirely in the dark is going to be hard. It might even be impossible, if you are planning things like large demonstrations or have been infiltrated somehow. Still, that is not a reason to deny the use of personal crypto, to prevent eavesdropping of your own conversations (through the use of OTR) or the use of GPG to keep things authenticated, or the use of TOR as an anonymising proxy for that matter.
Why you (the hacker) should help
So, you have received a request from some local journalist, activist or what-have-you to come to a cryptoparty and talk about crypto for a bit. Why should you care? Why bother interacting with noobs who use Windows and think they are going to be secure using that? Why indeed?
Because you can, and because, most likely, there are few others. As hackers, technologists, engineers and tinkerers, we have been blessed (or cursed) with brains that have already ingested quite a volume of technical know-how. More than likely, you know at least a little about how cryptography works and what is and is not implied by various security measures. Perhaps you have sniffed plaintext passwords off open wireless networks. Perhaps you have implemented a simple hashing of user passwords. Regardless, you are in a significantly better position to learn more about crypto than almost anyone, and you are definitely a good person to have on hand at a cryptoparty.
Finally, though you are most likely in a rather affluent position, or at least unlikely to go jobless for an extended period of time, and though your political beliefs might align with the current government enough that your position is probably safe from political shufflings, consider that (a) other people may not be so lucky, and (b) you may gain an enemy (or friend) in the future who would require you to use encrypted communications. If use of encryption is endemic, then such a thing would be natural, easy and uncontroversial, for both you and those you would communicate with.
In sum (or TL;DR if you prefer that notation):
Use crypto, teach crypto and spread crypto. It will be a good thing for you, for your friends, and for society.