# Ask Ti Jean ***Data safety on the Road*** (A humble manifesto for better hackathons) --- Journalists, freelancers, designers, everyday citizens - **Demand more security in our digital life!** Doubly so for people who are involved in critical investigation: all those, whose digital rights and identities may for various reasons be threatened. --- Opportunities to quickly or inexpensively receive a security checkup from a professional may still be rare: look for an organization in your area that has a strong policy and support options. Ask them to host a community meeting, workshop or hackathon. --- Diving into the world of cybersecurity for the first time can be overwhelming or intimidating if you do not get clear, direct, actionable advice from a trusted source. A network lets you get help from people for a reasonable price - or for other clearly stipulated motivations, like a volunteering certificate. But how does one find, and connect, to such a network? --- ~ _THEREFORE_ ~ --- We propose **ASK TI JEAN**, is an Information Security (infosec) check-up and knowledge exchange that every community event should have as part of its deployment kit. --- Specifically, we suggest: 1. An informative poster designed to convey a practical and attractive Way to Infosec-up; 2. Hand out pamphlets or booklets from reliable and current sources of user support; 3. Link to online tutorials and Q&A forums where further help is available; 4. Involve cyber-stretching in your routine, with simple exercises like changing passwords and checking firewall logs; 5. Provision an ad-hoc network security tool for a background vulnerability assessment, explaining to your audience how it works. --- Since having a dedicated on-site expert can be difficult or expensive to organize, at least have someone take some time to obtain and read up on material and prepare some tools. In the following sections, we are gathering some starting points. Please 🙏 contribute to this hackpad using the open access comments, or edit after logging in. --- # Literature What do we need to read and understand to develop this idea further? - [Ratgeber von Digiges/WOZ/CCCCH](https://www.digitale-gesellschaft.ch/ratgeber/) - [Wikipedia - Cyber Self-Defence](https://en.wikipedia.org/wiki/Cyber_self-defense) - [GIJN Cybersecurity Assessment](https://advisory.gijn.org/cybersecurity-assessment/) ([Info](https://gijn.org/digital-security/)) - [Hacking book by Dominik Landwehr](https://www.amazon.com/Hacking-Digital-Culture-Dominik-Landwehr/dp/3856166424) (2014) - OKFN - [eGovernment und Sicherheit: eine schwierige Beziehung](https://okfn.de/blog/2016/12/https/) (2016) - AWK - [Cyber-Resilienz im öffentlichen Verwaltung](https://www.awk.ch/resources/AWK-Cyber-Resilienz-Studie-2020.pdf) (2020) - Heise - [Bund will im IT niemandem mehr vertrauen](https://www.heise.de/news/Zero-Trust-Bund-will-bei-IT-Sicherheit-niemandem-mehr-vertrauen-7156348.html) (2022) # Learning & Sharing Good starting points, tools and services to offer and build on. Examples of projects that recommend security-related tools and practices. - [Kali Linux](https://www.kali.org/get-kali/#kali-arm) - [ProtonVPN](https://protonvpn.com/) - [Key signing parties](https://en.wikipedia.org/wiki/Keysigningparty) - [Journalist Toolbox](https://www.journaliststoolbox.org/2022/11/25/security-tools/) - [SpyPi - Students for data security](https://github.com/pyvideo/data/blob/master/swiss-python-summit-2018/videos/sarah-muhlemann-spypi-an-attempt-to-get-students-into-data-security.json) - [Ransomware Prevention Kit](https://go.veeam.com/ransomware-prevention-kit-de) - [E-Sec 3D learning courses](https://e-sec.com/ch/products/elearning/) - [Infosec AG - eLearning Courses](https://www.infosec.ch/ausbildung/elearning-kurse/) # Communities Where could you reach out to find people to contribute to such a toolkit - [Starship Factory](https://wiki.starship-factory.ch/) (Basel) - [CoSin](https://www.cosin.ch/de/) (Biel/Bienne) - [Eastermundigen](https://www.eastermundigen.ch/) (Bern) - [Bitwäscherei](https://bitwaescherei.ch/) (Zürich) - [Moar Hackerspaces ..!](https://wiki.hackerspaces.org/Hackerspaces) - [CH Open / Open Education Days](https://openeducationday.ch/bisherige-austragungen/) - [Chaos Computer Club Schweiz](https://ccc-ch.ch/gettogether.htm) - [Linux User Group Schweiz](https://www.lugs.ch/lugs/termine/) - [SwissDevJobs](https://swissdevjobs.ch/jobs/Security/all) - [FreelancerMap](https://www.freelancermap.ch/projektboerse/it-sicherheit-1212) # Random - [Construction site safety poster](https://www.pinterest.com.mx/pin/417990409155903926/) vs. [School of Data toolbox and poster](http://toolbox.schoolofdata.ch/overview.html) - [Infosec posters](https://duckduckgo.com/?t=ffab&q=infosec+safety+poster&atb=v317-1&iax=images&ia=images) (DuckDuckGo) - [Cybersecurity illustrations](https://dribbble.com/shots/19368750-Cyber-security-solution-illustration-set) (heartbeat.ua on Dribble) --- # Contribute This text was created by `lo & lo` during [Rethink Journalism](https://opendata.ch/events/rejoha22/) hackathon in Basel on November 26, 2022. We started an open pad, in which we suggest developing a toolkit: so that, even with minimal preparation, the [infosec](https://en.wikipedia.org/wiki/Information_security) resilience of your community can be slightly improved - _one hackathon at a time_. The idea was further developed at the [DINAcon HACKnight](https://hacknight.dinacon.ch/project/68) and other community meetings. We originally called the project "Ask Jack", but out of respect for [Jack Schofield](https://www.theguardian.com/technology/askjack/2020/apr/02/so-long-and-thanks-for-all-the-fish), the Guardian’s former computer editor and long-running author of the [Ask Jack](https://www.theguardian.com/technology/askjack/2019/jul/11/how-do-i-remove-malware-from-my-windows-laptop) advice column, we have renamed it **ASK TI JEAN**. Why? _Ti Jean_ (little Jean) was a childhood nickname of [Jack Kerouak](https://en.wikipedia.org/wiki/Jack_Kerouac) - a great American novelist of French-Canadian ancestry, who was born 100 years ago and had [aspirations to be a journalist](https://www.theguardian.com/books/2022/mar/13/jack-kerouac-still-roadworthy-after-100-years). One of his most famous works is [On the Road](https://en.wikipedia.org/wiki/On_the_Road), which happens to share acronyms with [Off the Record](https://en.wikipedia.org/wiki/Off-the-Record_Messaging) (OTR), a cryptographic protocol worth knowing. 🖇️ [Was Jack Kerouac really a hack?](https://www.salon.com/2012/11/20/was_jack_kerouac_really_a_hack/) (2012) <center><img src="https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse1.mm.bing.net%2Fth%3Fid%3DOIP.lv152YTR01NiIf98LVNE8AHaE7%26pid%3DApi&amp;f=1&amp;ipt=1b76875eb05b2c7df81ca4d4dd36101c01f86adf2889598a71b10e23e899e74f& amp;ipo=images" alt=""><br><small>Jack Kerouac with a cat, 1965 - Photography by Jerry Bauer</small></center> ## License Licensed Creative Commons CC0 - Public Domain