Women activists from the Balkans, Macedonia
From Gender and Tech Resources
Testimony “My first Digital Security Training as co-facilitator”, Berlin, February 2015 - lagartata
March 2014 was my first encounter with Digital Security (DS). I was participant on a security training, implemented by Tactical Tech and Front line defenders, organized by Kaos GL in Ankara Turkey. For the first time I realized that encryption is actually something that we can all get and use. We had wonderful facilitators that amazed me with their knowledge and self-education. I got very motivated to learn more about securing my digital data, but also curious to locate and map all my insecure habits.
My next stop was the Gender and Technology Institute (GTI). One of the best institutes that I have ever been, where my brain was loaded with so much information that it was getting crazy. I took all those valuable connections, info and knowledge that I made, I embraced my motivation and enthusiasm about the issue and again I started from the beginning. I changed my mental scope and entered more deeply into the world of technologies. I started learning more about the devices that I am using and in the same time I was implementing more tools to secure my communication and data. My plan was to train myself until the point where I will feel competent enough to approach some of the wonderful people that I met on the GTI and offer my services to help spreading the word. Then unexpectedly I got an encrypted mail (:P) proposing me to join a facilitators team and do my first training as a co-facilitator.
First I got scared and wasn't sure if I knew enough, as I was still learning and it is a great responsibility talking about security. My brain started working like on the GTI, as an overdosed CPU, so in the same time I was assessing my knowledge and the lack of knowledge that I have, comparing it with the opportunity to share what I know and learn what I don't know from the ones that are more experienced than me.
I had the opportunity to share my modest knowledge but also be part of a DST team, so I realized that it is a great challenge that I can't miss. So I accepted the offer. I realized that the panic that was rushing through my veins was actually positive and was making me invest more time and force in my preparation. So I had few weeks full of reading and finding ways for transferring what I have learned into visual and practical materials for the training. Luckily I didn't have to “invent the wheel” again and I was using the resources that other DS trainers have already put online to help people like me. In the same time my creativity was also challenged so it was a very interesting process.
Meanwhile we were preparing the training on meet.jitsi and mail, with the two other great co-facilitators from Tactical Tech. The agenda was evolving from week to week. The sources that we used were the opinion and experience of the facilitators and the questionnaires filled by the participants before the training, regarding their knowledge and use of devices and OS. The deal was, every one of us will lead some of the sessions, others will be done together, but most importantly every facilitator will give their support and focus on the participants while the other was presenting. It all sounded great and while I was still struggling with my fear I was challenged even more to be better and to learn more. So enough about my prep time and let me get to the point. My first DST as a co-facilitator.
Location: Berlin Dates: 21-23 February 2015 Participants: 18 Facilitators: 3 Organizers: Kvinna till kvinna
The background of the participants was different, they were coming from different countries from the Balkans and the Caucasus region, dealing with different issues but what they all had in common, was that they are WHRD, they all used facebook, managed sensitive data and 17 of them were using Windows. One was only using MAC after switching from Linux. The group had already built wonderful dynamic in their work as before the DST they have spent some days on workshop about integrated security. They already knew each other, some even from before.
The questionnaires showed us that their knowledge regarding DS was different but we realized that even more on the training. However it was mostly basic knowledge or “never heard of” knowledge. It was very challenging to think in terms for all of them getting equal challenges and information, therefore we had to start from the beginning and try to challenge everybody. At first it was scary as they all had their computers and we had the impression that almost everybody was chatting on facebook, but after few moments following the demand that computers are used just for the hands-on sessions, it all got better and their interest was focused on the training. The participants were not only interested but were engaging lots of examples and experiences, which gave an awesome ground for making the risk assessment before we started more concretely about concepts and tools concerning the DS.
We had 3 days training that was constituted by three different parts. The first day was mostly concentrated on the risk assessment, introduction of some notions of security, elevating the issue that security requires changes of habits. The tools introduced were around protection of malware, secure passwords, securing sensitive data on the computers. (Keepass/KeepassX, Avast, TrueCrypt) The second day was mostly about introducing how the internet works and how to engage more secure internet connection, have more secure browser and mail settings, then we focused on the notions of anonymity and circumvention. The tools were around, Firefox, NoScript, Adblock, HTTPS Everywhere, Tor, VPN, TAILS. The third day was concentrating around secure online communication, encryption and verification, introducing secure encrypted chat, Voip and mail encryption. As the mail encryption took more time, we separated the group on two parts, the ones who needed and wanted to stay with Thunderbird, Enigmail and PGP and the ones who wanted to continue to mobile security. The training ended with the discussion about feminist perspectives on the digital security which cleaned the path to wrap up the whole training. The full agenda can be found here.
Almost every session was using the same approach, example or activity that was followed by discussion and input with more examples and theory, then introducing tools, hands-on or just demonstration, ending with general impressions and questions for the summary.
My general impression was that the training went very good and that every one had the chance to take something new with them. That everyone got to hear new perspectives and deeper knowledge about DS and now have the chance to apply some of the tools that were introduced. The only challenge was the feeling of overload that not everybody accepted as positive. I guess it is a normal first reaction, but having in mind the time on disposal, I think we did the most of it without crossing the line of scaring people. :P
So what can I say more, I was very happy to be there and have my first experience with wonderful co-facilitators and group of women that taught me new things as well, so I can't complain. I am now waiting for confirmation of the place for my second experience and I will try not to stop there. So I can only be grateful that I am some kind of a result of the GTI, on which I somehow ended up participating, because luckily one year ago I got the chance to participate in a security training like the one I had the chance to facilitate this year. So it is all one wonderful circle. :D
I promise to write less for my next experiences, but this time all the excitement and fears just needed to land on piece of paper in LibreOffice. :P:P
My best to all…