Several profiles were represented at this meeting in Nantes.
- Students, who are not university or journalism school students. They are disadvantaged people apprenticed by 1 professional radio journalist.
- Radio journalists
- Activists from Café Vie Privée / Crypto party
- Librarians
The thing that came up most often about TALER was its potential use in their day-to-day working lives,
the urgent need (sic) to leave fewer traces, especially for small payments, because some of them are under the eye of police or intelligence services, and also under the harmful attention of extreme right-wing groups or some of them are facing other troubles and threats. Yes, that’s the current state of affairs and daily life in France for many people.
There is a habit acquired by disadvantaged people in their daily lives and experience: to be wary of a technical solution designed and proposed by individuals/groups/organisations that seem to them to be more privileged and dominant.
Also, the hyper-technical dimension they see in TALER, and the extent of their knowledge, make them feel a certain distrust when it comes to delegating trust to a “dark box”. We could discuss why TALER and why not other technical devices. Let’s leave that aside for the moment.
The “students” in the room use their smartphones a lot, and their 3-month apprenticeship in radio journalism and investigative reporting was largely smartphone-based. At the same time, the questions were very similar for all profiles of people
I then suggested we “lift the hood” and we did a 45-minute introduction to digital hygiene through investigation together, as follows (very briefly):
- Installing TALER via F-droid on an Android 9 device dedicated solely to testing
- Static analysis / reverse engineering
- Using Exodus Privacy to display the permissions and trackers of the TALER application.
- Use of ClassyShark3xodus to display the TALER application manifest and go further in the discovery with verbosity of the results (and be able to send the information to a trusted person with skills).
- With a computer on TALER app:
- exodus-standalone: εxodus CLI client for local APK (file format used by the Android operating system) static analysis
- apkcli: Command line tool gathering information on APKs based on androguard.
- Static analysis / reverse engineering
(If anyone here in TALER ICH is interested in finding out more about this technical point and workshop, I suggest opening a dedicated post and topic in the forum. Let me know)
It was also a matter of demystifying our relationship with technology.
There was no more time or energy to carry out a dynamic analysis (mitmproxy + PyRogue).
In the end,
although TALER remains something of a UFO for all of them, there is a definite interest in it. I have to admit that this has a lot to do with the ‘café’/workshop set-up and the close relationship we’ve maintained.
I also know that investigations journalists are also interested in what they are just discovering with TALER.
This meeting enabled us to start a small local community of interest, to receive feedback (which I think is priceless), and to open up new areas for discussion and work. The question of “Digital Identity” on a European scale was the closing theme of the session. It was posed by people other than myself who were present, rather as an overture to clearly address this problem.