I would split digital privacy from the foss and Linux discussions. They attract the same people, but are fundamentally different topics.
It also means you could get deeper into the digital privacy topic which is more useful to most people.
For the digital privacy one, ask for a volunteer (or do you!) ahead of time and get them to do GDPR requests for apple, Google, Microsoft, Meta etc. sanitizer anything they want to hide, but do a demo of what big tech actually knows about them.
Then go though how to prevent that and have a discussion on the pros and cons of that data collection. (Eg I don’t care about Google data tracking as I find the Google location history really useful)
How much time do I have? In very little:
-Fedora KDE/Linux Mint
-Immich
-Firefox
-Only Office
-Blender and Krita
-Proton/Wine
Start off with the basics of how to do threat modeling. Capability mapping.
Then use open source projects as examples of how to map out capabilities and how they fit into your illustrated threat models
Do a basic overview of how a computer works, or how a phone works would be more relevant nowadays I guess, what the different components of the phone are, what is microcode, what is BIOS, what goes into a driver, how a kernel works, all the privileges and threats involved. That is a very healthy exercise for people to be aware of the trade-offs of using something open source with closed source blobs in the kernel versus purely closed source etc
An illustrative example. When you send a sext which software, which drivers, which organizations, which code, gets access to the privileged and sensitive information all the way down the stack
Something I often see missing from discussion on privacy is that it’s not always about you, the listener. Sometimes it’s about protecting the most vulnerable people around you. For example, someone escaping from domestic violence might have a different view on how their information is protected. People struggle to see the value in privacy because it’s not been a big problem for them personally or because they think it’s hopeless. An introduction to privacy in my view is all about teaching empathy, hope, and advocating for others.
Once they have that goal in mind, you can tie in how open source helps empower people to take back their privacy
“First of all what does FOSS mean ? Obviously it’s not to clean your teeth. Although a bunch of you might need it. No, FOSS means Fear Of Sudden Success, of which none of you in this auditorium will ever be subjected to.”
“Hi my name is Dr D. Znuts, and I’m a Master Baiter.”
Theoretical explanation of various types of encryption and cryptographic signing, as well as practice with some command line tools to carry out simple tasks.
vi, gcc, and LaTeX
Let them learn the hard way.