ilyess, to apple
@ilyess@mastodon.online avatar

strengthens iMessage end-to-end encryption with post-quantum cryptography: PQ3.

"iMessage now meets this goal with a new cryptographic protocol that we call PQ3, offering the strongest protection against quantum attacks and becoming the only widely available messaging service to reach Level 3 security"

https://security.apple.com/blog/imessage-pq3/

thibaultamartin, to Signal
@thibaultamartin@mamot.fr avatar

Huge feature rolled out in beta by the @signalapp team: Signal now supports usernames so you don't have to share your phone number 👏

Massive props to them, this was a feature many people were waiting for, and it's a huge step forward in terms of privacy

https://signal.org/blog/phone-number-privacy-usernames/

sourcerer, to security
@sourcerer@bsd.cafe avatar

Backdoors that let cops decrypt messages violate human rights, EU court says

One of comments about the title:

"Contrary to what the headline says, the European Court of Human Rights in Strasbourg, France, is not an EU court. It is part of the Council of Europe, which is older than the EU and has more members, and is mainly concerned with human rights related issues.

The EU has its own Court, the Court of Justice of the European Union (CJEU) in Luxembourg.

Edit: just to add, the article gets all the nuances right and refers to the Council of Europe and even to possible endorsement by the CJEU, so the problem is only with the headline."

https://arstechnica.com/tech-policy/2024/02/human-rights-court-takes-stand-against-weakening-of-end-to-end-encryption/

Another article + discussion https://news.ycombinator.com/item?id=39369653

@security #security #EU #E2EE

b9AcE, to random
@b9AcE@todon.eu avatar

It seems appropriate that the spark was stolen from humanity by corporations to give to their "AI" instead.

The worst thing about the current "AI" leap is probably not even that it will be, is already being used to build the near total coverage constant surveillance, a scaffolding ready for any totalitarian to construct their oppression system on, as well as disabling the mischievousness that is essential to healthy mental development by social exploration and cutting the bonds enabling adulthood independence from parents.

It is instead probably that with live "AI"-generated fake video indistinguishable from reality, we will not be able to trust any evidence of anything having happened, as the watermarks promised as solution can easily be removed or not applied.
No person will be able to trust anything they're told by any other person that it happened and no one person can personally witness every important event in the world.

This breaks humankind's ability to cooperate over long social distances and our networks of trust, the sparks that has been keeping our "survival of the fittest" of ability to wide ranging adaptation to habitats aflame.
Reassigning the sparks emoji to mean "AI" generated content was appropriate, probably more so than Samsung or whomever committed the theft realized.

video/mp4

tomstoneham,
@tomstoneham@dair-community.social avatar

@b9AcE
messages from verified contacts seem to replicate the process.

Apps like @briar and @simplex are good for this because they require you to use some form of handshake outside the app in order to set up a chat with a known person.

I also think we need an information version of banking's Know Your Customer protocols.

itnewsbot, to telegram
@itnewsbot@schleuss.online avatar

Backdoors that let cops decrypt messages violate human rights, EU court says - Enlarge / Building of the European Court of Human Rights in Strasbourg ... - https://arstechnica.com/?p=2003350 -to-end

yawnbox, to random
@yawnbox@disobey.net avatar

@cwtch is by far my most favorite . it's , and end to end encryption () is built in with onion services. no setting up any infrastructure required, it's built on the back of the distributed @torproject operator network. no phone number is necessary, and you can have isolated IDs (profiles) for everyone you talk to

tuxdevices, (edited ) to Europe
@tuxdevices@fosstodon.org avatar
nikita, to random German
@nikita@social.tchncs.de avatar

👉 verbietet Schwächung der Ende-zu-Ende-Verschlüsselung: Sieg für die digitale Privatsphäre

https://www.schmidtisblog.de/eugh-verbietet-schwaechung-der-ende-zu-ende-verschluesselung-sieg-fuer-die-digitale-privatsphaere-1736761/

HistoPol,
@HistoPol@mastodon.social avatar

@nikita

Was würden wir bloß machen, wenn es nicht Gerichte wie den und den geben würde?

Nochmal vorbeigeschrammt:

Freiheitsverluste:

In der Hand von Extremisten, bezahlt von : .

"...begründete seine Entscheidung damit, dass eine wichtige Rolle beim Schutz der Bürger und Unternehmen vor Cyberkriminalität und unbefugter Datenweitergabe spielt.

Das...

https://social.tchncs.de/@nikita/111931182101719123

kubikpixel, (edited ) to Bulgaria German
@kubikpixel@chaos.social avatar

«Ende-zu-Ende-Verschlüsselung (E2EE) durch Urteil EU-weit geschützt»
@tarnkappeinfo

Mal eine positive Nachricht was die #EU und #IT angeht. Die #E2EE ist geschützt und eingesehen das #Privatsphare wichtig ist. Jetzt müssen nur noch die Firmen und Behörden die #Verschlusselung ihrer #Kommunikation, wie zB #EMail mit #GPG, noch konsequent umsetzen. Ich hoffe, die #Schweiz zieht dem nach.

🔐 https://tarnkappe.info/artikel/netzpolitik/ende-zu-ende-verschluesselung-durch-urteil-eu-weit-geschuetzt-289301.html
🔐 https://gnupg.org

echo_pbreyer, to random German
@echo_pbreyer@digitalcourage.social avatar

🇬🇧 The judgement of the European Court of Human Rights on the right to is a victory for civil liberties! EU governments must finally remove the proposed destruction of secure encryption from the 2.0 bill!

https://www.patrick-breyer.de/en/european-court-of-human-rights-bans-weakening-of-secure-end-to-end-encryption-the-end-of-eus-chat-control-csar-mass-surveillance-plans/

thatprivacyguy, to privacy
@thatprivacyguy@eupolicy.social avatar

European Court of Human Rights bans weakening of - a death knell for

https://hudoc.echr.coe.int/eng/?i=001-230854 (para 76 onwards)

ajkelkar, to privacy
@ajkelkar@mastodon.social avatar

What a joke. I don’t know how people didn’t see this coming. The red flags were all over the place.

https://www.notion.so/blog/meet-skiff-the-newest-member-of-the-notion-family

matrix, to Matrix
@matrix@mastodon.matrix.org avatar

Blazing fast Matrix, Native E2EE Group Calls, state of the art auth and potential WhatsApp interop.

Matthew covers the last year in Matrix and how it can be used to speed up the opening of communications silo required by the EU Digital Markets Act

https://youtu.be/s5BrVVf0B1I

jele, to random German
@jele@norden.social avatar

@digitalcourage
Sagt mal, liest die des Clientrechners aus und setzt die Zeiten in der Kalenderumfrage in die jeweilige Zeitzone um?

christian,
@christian@suma-ev.social avatar

@jele kann das. Außerdem ist es : https://www.systemli.org/poll/

Inzwischen bereue ich, mit aufgesetzt zu haben, obwohl es damals Croodle schon gab. Ich hatte einfach nicht gründlich genug recherchiert.

ilumium, to random
@ilumium@eupolicy.social avatar

Listening to @matthew at #Fosdem24 talking about messaging #interoperability following the #DMA and it's mindboggling to see how tiny corps like @element, #Wire and #Wickr invest in building the next generation #e2ee protocol.

#DigitalMarketsAct

unruhe, (edited ) to protonprivacy Italian
@unruhe@mastodon.social avatar

deleted_by_author

  • Loading...
  • dazo,

    @unruhe @Tutanota @protonprivacy

    Give both a shot. Both are the only ones (I know of) having zero storage access as the only option; meaning is enforced. You may have mailbox.org as a third one (E2EE must be enabled manually there).

    I ended up with Proton as I experienced it far more feature rich, flexible and mature. And the Bridge is a must for my use case. In addition, it builds on PGP which can be used to have E2EE communication with people outside of Proton. (yes, I've tried Mailvelope with Tuta; that does not work at all. And doing it manually with copy/paste and PGP in an ordinary text esitor is a waste of time and also turned out error prone one the receiving end; Tuta mails gets mangled on the way).

    But if you're a very lightweight mail user, Tuta might fit your need. I generally think of Tuta more like a messenger service with SMTP transport support.

    Also beware, importing mails to Tuta is still not possible (unless that has changed the last months). And exporting mails are also a mess. I have migrated one user from Tuta to Proton, and I had to manually fix mail headers to get them imported. The mail export was quite poor, tbh. It took me longer than importing a handful of users from a Zimbra server to Proton - using the same Proton Mail Import/Export tool.

    Finally, I just want to mention that Tuta is a company with less than 20-30 employees, serving something like 10 million users. Proton is probably closer to 500 employees these days, serving more than 100 million users. So these organisations are quite different. Which also means they have quite different approaches for developing services further and capabilities to handle sudden challenges.

    Em0nM4stodon, to blogging
    neustradamus, to random
    @neustradamus@mastodon.social avatar
    xmpp, (edited ) to chat
    @xmpp@fosstodon.org avatar

    XMPP Summit 26

    Continuing after the lunch break. Before, we had fruitful discussions about "next-gen" XMPP, -Interoperability and !

    https://xmpp.org/2024/01/xmpp-summit-26/


    bcoffy, to privacy

    If end-to-end isn’t a god given right, then why did god give us prime numbers?

    strypey, (edited ) to trustandsafety
    @strypey@mastodon.nzoss.nz avatar

    "While large platforms with robust trust & safety teams are able to be more discerning in their moderation..."

    , , , 2023

    https://cyber.fsi.stanford.edu/io/news/common-abuses-mastodon-primer

    Are they though?

    Centralised moderation teams often lack the context to know what they're looking at. Fediverse admins each take care of a small, well-defined bit of overall moderation; the bit that affects accounts on their server. They know what's acceptable in their community.

    (1/3)

    strypey,
    @strypey@mastodon.nzoss.nz avatar

    "It is just much harder for a volunteer-run, distributed system to roll out protections like E2EE than a centralized company."

    , , , 2023

    https://cyber.fsi.stanford.edu/io/news/common-abuses-mastodon-primer

    Explain the logic underlying that conclusion. Counterexample, the Matrix network. A distributed system, much of which is volunteer-run.

    Mikal, to Signal
    @Mikal@sfba.social avatar
    Internxt, to Cybersecurity
    @Internxt@mastodon.social avatar

    Clean up your storage space... for free! 💾 If you want to self-host your cloud or encrypt and store your files privately, this article has 9 cloud solutions you can try before you buy ☁️ Find out who made the list 👇 https://blog.internxt.com/free-cloud-storage/

    islamicaudiobooks,
    @islamicaudiobooks@mastodon.social avatar

    @Internxt Good article but would be better if the writer mentioned clear pro and con list for each. Also list closed source as con for those that are. Also, doesn't have enabled by default and the separate encryption app isn't officially fully supported last I heard.

    islamicaudiobooks,
    @islamicaudiobooks@mastodon.social avatar

    @viktor @Internxt Thanks for the correction and apologies some of my information was apparently out of date. by default for files and contacts would still be great feature.

    marcel, to random German
    @marcel@waldvogel.family avatar

    kennt ihr. Und wisst, dass es nicht das taugt, was es vorgibt (und gefährliche Nebeneffekte hat, inklusive grossen Gefahren für Menschenrechte und Demokratie).

    Ihr habt aber Probleme, dieses Wissen mit "normalen" Leuten zu teilen. @ZDF hat sich dem ebenfalls angenommen. Vielleicht helfen diese 29 Minuten, mehr Leuten Einblick in die dunklen Machenschaften zu bekommen.

    https://www.zdf.de/dokumentation/die-spur/chatkontrolle-ashton-kutcher-thorn-eu-ueberwachung-100.html

    marcel,
    @marcel@waldvogel.family avatar

    "" klingt so gefährlich. Drehen wir den Spiess doch einfach um, und zeigen den lieben Nutzern, dass sie doch im Namen des Fortschritts freiwillig auf Ende-zu-Ende-Verschlüsselung verzichten wollen. Und es vielleicht nicht einmal merken:

    Damit die noch besser auf eine persönlichen Bedürfnisse eingehen kann, darf sie alle deine E2E-verschlüsselten Nachrichten über eine Hintertür lesen. Und zu den Servern schicken.

    https://www.forbes.com/sites/zakdoffman/2024/01/28/new-details-free-ai-upgrade-for-google-and-samsung-android-users-leaks/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • tester
  • thenastyranch
  • magazineikmin
  • InstantRegret
  • Youngstown
  • slotface
  • hgfsjryuu7
  • mdbf
  • vwfavf
  • kavyap
  • tsrsr
  • ngwrru68w68
  • PowerRangers
  • DreamBathrooms
  • Leos
  • everett
  • Durango
  • osvaldo12
  • khanakhh
  • ethstaker
  • rosin
  • cubers
  • tacticalgear
  • GTA5RPClips
  • normalnudes
  • cisconetworking
  • modclub
  • anitta
  • All magazines