Reminds me of a story back in 2017, when a flaw in encryption was found in WA and they replied with "it's not a bug, it's a feature" - and in response, my friends and I decided to add PGP encryption to WA Web as a hackathon project :blobfoxlaugh:
W jaki sposób Meta wprowadza szyfrowanie e2e do facebookowego Messengera, co to jest Labyrinth i czy możemy czuć się w pełni bezpieczni, korzystając dziś z tego komunikatora - wyjaśnia @mateuszchrobok
There is a lot to build in
the digital rights and data privacy realm.
Embrace the arrival of
more trustworthy end-to-end encrypted and privacy-focused messaging apps, email services, VPN services, browsers, operating systems, mobile devices, security tokens, etc.
Embrace the development of
more organizations, groups, and projects growing to defend our digital rights and fight to make the future a brighter place.
MLS is the first standardized and fully specified end-to-end encryption protocol. It brings substantial improvements in performance and security compared to existing protocols. We have been involved in the design and development of the MLS protocol since the very beginning.
We are delighted to announce that we have partnered with #BitMart to offer a primary listing for #eMAID (ERC20 token) with trading commencing on 10 January 2024. The pair being offered is EMAID/#USDT. With the sad news of #Bittrex closing its doors last year and ending trading of Omni #MAID, this is great news for the future of...
For me, I haven't much to say, other than I hope these #BigTech messaging services die in a fire, decentralized or not. Even when we ignore their overly dominant, monopolist positions, their disregard of #Ethics, the #SurveillanceCapitalism Advertising platforms are inherently untrustworthy. #E2EE doesn't mean much either. Look e.g. at this article by @protonmail on "keylogger" injection by #Facebook, #Instagram and #Tiktok ..
Over 80 civil society groups and experts joined us to oppose the spy clause that breaks #e2ee.
"These measures will embolden hostile and abusive regimes who will be only too pleased to use the UK as an excuse to monitor the private messages of their citizens."
Last Boost: I really feel #E2EE needs to rapidly become ubiquitous, expected, and normalized before bills that seek to ban it find the right wording to survive media scrutiny.
That's why fan art is safe and fan games aren't, btw. Copyright wise, no difference. Fan art, esp selling it, is unquestionably not ok by most copyright standards.
Only the unspoken "it's always been like this" keeps it safe. Sometimes that's the most critical part. People hate change. Preemptive laws are v dangerous.
As it is a long, long tradition Conversations is available for free on the Google Play store for the last week of December.
This tradition was originally born so that when I meet people at Chaos Communication Congress and they ask what I do, they have an easy way to install Conversations. In that regard it's a very special year as we are seeing the return of CCC.
However if you are meeting loved ones to celebrate something else these days that’s fine too.🎄
@CenDemTech applauds Meta for taking this action to enhance the security of the billion+ Messenger users. Indeed, we helped form the Global Encryption Coalition a few years ago in part to encourage companies to extend E2EE to their services. Encryption protects dissidents, journalists, human rights defenders, victims of domestic violence, government officials who handle national secrets, and everyone else against unwarranted eavesdropping."
Are you using Dropbox cloud storage? You do not want 3rd party AI technology partners to have access to your Dropbox files? Flip this switch, which is on by default. Go to web->account-> settings- 3rd party AI. Please turn it off. Please boost so everyone know how bad this move is … 😡
If ut were properly encrypted, their !#AI" would not be able to see anything but random noise.
The sad part us that Dropbox didn't get fined for this breach of trust by @EU_Commission or anyone else - or at least not in a way that it would be considered a penalty for them...
Threads federates, you don't subscribe to anyone on the instance. Happy now?
Threads federates, you blacklist the whole instance in your user blacklist. Now happy?
Threads federates, you subscribe to a few people whose writing you like. Happy?
Threads federates. Threads users realize, they can jump ship to another Instance and still talk with and to and about their friends. Threads loses users. Happy!
If I had the funding, I'd explicity start an eMail provider that blocks everything but #E2EE - encrypted [ PGP/MIME ] eMails and forces everyone to properly encrypt their shit.
Because I ran out of spoons and 10+ years after #Snowden and #PRISM there is no excuse to act like a Snitch!
As end-to-end encryption becomes more popular (yay! :rainbowdance:),
Celebrate yes,
But also remain skeptical about how this word is used and if this claim warrants your trust.
Do not trust blindly.
End-to-end encryption is a wonderful protection when well implemented. But not all apps that use end-to-end encryption are equals.
Verify that:
The provider is trustworthy :blobcatthinkingglare:
Trustworthy third-parties have verified and confirmed the provider's claims 🔍
Metadata is also encrypted and/or that, ideally, its collection is minimized :blobcatpeekaboo:
Solid security measures protect the data as well (For example, if your data is end-to-end encrypted from your password but your password is vulnerable then your data is vulnerable as well) 🛡️
Encryption is truly end-to-end, meaning only the sender and the receiver can access the data and nobody else :ablobcatpeek:
Finally keep in mind that even if a service uses minimal encryption (for example one that still collects a lot of unencrypted metadata) it is still better than the same service using no content encryption at all,
BUT there are almost always much better services that offer truly complete and well implemented end-to-end encryption for their services.
Also #ChromeOS supports #Android-Apps and if you don't have administrative privilegues on a machine then consider it insecure and nit trustworthy for yourself as a user!
This is irrelevant too. Browsers have really good sandboxing nowadays, and on chromium you can even create multiple profiles within the UI. The reality is that, as long as the client-side code can be trusted (reminder that you can self-host element and/or cinny if you don't trust it - I've done that before) as well as the browser itself, it's about the same in terms of security.
MaidSafeCoin (EMAID) now available on the BitMart exchange! (safenetforum.org)
We are delighted to announce that we have partnered with #BitMart to offer a primary listing for #eMAID (ERC20 token) with trading commencing on 10 January 2024. The pair being offered is EMAID/#USDT. With the sad news of #Bittrex closing its doors last year and ending trading of Omni #MAID, this is great news for the future of...