#e2ee is a goal, not a promise. As far back as I can remember, forums like those supporting #Enigmail and #gpg were staffed with volunteers from the privacy community who repeatedly insisted on answering questions, like, "Is <this> (whatever this might be) totally secure?" with stock questions like, "What is it that you consider 'totally secure?" or answers such as, "Secure is a relative term, nothing is completely secure, how secure do you need your mission's communications to be?"
Phrases such as, reasonably secure should be indicators of how ridiculous it is to assume that any secure platform isEVERcompletely, and totally secure.
That begs the question, "Exactly how secure do you require your communications to be?" The answer is always, ... relative.
Which means that you should always believe Ellen Ripley when she says, "Be afraid. Be very afraid!"
Here comes #Fractal 7, with extended #encryption support and improved accessibility. Server-side key backup and account recovery have been added, bringing greater security. Third-party verification has received some bug fixes and improvements. Amongst the many accessibility improvements, navigability has increased, especially in the room history. But that’s not all we’ve been up to in the past three months. Read the full release notes at https://flathub.org/apps/org.gnome.Fractal
Politische Überwachungsphantasien, die mit dem Vorwand gerechtfertigt werden, "schlimmste Verbrechen wie den sexuellen Missbrauch von Kindern zu bekämpfen", sind unerträglich.
Wer wirklich etwas für Kinder tun will, engagiert sich im Kampf gegen den Klimawandel, für sichere Schul- und Radwege, für Bildung, gewaltfreie Familien, Chancengleichheit und freie Entfaltungsmöglichkeiten.
Everything you need to know about so-called 'Swiss Privacy' we learned decades ago from Operation Thesaurus, AKA, Operation Rubicon. We learned that CIA operations and black budget banking are actually headquartered in the Swiss underground.
If you trust any third-party server to protect your privacy, you're a rube. If you trust Proton Mail to protect your privacy, you're a rube getting 'crossed' by the Swiss Rubi-con. Either you own your keys and your data on your computer or else you have no privacy. Someone else's promise that your data will be 'encrypted' so they can't decipher it is a hollow pledge. If you send any form of plaintext to a remote server, no matter how much they claim to encrypt it, you have zero assurance of data privacy.
@EU_Commission Well, the topic I disliked the most is your plan to compromise the online safety, security and privacy of all 450 million Europeans with the plans to scan their devices. In addition, you are not open and transparent enough about these plans, as most of those 450 million do not know you are working on this. You know it does not work and that is in violation with human rights, yet you keep pushing. Why? #CSAM#CSS#Encryption#Security#Privacy#GDPR
I asked Grok, the new AI on Twitter to tell me a bedtime story focused on encryption and ending the monarchy. And added some creative names to the mix:
"Once upon a time, in a land not too far from here, there was a person named Doctor Bitchcraft. Doctor Bitchcraft was a brilliant cryptographer, a master of encryption, and a passionate advocate for privacy. They were also a firm believer that monarchies, with their inherent problems, should be abolished, especially since the current monarch was named King Charles.
Doctor Bitchcraft lived in a world where the monarchy's power was absolute, and the people had no voice, no freedom, and no privacy. The monarchy's spies were known as the Royal Guard, and they were feared by all who knew of them.
One day, Doctor Bitchcraft embarked on a quest to create the ultimate encryption algorithm, one that would protect the privacy of all citizens and make the monarchy obsolete. They knew that King Charles, with his unchecked power, posed a threat to the people's freedom.
As Doctor Bitchcraft delved deeper into their research, they discovered the true power of encryption. It was a tool that could protect the people from the prying eyes of King Charles's monarchy and ensure their communications remained private.
But the road to creating this algorithm was fraught with challenges. King Charles, fearing the loss of his power, sent his Royal Guard to infiltrate Doctor Bitchcraft's lab and sabotage their work.
The Royal Guard were ruthless in their pursuit of Doctor Bitchcraft, but Doctor Bitchcraft was clever and always one step ahead of them. They worked tirelessly, day and night, to complete their algorithm and bring hope to a world shrouded in darkness.
Eventually, Doctor Bitchcraft completed their algorithm and called it "404 Media." It was a masterpiece of encryption, impenetrable to King Charles's attempts to crack it. The people rejoiced, for they could now communicate freely without fear of being monitored by the monarchy.
King Charles, desperate to maintain his power, tried to outlaw "404 Media," but the people rose up in protest. They saw the value in encryption and the importance of privacy. They realized that a monarchy, with its inherent problems, was no longer necessary in a world where people could communicate freely and securely.
And so, the monarchy was abolished, and a new era of freedom and privacy began. The people elected a leader, and a democracy was born. Doctor Bitchcraft became a hero, celebrated for their work in encryption and their fight against King Charles's monarchy.
And so, Doctor Bitchcraft and the people lived in a world of freedom and privacy, always watchful of the shadows, always ready to protect their hard-won rights.
Sweet dreams, dear Doctor Bitchcraft, and may your journey be filled with privacy and security"
#EU#Germany#CyberSecurity#Privacy#Encryption: "While governments around the world are planning to undermine strong encryption with client-side scanning, the German government now steps up for protecting citizen's right to privacy. This comes at no surprise as Germany is known for its strong data protection laws, which are also one of the reasons why Tuta is based in Germany.
Beginning 2024, German net activists from Netzpolitik.org have published the draft law that aims at making end-to-end encryption mandatory for messenger, email and cloud service providers.
You can read the full text of the law here (in German).
The newly published draft law follows the 2021 coalition agreement of the German government of SPD, FDP and the Greens. Back then the plan to introduce a right to encryption was met with great approval, especially among security experts and net activists."
Today is the #idesofmarch, marking Julius Caesar's assassination and a turning point in Roman history. But, what does this have to do with #encryption, you ask?
Caesar used to communicate privately by encrypting his correspondence with what came to be called the #caesarcipher.
This simple and widely known encryption technique is a substitution cipher in which each letter in plaintext is replaced by another letter following a fix position further up or down the alphabet.
This modest form of #encryption required no mathematics, and it could be done by finger-counting.
So, I've been transfering my passwords manually to #KeepassXC for the past two days now, and during the process, I'm also changing my passwords and emails; and not transferring dead services. (As well as deleting them once transfered.)
I originally used #Keepass (the original), then #KeepassX. My #Android client of choice was #Keepass2Android. It worked pretty well together at that time, until the upgrade of the keepass database and Android, things started to get messy.
It was when I moved to #LastPass. After that service experienced a major(?) brand shake up, I moved to another service, this time with #e2ee (end-to-end #encryption).
Today, I'm going back to keepass because things are running smoothly again, especially with the Android integration. Both Keepass2Android and #KeepassDX have full support of KeepassXC and the latest features.
I just can't decide between Keepass2Android and KeepassDX. Regardless, I like them both combined with KeepassXC. The way I want things to be.
This report from @briankrebs is really something: A darknet drugs marketplace -- which by definition has embarrassing (or worse) information about at least some of its buyers and sellers -- is extorting them. How? By threatening to reveal what they've bought and sold.
@dangillmor@briankrebs
Relying on a website's "auto-encrypt" ... means the user doesn't understand the whole point of #E2E.
Responsible marketplaces do not merely encourage but require their users to upload a public PGP, and locally encrypt all messages before sending.
Those marketplaces literally can not produce "private messages, order info and order details" for purposes of extortion, law enforcement, or anything else.
Swiss authorities intervene, Proton Mail not blocked in India ( www.moneycontrol.com )