I hope to hear from @Tutanota very soon. Lack of key verification is a major flaw in the technical design of the platform, allowing a malicious Tuta server to read end-to-end encrypted exchanges (both emails and shared calendars).

github.com/tutao/tutanota/issu…

The issue has been opened 6 years ago.

#Security #Privacy #Crypto #Cryptography #Email #FOSS

rPGP is an #OpenPGP implementation in pure #Rust (crates.io/crates/pgp).

It serves as the end-to-end encryption engine for Delta Chat:
@delta, a secure decentralized messager for all major platforms (and then some).

rPGP implements all generations of the OpenPGP standard, up to and including the new RFC 9580.

#RustLang #Cryptography #PGP

I somehow just learned about the IETF's "Privacy Pass" working group, along with Google and Apple's respective implementations ("Private State Tokens", "Private Access Tokens"), and I'm so damn tired of DRM being the answer to everything.

Mozilla wrote a blog post in December of 2023 about why they decided not to implement it:

blog.mozilla.org/en/privacy-se…

...and the IETF has a page to track the working group's drafts:

datatracker.ietf.org/wg/privac…

#IETF #DRM #cryptography #privacy

The arrest of #Telegram's founder Pavel #Durov sets a dangerous precedent for what kind of action can be taken against supporters of #privacy & #cryptography.

Don't settle for anything less than E2E #encryption! We've created a list of the top encrypted messaging apps to help!
👉 tuta.com/blog/best-whatsapp-al…

Shor's algorithm in theory versus in practice.

redd.it/1ee6rs8

#cryptography #crypto #quantum #quantumcomputing

No more rocket science, I'm moving to Post-Quantum encryption any day now...
tuta.com/blog/post-quantum-cry…

@Tutanota
#infosec #cryptography

Post Quantum Cryptography: Why We Need Resistant Encryption NOW.

Quantum-resistant or post-quantum cryptography is our best bet against attacks from upcoming quantum computers to increase security and privacy.

^Tutanota

After #AI, quantum computers will be next big thing in tech.

And they'll be able to break currently used email #encryption.

Plus, the NSA already uses "harvest now, decrypt later" strategies.

That's why we at Tuta are working on post-quantum #cryptography. 🔒💪

Read everything you need to know about this amazing journey:
tuta.com/blog/post-quantum-cry…

In an era of quantum computing "arms race", it is time to transition to quantum-safe systems.

Tutanota is well ahead of the race: We already have a working prototype with post-quantum secure encryption. Stay tuned for future updates! 🤓💪

#postquantumcryptography #encryption #cryptography

tutanota.com/blog/posts/cybers…

US federal agencies required to adopt post-quantum security, private sector advised to follow

^Tutanota

The nontechnical introduction to #Keyoxide and online identity verification using #cryptography is now online!

It was presented yesterday at #fosdem!

fosdem.org/2023/schedule/event…

FOSDEM 2023 - Keyoxide: verifying online identity with cryptography

^fosdem.org

Do you like security? Do you like privacy? Cryptography? Do you like working for a public benefit non-profit instead of an investor-beholden corporation?

Let's Encrypt is hiring for someone to join our SRE team and help run the largest Certificate Authority in the world! Come work with me and some of the most wonderful folks in tech, to make the web a better place.

abetterinternet.org/careers/le…

#jobs #sre #webPKI #security #privacy #cryptography

Let's Encrypt Software Engineer (SRE)

Posted: September 29, 2022 Start Date: January 2023 Position Status: Open Location: Remote within US Compensation: $140k USD, 100% 401k Match, Excellent Insurance We’re making HTTPS easier for developers to use, we’re doing it at scale, and we need y…

^{Internet Security Research Group}

Small Web sites will require JavaScript to sign in.

Why?

To protect your privacy.

We use public-key authentication (which I’m implementing as we speak) so your secret is never stored on the server and you only enter it in places you own and control.

(I can already see some folks up in arms about this because JavaScript Bad™ so I just checked in the initial copy for the page that gets displayed if JavaScript is off.)

#SmallWeb #Kitten #SmallTech #JavaScript #cryptography #authentication

Towards End-to-End Encryption for Direct Messages in the #Fediverse

soatok.blog/2022/11/22/towards…

GitHub proposal here:

github.com/soatok/mastodon-e2e…

#mastodon #crypto #cryptography

GitHub - soatok/mastodon-e2ee-specification: Soatok's Proposal for End-to-End Encryption in Mastodon

Soatok's Proposal for End-to-End Encryption in Mastodon - GitHub - soatok/mastodon-e2ee-specification: Soatok's Proposal for End-to-End Encryption in Mastodon

^GitHub

To learn more about #MLS and why this protocol exists in the first place when we already have Signal's, here is a great podcast on the topic: cryptography.fm/7.

#Privacy #Security #Crytology #Cryptography #InfoSec

Episode 7: Scaling Up Secure Messaging to Large Groups With MLS!

Raphael Robert from Wire talks about how MLS wants to scale secure messaging to groups with hundreds or even thousands of participants.

^{Cryptography FM}

I'd like to find a community of other people in #tech, maybe people who are interested in talking about things like #cloud alternatives, #cryptography, or #softwaredev processes (like #agile, I guess), #programming. I haven't found too much of that on here. Point me at the good discussions and knowledge sharing, if you know where it is!

Look, software isn't everything, and I'm sure I'll get into some other stuff on here, but the above is what I haven't found yet.
#introductions #introduction