Ever wondered how to write an email to your lawyer or doctor? Let's hope they use encryption! 🔒 😎 But why does a business need end-to-end encryption?

✅ Protect sensitive data
✅ Stay GDPR compliant
✅ Build trust

Find out more: ➡️ tuta.com/blog/why-companies-ne…

#Security #Encryption #Privacy #CyberSecurityMonth #GDPR

Google is going to make HTTPS required by default in Chrome in a year.

In the post there is quite a bit of talk about the problem of obtaining a cert for local network names. Hopefully their push to make everything-HTTPS will include local network addresses too. We really badly need it.

They kind of seem to say they will, but it's all talk until shown otherwise: "In the future, we hope to work to further reduce barriers to adoption of HTTPS, especially for local network sites."

security.googleblog.com/2025/1…

#chrome #security #selfhosting

HTTPS by default

One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secu...

^{Google Online Security Blog}

#ChatControl is OFF the table for now. 💪

But the Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December.

😡 He now even claims your activism was paid for by Big Tech! 😡

We must keep fighting for #encryption and our right to #privacy 🔒️

Source: netzpolitik.org/2025/absurd-un…

#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security

Accrescent 0.27.0 is here! This is the most significant release we've made to date:

- New, stable app store API
- Complete installer rewrite, resolving all known bugs
- Tons of new features
- More snappy, correct, & informative UI

Check it out! 👇

github.com/accrescent/accresce…

#accrescent #security #privacy #appstore #android

Release 0.27.0 · accrescent/accrescent

Happy release day! This release is the most significant Accrescent release to date, marking our migration to a new, stable app store API; completely rewriting our core logic to resolve all known in...

^GitHub

For you activist folk that still use Google services, get your shit off google and do it now. Don't store your files there and move your email to @Tutanota

If you can't make that effort you're not to be trusted. Look at the last item on the list in the linked article. Given the current fascist admin, it's clear your files are not safe, secure or private if stored on Google. Likely other US services too.

#privacy #security #google #fascism #democracy #resist

inverse.com/input/tech/google-…

Heads up, Google is monitoring everything you do in Docs and Drive

It might be time to move any sensitive information to your hard drive.

^{Matt Wille (Input)}

Today's AWS debacle is the perfect example of the reason why in the last few years I started to be less enthusiastic about Signal, and more oriented to federated or even P2P solutions like XMPP and Jami. I wrote about it already:

gagliardoni.net/#im_battle_202…

Signal was down for few hours today, after an outage that affected AWS:

mastodon.world/@Mer__edith/115…

Let's ignore for a second the blind reliance on AWS or any other cloud provider. In a decentralized system, this would not have happened, or at least it would have not impacted so many users.

Yes, I am a cryptographer myself, I know that Signal's encryption is the best. But encryption is not everything. Availability issues, geopolitical troubles, risk of enshittification, limitations on users' freedom to use and control the software lead to a lack of trust, even in a supersecure solution. And I say that with honest admiration for the folks at Signal, who are doing a great job.

May they prove me wrong over and over again.

#signal #im #aws #amazon #privacy #security #digitalsovereignty #selfhosting #fediverse #federation #p2p #enshittification #xmpp #jami #politics #opensource #freesoftware #libre

Meredith Whittaker

2025-10-20 08:00:15

PSA: we're aware that Signal is down for some people. This appears to be related to a major AWS outage. Stand by.

RE: infosec.exchange/@accrescent/1…

The servers were deployed a few weeks ago. However, our next app update had unexpected bugs, delaying its release.

As a result, updates for all apps have been delayed since. We apologize for the delay and hope to resolve it by the end of the week. Thank you for your patience!

#accrescent #android #appstore #security #privacy

Accrescent

2025-09-24 18:19:57

Development on our roadmap is progressing smoothly. Our next app and server releases are undergoing final testing before deployment.

We hope to make an announcement soon about what Android's recently announced developer verification requirements mean for Accrescent. Stay tuned!

#accrescent #android #appstore #security #privacy

NVDA 2025.3.1 Release Candidate is now available for testing.

This is a patch release to fix a security issue & a bug.

- Fixed a vulnerability which could prevent access to secure screens via Remote Access.

- Remote Access now returns control to the local computer if it locks while controlling the remote computer.

#NVDA #NVDAsr #PreRelease #News #NewVersion #Update #ScreenReader #Security

We've just fought #ChatControl - now Ireland 🇮🇪 wants its own backdoor law. 🔓

But we, together with ~40 orgs, are saying no.

#NoToBackdoors 💪

Read our open letter to Ireland: 👉 globalencryption.org/2025/10/o…

#backdoor #encryption #privacy #security

We're trying to use @Tutanota for our email needs, but it seems like our email address is getting marked as spam by Gmail. Hopefully it's something we can overcome soon as we try to recruit members!

#Privacy #Security #TutaMail #Tutanota

Fette Lücke in der #GameEngine #Unity mit Schadcodeausführung, teilweise auch aus dem Internet: heise.de/news/Spiele-Engine-Un…

Die Liste erscheint mir, auch mit der Einschränkung "in Unity Gaming Engine Editor Version 2017.1 oder neuer" erstellt etwas kurz, wenn man bedenkt wie krass verbreitet Unity doch ist. Und ob da noch alles gepatcht wird, darf bezweifelt werden - da sind ja so seinige Legacy-Titel bei.

Ohje ohje... 🙈

#Gaming #Security

Spiele-Engine Unity: Lücke bedroht Android, Linux, macOS und Windows

Unity steckt in zahlreichen populären Spielen für Mobilgeräte und Desktop. Eine gravierende Lücke ermöglicht Angreifern, Schadcode auszuführen.

^{Dirk Knop (heise online)}

Hey you! Yes, you, who maintains signatures for a so-called AntiVirus scanner! Could you please get those signatures fixed?

Here's from a year ago: github.com/nfcgate/nfcgate/iss…

And despite of those developers having reached out more than once, this is where we stay now, a year later: 29 (!!) engines falsely mark the NFCGate app as Malware: github.com/nfcgate/nfcgate/iss… – confusing people and scaring them away from it.

Do you also blame the vendor of the getaway car for the bank robbery? 🤦‍♂️

#security

NFCGate and "NGate" Malware

As some of you may have heard, researchers at ESET published their findings about a novel family of Android malware they named "NGate", which tricks victims into relaying NFC traffic to facilitate ...

^{roussosalex (GitHub)}

Why this "AV" (Age Verification) requiring the upload of documents poses risks which are IMHO not justified by the reason:

discord.com/press-releases/upd…

What got out? Well, just "… Name, Discord username, email and other contact details … billing information … IP addresses … government‑ID images (e.g., driver’s license, passport) from users who had appealed an age determination"

Well, happy identity thefting then… Remember: what's not there, cannot be stolen 🤷‍♂️

#security #ageVerification

Update on a Security Incident Involving Third-Party Customer Service | Discord

At Discord, protecting the privacy and security of our users is a top priority. That’s why it’s important to us that we’re transparent with them about events that impact their personal information.

^discord.com

God help us

“A new report from Senate Democrats claims members of Elon Musk’s DOGE team have access to the Social Security Numbers of all Americans in a cloud server lacking verified security measures, despite an internal assessment of potential “catastrophic” risk. The report, released by Sen. Gary Peters (D-MI), cites numerous disclosures from whistleblowers, including one who said a worst-case scenario could involve having to re-issue SSNs to everyone in the country.

As outlined in the report, DOGE staffers moved a live copy of Americans’ personal information to a cloud server despite an internal risk assessment done by the Social Security Administration (SSA) that determined the impact could be “catastrophic” without the proper safeguards. The report notes that this information is considered “production data,” potentially allowing DOGE to “directly manipulate” it.”

#doge #tech #ssn #news #security #privacy
theverge.com/news/785706/doge-…

DOGE might be storing every American’s SSN on an insecure cloud server

A new report from Senate Democrats reveals that Elon Musk’s DOGE has moved sensitive information, including Social Security numbers, to a cloud server without verified security measures.

^{Emma Roth (The Verge)}

Development on our roadmap is progressing smoothly. Our next app and server releases are undergoing final testing before deployment.

We hope to make an announcement soon about what Android's recently announced developer verification requirements mean for Accrescent. Stay tuned!

#accrescent #android #appstore #security #privacy

🐧 Vyšla distribuce Tails 7.0: rychlejší start, jednoduchost a anonymizace s Torem

🔗 infoek.cz/vysla-distribuce-tai…

🐧 Tails 7.0 distribution released: faster startup, simplicity, and anonymization with Tor

🔗 infoek-cz.translate.goog/vysla…

#TheTorProject #Tor #Anonymization #Security #InternetCensorship @torproject

Poll: How many screens do you work with? 🖥️

Vote + Boost 🔁 = ❤️

(Feel free to reply with how this setup helps you 👇)

#Linux #Arch #LinuxMint #Fedora #Debian #Ubuntu #Desktop #FOSS #Privacy #Security #OpenSource #Microsoft #Windows #TechNews #CyberSecurity #Tech #Technology #Apple #OS #iOS #MacOS #OperatingSystem #Monitor #Monitors #Screen #Screens #TV #OLED #2k #4k #HD #Job #Work #Productivity #Multitasking #Dev #DevOps #Development #Developers #DevLife #SysAdmin #TechCommunity

• 🧍 Just 1 screen (0 votes)
• 🧑‍💻 Dual setup (2) (0 votes)
• 🧠 Triple or more (0 votes)

“The vulnerability might be in the proof-of-concept”

This is a common pattern I see for reporters to open source projects, where the proof-of-concept itself contains the vulnerability, not the project.

👉 sethmlarson.dev/the-vulnerabil…

#security #opensource #oss #vulnerability

The vulnerability might be in the proof-of-concept

The Security Developer-in-Residence role at the Python Software Foundation is funded by Alpha-Omega. Thanks to Alpha-Omega for sponsoring security in the Python ecosystem. I'm on the...

^{sethmlarson.dev}

Since we published our blog post on the future of Accrescent, donations have increased dramatically.

According to the rates in that post, we should now be able to fund full-time development through at least May 2026!

Thank you to our community for your monumental support!

Because of you, we can dedicate ourselves fully to our mission of building a modern Android app store focused on security, privacy, and usability.

If you want to read the original blog post: blog.accrescent.app/posts/the-…

Or if you want to see our plans: blog.accrescent.app/posts/prog…

#accrescent #security #privacy #android #appstore

The Future of Accrescent

Accrescent is a novel Android app store focused on security, privacy, and usability. We’ve been building Accrescent since 2021 to improve the security and freedom of everyday Android users by providing an alternative to Google Play which doesn’t comp…

^{Logan Magee (Accrescent Blog)}

Today is the day! Read all about our development progress, view our roadmap for the future, and check out the new projects we're releasing as open source in our new blog post!

blog.accrescent.app/posts/prog…

Check out our new repositories:

github.com/accrescent/android-…
github.com/accrescent/director…
github.com/accrescent/director…
github.com/accrescent/ina

#android #security #privacy #accrescent #appstore

Progress Update and Roadmap

In our recent post about Accrescent’s financial future and sustainability, we announced that to build trust and transparency with our community, we’d be publishing a follow-up blog post about what we’ve been working on lately and where we’ve been set…

^{Logan Magee (Accrescent Blog)}

Keep an eye out for tomorrow's blog post! We'll be posting a development progress update for the past months and a roadmap for the next few.

#accrescent #security #privacy #appstore #android

We recently discovered a large Monero donation was received in the short time after we updated our article's reported income but before it was posted. We've now updated it to reflect this.

We'll post an update soon on what this means for the project. Thank you for your support!

#accrescent #appstore #security #privacy #android

***infosec specialists are needed in the resistance ***

The world needs tech security specialists to run workshops at public libraries for all ages & abilities to remove spyware, AI, reduce surveillance, understand the issues, & for more advanced, move to Linux, degooglefy, etc.

Libraries will pay good wages for these workshops. There may be grants.
If you have these skills, please consider offering them.

#libraries #library #tech #infosec #privacy #security #activism #antifa #resistance

Accrescent depends completely on donations to run. Today we share a significant update in our new blog post on the future of Accrescent: blog.accrescent.app/posts/the-….

New releases of Accrescent and our developer console are also out, with Android 16 updates and Material 3 changes. Check them out!

github.com/accrescent/accresce…
github.com/accrescent/parcelo/…
github.com/accrescent/console/…

#security #privacy #accrescent #android #appstre

The Future of Accrescent

Accrescent is a novel Android app store focused on security, privacy, and usability. We’ve been building Accrescent since 2021 to improve the security and freedom of everyday Android users by providing an alternative to Google Play which doesn’t comp…

^{Logan Magee (Accrescent Blog)}

So…who hates those Google log-in pop-ups that are seemingly everywhere now? Wanna make them go away?

1. Get uBlock Origin (which you should have already been using):

github.com/gorhill/uBlock

2. Open the plugin and click the settings button.

3. Click on the “my filters” tab and paste this into the input:

||accounts.google.com/gsi/*$xhr,script,3p

That’s it! Worked flawlessly for me.

(Updated URL. Thx @IceWolf
and @emz!)

#Google #Privacy #Security #PopUps #InfoSec #BadGoogle

Don't trust cloud services with your creative work.

#enshittification #privacy #infosec #security #cybersecurity #writing #art

🛡️ "Stop Subverting Sandboxes"
with Michael Catanzaro at #GUADEC2025
📅 25 July 🕒 13:40 CEST 📍 Brescia

🔒 Flatpak can protect users—but not if we keep bypassing it. Michael calls for stronger sandboxing, better portals, and shares GNOME’s new security bounty program.

🔗 events.gnome.org/event/259/con…

#Flatpak #GNOME #Sandboxing #Security #FOSS

Sharepoint is in the news again. It is never a good thing when Sharepoint is in the news.

#technology #security #microsoft #sharepoint

washingtonpost.com/technology/…

[aur-general] - [SECURITY] firefox-patch-bin, librewolf-fix-bin and zen-browser-patched-bin AUR packages contained malware

lists.archlinux.org/archives/l…

#security #linux #ArchLinux

I found a vulnerability in git. CVE-2025-48384: Breaking git with a carriage return and cloning RCE - dgl.cx/2025/07/git-clone-submo…

As the post explains this is one of my favourite classes of vulnerability, using characters that are old and sometimes forgotten.

#git #security #rce #ascii

Why is security work unlike any other contribution to an open source project?

We need to re-think the tight association between maintainers and security work if we want sustainable open source security.

Read more: sethmlarson.dev/security-work-…

#opensource #oss #security #supplychain

Open Source Security work isn't “Special”

I gave this keynote at OpenSSF Community Day NA 2025 in Denver, Colorado. There will be a YouTube video recording available at a later date. This talk was given as the Security-Developer-in-...

^{sethmlarson.dev}

Psst 👋 Getting organized will become much easier soon.

Get excited for the next update. 🤩

Here's a sneak peek 🤫

#teaser #calendar #sneakpeek #privacy #security #tuta

Who says you can’t have #privacy and #security in an OS? Meet PureOS — the #Linux OS that respects you.

No ads
No trackers
No #surveillance
No terms of service traps

PureOS supports Purism’s Librem 5 & Liberty Phone.

More Info: puri.sm/posts/what-is-pureos-a…

heise+ | Delta Chat in Russland vor Gericht: Urteil gegen deutsches Entwicklerteam

Russland geht gegen den Messenger Delta Chat vor und nimmt eine Freiburger Firma ins Visier. Die wehrt sich und warnt zugleich die EU.

heise.de/news/Delta-Chat-in-Ru…

#Apps #Datenschutz #IT #Security #news

Delta Chat in Russland vor Gericht: Urteil gegen deutsches Entwicklerteam

^{Keywan Tonekaboni (heise online)}

🔐 "Fixing Desktop Keyrings"
with Dhanuka Warusadura at #GUADEC2025
📅 24 July 🕒 12:30 CEST 📍 Brescia
🧩 GNOME 49 plans to replace gnome-keyring with a new D-Bus Secret Service. Here’s what’s changing.

🔗 events.gnome.org/event/259/con…

#GNOME #Security #Keyring #OpenSource

🛡️ "The evolution of Linux targeted cyber threats"
with Pau Hoz at #GUADEC2025
📅 24 July 🕒 11:05 CEST 📍 Brescia

🔍 From supply chain attacks to evasive malware, Pau digs into how Linux threats are evolving—and what it means for FOSS security.

🔗 events.gnome.org/event/259/con…

#Linux #Security #FOSS #CyberThreats