Search
Items tagged with: Privacy
Massive E-Learning Platform #Udemy Gave Teachers a Gen #AI 'Opt-Out Window'. It's Already Over.
Udemy will train generative AI on classes developed/users contributed on its site. It is opt-out (meaning, everyone was already opted in) with a time window... and opting out may "affect course visibility and potential earnings."
Udemy's reason for the opt-out window was reportedly because removing data from LLMs is hard. IMO, that would be the reason for making it opt-in, but here we are...
I hope to hear from @Tutanota very soon. Lack of key verification is a major flaw in the technical design of the platform, allowing a malicious Tuta server to read end-to-end encrypted exchanges (both emails and shared calendars).
github.com/tutao/tutanota/issu…
The issue has been opened 6 years ago.
#Security #Privacy #Crypto #Cryptography #Email #FOSS
![Message posted on the GitHub issue titled "Manual key verification":
"This issue has been opened for more than 6 years now, with no clear roadmap or even real consideration from the Tuta team. I have to say, I am disappointed.
You keep saying that "[...] Tuta [is] the most secure email service on the market.", but without key verification, a malicious Tuta server can read the end-to-end encrypted emails and shared calendars exchanged on the platform as there is no way to verify the recipients' public key. As explained by @llebout, "all users of Tutanota must trust Tutanota to not provide forged keys and perform an MITM attack". This is a significant flaw in the technical design of the platform, and it does not seem to bother you.
In #198, it can be read that:
> We are aware of the issues with verification, new protocol will support verification, the work is underway
However, your post-quantum implementation has now landed but still no word on the key verification issue.
Could you please stand by what you have said from day 1, that you prioritise security and privacy, and establish a clear roadmap of the work already undertaken or to be done to fix the situation?
Thank you"](https://fedi.ml/photo/preview/640/595249 "Message posted on the GitHub issue titled \"Manual key verification\":
\"This issue has been opened for more than 6 years now, with no clear roadmap or even real consideration from the Tuta team. I have to say, I am disappointed.
You keep saying that \"[...] Tuta [is] the most secure email service on the market.\", but without key verification, a malicious Tuta server can read the end-to-end encrypted emails and shared calendars exchanged on the platform as there is no way to verify the recipients' public key. As explained by @llebout, \"all users of Tutanota must trust Tutanota to not provide forged keys and perform an MITM attack\". This is a significant flaw in the technical design of the platform, and it does not seem to bother you.
In #198, it can be read that:
> We are aware of the issues with verification, new protocol will support verification, the work is underway
However, your post-quantum implementation has now landed but still no word on the key verification issue.
Could you please stand by what you have said from day 1, that you prioritise security and privacy, and establish a clear roadmap of the work already undertaken or to be done to fix the situation?
Thank you\"")
FTC-Bericht: Massenüberwachung durch Online-Plattformen ist außer Kontrolle
heise.de/news/FTC-Bericht-Mass…
Keine Einzelfälle, sondern Teil des Geschäftsmodells
Accrescent 0.24.0 is out with settings menu accessibility improvements, target SDK 35 (Android 15), and LOTS of translation and dependency updates! 🎉
Download it from our website at accrescent.app or read the changelog below 👇
Im Namen der "Sicherheit" natürlich!
Überwachungspaket: Ampel will anlasslose Personenkontrollen und Durchsuchungen fast überall
netzpolitik.org/2024/ueberwach…
Von Amnesty bis Seawatch: Breite Front gegen Überwachungspaket der Ampel
netzpolitik.org/2024/von-amnes…
As much as we fight the EU Commission's push for #chatcontrol, we applaud the EU for protecting users' #privacy with the #GDPR.
It's about time the #EU Commission reflects on European values and increases data protection, not undermining it. ✊
Read here what Tuta does to achieve GDPR-compliance: 👉 tuta.com/blog/gdpr-compliant-e…
Tor insists its #network is safe after German cops convict CSAM dark-web admin
Kind of boils down to opsec fail here. Using outdated software, which in this case didn’t properly secure Tor connections.
Timing attacks are still viable (especially with hostile nodes), but this reads as an #opsec fail to me.
Remember: a major part of anonymity is maintaining great opsec.
Obligatory: Tor is not “just for criminals,” despite one getting caught in this case (glad he did tbh). Regular people use Tor everyday.
#cybersecurity #security #privacy
theregister.com/2024/09/19/tor…
Tor insists its network is safe after German cops convict CSAM dark-web admin
Outdated software blamed for cracks in the armorIain Thomson (The Register)
Is your company using a quantum-safe email provider in 2024?
Not yet? Upgrade now! 🔐
Here’s how Tuta Mail can help your business 👉 tuta.com/blog/how-companies-be…
🇬🇧Leak on latest #ChatControl attempt (in German): netzpolitik.org/2024/interne-d… +++ Only AUT, DEU, EST, LUX, POL, SVN were critical – no blocking minority! +++ BEL, CZE, FIN, ITA, NLD, PRT, SWE undecided +++ EU legal experts confirm violation of our fundamental rights +++ Only 5 days to next discussion +++
Help pressure our governments into defending our #privacy of correspondence and secure #encryption now: patrick-breyer.de/en/take-acti…
#LinkedIn is not familiar with the concept of "#privacy by default"
Suggest everyone check their settings. lnkd.in/efq-wHms
Quantum computing has the potential to break modern #encryption. How real is this threat and how soon will it be viable? @Tutanota's Brandon Sundh explains how this fascinating tech works and what companies like his are doing now to protect your #privacy.
Does #Google own the web? 👀
Biggest US antitrust lawsuit ever must break the tech giant’s monopoly.👇👇👇
tuta.com/blog/google-antitrust…
What alternative Google products do you recommend to your loved ones? Let us know in the comments!
#privacymatters #privacy #monopoly
"Billionaire Larry Ellison says a vast AI-fueled surveillance system can ensure citizens will be on their best behavior"
"Ellison said AI would be used in the future to constantly watch and analyze vast surveillance systems, like security cameras, police body cameras, doorbell cameras, and vehicle dashboard cameras."
We're excited to be on @FirewallDragons
podcast on #Monday
This will definitely give you some #MondayMotivation 👇👇👇
podcast.firewallsdontstopdrago…
#Privacy #securitymatters #Tuta #Firewallsdontstopdragons #podcast
puri.sm/posts/pureos-crimson-d…
#PureOS #Privacy
Nur sinnvoll, wenn sie überall Autos aufstellen, alle von Ford und neu wären, und die nicht nur mithören, was drinnen gesprochen wird.
D., der übertreibt, aber Ford auch.
Gespräche im Auto als Datenbasis:
Patentanmeldung: Ford plant personalisierte Werbung in seinen Autos
heise.de/news/Patentanmeldung-…
#Discord I'm out.
I tried to friend someone in a group I've been active in for months alongside using Discord for several years for various software support (#Svelte, #Rust, #Tauri, #Servo and others).
I've never run a native app or given up my phone number to Discord, Twitter, Facebook etc. but Discord want it to verify my account. As each of the others tried to do before I left them.
It's nonsense. They don't need that to know I'm legit.
It's all abuse of #privacy so I'm out.
#DarkPatterns
The attached picture can be improved, a bit outdated.
For chat, Matrix and XMPP clients (e.g Element and Monal) can be used.
Libre Translate can replace Google Translate.
2FAS Auth is a nice project for OTP codes.
Strongbox is nice to store passwords.
PeerTube is a real YouTube alternative instead of YouTube facades.
And Yandex is an efficient search engine.
#privacy #web #degooglisonsinternet #degooglify #Android #iOS #opensource
So... #Signal and #Wire, which both have issues, but not #Matrix / #XMPP? And for video, 2 #YouTube front ends and a proprietary YouTube clone, but no direct mention of #Peertube? And for Translation, the proprietary #Deepl, but no mention of the local and #Privacy respecting #Firefox #translate
I appreciate the intent of this post, but the research is... outdated at best.
I somehow just learned about the IETF's "Privacy Pass" working group, along with Google and Apple's respective implementations ("Private State Tokens", "Private Access Tokens"), and I'm so damn tired of DRM being the answer to everything.
Mozilla wrote a blog post in December of 2023 about why they decided not to implement it:
blog.mozilla.org/en/privacy-se…
...and the IETF has a page to track the working group's drafts:
datatracker.ietf.org/wg/privac…
#IETF #DRM #cryptography #privacy
If you could magically make
everyone everywhere instantly understand and integrate one concept related to data privacy,
which one would it be? 
👀
#Privacy #DigitalRights 🔒
ODF wholesome encryption is the default password (symmetric) encryption mode in LibreOffice 24.8.
Supports AES-256-GCM and Argon2id.
LibreOffice 24.2/24.8 is required to open the encrypted files.
Disable: Tools > Options > Load/Save > General > ODF Format Version > 1.3 (drop down menu) > Apply > OK
AES: en.wikipedia.org/wiki/Advanced…
GCM: en.wikipedia.org/wiki/Galois/C…
Argon2: en.wikipedia.org/wiki/Argon2
Website: libreoffice.org
Mastodon: @libreoffice
#LibreOffice #Encryption #InfoSec #Privacy #E2EE
Privacy-focused Tuta Mail Opens Second Office in Munich:
See how Tuta stacks up with other email providers in keeping your information private:
📢 ❤️ Good news alert: We are proud to announce that Tuta has officially opened it's second office in Munich! 🇩🇪 🥳
Read more about our new office here:
tuta.com/blog/tuta-in-munich
Tu je niekoľko populárnych hashtagov týkajúcich sa rôznych tém v oblasti kybernetickej bezpečnosti:
- #CyberSecurity - General cybersecurity topics
- #InfoSec - Information security
- #PenTesting - Penetration testing
- #OSINT - Open-source intelligence
- #ThreatHunting - Identifying and responding to threats
- #MalwareAnalysis - Analyzing and understanding malware
- #IncidentResponse - Responding to cyber incidents
- #ZeroDay - Zero-day vulnerabilities and exploits
- #CyberThreats - Cyber threat intelligence
- #EthicalHacking - Hacking for ethical purposes
- #RedTeam - Offensive security testing
- #BlueTeam - Defensive security operations
- #CloudSecurity - Securing cloud environments
- #IoTSecurity - Security for Internet of Things devices
- #DataProtection - Protecting sensitive data
- #SOC - Security Operations Center practices
- #Phishing - Phishing attacks and prevention
- #Ransomware - Ransomware threats and defenses
- #CryptoSecurity - Cryptography and encryption
- #AppSec - Application security
- #BugBounty - Programs for finding and reporting security bugs
- #DigitalForensics - Investigating cyber crimes
- #Privacy - Protecting personal and organizational privacy
- #CISO - Chief Information Security Officer topics
- #GDPR - General Data Protection Regulation compliance
Môžete ich používať na platformách sociálnych médií, aby ste objavili obsah, zapojili sa do diskusií a zostali informovaní o najnovších poznatkoch v oblasti kybernetickej bezpečnosti.
🛡️ Under Meredith Whittaker, Signal Is Out to Prove Surveillance Capitalism Wrong
— WIRED
「 Signal is, in many ways, the exact opposite of the Silicon Valley model. It’s a nonprofit that has never taken investment, makes its product available for free, has no advertisements, and collects virtually no information on its users—while competing with tech giants and winning 」
As the #AI hype train continues, the threat it poses to #privacy continues to grow. 🤖
Fortunately, @noybeu is fighting back! 💪 💪 💪
👉 tuta.com/blog/noyb-privacy-win…
What are your biggest concerns about how AI will impact your privacy? Let us know in the comments!
🔍 A search engine is only as good as its search index. Even alternative search engines might be using indexes built by Big Tech. 👉 tuta.com/blog/what-is-search-i…
What is your favorite search engine? 🤔 Let us know in the comments!
The arrest of #Telegram's founder Pavel #Durov sets a dangerous precedent for what kind of action can be taken against supporters of #privacy & #cryptography.
Don't settle for anything less than E2E #encryption! We've created a list of the top encrypted messaging apps to help!
👉 tuta.com/blog/best-whatsapp-al…
Best WhatsApp Alternatives For 2024 | Time To Go Private! | Tuta
There are lots of messaging apps similar to WhatsApp. Here's a review of the best secure alternatives: Signal, Threema, Telegram, Element, Wire, SimpleX, Session, and more.Tuta
Hey Privacy Fans!
At a recent team event in #Hannover we got into a rather heated discussion and need your help finding the answer...
Does pineapple belong on pizza or not? 🍕🍍
Let us know what you think in the comments so we can settle this debate.
#privacy #encryption #pizza #debate
- Absolutely! (49%, 173 votes)
- Heck no! (50%, 178 votes)