Tuta turned ten this week! 🥳🎉

Time to celebrate - and to take a look at how the team grew from 4 to 30 people! 😍
​
Read more on our exciting journey of bringing #privacy to the world: tuta.com/blog/road-to-success

🚨 ⚠️ Emergency PSA: A critical security exploit was discovered in the xz package recently, used for compression and decompression on nearly all Linux distributions.

Rawhide users ARE impacted and should immediately STOP using Rawhide until the package update is fully rolled back. (1/3)

Security Advisory: redhat.com/en/blog/urgent-secu…

#Fedora #Linux #OpenSource #Security #Privacy

Urgent security alert for Fedora Linux 40 and Fedora Rawhide users

Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access.

^{, (Red Hat)}

📢 Today at 14 CET we will be holding our very first Reddit #AMA! 📢

Join in to ask us any questions you might have related to Tuta, #encryption, #surveillance, #privacy, our favorite ice cream flavors, and more!

👉 reddit.com/r/IAmA/comments/1bo…

We hope to see you there!

Hier kunnen we in Nederland alleen maar van dromen....

👏 Deutschland!!

#german #privacy

⚡ BREAKING: Huge win for #Privacy ⚡

German government publishes law to guarantee 'right to encryption' 🔒 💪

We at Tuta Mail applaud the #German government for this move in the right direction. 👏 👏 👏

Here's our comment: tuta.com/blog/german-governmen…

German government publishes law to guarantee 'right to encryption'

The Federal Ministry for Digital and Transport Affairs (BMDV) has drawn up a draft bill that will make end-to-end encryption mandatory for messengers and cloud services in the future.

^Tutanota

#imessage joined the post quantum encryption game

Will #matrix also do the same? @element @matrix

#element #privacy

odysee.com/apple-updates-imess…

Apple Updates iMessage with Post Quantum Encryption

In this video I discuss how Apple added post quantum encryption to their message app. iMessage is still proprietary, and still only works on Apples proprietary hardware, so while iMessage with PQ3 is...

^Odysee

As we near 10 years of Tuta, our team continues to #grow! 🌱

Help us welcome Lena, Franz, Reed, Rick and Yohei to the Tuta Team 🥳 🎉

Meet the team of #privacy activists fighting to make the #internet a better place! 👉 tuta.com/blog/team-2024-03

Accrescent 0.18.0 released! This is a minor one with removed privileged installer support and maintenance updates. Changelog below.

github.com/accrescent/accresce…

#accrescent #privacy #security #android #appstore

Release 0.18.0 · accrescent/accrescent

This release removes privileged installer support, as it is not currently necessary for any functionality. Removals Remove privileged installer support Updates Bump AGP to 8.3.1 Bump Coli to 2.6...

^GitHub

Privacy can be powerful. The Librem 14 is the first ultra-portable laptop for the security-conscious- designed chip-by-chip, line-by-line, to respect your rights to privacy, security, and freedom.

Order yours now! https://puri.sm/products/librem-14/… #security #privacy #laptops

It's possible to build an app with zero tracking. 😎😎😎

But not every app developer does that.

Check out all the apps that track you and how you can stop this: ➡️ tuta.com/blog/app-tracking/

#Tuta #Gmail #Privacy

monocles chat 1.7.9.3 just arrived on the Playstore with awesome updates and on a great new level:

play.google.com/store/apps/det…

* Improve restore Backup
* No swiping anymore for commands and webxdc viewpager fixes several webxdc problems
* Initial stickers picker
* Bigger stickers
* Fix flashing emoji picker
* Fix commands view
And many more

Try it out with a WebXDC app of your choice:
webxdc.org/apps/

#monocleschat #monocles #chat #messenger #privacy #xmpp #webxdc

monocles chat - Apps on Google Play

monocles chat - The secure and ethical chat client

^{play.google.com}

Sometimes finding perfect #search results can be a pain and Google buying dominance doesn't help. 🔎
👉 tuta.com/blog/google-search-mo…

Not all search engines offer the same performance, #security, and #privacy! 🤔

Which search engine is your favorite? Let us know in the comments!

Google Pays 1150 Times More for Its Search Monopoly Than for Lobbying in the EU & US

Break the Google Search monopoly! Your data is worth billions, take back control!

^Tutanota

• DuckDuckGo (64%, 265 votes)
• Ecosia (7%, 30 votes)
• StartPage (21%, 90 votes)
• Qwant (6%, 27 votes)

Just a bit of a ramble on #android and #apple and #privacy and #security inspired by a recent post by @beardedtechguy.

It's a bit of a ranty post, but not trying to be mean

This is day 19 of #100DaysToOffload

joelchrono.xyz/blog/apple-andr…

Apple vs Android on Security and Features

This post by Kyle triggered me a little bit, so I wrote a response with my opinion on the matter

^{joelchrono.xyz}

Polish National Data Protection Authority, @UODO, has joined fedi:
mastodon.com.pl/@UODO/11202104…

In the announcement on their website, the head of the DPA, Mirosław Wróblewski, explicitly mentions decentralization as the reason to join:
uodo.gov.pl/pl/138/3010

#Privacy #DPA

Protecting your #privacy starts with threat modeling.

By accurately accessing your online #security threats & potential weaknesses, you can better protect your #digital life.

You are one of kind & so is your threat model. You can learn more here: tuta.com/blog/threat-modeling-…

#Nevada aims to stop minors from using end-to-end #encryption to protect their data. 🚫

Stand up for encryption & #privacy! ✊

This isn't protecting the youth, it's #victimblaming at its finest.

We must stop NV Attorney General Aaron Ford from undermining basic #security practices!
👉 tuta.com/blog/nevada-blocks-en…

Threat Modeling In 2024: Your Guide For Better #Security

@Tutanota shares some tips on developing a threat model for your personal use case.

#privacy #privacymatters

tuta.com/blog/threat-modeling-…

Threat Modeling In 2024: Your Guide For Better Security

Threat model best practices to evaluate your personal cybersecurity and privacy threat landscape.

^Tutanota

We had a great talk with XMTP_Labs last week 🎙️
blog.xmtp.com/tuta/

We love seeing more companies embrace #privacy & join the fight against #bigtech & government #surveillance. ✊🔒

Here's to making the #web a better place #together! 🥂

"For years, the antivirus software company harvested information from users’ web browsers without their consent." #infosec #privacy

Its clients have included Home Depot, Google, Microsoft, Pepsi, and McKinsey.

theverge.com/2024/2/22/2408013…

Avast fined $16.5 million for ‘privacy’ software that actually sold users’ browsing data

Avast, the cybersecurity software company, is facing a $16.5 million fine from the FTC after its privacy extensions and antivirus software harvested and sold user data.

^{Emma Roth (The Verge)}

#monocles chat 1.7.9 is released on the playstore with a lot of updates and improvements! (See comments below)

play.google.com/store/apps/det…

#xmpp #chat #privacy #security #messenger

monocles chat - Apps on Google Play

monocles chat - The secure and ethical chat client

^{play.google.com}

RFC time! We're working on specifying how Accrescent's repository should look technically.

If you're an app developer who cares about app store features, an Accrescent user, or just interested in our development, leave your comments in the issue below 👇

github.com/accrescent/meta/iss…

#android #appstore #security #privacy #accrescent

RFC: Repository metadata reorganization · Issue #31 · accrescent/meta

Problem Accrescent's repository metadata format and organization was not designed for cacheability, internationalization, or atomicity. As a result, Accrescent has limited scalability, target audie...

^GitHub

- "The EU Court ruled that “Backdoors may also be exploited by criminal networks and would seriously compromise the security of all users’ electronic communications.”"
- “mass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials.”
💖 Wow

➡️ European Court of Human Rights's ruling: }]https://hudoc.echr.coe.int/eng/#{%22itemid%22:[%22001-230854%22]}

#Privacy #Encryption #Security

⚡ Chat Control May Finally Be Dead! ⚡

European court rules that encryption must not be broken. 🔒 💪

Let's celebrate this win for privacy. 🎉 😍

#ChatControl #Optimism #Privacy #Encryption

Read more here: 👇
tuta.com/blog/chat-control

Chat Control May Finally Be Dead: European Court Rules That Weakening Encryption Is Illegal!

In a legal blow, it looks like Chat Control may not roll out client-side scanning. A huge win for privacy advocates!

^Tutanota

Accrescent 0.17.1 released! This one fixes a bug where the download progress indicator was hidden and makes preparations for some upcoming server scaling improvements (follow for more info on that 😉).

Check out the release notes below!

github.com/accrescent/accresce…

#privacy #security #accrescent #appstore #android

Release 0.17.1 · accrescent/accrescent

This release fixes a UI bug where the download progress indicator was hidden and prepares for future server scaling improments by adding a backup pinned TLS certificate key. Bug fixes Fix download...

^GitHub

Zum Ausprobieren empfohlen: HeliBoard-Tastatur für Android. Installation und Einstellungen habe ich zusammengefasst. 👇

kuketz-blog.de/heliboard-andro…

#heliboard #android #tastatur #swipe #keyboard #datenschutz #privacy

HeliBoard: Android Tastatur Empfehlung

HeliBoard ist eine auf AOSP / OpenBoard basierende Open-Source-Tastatur, die sowohl datenschutzfreundlich als auch anpassbar ist.

^{Kuketz IT-Security Blog}

The next beta version of #Signal will be version 7.0.0.
There's a good reason for the round number. This will be the first version where usernames and phone number privacy are available outside of the staging environment.
From this version on, you'll be able to talk to people on Signal without revealing your phone number, and also, you may use Signal without revealing to people who have your number saved that you do.
This is huge.
github.com/signalapp/Signal-An…

#Privacy #FOSS #OpenSource #PNP

Comparing v6.47.4...v7.0.0 · signalapp/Signal-Android

A private messenger for Android. Contribute to signalapp/Signal-Android development by creating an account on GitHub.

^GitHub

We are bowled over by your support! We're up to 162 Individual Members, 114 of which are new, and we've doubled the number of organizational members 🥳

This is encouraging, though we still have a long way to go to fill the gap in our budget.

If you believe in open source, open standards, privacy, and decentralization: this is your call to action.

Help us secure the future of Matrix by joining today: matrix.org/support/

#Matrix #OpenSource #OpenStandards #Privacy #Decentralization #FOSS

Support Matrix

Matrix, the open protocol for secure decentralised communications

^matrix.org

European Court of Human Rights (#ECHR) bans weakening of secure end-to-end #encryption - the end of EU‘s chat control #CSAR mass surveillance plans?

eureporter.co/world/human-righ…
#e2ee #europe #privacy #csar

European Court of Human Rights bans weakening of secure end-to-endencryption - the end of EU‘s chat control CSAR mass surveillance plans? - EU Reporter

The European Court of Human Rights yesterday banned a general weakeningof secure end-to-end encryption.

^{EU Reporter Correspondent (EU Reporter)}

Looking for a new solution following the news of @skiff closing their doors? We're here to help.

With strong #encryption & great features, why not make Tuta your home for email, calendars, and contacts.

#Privacy is built on trust.
👉 tuta.com/blog/skiff-shutdown

Datenschützer finden hunderte nicht rechtskonforme Cookie-Banner
heise.de/news/Datenschuetzer-f…

Und werden - Überraschung! - auch in Apps fündig...

#privacy

Datenschützer finden hunderte nicht rechtskonforme Cookie-Banner

Bayerische Kontrolleure stießen bei einer maschinell durchgeführten Untersuchung auf über 350 Webseiten, deren Einwilligungsbanner nicht rechtskonform sind.

^{Stefan Krempl (heise online)}

The UK government's attempts to erode your online #privacy never cease. 🇬🇧🕵️

Luckily you've got Tuta in your corner! 🥊

We've teamed up with academics, #cybersecurity researchers, & other privacy oriented companies, like @element and @brave to fight back!

👉 cdt.org/insights/open-letter-f…

Looking for #resources for building your #privacy know-how? 🤔

Check out Redacted Magazine from IntelTechniques ! 🔒💪

In the latest issue we've written up an article explaining the importance of post-quantum #encryption.
👉 inteltechniques.com/issues/006…

This screenshot shows the app analytics data sent by two different #iOS apps: Duolingo and Tinder. What's the likelihood that both apps are installed on the same device? 💯? 🤯

Both apps use Unity Ads. The data in the screenshot is collected by the Unity Ads framework included in these two apps, and any app that uses Unity Ads. The data is sent to the same Unity server. As a result, Unity Ads can easily fingerprint users and track them across different apps.

#privacy #tracking #Apple #infosec