Search
Items tagged with: Security
Sometimes finding perfect #search results can be a pain and Google buying dominance doesn't help. ๐
๐ https://tuta.com/blog/google-search-monopoly
Not all search engines offer the same performance, #security, and #privacy! ๐ค
Which search engine is your favorite? Let us know in the comments!
Google Pays 1150 Times More for Its Search Monopoly Than for Lobbying in the EU & US
Break the Google Search monopoly! Your data is worth billions, take back control!Tutanota
- DuckDuckGo (64%, 265 votes)
- Ecosia (7%, 30 votes)
- StartPage (21%, 90 votes)
- Qwant (6%, 27 votes)
Just a bit of a ramble on #android and #apple and #privacy and #security inspired by a recent post by @beardedtechguy.
It's a bit of a ranty post, but not trying to be mean
This is day 19 of #100DaysToOffload
https://joelchrono.xyz/blog/apple-android-security-and-features/
Apple vs Android on Security and Features
This post by Kyle triggered me a little bit, so I wrote a response with my opinion on the matterjoelchrono.xyz
Protecting your #privacy starts with threat modeling.
By accurately accessing your online #security threats & potential weaknesses, you can better protect your #digital life.
You are one of kind & so is your threat model. You can learn more here: https://tuta.com/blog/threat-modeling-for-you
Threat Modeling In 2024: Your Guide For Better Security
Threat model best practices to evaluate your personal cybersecurity and privacy threat landscape.Tutanota
#Nevada aims to stop minors from using end-to-end #encryption to protect their data. ๐ซ
Stand up for encryption & #privacy! โ
This isn't protecting the youth, it's #victimblaming at its finest.
We must stop NV Attorney General Aaron Ford from undermining basic #security practices!
๐ https://tuta.com/blog/nevada-blocks-encryption-for-minors
Nevada Courts Want To Prevent Teens From Using End-to-End Encryption
Stripping teens of their right to strong encryption will not leave them safer or better protected from harm.Tutanota
๐ Exciting News! ๐
We're consolidating our cryptographic libraries with Rust! ๐ฆ
With a unified crypto library, we simplify development, speed up deployment, and ensure consistent security measures across all clients.
This milestone marks a significant step in our journey.
Join us in celebrating this achievement, and looking forward to even more exciting developments ahead! ๐
https://element.io/blog/meet-element-r-our-new-unified-crypto-implementation/
#Element #Rust #Security #ElementX
Meet Element R: our new unified crypto implementation
Weโve created a common cryptographic library implementation in Rust - codenamed Element R - for all our Element clients.Archie W (Element Blog)
Threat Modeling In 2024: Your Guide For Better #Security
@Tutanota shares some tips on developing a threat model for your personal use case.
https://tuta.com/blog/threat-modeling-for-you
Threat Modeling In 2024: Your Guide For Better Security
Threat model best practices to evaluate your personal cybersecurity and privacy threat landscape.Tutanota
Performed by Trail of Bits. They found things to fix but nothing critical and no security flaws.
https://daniel.haxx.se/blog/2024/02/23/curl-http-3-security-audit/
#monocles chat 1.7.9 is released on the playstore with a lot of updates and improvements! (See comments below)
https://play.google.com/store/apps/details?id=eu.monocles.chat
#xmpp #chat #privacy #security #messenger
monocles chat - Apps on Google Play
monocles chat - The secure and ethical chat clientplay.google.com
RFC time! We're working on specifying how Accrescent's repository should look technically.
If you're an app developer who cares about app store features, an Accrescent user, or just interested in our development, leave your comments in the issue below ๐
https://github.com/accrescent/meta/issues/31
#android #appstore #security #privacy #accrescent
RFC: Repository metadata reorganization ยท Issue #31 ยท accrescent/meta
Problem Accrescent's repository metadata format and organization was not designed for cacheability, internationalization, or atomicity. As a result, Accrescent has limited scalability, target audie...GitHub
https://www.isc.org/blogs/2024-bind-security-release/
#dns #security
BIND 9 Security Release and Multi-Vendor Vulnerability Handling, CVE-2023-50387 and CVE-2023-50868
Yesterday we published BIND 9.16.48, 9.18.24, and 9.19.21. These releases mitigate several vulnerabilities that are described in our announcement.www.isc.org
- "The EU Court ruled that โBackdoors may also be exploited by criminal networks and would seriously compromise the security of all usersโ electronic communications.โ"
- โmass surveillance does not appear to have contributed to the prevention of terrorist attacks, contrary to earlier assertions made by senior intelligence officials.โ
๐ Wow
โก๏ธ European Court of Human Rights's ruling: }]https://hudoc.echr.coe.int/eng/#{%22itemid%22:[%22001-230854%22]}
#Privacy #Encryption #Security
HUDOC - European Court of Human Rights
The HUDOC database provides access to the case-law of the Court (Grand Chamber, Chamber and Committee judgments and decisions, communicated cases, advisory opinions and legal summaries from the Case-Law Information Note), the European Commission of Hโฆhudoc.echr.coe.int
Accrescent 0.17.1 released! This one fixes a bug where the download progress indicator was hidden and makes preparations for some upcoming server scaling improvements (follow for more info on that ๐).
Check out the release notes below!
https://github.com/accrescent/accrescent/releases/tag/0.17.1
#privacy #security #accrescent #appstore #android
Release 0.17.1 ยท accrescent/accrescent
This release fixes a UI bug where the download progress indicator was hidden and prepares for future server scaling improments by adding a backup pinned TLS certificate key. Bug fixes Fix download...GitHub
In addition to the measures that should be taken by various device manufacturers to secure and update their Internet-connected products, this incident suggests that we should follow the security recommendation according to which Internet of Things devices belong on a separate wireless network from your workstations or other systems containing valuable data.
https://www.tomshardware.com/networking/three-million-malware-infected-smart-toothbrushes-used-in-swiss-ddos-attacks-botnet-causes-millions-of-euros-in-damages
#security #InternetOfThings
Three million malware-infected smart toothbrushes used in Swiss DDoS attacks โ botnet causes millions of euros in damages
Dental IoT devices caused millions of Euros in damages for Swiss company, says report.Mark Tyson (Tom's Hardware)
I gave a talk at #fosdem #fosdem2024.
Video and slides are now available:
https://fosdem.org/2024/schedule/event/fosdem-2024-2849--security-thunderbird-email-security-plans-and-challenges-/
#thunderbird #security #openpgp #librepgp #smime
I'm interested in your feedback on these thoughts. Either here, or, if your feedback is longer, for a discussion it might be best to post to
https://thunderbird.topicbox.com/groups/e2ee
Thanks a lot to the organizers of @fosdem and the modern email developer room.
https://github.com/modern-email/FOSDEM-24?tab=readme-ov-file#contact
GitHub - modern-email/FOSDEM-24
Contribute to modern-email/FOSDEM-24 development by creating an account on GitHub.GitHub
"Mastodon: Diebstahl beliebiger Identitรคten im fรถderierten Kurznachrichtendienst" ๐ฌ
Die Versionen 3.5.17, 4.0.13, 4.1.13 und 4.2.5 beheben die Sicherheitslรผcke. ๐
#mastodon #security #vulnerability #schwachstelle #sicherheit
Mastodon: Diebstahl beliebiger Identitรคten im fรถderierten Kurznachrichtendienst
In einem knappen Sicherheitshinweis lassen die Entwickler eine Bombe platzen: Angreifer kรถnnen jeden beliebigen Account รผbernehmen und fรคlschen.Dr. Christopher Kunz (heise online)
Getting security online right seems like a daunting task. But one thing is certain: Password managers help! ๐ช
๐ฅHere are our top three: https://tuta.com/blog/best-password-manager ๐ฅ
What are your favorite #PasswordManagersโ
#privacy #security #opsec #passwords #passwordfatigue #databreach #breachdata #infosec
Why Password Managers Are Important
Password managers are easy tools to increase your privacy and security online. Start using them now!Tutanota
- KeePassXC (49%, 218 votes)
- Bitwarden (46%, 201 votes)
- Pass (4%, 18 votes)
S/MIME E-Mail Verschlรผsselung mit Thunderbird einrichten? Wie das geht, erklรคre ich in diesem Video:
https://www.youtube.com/watch?v=exPq87oSJL0
https://www.spacefun.ch/linux-videos#extra2
#Linux #Thunderbird #SMIME #Video #YouTube #Tutorial #Security #Privacy
S/MIME E-Mail Verschlรผsselung einrichten
Mit S/MIME kannst du auf einfache Weise verschlรผsselte und sichere Mails schreiben. Ich zeige dir, wie du ein kostenloses Zertifikat beziehen und in deinem M...YouTube
Today, we call on all Interior, Justice & Economy ministers of EU countries, to choose the right side: #privacy or #surveillance.
Together with other privacy-first companies we call on our ministers to defend encryption & protect privacy. ๐
Read the full text here: https://tuta.com/blog/open-letter-encryption-eu
#chatcontrol #encryption #security #cybersecurity
Open Letter Calling On EU Member States To Defend Encryption
As the trilogue is about to start, EU Member States must decide what side they are on: privacy or surveillance.Tutanota
Accrescent 0.17.0 is out! Accrescent now caches repository metadata, reducing bandwidth use a smidge, paving the way for a revamped download system, and bringing offline support just a *little* bit closer.
Check out the release notes below! https://github.com/accrescent/accrescent/releases/tag/0.17.0
#accrescent #security #privacy #android #appstore
Release 0.17.0 ยท accrescent/accrescent
This release implements repository metadata caching, making Accrescent more usable without Internet and saving bandwidth! Improvements Add caching for repository metadata Updates Bump Compose co...GitHub
Switch easily between work and personal Bitwarden accounts on Desktop, Mobile apps, and now the Bitwarden browser extension! Learn more in this blog: https://bitwarden.com/blog/account-switching-phased-rollout-for-bitwarden-clients/
#cybersecurity #security #passwordsecurity #passwordmanager #passwordmanagement
Switch between Bitwarden accounts quickly and easily | Bitwarden Blog
Quickly switch between multiple Bitwarden accounts in the browser extension, desktop and mobile apps.Bitwarden
Falsehoods programmers believe aboutโฆ Biometrics
(For the new reader, there is a famous essay called Falsehoods Programmers Believe About Names. It has since spawned a long list of Falsehoods Programmers Believe About....)
Everyone has fingerprints!
The BBC has a grim tale of a family with a genetic mutation which means they have no fingerprints. It det
https://shkspr.mobi/blog/2021/01/falsehoods-programmers-believe-about-biometrics/
#/etc/ #design #falsehoods #policy #security
Today at https://apt.izzysoft.de/fdroid not just some #AndroidAppRain with 11 updated apps, but also some "evaporation": 12 apps have been removed as they used expired debug keys, more will follow them the next days. Some background on this can be found at https://gitlab.com/IzzyOnDroid/repo/-/issues/477
For some more background: I'm currently implementing additional checks for better app security, see https://gitlab.com/IzzyOnDroid/repo/-/issues/475 โ once done and working, details will follow with a blog article.
IzzyOnDroid F-Droid Repository
This is a repository of apps to be used with F-Droid. Applications in this repository are official binaries built by the original application developers, taken from their resp. repositories (mostly Github, GitLab, Codeberg).IzzyOnDroid App Repo
cURL-Maintainer: KI liefert "Scheiร-Berichte" als Bug-Reports
Mit sehr deutlichen Worten hat sich cURL-Maintainer Daniel Stenberg zu KI geรคuรert: Sie werde bei der Bug-Bounty missbraucht und liefere falsche Ergebnisse.
Guten Morgen. Wer sie noch nicht kennt, sollte unbedingt einen Blick in die Empfehlungsecke werfen. Diese enthรคlt meine aktuellen Empfehlungen zu verschiedenen Themen wie Messenger, Werbeblocker, werbefreies YouTube, Passwort-Manager, Suchmaschinen und Co. ๐
https://www.kuketz-blog.de/empfehlungsecke/
#empfehlung #tracking #security #datenschutz #adblocker #android #youtube #messenger #linux #firefox #dns #unifiedpush #email #frankgehtran #thunderbird #passwortmanager #videokonferenz #vpn #suchmaschine
Empfehlungsecke
Die Empfehlungsecke beinhaltet aktuelle Empfehlungen zu Messengern, Browser-Add-ons und weiteren Themen โข IT-Sicherheit aus KarlsruheKuketz IT-Security Blog
In 2024, please switch to Firefox https://roytanck.com/2023/12/23/in-2024-please-switch-to-firefox/ #privacy #security #opensource #unix #linux #macos
https://www.feistyduck.com/newsletter/issue_108_ssh_protocol_vulnerable_to_mitm_attack
#security #ssh
https://docs-develop.pleroma.social/backend/configuration/mrf/
#pleroma #fediverse #security
https://www.cisa.gov/news-events/news/urgent-need-memory-safety-software-products#:~:text=CISA's%20secure%20by%20design%20white,will%20incorporate%20all%20three%20principles.
#security #programming
The Urgent Need for Memory Safety in Software Products | CISA
Cybersecurity Technical Advisor Bob Lord stresses the importance of memory safety in making software safer by design.Cybersecurity and Infrastructure Security Agency CISA
https://www.lawfaremedia.org/article/the-lawfare-podcast-three-cisa-senior-advisers-on-secure-by-design
#security #SecurityPolicy #law
The Lawfare Podcast: Three CISA Senior Advisers on Secure by Design
What is Security by Design?Default
#Threema hat heute einen Blogpost verรถffentlicht, der sich mit der Problematik der Google/Apple Push-Dienste auseinandersetzt. Vorbildlich! Von Signal fehlt mir so eine Stellungnahme noch @Mer__edith
https://threema.ch/de/blog/posts/push-benachrichtigungen-und-datenschutz
#messenger #threema #signal #security #sicherheit #datenschutz #privacy
Push-Benachrichtigungen und Datenschutz
Seit einigen Tagen werden Push-Benachrichtigungen und deren Implikationen fรผr den Datenschutz heiss diskutiert. Auslรถser war der Brief eines US-Senators ans Justizministerium (DOJ), worin gefordert wird, dass Betreiber von Push-Diensten โ insb.threema.ch
Say hello to privacy! ๐
Tuta comes with zero trackers.
Thanks @exodus for providing this great test! ๐ ๐
#Privacy #NoTrackers #Security
๐ฅ Grab YourName@tuta.com with our new domain! ๐ฅ
Pick you favorite! โ Go Revolutionary now: https://tuta.com/create-email-address?t-src=m
#privacy #privateemail #encryption #emailaddress #security
Tuta Mail: Create a secure, private & encrypted email account for free
Tuta is the secure email service, built in Germany. Use encrypted emails on all devices with our open source email client, mobile apps & desktop clients.Tutanota
same reason for #Linux I guess and same reason why I do all the #OS1337 code in #bash with only .config makefiles where needed:
Readable and thus easy to #audit code allows for #transparency, which is vital for #maintainability and #security...
After all, mistakes do happen and I'd rather have it easy find and fix than optimize every bit at the cost of unmaintainable code.
Big Brother is watching you - now also via Google's & Apple's push. ๐คฌ
That's why we don't use Google Push. When using Tuta, Google sees nothing! ๐ช
โ
Zero tracking
โ
Fully encrypted
โ
Maximum privacy
The data they don't get, they can't hand out to authorities! Go secure now: https://tuta.com/create-email-account?t-src=m
Here's more info on why we don't use Google Push and do not send any info via Apple notifications: https://tuta.com/blog/open-source-email-fdroid
#security #privacy #google #apple #notifications #surveillance #tracking
Apple & Google Monitor All Your Push Notifications. But Tuta Protects You From This Since 2017.
We're here to stop surveillance by corporations like Google and Apple. That's why we replaced Googleโs FCM with our own notification system and keep Apple Notification Data at a minimum. Read on to learn why this is important.Tutanota
LibreOffice supports symmetric and asymmetric encryption for OpenDocument Format (ODF) files.
Symmetric encryption: https://en.wikipedia.org/wiki/Symmetric-key_algorithm
Asymmetric encryption: https://en.wikipedia.org/wiki/Public-key_cryptography
Select File > Save/Save As
The "Save with password" option encrypts the file with AES-256.
The "Encrypt with GPG key" option encrypts the file with a public key.
Website: https://www.libreoffice.org
Mastodon: @libreoffice
#LibreOffice #Encryption #OpenSource #OpenPGP #PGP #GnuPG #GPG #InfoSec #Privacy #Security
Home | LibreOffice - Free Office Suite - Based on OpenOffice - Compatible with Microsoft
Free office suite โ the evolution of OpenOffice. Compatible with Microsoft .doc, .docx, .xls, .xlsx, .ppt, .pptx. Updated regularly, community powered.www.libreoffice.org
Accrescent 0.16.0 is released! Apps can now include short descriptions, MTE is enabled by default for extra security, and update notifications aren't quite as pesky anymore. See the changelog below ๐
https://github.com/accrescent/accrescent/releases/tag/0.16.0
Developers can learn how to add short descriptions to their own apps in our freshly updated documentation. Check it out! https://accrescent.app/docs/guide/maintenance/edits.html
#security #privacy #appstore #android #Accrescent
Release 0.16.0 ยท accrescent/accrescent
Improvements Add support for short descriptions Enable MTE Make "update finished" notification channel non-noisy Updates Bump AGP to 8.2.0 Bump bundletool Gradle plugin to 0.2.3 Bump Compose com...GitHub
My colleague discovered this really solid collection of cheat sheets on application security topics:
https://cheatsheetseries.owasp.org/
Introduction - OWASP Cheat Sheet Series
Website with the collection of all the cheat sheets of the project.cheatsheetseries.owasp.org