Search

Items tagged with: e2ee

#privacy #encryption #chat #chatcontrol #e2ee #communications #family

Politicians:
Terrified about citizens that might be sending private messages they cannot read on Signal -> Sudden panic about "protecting the children" 🙃

Also politicians:
Grok AI Chatbot collects data and asks for nudes from a 12-year old -> AI is innovation! We should invest billions in taxpayers money in it! 💰💰💰

:blobcat_thisisfine:

cbc.ca/news/investigates/tesla…

#NoAI #NoGrok #E2EE #ChatControl #ProtectTheChildrenForReal

#chatcontrol #e2ee #noAI #nogrok #protectthechildrenforreal

I used the LINE messenger for the very first time the other day. Downloaded from the official source, my goal was simple: a single, private chat with one person, which LINE claims is protected by End-to-End Encryption (E2EE).

Our "conversation" was minimal – mostly just test messages. One single contact.

A few days later, I log in to find my account has been temporarily (for how long? =)) blocked.

This raises a cognitive dissonance for me:

Promise vs. Reality: We're told E2EE means no one, not even the company, can read our chats. If that's true, on what basis was I blocked? I have to assume it's related to something in the chat, because I literally did nothing else in the app. But if it is E2EE, how could they know? Does this mean E2EE is just a marketing buzzword and monitoring is happening anyway? I'd genuinely like to know what the real factors are.

Absolute Opacity: This is the real issue. I received zero explanation. No email, no warning, not even a vague hint at which policy I "violated." And look, I'll be the first to admit I didn't read the 100-page Terms of Service – who does? But that's not the point. Even if I did technically violate some obscure rule, the core problem is the total lack of transparency. I was left with no idea, not even a guess, as to what happened. This opaque, black-box process is the real problem.

This situation is deeply concerning. What if I lived in a country like Japan, where LINE is the default, essential messenger? I'd just be cut off from my digital life without cause or appeal. And if this happens on LINE, what stops WhatsApp from doing the same? (And let's not even talk about Telegram, which is 100% cringe and a lost cause for privacy anyway).

My takeaway: To be honest, I went into this as an experiment, and this incident 100% confirmed my expectations.

This isn't just a LINE problem. We see it constantly from Big Tech like Meta and Google. They ban users, often with no explanation, because they have the full legal right to do so. We all agreed to this when we blindly clicked "accept" on their Terms of Service.

This is exactly why my advice is this: you must factor in this risk with all commercial messengers. When you use any private, centralized platform, you have to accept the fact that you can be denied service at any time, for any reason, and they don't even have to tell you why. That is the price of admission we all paid.

The promise of a "private chat" apparently doesn't include the guarantee of access to the platform itself.

#privacy #E2EE #LINE #messengers #transparency #BigTech #Meta #Google #ban #DigitalRights #PlatformRisk #ToS #experiment #FuckTelegram

#google #privacy #meta #bigtech #digitalrights #experiment #transparency #e2ee #tos #ban #messengers #line #platformrisk #fucktelegram

🔐 Tuta Mail introduces key verification to strengthen end-to-end encryption and defend against MITM attacks 👥
Users can now verify contacts’ public keys via QR code or manual comparison.
If skipped, Tuta defaults to TOFU (Trust On First Use) for seamless encryption 🧩

@Tutanota
🔗 tuta.com/blog/key-verification

#Encryption #CyberSecurity #Privacy #Tuta #Tutanota #TutaMail #EmailSecurity #OpenSource #FOSS #E2EE #PGP #Email #Mail #TechNews #DataProtection #Crypto #DigitalRights #OnlinePrivacy


Tuta introduces key verification | Tuta

Key verification makes your encrypted mailbox even more secure, enabling you to prevent monster-in-the-middle attacks.
Tuta
#foss #email #opensource #privacy #encryption #crypto #cybersecurity #DataProtection #pgp #digitalrights #mail #tutanota #technews #e2ee #onlineprivacy #tuta #emailsecurity #tutamail @Tuta

#FreeSoftware #android #rcs #messaging #e2ee

The main selling features I'm looking for are #E2EE interoperability with such competitors as @protonprivacy and @mailbox_org, and a shared non-proprietary API to locally bridge Tuta and competitors with common desktop mail, contacts, and calendar apps.

No one should need to maintain multiple subscriptions or break end-to-end encryption to carry on a three-party email exchange with subscribers to one of the three services each, nor to invite the other two to an event in the calendar. Anyone should be able to view their work email and their private email in the same UI. And many customers will want to bulk drag and drop or cut and paste mail and events from their old Google or Microsoft accounts into their new Tuta, Protoon, or Mailbox accounts.

Make E2EE mail and calendars federated (i.e., protocol-compatible across competing services) and compatible with desktop clients (via a single cross-compatible locally client-hosted bridging server), and you'll remove one the main barriers to customer adoption.

A non-profit trade association (like the W3C, but for E2EE mail, contacts, and calendars) would be the best place for the copyright etc. in the bridging software, and the best employer for the lead maintainers of it. Eliminate the trade-off between vendor lock-in and privacy.

Other features are nice, but till no one needs multiple concurrent competing subscriptions, or multiple mail, contact, or calendar apps, other features are practically irrelevant. What uses is an overview of my personal calendar when I can only see my own schedule there, without the context of my work and university calendars in the same view?

#e2ee @mailbox @Proton

#opensource #privacy #e2ee #officesuite @Tuta @Bearstech

I said it before on Mastodon. I'm reposting this again. Comparing #DeltaChat and #Matrix together, if you want hassle free and consistent messenger for private #E2EE chats, don't go for Matrix. DeltaChat is way better.

However, if you want something like a public forum, or a public chatroom, don't go for DeltaChat. Matrix is way better suited for that. And DeltaChat does not support public groups at all. In DeltaChat groups, there is no admin or moderator and everyone have got permission to remove or add the others.

I think I have to write a longer post on my personal blog about these two, comparing them together.

PS: Another Matrix encryption bug few minutes ago triggered repost of this.

#Element #IM #Messenger #Email #FOSS #opensource #freesoftware #free_software #decentralization #decentralized

#FreeSoftware #foss #matrix #email #element #opensource #messenger #decentralized #decentralization #deltachat #im #e2ee #free_software

"Google refuses to deny it received encryption order from UK government"

The UK’s encryption-breaking order for a backdoor into iCloud isn’t a one-off.

The secret hearing happening RIGHT NOW is bigger than just Apple. If the government wins, our right to privacy and security falls.

Other services will be hit.

therecord.media/google-refuses…

Sign our petition ➡️ you.38degrees.org.uk/petitions…

#e2ee #encryption #apple #google #privacy #security #cybersecurity #ukpol #ukpolitics #tech


Google refuses to deny it received encryption order from UK government

U.S. lawmakers say Google has refused to deny that it received a Technical Capability Notice from the U.K. — a mechanism to access encrypted messages that Apple reportedly received.
therecord.media
#apple #google #privacy #encryption #security #tech #cybersecurity #ukpol #e2ee #ukpolitics

📣 Break the silence: Save encryption!

The UK government wants to be able to access anything, anywhere, any time — from your pics to your docs.

It begins with Apple. Other services will be next. That's why we must take a stand NOW!

Sign and share our petition ⬇️

you.38degrees.org.uk/petitions…

#encryption #e2ee #Apple #privacy #security #cybersecurity #ukpolitics #ukpol #icloud #tech


Keep our Apple data encrypted

It is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud. Encryption keeps our private information safe and secure.
38 Degrees
#apple #privacy #encryption #security #tech #cybersecurity #ukpol #icloud #e2ee #ukpolitics

The message is clear across the political divide: let's hear it!

The UK government should argue in open court why they want to make us less secure by ordering a backdoor into Apple encryption.

A secret Tribunal would be an affront to the privacy and security issues at stake. It must be held in public.

Read the joint letter from ORG, Big Brother Watch and Index on Censorship ⬇️

openrightsgroup.org/press-rele…

#Apple #encryption #e2ee #privacy #security #cybersecurity #ukpol #ukpolitics #tech


Make the Investigatory Powers Tribunal on Apple Encryption a Public Hearing

Rights groups call for Apple’s closed appeal against the Home Office’s encryption-breaching order to be opened to the public.
Open Rights Group
#apple #privacy #encryption #security #tech #cybersecurity #ukpol #e2ee #ukpolitics

Bipartisan US Congress Members want the secrecy around the UK's encryption-breaking order to be lifted.

"It is imperative that the UK's technical demands of Apple - and of any other US companies - be subjected to robust, public analysis and debate."

“Secret court hearings featuring intelligence agencies and a handful of individuals approved by them do not enable robust challenges on highly technical matters.”

wyden.senate.gov/news/press-re…

#encryption #e2ee #Apple #privacy #security #cybersecurity

Letter from US Members of Congress about the secret tribunal over the UK government's demand for a backdoor into Apple encryption.
Letter from US Members of Congress about the secret tribunal over the UK government's demand for a backdoor into Apple encryption.
Letter from US Members of Congress about the secret tribunal over the UK government's demand for a backdoor into Apple encryption.

Bipartisan Members of Congress to UK Spy Court: UK Gag Orders for Surveillance Backdoors Threaten Americans’ Security and Privacy, Impede Congressional Oversight | U.S. Senator Ron Wyden of Oregon

The Official U.S. Senate website of Senator Ron Wyden of Oregon
www.wyden.senate.gov
#apple #privacy #encryption #security #cybersecurity #e2ee

UK MPs have joined the chorus of voices wanting the Apple case to be held in public.

"If the Home Office wants to have effectively unfettered access to the private data of the (innocent) general public, they should explain their case in front of the public."

🗣️ David Davis MP.

"People deserve to know what's happening to their private personal information."

🗣️ Victoria Collins MP.

news.sky.com/story/apple-vs-ho…

#encryption #e2ee #Apple #privacy #security #cybersecurity #ukpolitics #ukpol


Apple vs Home Office encryption court battle must be held in public, say MPs

A row between the tech giant and the government over customer data will reportedly move to London's High Court this week – but the hearing will be held behind closed doors.
Tim Baker (Sky News)
#apple #privacy #encryption #security #cybersecurity #ukpol #e2ee #ukpolitics

📣 Make it public!

The call is getting louder for a public hearing of the appeal over the UK's order to break Apple encryption.

Alongside the joint letter from ORG, Big Brother Watch and Index on Censorship, UK MPs, US Congress Members and the BBC want the secrecy to end.

bbc.co.uk/news/articles/c4g0rr…

#encryption #e2ee #privacy #security #cybersecurity #ukpol #ukpolitics #Apple #tech


Pressure grows to hold secret Apple privacy hearing in public

Civil liberties campaigners have joined US politicians and the BBC in saying Friday's hearing should not be secret.
Tom Singleton (BBC News)
#apple #privacy #encryption #security #tech #cybersecurity #ukpol #e2ee #ukpolitics

#encryption #Sweden #e2ee

#email #e2ee #tuta @Tuta

#xmpp #android #conversations #UnifiedPush #decentralised #e2ee

#infosec #cybersecurity #itsec #e2ee @Tuta

We know of many #chatmail servers from Vladivostok to the US but the one from @adam_jurkiewicz might have the most intriguing design jurkiewicz.chat/ :)

With mobile Delta Chat apps, a chatmail web site allows users to click a link to create an instant chatmail profile without asking any personal data. No permission needed from Delta Chat developers to run a server, and we never learn e-mail or IP addresses from their users.

Decentralized interoperable onboarding with secure #E2EE :)

a screenshot of the chatmail server https://jurkiewicz.chat/ frontpage. There is a computed Javascript-generated "matrix flowing letters" animation using non-latin characters.

Delta Chat: Niezawodny komunikator z obsługą wielu profili i wielu urządzeń

Dwa proste kroki, aby rozpocząć korzystanie z ChatMail - anonimowe profile czatów z szybkimi, bezpiecznymi i interoperacyjnymi serwerami chatmail, z natychmiastowymi powiadomieniami push. Minimalne wymagania: Android 4.1 lub iOS 12, Windows 10, Linux
jurkiewicz.chat
#e2ee #chatmail @Adam Jurkiewicz

#matrix #element #chat #cybersecurity #e2ee

Thanks for the update! It's an interesting tradeoff to potentially let a third party decrypt the incoming traffic to get less to maintain yourselves, but of course much better to build your own solution and keep full control. Especially for a critical service.

It would be interesting to learn about first-party #DDoS mitigation techniques that could be used in other projects where #E2EE is essential. However, I suspect the implementation details used for Tuta can't be shared publicly.

#e2ee #ddos

→ U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack
nbcnews.com/tech/security/us-o…

“The hacking campaign, nicknamed SaltTyphoon by Microsoft, is one of the largest intelligence compromises in US history, and it has not yet been fully remediated.”

“Privacy advocates have long advocated using end-to-end encrypted E2EE apps.” *sigh*

👇

#Americans #encrypted #cyberattack #hacking #SaltTyphoon #US #Privacy #E2EE


U.S. officials urge Americans to use encrypted apps amid cyberattack

Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers.
Kevin Collier (NBC News)
#privacy #hacking #encrypted #us #e2ee #Cyberattack #americans #salttyphoon

in the next #ArcaneChat release: new option to control behavior of notifications of reactions and replies to your messages as well as the new mini-apps notifications in muted chats

don't lose important replies or reactions to your messages while keeping all the uninteresting chat flood/noise away 😌

#DeltaChat #email #decentralization #e2ee #messenger #chat #im

#email #messenger #chat #decentralization #deltachat #im #e2ee #arcanechat

True, but #Thunderbird has gone to lengths to try and make sure that #e2ee either works completely, or not at all. I don't think they'd be on board with one-way encryption.
#thunderbird #e2ee

you could be recommending #DeltaChat that is an #e2ee #email client with an UI that looks like #WhatsApp, you could even provide it to your users as a chatting #decentralized solution using your email server, which fits with your business, but instead you prefer to recommend centralized phone-number based apps like #Signal 😭
#email #signal #whatsapp #decentralized #deltachat #e2ee

The Hungarian presidency in the Council of the EU has proposed another text for the #ChatControl file. It is to be discussed by the law enforcement working party in Council on Monday (23 September).
Experts widely criticise Chat Control e.g. for attacking #E2EE, IT-security and violating (European) fundamental rights.
The #GlobalEncryptionCoalition now warns that the Hungarian proposal fails to resolve the problems of the regulation and calls on governments to reject it:
globalencryption.org/2024/09/g…
#chatcontrol #e2ee #globalencryptioncoalition

ODF wholesome encryption is the default password (symmetric) encryption mode in LibreOffice 24.8.

Supports AES-256-GCM and Argon2id.

LibreOffice 24.2/24.8 is required to open the encrypted files.

Disable: Tools > Options > Load/Save > General > ODF Format Version > 1.3 (drop down menu) > Apply > OK

AES: en.wikipedia.org/wiki/Advanced…
GCM: en.wikipedia.org/wiki/Galois/C…
Argon2: en.wikipedia.org/wiki/Argon2

Website: libreoffice.org
Mastodon: @libreoffice

#LibreOffice #Encryption #InfoSec #Privacy #E2EE

LibreOffice logo.
#privacy #infosec #encryption #libreoffice #e2ee @LibreOffice

#xmpp #signal #omemo #e2ee

Der Messenger #Telegram ist für eine sichere Kommunikation nicht geeignet - standardmäßig sind die Nachrichten nicht einmal Ende-zu-Ende verschlüsselt. Besser geeignet sind #Signal oder #Threema. Übrigens: Elon Musk ist das Paradebeispiel eines Trolls. Einfach ignorieren. 😉

Wer eine Entscheidungshilfe für einen Messenger sucht: messenger-matrix.de/messenger-…

#sicherheit #security #schwachstelle #e2ee #vulnerabilty #musk #durow

Messenger-Matrix • Kuketz IT-Security Blog

Gegenüberstellung sicherheits- und datenschutzrelevanter Eigenschaften von Messengern
www.messenger-matrix.de
#signal #telegram #security #threema #musk #sicherheit #e2ee #schwachstelle #vulnerabilty #durow

Can anymany tell me how I'm "supposed" to use end-to-end encryption with XMPP?

As far as I can tell there are three totally different ways to do E2EE:

a)OTR : "[xmpp.org/extensions/xep-0364.h…](Not intended to be a current standard), or technical specification, as better (albeit, newer and less well tested) methods of end-to-end encryption exist for XMPP. "

b)OpenPGP: There are at least two different XEPs about it. XEP-0027 is obsolete, while XEP-0373 is "experimental" but hasn't been updated in almost three years.

c)OMEMO: "Experimental" and hasn't been updated in over two years.

Is there a way to do E2EE in XMPP which is neither deprecated nor experimental? What's the "Current stable" way to do it?

#XMPP #E2EE #EndToEndEncryption #OMEMO #OpenPGP #OTR

Current Jabber OpenPGP Usage

This document outlines the current usage of OpenPGP for messaging and presence.
Thomas Muldowney
#xmpp #openpgp #omemo #e2ee #endtoendencryption #otr

European Court of Human Rights (#ECHR) bans weakening of secure end-to-end #encryption - the end of EU‘s chat control #CSAR mass surveillance plans?

eureporter.co/world/human-righ…
#e2ee #europe #privacy #csar


European Court of Human Rights bans weakening of secure end-to-endencryption - the end of EU‘s chat control CSAR mass surveillance plans? - EU Reporter

The European Court of Human Rights yesterday banned a general weakeningof secure end-to-end encryption.
EU Reporter Correspondent (EU Reporter)
#privacy #encryption #europe #e2ee #CSAR #echr

Blazing fast Matrix, Native E2EE Group Calls, state of the art auth and potential WhatsApp interop.

Matthew covers the last year in Matrix and how it can be used to speed up the opening of communications silo required by the EU Digital Markets Act

youtu.be/s5BrVVf0B1I

#matrix #e2ee #voip #oidc #dma #whatsapp #silos


FOSDEM 2024 - Opening up communication silos with Matrix 2.0 and the EU Digital Markets Act

What role does Matrix play in opening up communications silo, as mandated by the EU Digital Markets Act? Matthew walks us through this, after a general updat...
YouTube
#matrix #whatsapp #dma #oidc #e2ee #voip #silos

#Jabber #chat #interoperability #decentralization #standards #realtime #rtc #e2ee #spaces

📫GREAT Reason To Both Use / Support @thunderbird #Thunderbird

New Microsoft #Outlook Collects / Shares Your Data w/Over 772 Parties

#email #communication #FOSS #Microsoft #Thunderbird #Mozilla #encryption #crypto #e2ee #infosec #Proton #surveillance #cybersecurity #privacy #News

proton.me/blog/outlook-is-micr…


Outlook is Microsoft’s new data collection service

The new Outlook now appears to be a data collection service for Microsoft’s 772 external partners for targeted advertising.
Edward Komenda (Proton)
#foss #email #privacy #infosec #mozilla #encryption #thunderbird #microsoft #News #crypto #communication #cybersecurity #surveillance #proton #outlook #e2ee @Thunderbird: Free Your Inbox

#conversations #foss #privacy #fdroid #e2ee #communications #tallship #cheogram

@protonmail The problem is more like "fiddling with the contents" or doing anything in transit.

Cuz I do #E2EE the way it's meant to be done aka. #SelfCustody of #Keys and not some #MITM'ing "Appliance"...

#e2ee #keys #mitm #selfcustody @Proton Mail

If you do 1 thing today, use @Tutanota and forward your #gmail and #hotmail to your new inbox. Take back your mailbox!

For your second thing, switch to an encrypted messenger like #Signal and get your friends and family on it. It's so easy.

#cybersecurity #cybersecurityawarenessmonth #E2EE #globalencryptionday #privacy

Share this with your friends and family and spread #privacy! yt.artemislena.eu/watch?v=MFlF… 🥰

Big Tech Wants to See You Naked. Protect Your Privacy Now!

Tutanota - no tracking, no ads. Get your encrypted mailbox now: https://tutanota.com/big-tech-alternative?t-src=you Today's web is broken. You are being tracked when you search the web, shop online; even when you read your emails.
Tutanota | Invidious
#privacy #signal #GMail #cybersecurity #hotmail #cybersecurityawarenessmonth #globalencryptionday #e2ee @Tuta

Today, two open letters from academics on the scientific arguments against the current #CSS (client side scanning) initiatives have been released:

* The first (in English, internationally coordinated) one is online at tinyurl.com/CSAScientistsLette… and still open for additional signatures.

* The second (in German, by #Austrian academics) one is online at ins.jku.at/chatcontrol/ and explicitly includes law experts in addition to the arguments from a security, privacy, and AI perspective.

This debate is expected to gain new steam with #Spain taking over the EU council presidency, given recently leaked statements like "Ideally, in our view, it would be desirable to legislatively prevent EU-based service providers from implementing end-to-end encryption" (wired.co.uk/article/europe-bre…).

Please boost on any channels you deem adequate. The discussion is still open, and we have little time to bring it to a more rational level.

#csam #law #eu #privacy #dataprotection #privacy #humanrights #messenger #chat #chatcontrol #signal #whatsapp #telegram #threema #e2ee


Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption

In response to an EU proposal to scan private messages for illegal material, the country's officials said it is “imperative that we have access to the data.”
Lily Hay Newman (WIRED UK)
#privacy #signal #whatsapp #telegram #messenger #law #EU #chat #HumanRights #css #threema #DataProtection #chatcontrol #csam #spain #e2ee #austrian

#privacy #encryption #chatcontrol #ClientSideScanning #e2ee @Mullvad VPN