It’s #NewstodonFriday! It’s been another busy week for the many newsrooms who have an active presence in the #fediverse, and we’re highlighting their work in the thread below. If you like what you see, follow the profiles and boost their stories.
If you’re a journo or newsroom that we don’t know about or if there’s a newsroom you’d love to put on our radar, please let us know in the comments.
⤵️
@josephcox has written a book, “Dark Wire,” about an encrypted messaging service app called Anom, which is used by drug traffickers but was infiltrated by the FBI and Australian Federal Police (AFP). @404mediaco has published this extract about how a kidnapping was both planned and foiled on Anom.
In an indictment against Defend the Atlanta Forest activists in Georgia, state prosecutors cast suspicion on the defendants’ use of encrypted messengers and #Tor. Use #encryption and showcase that resisting bulk #surveillance is not suspicious but self-defense. Our Email Self-Defense guide can help you to send and receive encrypted emails: https://emailselfdefense.fsf.org/en/
In an indictment against Defend the Atlanta Forest activists in Georgia, state prosecutors cast suspicion on the defendants’ use of encrypted messengers and #Tor. Use #encryption and showcase that resisting bulk #surveillance is not suspicious but self-defense. Our Email Self-Defense guide can help you to send and receive encrypted emails: https://emailselfdefense.fsf.org/en/
#FBI#Surveillance#Privacy#Encryption: "As a privacy and encryption advocate, there were moments in this story that made me a little uncomfortable. There are places where the FBI is chafing at the constitutional limits on its surveillance powers where we can't help but sympathize with these "good guys" going after "bad guys." But this is the FBI, a lawless, unaccountable secret police who routinely bypass those limits by secretly buying data from sleazy data-brokers, or illegally sharing data with the NSA.
The conclusion really hammers home the point that the FBI's problem isn't constitutional niceties. Despite seizing hundreds of tons of illegal drugs and arresting thousands of high-ranking criminal syndicate bosses, Anom made no difference in the drug trade. Prohibition, after all, just makes criminals more wealthy and powerful. The Anom raids were, at worst, the cost of doing business – and at best, they were a global reset that cleared the board of established actors so that other criminals could seize their turf.
But even though Anom didn't triumph over crime, Dark Wire is a triumph. The book's out today, and there will shortly be a Netflix adaptation based on it, directed by Jason Bateman:"
❗Beware: Not a single line of this document can be considered a basis for any discussion. This is because the group is non-transparent, undemocratic, politically biased and works with the Going Dark myth, which assumes that law enforcement and security can only be achieved through more surveillance.
Nur falls mal wieder einer mit "Chatkontrolle ist doch nicht schlimm" oder "ich habe doch nichts zu verbergen" daher kommt - ob wir etwas zu verbergen haben, hängt ganz maßgeblich von den politischen und gesetzlichen Rahmenbedingungen ab, die sich auch bei uns hier derzeit ziemlich bedenklich entwickeln.
Today is the #idesofmarch, marking Julius Caesar's assassination and a turning point in Roman history. But, what does this have to do with #encryption, you ask?
Join the Global Encryption Coalition's Steering Committee in calling on Ministers in the Council of the EU to reject all scanning proposals inconsistent with the principle of end-to-end encryption, including client-side scanning and upload moderation, as it will create serious security and privacy risks with global implications:
#Canada#Cybersecurity#Encryption#Backdoors#5G#Privacy: "Bill C-26 empowers government officials to secretly order telecommunications companies to install backdoors inside encrypted elements in Canada’s networks. This could include requiring telcos to alter the 5G encryption standards that protect mobile communications to facilitate government surveillance.
The government’s decision to push the proposed law forward without amending it to remove this encryption-breaking capability has set off alarm bells that these new powers are a feature, not a bug.
There are already many insecurities in today’s networks, reaching down to the infrastructure layers of communication technology. The Signalling System No. 7, developed in 1975 to route phone calls, has become a major source of insecurity for cellphones. In 2017, the CBC demonstrated how hackers only needed a Canadian MP’s cell number to intercept his movements, text messages and phone calls. Little has changed since: A 2023 Citizen Lab report details pervasive vulnerabilities at the heart of the world’s mobile networks.
So it makes no sense that the Canadian government would itself seek the ability to create more holes, rather than patching them. Yet it is pushing for potential new powers that would infect next-generation cybersecurity tools with old diseases."
Isn't RSA the current secure solution for the corresponding encryption/security on the browser with JavaScript?
»Galois/Counter Mode and random nonces:
It turns out you can encrypt more than 2^32 messages with AES-GCM with a random nonce under certain conditions. It’s still not a good idea, but you can just about do it.«
"This undisclosed WhatsApp vulnerability lets governments see who you message."
And when it comes to metadata, unfortunately - that's by design.
"Metadata — information about the who, when, and where of conversations — has come to hold immense value to intelligence, military, and police agencies around the world."
End-to-end encrypted messages isn't all you should seek out from any app that claims to be private.
»Argon2 vs. bcrypt vs. scrypt: which hashing algorithm is right for you?«
As far as I know, Argon2 is a current secure solution for storing passwords. In my opinion, too many online services do not use this solution or do not fund it (fast enough) to update their services.