Are you a journalist, activist or whistleblower in need of an anonymous email account that doesn't require a personally identifiable recovery email address or phone number?
I've managed to get my paws on "Dark Wire" by @josephcox, a great new book telling the incredible true story of how the FBI launched a fake encrypted messaging service and spied on the communications of the world's most notorious criminal gangs.
Did someone say #encryption? Encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk #surveillance systems. Learn more with our Email Self Defense guide: https://u.fsf.org/1df
#EU#Spain#Catalonia#Cybersecurity#Privacy#Encryption#Wire#Proton: "As part of an investigation into people involved in the pro-independence movement in Catalonia, the Spanish police obtained information from the encrypted services Wire and Proton, which helped the authorities identify a pseudonymous activist, according to court documents obtained by TechCrunch.
Earlier this year, the Spanish police Guardia Civil sent legal requests through Swiss police to Wire and Proton, which are both based in Switzerland. The Guardia Civil requested any identifying information related to accounts on the two companies’ respective platforms. Wire responded providing the email address used to register the Wire account, which was a Protonmail address. Proton responded providing the recovery email for that Protonmail account, which was an iCloud email address, according to the documents.
In the request, which listed “organised crime” and “terrorism” as the nature of the investigation, Spanish police wrote that it wanted to “find out who were the perpetrators of the facts taking place in the street riots in Catalonia in 2019.”"
Jetzt keine (doofe) Sprüche, dass veganer Tofu nicht schmeckt und seltsam wäre, es geht um IT-Sicherheit! ;)
»Freie Terraform-Alternative – Opentofu ermöglicht "state encryption":
Seit über zehn Jahren klagen Terraform-Nutzer über unverschlüsselte state files. Version 1.7 der freien Alternative Opentofu bietet nun optionale Verschlüsselung an.«
#e2ee is a goal, not a promise. As far back as I can remember, forums like those supporting #Enigmail and #gpg were staffed with volunteers from the privacy community who repeatedly insisted on answering questions, like, "Is <this> (whatever this might be) totally secure?" with stock questions like, "What is it that you consider 'totally secure?" or answers such as, "Secure is a relative term, nothing is completely secure, how secure do you need your mission's communications to be?"
Phrases such as, reasonably secure should be indicators of how ridiculous it is to assume that any secure platform isEVERcompletely, and totally secure.
That begs the question, "Exactly how secure do you require your communications to be?" The answer is always, ... relative.
Which means that you should always believe Ellen Ripley when she says, "Be afraid. Be very afraid!"
Has anyone had to deal with #Imperva? For some goddamned reason they've backslid and will no longer accept 4096-bit #encryption certificates and demand 2048-bit certs again.
Here comes #Fractal 7, with extended #encryption support and improved accessibility. Server-side key backup and account recovery have been added, bringing greater security. Third-party verification has received some bug fixes and improvements. Amongst the many accessibility improvements, navigability has increased, especially in the room history. But that’s not all we’ve been up to in the past three months. Read the full release notes at https://flathub.org/apps/org.gnome.Fractal
#CyberSecurity#VPNs#Encryption: "Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering.
TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. The researchers believe it affects all VPN applications when they’re connected to a hostile network and that there are no ways to prevent such attacks except when the user's VPN runs on Linux or Android. They also said their attack technique may have been possible since 2002 and may already have been discovered and used in the wild since then."
So... I left Evernote months ago when they hiked their pro plan subscription (like 163% !) It was bloated, and their free plan was crippled; that + the company had been struggling for years to find a CEO who could bring some kind of vision back to the app. It all flopped and they were sold to Bending Spoons.
Over the ensuing months, I was fortunate to find a replacement! An Open Source, fully encrypted, Evernote killer. And what a note taking app it has become.
A major release (v3.0) was launched officially today. 8 months of non-stop development and testing by a two-man Dev team has really brought this app center stage. These guys are hands-on with listening to user feedback on their NN Discord server; when they find time to sleep beats me (the plight of the developer).
Read about this latest journey AND all of the great new features of v3.0 that are note-taking game changers, on their blog post:
You're going to hear more about Notesnook in the weeks and months to come and it won't be coming from me. It will be from a growing userbase that can't help but share the awesomeness that Notesnook brings to notetaking.
#CyberSecurity#Surveillance#Encryption#Messaging: "The current crop of suggestions seem to concede that governments shouldn’t have direct access. Instead, they want services to backdoor themselves and act as gatekeepers to law enforcement. That’s not an improvement; it’s still centralized, and it makes these companies responsible for any misuse of the data that they have access to, requiring everyone on the planet to trust a few big tech companies with our private and most intimate conversations – hardly a direction that society wants to go in in 2024. ‘Trust me, I’m in charge’ is a poor model of governance or security.
These ‘solutions’ also ignore the reality that the ‘bad guys’ will just use other tools to communicate; information is information. That will leave law abiding people giving up their privacy and security for little societal gain." https://www.mnot.net/blog/2024/04/29/power