Holy shit, @protonmail just doubled my base storage to six terabytes for #ProtonMail, #ProtonDrive, etc. I’m only using a little over 16 GB.
Granted I’ve been a paid subscriber since the summer of 2016 (first on their Plus plan, then on Visionary starting the following year). But this is ridiculous.
The UK government has (at least for now) decided to back off a piece of the #OnlineSafetyBill legislation that would have outright banned end-to-end encryption and would have been a major disaster in all means. https://archive.ph/HDnUa
When I first discovered WebAuthn in 2019 I imagined it being used for something like this, but never imagined something like the prf extension enabling true E2EE like this. Everything happens in the browser; there's no server used in any of this because to me that defeated the purpose. I also challenged myself to make a decent UX on top of this because what good is strong encryption if it's not usable?
For best results make sure you're using Chrome 116 and a recent FIDO2 security key.
(I'm also trying to figure out how things get noticed on Hacker News, so if you participate over there here's the Show HN, upvotes appreciated: https://news.ycombinator.com/item?id=37148972)
Der Messenger #Telegram ist für eine sichere Kommunikation nicht geeignet - standardmäßig sind die Nachrichten nicht einmal Ende-zu-Ende verschlüsselt. Besser geeignet sind #Signal oder #Threema. Übrigens: Elon Musk ist das Paradebeispiel eines Trolls. Einfach ignorieren. 😉
Unbelievable double-think happening here. The UK government is going full-throttle in its war on encryption, with the Online Safety Bill the vanguard in exposing the security of everyone's device.
Encryption protects us from cyber-criminals, keeps our messages private, and stops governments and corporations from spying on us. It is online safety for kids and everyone.
“While the UK government has admitted it’s not possible to safely scan all of our private messages, it has granted Ofcom the powers to force tech companies to do so in the future.”
Proton Mail automatically encrypts/decrypts messages between Proton Mail accounts via OpenPGP/PGP.
Proton Mail supports automatically encrypting/decrypting messages between Proton Mail accounts and external email accounts that support OpenPGP/PGP or GnuPG/GPG.
People in the UK may be left in the wilderness without secure messaging services, if the #OnlineSafetyBill retains its encryption busting clause.
Forcing platforms to comply with client-side scanning is state-mandated private surveillance of the kind that we see in authoritarian regimes. Platforms will leave rather than compromise #security and #privacy.
It'll particularly harm journalists, campaigners and activists who rely on #e2ee to communicate safely. #ukpolitics
#Apple strengthens iMessage end-to-end encryption with post-quantum cryptography: PQ3.
"iMessage now meets this goal with a new cryptographic protocol that we call PQ3, offering the strongest protection against quantum attacks and becoming the only widely available messaging service to reach Level 3 security"
Just saw someone implementing user authentication for an #E2EE application by taking the users password, running it through libsodium's crypto_pwhash with a fixed salt derived from the user's email address, before sending the (email, hash) pair to the remote server.. and I'm just like "is this secure?"
I'd always thought you'd want a construct like SRP6a for conducting the authentication between client & server (without the server learning the user's password)... #security#cryptography
HopToDesk is a free remote desktop tool allowing users to share their screen and allow remote control access to their computers and devices. Unlike other similar tools such as TeamViewer or AnyDesk, HopToDesk is free for both personal and business use, provides true end-to-end encryption for all peer communications, and open source.