@heiseonline das liegt daran dass #TETRA gegen #KerkhoffsPrinzip verstößt und #proprietär|e #ClosedSource - #Verschlüsselung implementiert statt echte #E2EE.
@heiseonline das liegt daran dass #TETRA gegen #KerkhoffsPrinzip verstößt und #proprietär|e #ClosedSource - #Verschlüsselung implementiert statt echte #E2EE.
An #E2EE messaging app unaffected by #ChatControl
* App: https://chat.positive-intentions.com/
* Code: https://github.com/positive-intentions/chat
* Reddit: https://www.reddit.com/r/positive_intentions
How it works: https://positive-intentions.com/docs/projects/chat
TLDR: I'm working on a #P2P messaging #webapp. Webapps are generally not considered secure because of the nature of serving statics over the internet. This is correct, but not a limitation of this project. (#selfhosting options: https://positive-intentions.com/blog/docker-ios-android-desktop).
As a webapp, I can provide the app with zero-installation and no-registration. The app is only using (local-only) browser storage (specifically #indexedDB). So in a P2P interaction, the traditional concept of "the cloud" is just the physical devices connected over #WebRTC. This allows for things like P2P authentication: https://positive-intentions.com/blog/security-privacy-authentication.
Future:
I'm aiming to create the most secure messaging app out there... (more than #Signal, #Simplex, #threema, #session, #deltachat, #bitchat, etc). I know I have a long way to go to get there. The UI is fairly ugly for the average user, but I think the mechanics are working as expected. I think #JavaScript is underrated in what you can do with it. I'm actively investigating improving the #encryption approach further to align to how the Signal protocol works (currently using a #DiffieHellman key-exchange).
Support:
In the age of #ChatControl, I would like to keep this project #opensource, but open-source funding is not working for me. I don't want your donations (but don't let that stop you) because it isn't sustainable for a long-term project. I have so far only experienced grant-funding rejections. I have no idea what I'm doing in trying to get funding for this project, so any support/advice is appreciated. In recognition of the project in its current state not being able to get funding... (sorry) I will have to go #closedsource (which I'd like to avoid because it undermines several #cybersecurity claims I'd like to make). I don't accept collaboration on the project because this would make tough decisions like going closed-source also immoral.
After thousands of articles on how insecure open-source software is, why do the large-scale hacks seem to target closed-source software? I guess it will remain a mystery.
#cybersecurity #closedsource
https://www.bloomberg.com/news/articles/2025-07-21/microsoft-server-software-comes-under-widespread-cyberattack
You have to see it to believe it!
Die Auftragsvolumina für proprietäre amerikanische Softwarelizenzen des Bundes sind schon lange außer Kontrolle.
Die Ausgaben für Oracle-Software sind besonders unverhältnismäßig hoch, was zu dem Schluss führt:
- Vendor Lock-in wird teuer bezahlt
- Keine erkennbare Strategie zur Kostenreduzierung (z.B. durch Umstieg auf OSS-Alternativen) sichtbar
- Angst vor Veränderung und Verantwortung
Citrix Netscaler schon wieder sehr hohes Risiko
Die Produktlinie NetScaler begann als Marke der US-Firma Citrix. Inzwischen sind beides getrennte Marken unter dem Dach einer Firma mit Namen Cloud Software Group (CSG). - Aktuell gibt es Warnungen vor drei Sicherheitslücken in mehreren NetScaler Produkten. Die schlimmste der Sicherheitslücken, CVE 2025-5777, wird mit einem Risiko von 9,3 (von 10) eingestuft. Oder sollte man sagen Hintertür? Die Sicherheitslücke beruht nämlich darauf, dass Eingaben nicht ausreichend geprüft werden ("insufficient input validation"). Ah, ja.
https://www.pc-fluesterer.info/wordpress/2025/06/25/citrix-netscaler-schon-wieder-sehr-hohes-risiko/
Reading this article by @stefano with great interest.
Many things can be learned here.
#Apple #iPhone #ClosedSource #OpenSource #iMac #Mach #kernel #SteveJobs
This is one important reason why you should rip yourself away from closed source underlords
The destruction of your privacy by ripping your adblock extensions a new #rsehole
I stopped using Alphabet's google chrome 100% before this came into effect
It wasn't just 30 million people using this extension by the way it was much much more (close to 300 million users?)
Eher friert die Hölle zu.
Vor allem müssten erst Voraussetzungen geschaffen werden, von denen Lichtjahre entfernt ist: Eine sichere digitale Verwaltung auf der Basis von FOSS, so wie in
oder
.
Noch gilt bei uns dies:
https://www.pc-fluesterer.info/wordpress/2023/02/11/wollt-ihr-die-totale-pkz-so-nicht/
@mildsunrise I guess the only way to "fix" this would be a completely new standard.
"pitfalls"
TechCrunch: Some startups are going 'fair source' to avoid the pitfalls of open source licensing
OpenAI Quietly Scrapped a Promise to Disclose Key Documents to the Public - From its founding, OpenAI said its governing documents were available to the public. When... - https://www.wired.com/story/openai-scrapped-promise-disclose-key-documents/ #business/artificialintelligence #closedsource #business
One Less Binary Blob - Open-source software has gone a long way into making modern technology the way it ... - https://hackaday.com/2023/12/07/one-less-binary-blob/ #softwarehacks #closedsource #proprietary #binaryblob #opensource #espressif #firmware #wireless #driver #esp32 #wifi
»Zeiten ändern sich:
Microsoft hilft bei Linux-Installation«
Nun ja, M$ hat Windows schon über ein Jahrzehnt nicht mehr intern als erstes prio Software & Produkt ihres Unternehmens deklariert. Außerdem ist die Diskussion um Win & M$, für oder gegen Linux nichts neues und Werbung. Außerdem ergibt Linux auf Win viel User-Nutzung-Einblick für M$ & Dienste.
https://www.heise.de/news/Microsoft-hilft-bei-Linux-Installation-9333190.html
—
#linux #windows #microsoft #winos #win #opensource #closedsource #business #oss #os #sicherheit #itsicherheit #it
Please repost for visibility, so I can find people with similar interests. Like or comment for me to take a look at your profile, and possibly follow.
Likes/Interests: #Programming #Technology #OpenSource #FreeSoftware #FOSS #FLOSS #Fediverse #OnlineFreedom #Privacy #Anonymity #Anonymous #InfoSec #CyberSecurity #Manjaro #Linux #Science #Socialism #HumanRights #SocialJustice #MultipolarWorld #Programming #Python #Golang #Rust #RetroGaming #Gaming #SelfHosted #TechNews #Matrix #Youtube #Movies #Anime #Hentai #Erotica #Futurology #AI #Singularity #Fitness #Health #Collapse #ClimateCrisis #Audiobooks #Books #Fantasy #SciFi #StarWars #Fanfiction #Conspiracy #CriticalThinking #Cooking #DataHoarding #Piracy #FileSharing #Meshnet #Decentralized #Distributed #P2P #PeerToPeer #IPFS #Zeronet #Freenet #I2P #Tor
Dislikes/Disinterests: #Music #Memes #Sports #Coffee #Animals #Cats #Dogs #Nazis #CIA #NATO #UsEmpire #Oligarchy #Plutocracy #Kleptocracy #Imperialism #Fascism #Racism #Capitalism #Billionaires #Woke #Wokeism #Liberals #Democrats #Republicans #Conservatives #BigTech #ClosedSource #Microsoft #Discord #Copyright #Censorship #WesternMedia #MaintreamNews #OfficialPropaganda #Surveillance #PoliticalCorrectness #SurveillanceCapitalism #DRM #DataMining #FakeNews #Misinformation #Disinformation #EchoChamber #FilterBubble #CorporateMedia #Consumerism #Materialism #Overconsumption #PlannedObsolescence #FastFashion #Waste #EnvironmentalDegradation #Gentrification #Inequality #Neoliberalism #Globalization #FantasyFootball #Apple #Tech #BoardGames #TTRPG #DnD
Best to worst: #fopnu #nicotine+ ( #soulseek ) #aMule ( #edonkey2000 #ed2k ) #EiskaltDC++ ( #dcpp ) #gnutella #Shareaza #qBittorrent ( #BitTorrent #torrent )
_Dang_ this is... legitimately dangerous.
Bambu X1C and P1P started printing while owners were asleep
https://www.theverge.com/2023/8/16/23064592/bambu-print-asleep-cloud-outage
@omgubuntu But is #ClosedSource and comes from China... Not a good combo.
#LibreOffice is the way
philosophical details
Well done, #Ubuntu - with Ubuntu Pro, you've finally achieved your walled garden. Delightful move that you've walled in some key packages (such as ImageMagick) that many people rely on but probably don't even know they are there. Force-installing snapd - a virus I've spent many hours trying to extirpate - is the real bubblegum in the hairdo.