Hintertürpflicht für britische Lauscher: #WhatsApp will #Apple 
helfen | Mac & i https://www.heise.de/news/Grossbritanien-WhatsApp-springt-Apple-im-Kryptokrieg-zur-Seite-10443507.html #Verschlüsselung #encryption #E2EE #EndToEndEncryption #End2EndEncryption #Datenschutz #privacy #surveillance #Überwachung #ChatControl #Chatkontrolle #GreatBritain 
#Grossbritanien
CryptPad supports a end-to-end encrypted calendar.
Google Calendar alternative.
The calendar is located in the user drop-down menu.
Documentation: https://docs.cryptpad.org/en/user_guide/collaboration.html#calendar
Website: https://cryptpad.org
Mastodon: @CryptPad
DJ Slope's #YouTube ban, likely triggered by an automated #Google Drive flag, is a warning about over-reliance on big tech. One misstep can erase your digital life. To protect #privacy and control, self-host whenever possible, avoid centralizing data, use end-to-end encrypted tools, and keep services separate. Don’t wait for a ban to realize how fragile your online presence really is.
"WhatsApp's intervention [in the Apple encryption case] shows the breadth of concern about the threat to privacy and security."
Many voices must be heard to "understand the full impact of what the Home Office is trying to do" with people's ability to access encrypted services in the UK.
@jim, ORG's Exec Director.
The government wants to be able to access anything, anywhere, any time — from your pics to your docs.
It begins with Apple. Other services will be next. That's why we must take a stand NOW!
Join over 2.1k people who've signed our petition to save encryption 
https://you.38degrees.org.uk/petitions/keep-our-apple-data-encrypted
My most recent project has been self-documenting cryptography, which seeks to make password hashes traceable or useless.
The basic idea is to add "this password is for Acme Corporation, Inc." onto the end of every password, automatically and outside the control of the user, before it is hashed.
The goal is to adversarially embed an organization's name and contact information into their password hash function, so that in order to be able to crack a password hash, you must know where to report it as stolen.
May 2025 status is live on the blog
Release 2025.3.1 with OnlyOffice 8
CryptPad in use and in the news @bearstech @Tutanota
No majority in the EU Council for Polish proposal that #ChatControl should remain voluntary and secure #E2EE encryption be exempted. https://netzpolitik.org/2025/interne-dokumente-polen-gibt-einigung-bei-chatkontrolle-auf/
In autumn, the new Danish presidency will try to push through the original extreme version of #ChatControl 2.0...
Keine Mehrheit im EU-Rat für den polnischen Vorschlag, die #Chatkontrolle solle freiwillig und sichere #E2EE Verschlüsselung ausgenommen bleiben. https://netzpolitik.org/2025/interne-dokumente-polen-gibt-einigung-bei-chatkontrolle-auf/
Im Herbst will Dänemark als neuer Vorsitz die extreme Version der #Chatkontrolle 2.0 durchdrücken...
zeitkapsl just got a slick new scrollbar for iOS v1.8.3 — fly through your memories and jump to any month & year in an instant.
Perfect for finding that one photo from summer ‘18. 
Big thank you to @voidstern for making our iOS app every week a bit better :)
@luana @java @b #simplex is #FLOSS quantum-resistant #e2ee decentralised (relay network), reportedly easy self-hosting, hosts rooms with thousands of users or just a few, member permissions, custom room permissions and unique to simplex: no user ids, each dm or group it basically creates a new cryptographic id
I am growing tired of governments who can't seem to understand how encryption works.
You *cannot* both have secure encryption and encryption with a backdoor (or "lawful" access). It's impossible.
The FBI has confirmed it wants “lawful access” to fully encrypted data, which includes end-to-end encrypted messages and iPhone and Android backups.
CDT Europe, as part of the steering committee of the Global Encryption Coalition, joined 88 other civil society organisations, companies, and cybersecurity experts in a letter to the European Commission, raising serious concerns about the future of #encryption in Europe.
Strong encryption is not a barrier to security, it is a fundamental pillar of it. We need to defend it, not undermine it.
@silhouette @richi @signalapp @torproject
1. You completely miss the points! There is no "#TechnicalNecessity" to demand #PII like a #PhoneNumber - espechally for a "#privacy"-focussed messenger!
2. & 3. #Signal is able and willing to comply with #Cyberfacism and pushing a #Shitcoin (#MobileCoin) makes it trivial to criminalize the App for "illegal & unregilated banking". If #Moxie or @Mer__edith cared they'd yeet that thing (or didn't even integrate it to begin with!) to avoid the attention. And yes Signal does restrict the App functionality when using a phone number from #Russia & #Iran (among other nations), thus affecting not only those in need of safe comms but by sending a verification code to them, earmarking them for police & intelligence. Which bings.me to the 1st agrument.
4. #Tor has a stellar record in terms of stability, integrity and censorship circumvention. DIY'ing something instead if following almost two decades of solid progress is absurd and violates "don't roll your own crypto" as a rule!
5. Only with #SelfCustody can you protect your own data. Or do you really expect Staff from Signal to not talk when facing lifetime in jail? If they have the keys, they can decrypt it, thus their #E2EE is just a "#TrustMeBro!" concept. I mean, what prevents them from being forced into backdooring all comms to @icij as per #NSL? Any "guarantee" without self-custody is worthless by virtue of being unenforceable!
Signal pushing #TechPopulism instead of teaching folks that their #ComSec is worth diddly-piss wothout.#OpSec, #InfoSec & #ITsec is dangerous!
Not to mention there are better options that don't do that shite (i.e. demand PII) and just work. @monocles / #monoclesChat & @delta / #deltaChat for example can adapt way better to said risks and ain't run by a #VCmoneyBurningParty!
Ever wonder how easy it would be for proprietary software like #WhatsApp to get around the end-to-end encryption? #TeleMessage provides a real world example. This is why there is no replacement for Free Software when it comes to privacy.
@dangillmor If anyone with a @garmin watch is pissed off about #Garmin retroactively revoking owners' #RightToOwn in favour of #enshittification, or if anyone else is in the market for a new smart watch, ask the #UNAWatch company and its personnel what technical and legal means they will use to guarantee they can never follow Google #Fitbit and Garmin into the same anti-consensual ¹ business model.
A technical guarantee is a hardware-based means to flash the firmware which the firmware itself cannot prevent using, paired with complete published open-access documentation of the hardware for independent developers. A legal guarantee means a permanent and irrevocable commitment to a full refund if the company ever engages in coercive tied selling, as by making use of any watch feature dependent on an online service the feature can function without, on a paid or non-#E2EE online service (save only if the owner opts into sharing data, and then making that data available to those with whom the owner elects to share), or an an online service the owner cannot replace, at the owner's sole discretion, with self-hosting or a competing service of their choice.
¹ The standard word "non-consensual" means the person didn't voluntarily say "yes"; I use "anti-consensual" here to mean the person said "no"—or the perpetrator knew beforehand the person would say "no" if given a chance—and the perpetrator did it anyway. It's bad enough not to ask; companies enshittifying already-purchased goods are instead acting in knowing and direct defiance of owners' refusal. The business model Garmin is adopting, following Fitbit, is actively contemptuous of consent ².
² Burying supposed "consent" in a EULA doesn't ethically count: if the owner cannot effectively refuse the change, or if continued full use of the original functionality—or anything else for which consent isn't strictly necessary (in the GDPR sense)—is conditioned on supposed "consent," then it isn't freely given, and so isn't valid consent.
Here's a question: Can #Signal build into itself a way to prohibit ANY communication or interaction with the completely nonsecure clone of itself known as "TM SGNL," given that the latter is built from the same code and uses the same protocols? Because it sure seems to me that an impenetrable wall needs to be erected between the 2. #encryption #e2ee
Russian authorities continue to demand the impossible, namely that we give them user data we don't have. Today the Moscow City Court rejected our objections and sided with the communication surveillance authority Roskomnadzor and the Federal Security Buereau (FSB). Not too surprising. Many more details and next step considerations you can find in this press release
@ambiguous_yelp:ahimsa.chat 
