DI.DAY is a new monthly “Digital Independence Day” encouraging people to ditch Big Tech and move to privacy‑respecting services. 📅
Launched by Save Social and Chaos Computer Club at 39C3, it runs every first Sunday with events like “de‑Google your phone,” Nextcloud setups, and Linux install parties across Europe. 🛡️
I just updated the RTA blog post about #Meta with this nugget of info that I had overlooked: they have your #WhatsApp#encryption keys.... 🤦🏼♂️
So they can say "your content is end-to-end-encrypted" until the cows come home, but they can still access it whenever they want! (and they always want to, because they are an #advertising and #AI business, and supplier-of- #surveillance -info-to-the-cops business)
Do you trust Meta with your keys?
One key 'feature' of WhatsApp (and iMessage for that matter) is that they also handle your encryption keys. This undoubtably makes life easier for people (messages can be easily restored/ported to another device) but it also means that ultimately the keys to your encrypted messages are owned by people who you cannot trust (i.e. Meta).
And sure enough in a lawsuit against Meta it has been alledged that Meta actually can see your message content, and they scan it for their advertising and AI business, and for security agencies.
So... I learn of Quiet an app that IMHO fills a need in the encrypted communications ecosystem.
I check to see if I can follow them on Mastodon, and what do I find on their home page? A link to their Xitter account. Nothing about Mastodon. :headache: :why:
Their slogan is:
"Quit Big Tech. Never look back."
But they use Xitter of all places as their news outlet? Are they serious????????
Microsoft confirms it will give the FBI your Windows PC data encryption key if asked — you can thank Windows 11's forced online accounts for that
Windows 11's online Microsoft Account requirement means your PC is automatically backing up its data encryption key to the cloud, and Microsoft says it will hand those over to the FBI if asked.
How to Upgrade GnuPG to Generate Kyber and Goldilocks Keys
I see some people still using ancient PGP keys. GnuPG offers Linux repositories for updating to the latest versions of GnuPG with new expert features for key generation. Recent versions support both Kyber1024 and Goldilocks448 keys (and more).
Once installed run: :~$ gpg --full-generate-key --expert
New GnuPG Repositories for Debian, Ubuntu, and Devuan: Stable and Development Branches Available
🇬🇧 UK & 🇦🇺 Australia have the worst anti-encryption laws among democratic countries.
🇨🇦 Canada risks joining them with Bill C-2.
🇺🇸 US still relies on secret orders under FISA & CLOUD Act.
🇨🇭 Switzerland is no longer the privacy paradise it was claimed to be.
#Encryption is under attack worldwide. Our new global overview shows why Europe remains the best place for encrypted services.
1/6📍#ChatControl: Yesterday, EU lawmakers entered the final stage of negotiations ('trilogues') on the controversial #CSARegulation, aka Chat Control.
📣 EDRi has been advocating for years to make sure that this law tackles the severe crime of child sexual abuse material (CSAM) online without resorting to #MassSurveillance, breaking #encryption or compelling people to undergo intrusive age checks, all of which would have harmful consequences for people and communities.
Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol.
Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol. We conduct a review of encryption protocols and integration architectures, and selected Messaging Layer Security (MLS). We also considered the user experience, ensuring that key management, message archiving, and the handling of mixed encrypted and unencrypted messages would be intuitive and user-friendly.
Deliverables
Proposed integration of Messaging Layer Security (MLS) into ActivityPub
User interface specification for a reference implementation
Software architecture for a reference implementation
1/5📍#ChatControl: Today, following a lot of public pressure, representatives of the EU member states have finally agreed on their position to remove arguably the most controversial part of the #CSARegulation: the requirement for message and email services to scan users' private communications.
🔑 This is a key development. We, along with hundreds of experts, have criticised this part of the law for undermining the presumption of innocence and posing an existential threat to #encryption.
A young person looking at their phone as bubbled with locks and multicoloured squares float around them
@GrapheneOS is being threatened by French authorities for refusing to add backdoors and they're dealing with coordinated attacks in French media right now. They're pulling out of France entirely, moving all their servers, and fighting off a wave of bullshit one-sided reporting that makes them look like they're helping criminals.
They need us to fight back. Support them however you can, whether that's a dollar, sharing their story, pushing back on the garbage news coverage when you see it, or just telling someone you know about what's happening. All of it matters because they're drowning in attacks from governments and media and bad actors who want them gone.
This is the only Android OS that actually makes me feel like privacy isn't just marketing. They fight for us now they need us to fight for them.
The EU is allowing this, governments think they can just threaten developers into compliance, and if we stay quiet we're letting it happen. Show up for them in whatever way you're able to.
"Protect Your Encryption | Microslop Hands Over Decryption Keys" 👀👏
"Protect Your Encryption | Microslop Hands Over Decryption Keys" 👀👏 ...