Für was würdest du dich entscheiden?
#mailboxorg oder #posteode ?
#datenschutz #e2ee #unplugtrump #privacy
Recent searches
Search options
#e2ee
8 posts8 participants0 posts today
Replied in thread
Note, that #OMEMO has been taken directly from Signal, only adapted for #XMPP.
Most modern #Jabber clients default to OMEMO for one-to-one conversations nowadays. For private groups, I believe, users still have to enable it explicitely.
I'm not aware of any public Jabber server that would still accept non-TLS connections, so you have both transport #encryption and #e2ee.
Generates random 16 bytes, transforms it to CryptoKey Object, encrypts it for RSA-key issuer
If you're using Linux, and you're looking to set up encrypted network-accessible storage, I have a blog post describing how to do that using rclone.
https://michael.kjorling.se/blog/2024/setting-up-encrypted-remote-storage-on-linux-using-rclone/
You can use this with any storage backend that rclone supports, which is *many*:
Note that you'll need to have rclone on any system you want to access your files from.
Not sure if this qualifies as a QT or addendum to https://social.circl.lu/@quinn/114337209093756652
Michael Kjörling · Setting up encrypted remote storage on Linux using rclone
New Privacy Guides article 
by me:
Encryption Is Not a Crime
The war against encryption isn't new, but the quantity of data about us that needs protection is.
Despite the senseless attacks,
it is vital that we fight back to protect the right to using end-to-end encryption.
Encryption protects us all: https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/
www.privacyguides.org · Encryption Is Not a Crime
More from 
Em 
Replied in thread
@LukaszOlejnik
Part of the proposed changes relates to how orgs are classified and governed under the existing surveillance law.
In the proposed revision, smaller Digital Service Providers such as Threema and Proton would be subjected to similar surveillance rules (and deadlines) as the bigger ISPs today.
They are against it, fearing (rightly) that it would impose significant costs on them, to handle authorities' requests and develop/deploy/maintain a surveillance infrastructure comparable to that already in place at bigger companies and ISPs such as Swisscom, Salt, etc.
The other change of the proposition, is the access of (near) real time metadata.
On the positive side, e2ee and message contents are explicitly excluded from the surveillance.
I'm curious to see what the final proposition will look like regarding the SMEs.
Florida’s New #SocialMedia Bill Says the Quiet Part Out Loud and Demands an #Encryption #Backdoor
#privacy #florida #e2ee #security
Electronic Frontier Foundation · Florida’s New Social Media Bill Says the Quiet Part Out Loud and Demands an Encryption BackdoorAt least Florida’s SB 868/HB 763, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.” Usually these sorts of sweeping mandates...
Sigh. We are, as a security community, making good progress on some old as well as some new topics. #Rust, #Go, and other memory safe systems languages are going well and having a real impact in reducing memory safety issues - which has been the most important security bug class for decades, and we are finally improving! Compartmentalization and isolation of processes and services have now become common knowledge and the minimum bar for new designs. Security and privacy by design are being honored in many new projects, and not just as lip service, but because the involved developers deeply believe in these principles nowadays. #E2EE is finally available to most end-users, both for messaging and backups.
And again and again, we are forced into having discussions (https://www.theregister.com/2025/04/03/eu_backdoor_encryption/) about breaking all the progress.
Let me be clear for Nth time:
* We *cannot* build encryption systems that can only be broken by the "good guys". If they are not completely secure, foreign enemy states, organized crime, and intimate partners will break and abuse them as well. There is no halfway in this technology. Either it is secure or it isn't - for and against everybody.
* We *cannot* build safe, government-controlled censorship filters into our global messaging apps that are not totally broken under the assumption of (current or future) bad government policies and/or insider attacks at the technology providers (https://www.mayrhofer.eu.org/talk/insider-attack-resistance-in-the-android-ecosystem/). Either one-to-one communication remains secure and private, or it doesn't (https://www.ins.jku.at/chatcontrol/).
* We *cannot* allow exploitation of open security vulnerabilities in smartphones or other devices for law enforcement. If they are not closed, they are exploitable by everybody. "Nobody but us" is an illusion, and makes everybody less secure.
My latest recorded public talk on the topic was https://www.mayrhofer.eu.org/talk/secure-messaging-and-attacks-against-it/, and nothing factual has changed since then. Policymakers keep asking for a different technological reality than the one we live in, and that sort of thing doesn't tend to produce good, sustainable outcomes.
(Edited to only fix a typo. No content changes.)
CC @epicenter_works @edri @suka_hiroaki @heisec @matthew_d_green @ilumium
The Register · EU: These are scary times – let's backdoor encryption!
ORG has joined 237 civil society groups, companies and cybersecurity experts in an open letter to members of the Swedish Riksdag.
We call on them to reject legislation that would force companies to undermine the encryption of their services.
Read more 
Global Encryption Coalition · Joint Letter on Swedish Data Storage and Access to Electronic Information Legislation – Global Encryption CoalitionOn 8 April 2025, 237 civil society organizations, companies, and cybersecurity experts, including Global Encryption Coalition members, published a joint letter to members of the Swedish Riksdag calling on them to reject legislation that would force companies to undermine the encryption of their services. In doing so, the Swedish Riksdag would leave its citizens and […]
Continued thread
There is now the opportunity for some public scrutiny of the UK government’s decisions to attack technologies that keep us safe online.
We must stand against the attack on encryption.
Sign and share our petition to keep Apple data encrypted
https://you.38degrees.org.uk/petitions/keep-our-apple-data-encrypted
38 DegreesKeep our Apple data encryptedIt is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud.
Encryption keeps our private information safe and secure. It’s essential for being safe online when sending messages, shopping, doing online banking – and for storing things safely in the cloud. With the Cabinet Office estimating the cost of Cyber Crime at £21BN a year to our economy, we can’t afford to make our...
Continued thread
"This is bigger than the UK and Apple.
The Court’s judgment will have implications for the privacy and security of millions of people around the world.
Such an important decision cannot be made behind closed doors and we welcome the IPT’s decision to bring parts of the hearing into the open."
@jim – ORG Executive Director.
Continued thread
Earlier this year, the UK government ordered Apple to grant it access to encrypted data stored by Apple users worldwide in its cloud service.
The secret order was made under the Investigatory Powers Act and the government has tried to keep the public in the dark ever since. Even when Apple appealed the order.
Now there will be some level of transparency with today's decision.
BREAKING: The UK government's attempt to hold the Apple encryption case entirely in secret has been REJECTED.
ORG, Big Brother Watch and Index on Censorship made a submission to the court arguing for open justice.
In a win for privacy rights, the court agrees.
It said it didn't accept “that the revelation of the bare details of the case would be damaging to the public interest or prejudicial to national security”.
Open Rights GroupIPT supports ORG’s call for open hearing in Apple encryption caseThe court responsible for hearing Apple’s challenge against the UK Government demanding that it breaks encryption has rejected the Home Office’s bid to have the case heard in secret.
BREAKING: VICTORY for @openrightsgroup BBW and @privacyint and others
The #Apple IPT case will be held in open, including the bare details of the case, so that the principles of the issue can be discussed! #e2ee #privacy
If you're using #GMail and you've learned about their latest claim to introduce real end-to-end #encryption: it's a lie.
Google has the control and/or you can't do anything against that Google takes control any time.
Real #E2EE works differently: only the sender and receiver are able to access the protected content.
https://michal.sapka.pl/2025/gmail-e2e-is-as-terrible-as-expected/
#Meta also defined E2EE such that the message is encrypted from the sender to them, processed in clear text and re-encrypted for the transmission to the receiver.
Don't let them fool you with false claims and wrong definitions.
Ars Technica · Are new Google E2EE emails really end-to-end encrypted? Kinda, but not really.
pretty sure this can work for #e2ee private mentions... worst case it just obfuscates text search.
- verifying key: [86,10,27,184,67,57,76,92,187,198,164,56,154,224,189,35,72,85,79,149,217,241,238,155,33,64,193,202,178,136,183,50]
- exchange key: [222,204,53,153,33,212,247,174,180,162,45,216,108,13,79,187,183,21,57,109,201,247,102,189,30,155,165,169,213,33,100,78]
ordinarylabs.ios00per sneaky hacker t001s 101only to be used by wolves, dragons, lions, tigers, bears, bats, orcas & octopuses.
Ars Technica · Are new Google E2EE emails really end-to-end encrypted? Kinda, but not really.