Anonymous :anarchism: 🏴 · @YourAnonRiots
6070 followers · 38163 posts · Server mstdn.social

API security is crucial. Discover how authentication, , and design protect APIs. Follow key steps to secure your APIs and safeguard customer data.

thehackernews.com/2023/09/how-

#CyberSecurity #Encryption

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
743 followers · 2915 posts · Server tldr.nettime.org

: "This book brings together voices from various fields of intellectual inquiry, based on the idea that technological, legal and societal aspects of the information sphere are interlinked and co-dependent from each other. In order to tackle the existing gap in shared semantics, this glossary converges the efforts of experts from various disciplines to build a shared vocabulary on the social, technical, economic, political aspects of decentralised, distributed or sovereign technologies: artefacts which seek to challenge the techno-social status quo by, for example, circumventing law enforcement, resisting surveillance, or being participative.

The idea ofthis glossary arose from the need for a workable, flexible and multidisciplinary resource for terminological clarity, which reflects instead of denying complexity. Situating the terms emerging through technology development in the wider context of multidisciplinary scientific, policy and political discourses, this glossary provides a conceptual toolkit for the study of the various political, economic, legal and technical struggles that decentralised, encryption-based, peer-to-peer technologies bring about and go through.

Choosing relevant technology-related terms and understanding them is to investigate their affordances within a given ecosystem of actors, discourses and systems of incentives. This requires an interdisciplinary, multi-layered approach that is attentive to the interlinkages between technological design nuances and socio-political, economic implications."

networkcultures.org/blog/publi

#decentralization #technologicalresistance #Encryption #p2p

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
738 followers · 2902 posts · Server tldr.nettime.org

: "Let’s be clear: weak statements by government ministers, such as the hedging from Lord Parkinson during this week’s debate, are no substitute for real privacy rights.

Nothing in the law’s text has changed. The OSB gives the U.K. government the right to order message and photo-scanning, and that will harm the privacy and security of internet users worldwide. These powers, enshrined in Clause 122 of the OSB, are now set to become law. After that, the regulator in charge of enforcing the law, Ofcom, will have to devise and publish a set of regulations regarding how the law will be enforced.

Several companies that provide end-to-end encrypted services have said they will withdraw from the U.K. if Ofcom actually takes the extreme choice of requiring examination of currently encrypted messages. Those companies include Meta-owned WhatsApp, Signal, and U.K.-based Element, among others.

While it’s the last minute, Members of Parliament still could introduce an amendment with real protections for user privacy, including an explicit protection for real end-to-end encryption."

eff.org/deeplinks/2023/09/uk-g

#uk #osb #surveillance #Encryption #privacy #dataprotection

Last updated 1 year ago

Anonymous :anarchism: 🏴 · @YourAnonRiots
6087 followers · 38033 posts · Server mstdn.social

Monti is back with a new version, including updated and evasion tactics. Learn how they're targeting government and legal sectors.🐧

thehackernews.com/2023/08/mont

#Malware #CyberSecurity #Encryption #Linux #Ransomware

Last updated 1 year ago

The European Network · @TheEuropeanNetwork
2689 followers · 2107 posts · Server mstdn.social

Britain admits defeat in its controversial fight to break encryption.

Tech companies and privacy activists are claiming victory after an eleventh-hour concession by the British government.

The UK government has admitted that the technology needed to securely scan encrypted messages sent on Signal and WhatsApp doesn’t exist, weakening its controversial Online Safety Bill.

wired.co.uk/article/britain-ad

#law #legal #Encryption #Signal #WhatsApp #Internet #osb #OnlineSafetyBill #UK

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
734 followers · 2864 posts · Server tldr.nettime.org

: "Although the UK government has said that it now won’t force unproven technology on tech companies, and that it essentially won’t use the powers under the bill, the controversial clauses remain within the legislation, which is still likely to pass into law. “It’s not gone away, but it’s a step in the right direction,” Woodward says.

James Baker, campaign manager for the Open Rights Group, a nonprofit that has campaigned against the law’s passage, says that the continued existence of the powers within the law means encryption-breaking surveillance could still be introduced in the future. “It would be better if these powers were completely removed from the bill,” he adds.

But some are less positive about the apparent volte-face. “Nothing has changed,” says Matthew Hodgson, CEO of UK-based Element, which supplies end-to-end encrypted messaging to militaries and governments. “It’s only what’s actually written in the bill that matters. Scanning is fundamentally incompatible with end-to-end encrypted messaging apps. Scanning bypasses the encryption in order to scan, exposing your messages to attackers. So all ‘until it’s technically feasible’ means is opening the door to scanning in future rather than scanning today. It’s not a change, it’s kicking the can down the road.”"

wired.com/story/britain-admits

#uk #osb #cybersecurity #Encryption #privacy #surveillance

Last updated 1 year ago

ilias :night_ablobcat_wink: · @DM_Ronin
295 followers · 103 posts · Server mstdn.social

"The UK government will concede it will not use controversial powers in the online safety bill to scan messaging apps for harmful content"
ft.com/content/770e58b1-a299-4

To be honest, I expected this to happen in spite of troubling statements from gov't. Relieved to see they finally started to get it. Bad news though: Online Safety Bill even without that clause is still a crappy legislation that should be discarded.

#Security #Surveillance #Encryption #Privacy #OnlineSafetyBill #unitedkingdom

Last updated 1 year ago

Pratik Patel · @ppatel
1001 followers · 16143 posts · Server mstdn.social

There are coveats here. They've promised to not enforce until technologies are developed to scan this material without privacy being affected.

the UK government pulls back from new rules in the Online Safety Bill, averting a clash with Big Tech, as the bill enters its final stages.

ft.com/content/770e58b1-a299-4

#paywall #snooperscharter #Privacy #snooper #Encryption

Last updated 1 year ago

The European Network · @TheEuropeanNetwork
2672 followers · 2100 posts · Server mstdn.social

The UK is poised to force a bad law on the Internet.

WhatsApp and Signal have threatened to shut down services in Britain if the Online Safety Bill includes restrictions that undermine encryption. The government is pushing it through anyway.

wired.co.uk/article/the-uk-is-

#law #legal #Encryption #Signal #WhatsApp #Internet #osb #OnlineSafetyBill #UK

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
732 followers · 2846 posts · Server tldr.nettime.org

: "Is Signal using Artificial Intelligence (AI)?

Signal does use one small machine learning model which is actually part of our media editing suite of tools. It allows people to click a button to automatically makes faces unrecognizable in a photo; it runs locally on your phone. For example, if you take a photo of a party where you don’t know everyone, and you don’t have consent to share facial biometric data, you can click a button and this model will help you recognize faces and blur them so you can ensure privacy. That’s a nice and useful application of AI and it doesn’t send data to an app company.

What, then, is the problem with AI?

When AI systems are used, they are usually used for surveillance. They profile people’s faces and create data about whose face that is or what kind of person that face indicates. It’s used for ratings or for other purposes, which are surveillance in themselves. To create these AI systems, you first have to have huge amounts of data to train and inform those systems so they can be calibrated. The metastasis of AI as a kind of dominant and very hyped form of technology is antithetical to ensuring real privacy. It entrenches and expands the business model of surveillance, because its insatiable demand for data will naturally lead to more surveillance, more collection and generation of data."

schweizermonat.ch/when-ai-syst

#cybersecurity #Encryption #signal #messaging #ai #privacy #surveillance

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
723 followers · 2818 posts · Server tldr.nettime.org

: "It’s a 21st-century form of prior restraint, violating the very essence of free speech. It’s a death knell for end-to-end encryption, and with it, every internet user’s right to privacy.

Private communication is a fundamental human right, and in the online world, the best tool we have to defend this right is end-to-end encryption. It ensures that governments, tech companies, social media platforms, and other groups cannot view or access our private messages, the pictures we share with family and friends, or our bank account details. This is a particularly vital protection for the most vulnerable in society, such as children seeking relief from abuse or human rights defenders working in hostile environments."

thedailybeast.com/crackdowns-o

#uk #osb #Encryption #surveillance #cybersecurity

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
711 followers · 2778 posts · Server tldr.nettime.org

: "With end-to-end encrypted technology, no one but you and the intended recipients can know what you wrote or said — not hackers, the app companies or the police.

Except, not everything is end-to-end encrypted in end-to-end encrypted apps.

That could mean what you type in chats are saved on company computers that corporations such as Apple or your phone provider could read. Details such as the timestamps of every text to your boyfriend might not be under lock and key, either.
That’s not necessarily bad. Each end-to-end encryption choice has trade-offs. More privacy and security could also make it harder for you to use an app, or can shield activity of terrorists and child predators.

The mess I’m describing — end-to-end encryption but with certain exceptions — may be a healthy balance of your privacy and our safety.

The problem is it’s confusing to know what is encrypted and secret in communications apps, what is not and why it might matter to you.

To illuminate the nuances, I broke down five questions about end-to-end encryption for five communications apps."

washingtonpost.com/technology/

#cybersecurity #Encryption #messaging

Last updated 1 year ago

ilias :night_ablobcat_wink: · @DM_Ronin
294 followers · 105 posts · Server mstdn.social

While I totally agree (from my own work experience included) that encrypting firmware is essential, as well as having such guide... IMO I'd like to stress without diversifying encryption keys and making it unique per each device there's not much to gain from it interrupt.memfault.com/blog/fi

#IOT #Hardware #reverseengineering #firmware #Embedded #Encryption

Last updated 1 year ago

Anonymous :anarchism: 🏴 · @YourAnonRiots
6052 followers · 37709 posts · Server mstdn.social

Google Chrome will soon support X25519Kyber768, a powerful quantum-resistant algorithms to safeguard against potential future threats.

thehackernews.com/2023/08/enha

#Technology #CyberSecurity #Encryption

Last updated 1 year ago

Jon PENNYCOOK · @jonpsp
83 followers · 5455 posts · Server mstdn.social
Imogen · @HopelessDemigod
217 followers · 358 posts · Server mstdn.social

Do we really need yet another end to end encrypted server and client (App)?

Signal and Matrix / Riot work reasonably well.

Enlighten me.

#Encryption #Messaging

Last updated 1 year ago

Anonymous :anarchism: 🏴 · @YourAnonRiots
6048 followers · 37686 posts · Server mstdn.social

Meta is set to support end-to-end for Messenger chats by year-end. Meta redesigned over 100 Messenger features to keep your chats both safe and seamless.

thehackernews.com/2023/08/meta

#informationsecurity #CyberSecurity #Encryption

Last updated 1 year ago

Kevin Karhan :verified: · @kkarhan
1443 followers · 103588 posts · Server mstdn.social

@Theholypumpkin @toby @bunsenlabs

Also one major "can't use" for me - regardless of and - is the lack of a convenient setup in both and @ubuntu / for @Raspberry_Pi / .

Not gonna argue the lack of @tails or official @torproject but to make viable and useable, it just can't be restricted to external media or having to manually fiddle around, cuz that's a pain in the rear.

#fulldiskencryption #torbrowser #RaspberryPi #Ubuntu #RaspberryPiOS #Encryption #luks #scalpers #chipshortages

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
698 followers · 2735 posts · Server tldr.nettime.org

: "The United Kingdom (U.K.) government has recently unveiled plans to revise the Investigatory Powers Act 2016 (IPA), the primary legislation governing the surveillance of electronic communications in the United Kingdom. The proposed revisions include five objectives pertaining to changes in the notices regime within the IPA, the process through which the government can ask private companies to carry out surveillance on its behalf, such as interception of communications and equipment interference (hacking). The proposed changes to the IPA notices regimes include an obligation to comply with the content of a potential notice during the review period and before a notice is actually served, an obligation to disclose technical information about the company’s systems during the same review period, measures to strengthen the extraterritorial application of the notices and obligations for companies to give advance notice to the U.K. Secretary of State before implementing any technical changes. This article focuses on the latter two changes. It examines how the United Kingdom likely would be in breach of international human rights law (IHRL) by interfering with the privacy and security of online users both within and outside of its borders, should it decide to move forward with the proposed revisions."

justsecurity.org/87615/changes

#uk #cybersecurity #surveillance #Encryption #policestate

Last updated 1 year ago

Miguel Afonso Caetano · @remixtures
686 followers · 2690 posts · Server tldr.nettime.org

: "The main criticism of the legislation to date has been on freedom of expression grounds. Critics have said it will have a chilling effect, encouraging tech giants to ban users who might get the platforms into trouble with the regulators. Now the companies are warning that the bill has a national security implication too.

Ukraine often uses messaging services to communicate securely with its allies, including the UK. The British armed forces and their allies also use services such as Signal alongside military communications systems. Do ministers really want to weaken western security? Have they thought this through?

If Signal and WhatsApp cannot be used on British-registered phones, anyone who needs access will presumably have to ship in a second, secure device from the US."

thetimes.co.uk/article/49f0ac7

#uk #osb #Encryption #cybersecurity #messaging

Last updated 1 year ago