Discover and read the best of Twitter Threads about #e2ee
Most recents (15)
If you've followed me a long time, you've seen my transition from a "#linkblogger" (5-15 short hits/day) to an "essay-#blogger" (5-7 articles/week). I'm loving the new mode but returning to linkblogging is also intensely, unexpectedly gratifying:
pluralistic.net/2023/05/02/wun…
1/
pluralistic.net/2023/05/02/wun…
1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
pluralistic.net/2023/05/13/fou…
2/
pluralistic.net/2023/05/13/fou…
2/
My last #linkblogging foray was so great - and my link-backlog is so large - that I'm doing another one.
Link the first: "Siphon," @xkcd's delightful, whimsical "#physics-how-the-fuck-does-it-work" one-shot (visit the link, the tooltip is great):
xkcd.com/2775/
3/
Link the first: "Siphon," @xkcd's delightful, whimsical "#physics-how-the-fuck-does-it-work" one-shot (visit the link, the tooltip is great):
xkcd.com/2775/
3/
Phishing attacks cost Americans over $50,000,000 in 2022. Fake email attachments are one of the quickest ways hackers can phish you. 🎣
RT this thread to your network with 7 simple tips on how to make sure that an attachment is safe. 🧵⬇️
RT this thread to your network with 7 simple tips on how to make sure that an attachment is safe. 🧵⬇️
1. 🕵️ Make sure the sender is genuine. Never open an email attachment unless you’re certain you know who it is. Hackers can spoof emails to look like they’re from someone you know. Always be cautious! @ProtonMail protects you with a warning if we think the email has been spoofed.
2. 👾 Never open suspicious attachments. If you receive an unexpected or strange email, such as threats, urgent requests, prizes, or other unknown attachments, don’t download it! Instead, report it as phishing in your @ProtonMail app.
The possible collapse of twitter has made me super sad and reflective about what this site has meant to me and how it shaped my work as a literacy researcher and educator and now as an early platform ceo.
i have 45 minutes and i'm about to tweet my guts out.
i have 45 minutes and i'm about to tweet my guts out.
i was thinking of pitching like a "eulogy for twitter" to @TeenVogue but i'm gonna tweet first instead, unroll it later, and see what i can do with it.
this is off the dome first draft material, we'll see what themes come out. stay with me.
this is off the dome first draft material, we'll see what themes come out. stay with me.
i want to think through how i've used twitter since i made my first account in 2008, how it impacted my teaching and research, what i wish this site could've been, the rise of the multiracial patriarchy whitelash, and ultimately how and why i founded @germnetwork this year
Number of active users doesn't indicate how secure/private the messenger is.
❌Fb messenger
❌WhatsApp
❌WeChat
❌Snapchat
❌Wickr
❌Viber
Great alternatives: @signalapp, @session_app, @element_hq, @minds chat, @ThreemaApp
❌Fb messenger
❌Snapchat
❌Wickr
❌Viber
Great alternatives: @signalapp, @session_app, @element_hq, @minds chat, @ThreemaApp
Also, always question - what kind of metadata does this app collect?
In a public debate with Just Security‘s David Cole at Johns Hopkins University, former Director of the NSA and CIA, General Michael Hayden made the provocative remark, “We Kill People Based on Metadata.”
In a public debate with Just Security‘s David Cole at Johns Hopkins University, former Director of the NSA and CIA, General Michael Hayden made the provocative remark, “We Kill People Based on Metadata.”
Facebook users claim to hate the service, but they keep using it, leading many to describe Facebook as "addictive." But there's a simpler explanation: people keep using Facebook though they hate it because they don't want to lose their connections to the *people* they love. 1/
If you'd like an essay-formatted version of this thread to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:
pluralistic.net/2022/09/19/int… 2/
pluralistic.net/2022/09/19/int… 2/
Calling Facebook "addictive" plays into the company's own mythology, the sales-pitch they make to advertisers, in which they claim to be neuro-sorcerers whose mastery of "big data" and "dopamine loops" can sell anything to anyone, which is why you should buy ads on Facebook 3/
This week on my podcast, I read my @Medium column, "When Automation Becomes Enforcement," on the debate of interoperability and end-to-end encryption in the Digital Markets Act, and the long-running battle over who's in charge: you, or your computer?
onezero.medium.com/when-automatio… 1/
onezero.medium.com/when-automatio… 1/
When I first encountered the idea of disappearing messages, I thought they were stupid, but I was wrong. I thought that the point of disappearing messages was to let you send secrets to someone you didn't trust, because the message would disappear and thus be safe. 2/
Obviously, this is stupid. If you send a secret to someone you don't trust, that untrustworthy person can take a screenshot, or use another device to photograph their screen. Or, you know, they can just *remember* the secret and blab it. 3/
In an opinion-editorial by @htTweets, the study by DeepStrat & @_DialogueIndia - ‘Analysing the #NationalSecurity Implications of Weakening #Encryption’ was featured for its account on the #security vs. security debate involving the fundamental nature of #endtoendencryption.
The article sheds light on the #traceability challenges in #India, as identified in the report, which could potentially create vulnerabilities in modern #devices, #communication architecture and #cybersecurity, that can be exploited by bad actors.
hindustantimes.com/opinion/in-per….
hindustantimes.com/opinion/in-per….
The importance of #endtoendencryption (#E2EE) is in ensuring #InformationalPrivacy, #safety & #security of the #citizens; and, the #nationalsecurity of the State. Here are the key recommendations of the report - Analysing National Security Implications of Weakening #Encryption.
🇬🇧 The EU Commission could break securely #E2EE encrypted communications with the upcoming #chatcontrol2.0 proposal. If all messaging providers were forced to search private messages, this would require backdoors and undermine security! (1/7)
Attacks on #encryption are brought forward by governments time and again. Most recently here, in a November Council resolution: data.consilium.europa.eu/doc/document/S…
The idea: access to encrypted messages only "for the good guys/law enforcement authorities"
A fallacy.. (2/7)
The idea: access to encrypted messages only "for the good guys/law enforcement authorities"
A fallacy.. (2/7)
..because #encryption either works for all of us, or it works for no one at all. Once broken, and be it with best intentions, backdoors in encrypted communications are accessible to anyone who wants to use them – including criminal hackers (3/7)
@WhatsApp wen wollt ihr hier eigentlich verarschen?
@WhatsApp eure #Behauptung, Nachrichten seien #E2EE/#endeZuEnde-#Verschlüsselt ist offensichtlich gelogen - besonders da ihr alle #Schlüssel habt.
Hinzu kommen Gesetze wie #CloudAct & §111 ff. TKG sowie TKÜV, welche euch zum #Backdooring mit #Govware zwingen.
Hinzu kommen Gesetze wie #CloudAct & §111 ff. TKG sowie TKÜV, welche euch zum #Backdooring mit #Govware zwingen.
Der Vorstoß des #EU-Ministerrats @EUCouncil zum Zugriff auf #E2EE-#Verschlüsselung bei #Messenger-Diensten wie #WhatsApp, #SignalMessenger und #ThreemaApp stützt sich laut @radioFM4 auf Überlegungen der #FiveEyes-Geheimdienst-Allianz, v.a. des brit. #GCHQ. fm4.orf.at/stories/300964…
Für den @ThreemaApp-Chef zeugen Forderungen nach einem Generalschlüssel "von der Unbedarftheit der Behörden" - technisch sei das gar nicht möglich. zeit.de/news/2020-11/2…
Zur Erinnerung: Unsere Kritik an der Forderung nach Zugriff für Sicherheitsbehörden auf verschlüsselte Chats. "#Verschlüsselung funktioniert entweder ausnahmslos oder sie funktioniert überhaupt nicht." reporter-ohne-grenzen.de/themen/interne… #EU
Die EU-Innenminister wollen im Eilverfahren beschließen, Messenger-Dienste zu verpflichten, #E2EE, also Verschlüsselung, auf Anfrage von "zuständigen Behörden" auszuhebeln. Das ist nicht mehr Backdoor, sondern Frontdoor! (1/10) fm4.orf.at/stories/300893… #Verschlüsselungsverbot
Die Verschärfungen sind auf Initiative von 🇦🇹 & 🇫🇷 entstanden, die schreckliche Terroranschläge erlitten haben. Die Ratspräsidentschaft unter dem federführenden Innenminister #Seehofer hat sie übernommen. Aber #Verschluesselung auszuhebeln ist der falsche Weg! Gründe: (2/10)
1. Es bietet keinen höheren Schutz gegen Terror. Die Wiener Behörden hatten alle Infos, um den Täter zu stoppen - ohne Kommunikationsüberwachung. Die Antwort darauf kann nicht sein, alle BürgerInnen unter Generalverdacht zu stellen und Zugang zu mehr Daten zu verlangen. (3/10)
⚠️UPDATE on #EARNITAct⚠️
It has become part of a one-two punch to destroy the ability of the web to fight back, then end #e2ee.
The full force of the net must be unleashed to defend our rights: NoEarnItAct.org / Text EARNIT to 68788, msg+data rates may apply
It has become part of a one-two punch to destroy the ability of the web to fight back, then end #e2ee.
The full force of the net must be unleashed to defend our rights: NoEarnItAct.org / Text EARNIT to 68788, msg+data rates may apply
Our freedom from government surveillance will disappear unless we take action.
We have to #SaveEncryption and stop the EARN IT Act and the LAED Act.
Source: cyberlaw.stanford.edu/blog/2020/07/e…’t-fix-it
We have to #SaveEncryption and stop the EARN IT Act and the LAED Act.
Source: cyberlaw.stanford.edu/blog/2020/07/e…’t-fix-it
Some say the amended #EARNITAct is no longer a threat to encryption. This is FALSE.
The EARN IT Act is now the first bill of a one-two punch designed to destroy end to end encryption.
The EARN IT Act is now the first bill of a one-two punch designed to destroy end to end encryption.
I must say that @nick_clegg has substantially advanced his understanding of the value of encryption, since his days in the coalition, years before @Snowden, performing possibly the LibDems' fastest ever pivot from being procedurally in favour of #CCDP, to profoundly skeptical.
Flashback to 2012 when — caught on the hop — Nick thought that he could spin-away the surveillance / mandatory metadata retention aspects of the "Communications Capabilities Development Program"
aviewfromhamcommon.blogspot.com/2012/04/nick-c…
aviewfromhamcommon.blogspot.com/2012/04/nick-c…
However it turned out that the LibDems had flatly voted against it at party conference, the month previously:
OMG - This is hilarious!
/cc @EFF @OpenRightsGroup @Facebook @messenger @WhatsApp @signalapp @matthew_d_green @runasand
#infosec #e2ee
/cc @EFF @OpenRightsGroup @Facebook @messenger @WhatsApp @signalapp @matthew_d_green @runasand
#infosec #e2ee
@EFF @OpenRightsGroup @Facebook @messenger @WhatsApp @signalapp @matthew_d_green @runasand github.com/ukncsc/secure-…
@EFF @OpenRightsGroup @Facebook @messenger @WhatsApp @signalapp @matthew_d_green @runasand A friend reached out to me & pointed out that not everyone at @NCSC is against — in fact, many are in favour of — end-to-end encryption, although it's politically complex for them to outright say so.
My response was this: #e2ee should not be a #DontAskDontTell thing…
My response was this: #e2ee should not be a #DontAskDontTell thing…
I need help : from someone with a better legalese attention span than me, and with broad cryptography understanding, to explain to me how US Patent 10412063B1 is somehow NOT an attempt to patent the @signalapp #Signal Encryption Algorithm: patents.google.com/patent/US10412…
@signalapp @matthew_d_green @SteveBellovin @tqbf @FiloSottile I am literally halfway down my first coffee, and it smells to me a bit like someone has taken #Signal, said "if we throw away the prekey mechanism then we have something novel", and then patented it; but then I am still skimming the document:
