Pinned toot

Does anyone celebrate (or on any other way mark) 28. January ?

I was wondering what would be the top 3 or top 5 themes for this event in my community. So far, thinking of:
1. password management
2. email security (spam/phishing/viruses)
3. web browsers and adblockers (cookies, trackers, ...)
4. VPNs

I was also planing on talking only about solutions.

What do you think?

Cypherpunk boosted

Centralized tech platforms are "handmaidens to authoritarianism"
- Carole Cadwalladr, who exposed the illegal facebook ads around #brexit

Too much power in the hands of just a few tech platforms threatens democracy! #decentralization

Cypherpunk boosted

After an Easter terror attack, Sri Lanka cut access to popular social media - Which is why you also want an account to popular federated social media accounts

Social media services that are federated such as Maston (alternative to Twitter) and Diaspora, Hubzilla and Friendica (alternatives to Facebook) provide full functionality from any of 100's of separate nodes (the addresses where you sign up). Posting at one node where you subscribed allows the message to be followed form elsewhere. There is no single central address that gets blocked to disable the network.
New nodes pop up all the time (I even created my very own hosted Hubzilla and Friendica nodes).
There are also other types of social networks such as Socialhome, Peertube (Youtube alternative), PixelFed (Instagram alternative) and others and usually belonging to just one is all you need, and you can usually follow/be followed from any other. It's the way social media will probably evolve to in future.
See for a list of federated social networks and lists of nodes where you can join.

Cypherpunk boosted
A look at’s OLM | MEGOLM encryption protocol http://5qqc53mez6gzuo4jaf4m7aj6u2vhub3rz64dhytbdof4gqksvf2ys3ad.onion/2019/03/10/a-look-at-matrix-orgs-olm-megolm-encryption-protocol
Cypherpunk boosted


Linux kernels >= 4.1 support ext4 encryption out of the box.

There is a section in the Arch wiki about this:

They recommend reading the following blog post:

Cypherpunk boosted

OpenSSH 8.0 available:

– contains mitigations for an scp vulnerability (CVE-2019-6111)
– adds experimental post-quantum key exchange method, based on a combination of Streamlined NTRU Prime 4591^761 and X25519
– increases the default RSA key size to 3072 bits
– includes several bug fixes

#openssh #ssh #infosec #security #cybersecurity #postquantum #crypto #x25519 #rsa

Cypherpunk boosted

While I work on a new ThinkPrivacy site, I changed to a single page design for now to be the solution to what I think pages like PrivacyTools got wrong when nesting too many of their pages.

I hope this is even easier for people to access.

Cypherpunk boosted

Anyway Sikikali and VeraCrypt are great tools for cross-platform container encryption, but maybe Veracrypt is a little better because of Android support in form of EDS Lite app.

Cypherpunk boosted

Lemmy is apparently a federated Reddit alternative using ActivityPub written in Rust

Cypherpunk boosted

Stop listening to promises that companies will do things right.. Use encryption and open source


Facebook scraped email contacts of 1.5 million users


Cypherpunk boosted

"Can I fully control my Android phone?": No, you can't.

– in our tests, AFWall+ leaked DNS queries of all apps on the device (including blocked apps), making it easy to determine apps installed on the phone
– updating Android doesn't imply that firmware vulnerabilities get fixed
– apps from F-Droid/Play Store etc. can still leak personal data as shown in our /e/ article
– besides, your proprietary baseband processor, GPS, sensors etc. remain out of control

#android #security #privacy #infosec

Cypherpunk boosted

"What can I use to encrypt my Linux filesystem?":

– LUKS/LVM supports full-disk encryption (and optionally 2FA)
– ext4 supports folder-based encryption
– eCryptFS/encfs are outdated/unmaintained
– GoCryptFS uses modern crypto but leaks metadata
– CryFS uses modern crypto and hides metadata but is slower than GoCryptFS

Thanks to Mr. Schumacher from Magdeburger Institut fΓΌr Sicherheitsforschung

#linux #encryption #crypto #fde #cryfs #encfs #gocryptfs #ecryptfs #infosec #security #cybersecurity

Cypherpunk boosted

Baionet rejoint @gitoyen πŸŽ‰

Bienvenue Γ  elleux sur Internet πŸ€—

Baionet est un FAI (Fournisseur d'Accès à Internet) associatif, basé à Bayonne.

Baionet nous rejoint pour contribuer Γ  l'effort de mutualisation qu'est Gitoyen. Mais aussi pour commencer Γ  jouer sur Internet (IPv6/IPv4), et fournir du VPN Γ  base de WireGuard!

Cypherpunk boosted

Hackers stole a Microsoft employee's credentials and accessed the body of users' emails, reports @motherboard. This particular attack is impossible with ProtonMail as we can't read user emails. Learn about zero-access encryption:

Cypherpunk boosted

ICYMI: #FreeSoftware #Privacy developer Ola Bini, currently a major contributor to the OTR encrypted messaging protocol, has been detained with no or flimsy charges for 4+ days and counting in Ecuador. "Evidence" included having technical books and too many devices. They say he'll be held up to 90 days while they "develop charges" against him.

#FreeOlaBini #OpenSource #FLOSS #FOSS #surveilancecapitalism

Cypherpunk boosted

Nice writeup by @darius about Dat, SSB, and ActivityPub and how they can learn from each other:

Indeed, my post-standardization of ActivityPub work (on Spritely) has largely been about exploring similar thoughts! See also the @librelounge episode with @joeyh where we talk about Secure Scuttlebutt (esp in relation to ActivityPub)

Cypherpunk boosted

@one @kaidan @koenaro

I see OMEMO is among your planned XEPs. Any detailed roadmap / timeline to track implementation of future XEPs?

Cypherpunk boosted

In this post I try to explain the Double Ratchet Algorithm that drives the cryptography behind OMEMO and Signal. This is the second part of my series about the crypto behind OMEMO.

Cypherpunk boosted

I have to confes that I am lost between #activitypub, #matrix, #xmpp etc, not to mention irc and all the proprietary platforms, before we dig into the specializations (text, video, audio etc) or the deeper #decentralization stuff like #dat and #ipfs

I think I could use an updated "internet for dummies" kind of review

Show more

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!