I was wondering what would be the top 3 or top 5 themes for this event in my community. So far, thinking of:
1. password management
2. email security (spam/phishing/viruses)
3. web browsers and adblockers (cookies, trackers, ...)
I was also planing on talking only about #opensource solutions.
What do you think?
Centralized tech platforms are "handmaidens to authoritarianism"
- Carole Cadwalladr, who exposed the illegal facebook ads around #brexit
Too much power in the hands of just a few tech platforms threatens democracy! #decentralization
After an Easter terror attack, Sri Lanka cut access to popular social media - Which is why you also want an account to popular federated social media accounts
Social media services that are federated such as Maston (alternative to Twitter) and Diaspora, Hubzilla and Friendica (alternatives to Facebook) provide full functionality from any of 100's of separate nodes (the addresses where you sign up). Posting at one node where you subscribed allows the message to be followed form elsewhere. There is no single central address that gets blocked to disable the network.
New nodes pop up all the time (I even created my very own hosted Hubzilla and Friendica nodes).
There are also other types of social networks such as Socialhome, Peertube (Youtube alternative), PixelFed (Instagram alternative) and others and usually belonging to just one is all you need, and you can usually follow/be followed from any other. It's the way social media will probably evolve to in future.
See https://fediverse.party/ for a list of federated social networks and lists of nodes where you can join. https://squeet.me/display/962c3e10-185c-bd81-7a07-ada257136169
Linux kernels >= 4.1 support ext4 encryption out of the box.
There is a section in the Arch wiki about this:
They recommend reading the following blog post:
OpenSSH 8.0 available:
– contains mitigations for an scp vulnerability (CVE-2019-6111)
– adds experimental post-quantum key exchange method, based on a combination of Streamlined NTRU Prime 4591^761 and X25519
– increases the default RSA key size to 3072 bits
– includes several bug fixes
While I work on a new ThinkPrivacy site, I changed to a single page design for now to be the solution to what I think pages like PrivacyTools got wrong when nesting too many of their pages.
I hope this is even easier for people to access.
I wonder why VeraCrypt in not using BLAKE2 hash
Lemmy is apparently a federated Reddit alternative using ActivityPub written in Rust https://github.com/dessalines/lemmy
Stop listening to promises that companies will do things right.. Use encryption and open source
Facebook scraped email contacts of 1.5 million users https://www.bbc.co.uk/news/technology-47974574
"Can I fully control my Android phone?": No, you can't.
– in our tests, AFWall+ leaked DNS queries of all apps on the device (including blocked apps), making it easy to determine apps installed on the phone
– updating Android doesn't imply that firmware vulnerabilities get fixed
– apps from F-Droid/Play Store etc. can still leak personal data as shown in our /e/ article
– besides, your proprietary baseband processor, GPS, sensors etc. remain out of control
"What can I use to encrypt my Linux filesystem?":
– LUKS/LVM supports full-disk encryption (and optionally 2FA)
– ext4 supports folder-based encryption
– eCryptFS/encfs are outdated/unmaintained
– GoCryptFS uses modern crypto but leaks metadata
– CryFS uses modern crypto and hides metadata but is slower than GoCryptFS
Thanks to Mr. Schumacher from Magdeburger Institut für Sicherheitsforschung
Baionet rejoint @gitoyen 🎉
Bienvenue à elleux sur Internet 🤗
Baionet est un FAI (Fournisseur d'Accès à Internet) associatif, basé à Bayonne.
Baionet nous rejoint pour contribuer à l'effort de mutualisation qu'est Gitoyen. Mais aussi pour commencer à jouer sur Internet (IPv6/IPv4), et fournir du VPN à base de WireGuard!
Hackers stole a Microsoft employee's credentials and accessed the body of users' emails, reports @motherboard. https://motherboard.vice.com/en_us/article/ywyz3x/hackers-could-read-your-hotmail-msn-outlook-microsoft-customer-support This particular attack is impossible with ProtonMail as we can't read user emails. Learn about zero-access encryption: https://protonmail.com/blog/zero-access-encryption/
ICYMI: #FreeSoftware #Privacy developer Ola Bini, currently a major contributor to the OTR encrypted messaging protocol, has been detained with no or flimsy charges for 4+ days and counting in Ecuador. "Evidence" included having technical books and too many devices. They say he'll be held up to 90 days while they "develop charges" against him.
Nice writeup by @darius about Dat, SSB, and ActivityPub and how they can learn from each other: https://blog.datproject.org/2019/03/22/three-protocols-and-a-future-of-the-decentralized-internet/
Indeed, my post-standardization of ActivityPub work (on Spritely) has largely been about exploring similar thoughts! See also the @librelounge episode with @joeyh where we talk about Secure Scuttlebutt (esp in relation to ActivityPub) https://librelounge.org/episodes/episode-14-secure-scuttlebutt-with-joey-hess.html
In this post I try to explain the Double Ratchet Algorithm that drives the cryptography behind OMEMO and Signal. This is the second part of my series about the crypto behind OMEMO. https://blog.jabberhead.tk/2019/04/15/closer-look-at-the-double-ratchet/
I have to confes that I am lost between #activitypub, #matrix, #xmpp etc, not to mention irc and all the proprietary platforms, before we dig into the specializations (text, video, audio etc) or the deeper #decentralization stuff like #dat and #ipfs
I think I could use an updated "internet for dummies" kind of review
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!