Suche
Beiträge, die mit encryption getaggt sind
"[T]he main thing that people need to understand about Signal is that messages are encrypted from my phone to your phone in such a way that Signal can't read them as they go through their servers. The government could not read them off of Signal servers even with a warrant, even if they really wanted to. But if somebody has access to your phone, they can read those messages the same way you can by looking at them with their eyeballs because the messages have to be decrypted for you to read.
Now, there are a lot of ways that you can get access to somebody's phone. You can look over their shoulder while they're reading their messages, right? You can find out their password and unlock their phone, right? You can use forensic tools that police have like a Cellebrite or a break-in device to unlock phones, and then you can read the messages that way. You can also use malware. Installing malware on somebody's phone is a way that governments often gain access to people's private encrypted communications. Things like Pegasus malware or they're recently written about malware from Paragon Solutions that was going after WhatsApp messages, which was also end-to-end encrypted.
A concern about national security folks using these devices for the communications is that it makes it much more likely that their devices will get targeted by malware. And there's a lot of countries that have espionage capabilities that have the capability to target people's phones that would be very interested in knowing what Pete Hegseth is talking about, or what other high-level cabinet officials are talking about. So that makes for a very juicy intelligence target for foreign intelligence, and I think it's safe to assume that's something that many countries are now going to be going after."
https://www.techpolicy.press/about-that-signal-chat/
#USA #Trump #CyberSecurity #Signal #Encryption #CyberWarfare
Now, there are a lot of ways that you can get access to somebody's phone. You can look over their shoulder while they're reading their messages, right? You can find out their password and unlock their phone, right? You can use forensic tools that police have like a Cellebrite or a break-in device to unlock phones, and then you can read the messages that way. You can also use malware. Installing malware on somebody's phone is a way that governments often gain access to people's private encrypted communications. Things like Pegasus malware or they're recently written about malware from Paragon Solutions that was going after WhatsApp messages, which was also end-to-end encrypted.
A concern about national security folks using these devices for the communications is that it makes it much more likely that their devices will get targeted by malware. And there's a lot of countries that have espionage capabilities that have the capability to target people's phones that would be very interested in knowing what Pete Hegseth is talking about, or what other high-level cabinet officials are talking about. So that makes for a very juicy intelligence target for foreign intelligence, and I think it's safe to assume that's something that many countries are now going to be going after."
https://www.techpolicy.press/about-that-signal-chat/
#USA #Trump #CyberSecurity #Signal #Encryption #CyberWarfare
About that Signal Chat
To learn more about the scandal, Justin Hendrix spoke to Just Security co-editor-in-chief Ryan Goodman and EFF senior staff technologist Cooper Quintin.Justin Hendrix (Tech Policy Press)
"Whittaker acknowledges that WhatsApp licenses Signal’s end-to-end encryption technology. Nevertheless, a lot of personal and intimate information isn’t protected. According to Signal’s president, this involves users’ location data, contact lists, when they send someone a message, when they stop, what users are in their group chats, their profile picture, and much more.
“These differences may be marketing gloss to Meta, but to us, they’re fundamental life or death issues that the public deserves to understand so they can make an informed choice,” Whittaker concludes.
On Sunday, WhatsApp sent a message to Dutch users stating that the company can’t read their messages, including text and voice messages, photos, videos, and calls.
“They are protected by end-to-end encryption because we are always committed to protecting your privacy,” the note reads."
https://cybernews.com/news/whatsapp-signal-executives-battle/
#Cybersecurity #Privacy #Encryption #Signal #WhatsApp
“These differences may be marketing gloss to Meta, but to us, they’re fundamental life or death issues that the public deserves to understand so they can make an informed choice,” Whittaker concludes.
On Sunday, WhatsApp sent a message to Dutch users stating that the company can’t read their messages, including text and voice messages, photos, videos, and calls.
“They are protected by end-to-end encryption because we are always committed to protecting your privacy,” the note reads."
https://cybernews.com/news/whatsapp-signal-executives-battle/
#Cybersecurity #Privacy #Encryption #Signal #WhatsApp
"The fundamental issue is simple: encryption is mathematics and mathematics doesn’t discriminate between a government investigator and a criminal hacker — a back door is a back door and if it’s there, anyone can enter.
There’s also a contradiction at play. If politicians dream of making the UK a technology hub they should not be working to undermine the foundations of cyber security, on which a workable tech industry relies.
The government should withdraw its misguided mandate. Instead of surreptitiously cutting the brake cables on the technological car, it should be working to strengthen security and privacy of the technology that forms the nervous system of our world. Business leaders must also take a role, making it clear that these dangerous moves are unacceptable, and pushing the companies they license technology from to deploy encryption, and other protections, without which their interests and those of their customers will be vulnerable.
We have ceded so many of the core operations of our lives and institutions to tech, we must recognise that strong encryption isn’t the enemy of security — it is security. The argument that weakening encryption will make any of us safer is as wrong as it is dangerous."
https://www.ft.com/content/a934150f-e0f5-4e75-a2d1-a3671ea52ca0
#UK #CyberSecurity #Encryption #Backdoors #Privacy #Apple
There’s also a contradiction at play. If politicians dream of making the UK a technology hub they should not be working to undermine the foundations of cyber security, on which a workable tech industry relies.
The government should withdraw its misguided mandate. Instead of surreptitiously cutting the brake cables on the technological car, it should be working to strengthen security and privacy of the technology that forms the nervous system of our world. Business leaders must also take a role, making it clear that these dangerous moves are unacceptable, and pushing the companies they license technology from to deploy encryption, and other protections, without which their interests and those of their customers will be vulnerable.
We have ceded so many of the core operations of our lives and institutions to tech, we must recognise that strong encryption isn’t the enemy of security — it is security. The argument that weakening encryption will make any of us safer is as wrong as it is dangerous."
https://www.ft.com/content/a934150f-e0f5-4e75-a2d1-a3671ea52ca0
#UK #CyberSecurity #Encryption #Backdoors #Privacy #Apple
The war on encryption is dangerous
Government demands to access encrypted data via back doors will leave it vulnerable to hacks, breaches and theftMeredith Whittaker (Financial Times)
Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit 🕵️♂️
Teilen erbeten ‼️
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
https://cryptpad.digitalcourage.de/file/#/2/file/C3-dKGz23Qhw1ZSBmDnOAK3s/
Teilen erbeten ‼️
#DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz
https://cryptpad.digitalcourage.de/file/#/2/file/C3-dKGz23Qhw1ZSBmDnOAK3s/
“There is significant public interest in knowing when and on what basis the UK government believes that it can compel a private company to undermine the privacy and security of its customers.”
ORG, Big Brother Watch and Index on Censorship call for the Tribunal into the UK government's secret order for Apple to break encryption to be held in public.
The case happens TOMORROW.
Read more ⬇️
https://techcrunch.com/2025/03/13/apples-appeal-against-uks-secret-icloud-backdoor-order-must-be-held-in-public-rights-groups-urge/
#encryption #e2ee #privacy #security #ukpolitics #ukpol #cybersecurity #apple
ORG, Big Brother Watch and Index on Censorship call for the Tribunal into the UK government's secret order for Apple to break encryption to be held in public.
The case happens TOMORROW.
Read more ⬇️
https://techcrunch.com/2025/03/13/apples-appeal-against-uks-secret-icloud-backdoor-order-must-be-held-in-public-rights-groups-urge/
#encryption #e2ee #privacy #security #ukpolitics #ukpol #cybersecurity #apple
Apple’s appeal against UK’s secret iCloud backdoor order must be held in public, rights groups urge | TechCrunch
Privacy rights groups have called on Apple's legal challenge to a secret U.K. government order asking it to backdoor an end-to-end encrypted (E2EE)Natasha Lomas (TechCrunch)
"The U.K. government appears to have quietly scrubbed encryption advice from government web pages, just weeks after demanding backdoor access to encrypted data stored on Apple’s cloud storage service, iCloud.
The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.’s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information.
The NCSC in October published a document titled “Cybersecurity tips for barristers, solicitors & legal professionals,” that advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP).
ADP allows users to turn on end-to-end encryption for their iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored on iCloud."
https://techcrunch.com/2025/03/06/uk-quietly-scrubs-encryption-advice-from-government-websites/
#UK #CyberSecurity #Encryption #Surveillance #Apple #iCloud
The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.’s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information.
The NCSC in October published a document titled “Cybersecurity tips for barristers, solicitors & legal professionals,” that advised the use of encryption tools such as Apple’s Advanced Data Protection (ADP).
ADP allows users to turn on end-to-end encryption for their iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored on iCloud."
https://techcrunch.com/2025/03/06/uk-quietly-scrubs-encryption-advice-from-government-websites/
#UK #CyberSecurity #Encryption #Surveillance #Apple #iCloud
UK quietly scrubs encryption advice from government websites | TechCrunch
The UK is no longer recommending the use of encryption for at-risk groups following its iCloud backdoor demandsCarly Page (TechCrunch)
Closing the Gap in #Encryption on Mobile - https://www.eff.org/deeplinks/2025/02/closing-gap-encryption-mobile #cifrado
Closing the Gap in Encryption on Mobile
It’s time to expand encryption on Android and iPhone. With governments around the world engaging in constant attacks on user’s digital rights and access to the internet, removing glaring and potentially dangerous targets off of people’s backs when th…Electronic Frontier Foundation
We need to #PracticeSafeText 💬
You can’t scan communications without breaching privacy.
You can’t introduce message scanning software that undermines encryption in a way that’s anything other than less secure than what we have now.
Find out more ➡️ https://www.openrightsgroup.org/press-releases/practice-safe-text-campaign-launched/
#e2ee #encryption #privacy #cybersecurity #security
You can’t scan communications without breaching privacy.
You can’t introduce message scanning software that undermines encryption in a way that’s anything other than less secure than what we have now.
Find out more ➡️ https://www.openrightsgroup.org/press-releases/practice-safe-text-campaign-launched/
#e2ee #encryption #privacy #cybersecurity #security
Practice Safe Text Campaign launched
Open Rights Group has launched a new campaign, ‘Practice Safe Text’ which highlights the importance of end-to-end encryption in keeping our communications safe.Open Rights Group
Encryption backdoors are like leaving the door open for a totalitarian society... I don't see why people are unable to understand this...
"If they're going to cave into Zuck's demand to facilitate spying on Instagram users, do we really think they'll resist Kier Starmer's demands to remove Signal – and any other app that stands up to the Snooper's Charter – from the App Store?
It goes without saying that the "bad guys" the UK government claims it wants to target will be able to communicate in secret no matter what Apple does here. They can just use an Android phone and sideload a secure messaging app, or register an iPhone in Ireland or any other country and bring it to the UK. The only people who will be harmed by the combination of the British government's reckless disregard for security, and Apple's designs that trade the security of its users for the security of its shareholders are millions of law-abiding Britons, whose most sensitive data will be up for grabs by anyone who hacks their accounts."
https://pluralistic.net/2025/02/25/sneak-and-peek/
#CyberSecurity #UK #Apple #Encryption #Backdoors #Privacy #Totalitarianism #iCloud
"If they're going to cave into Zuck's demand to facilitate spying on Instagram users, do we really think they'll resist Kier Starmer's demands to remove Signal – and any other app that stands up to the Snooper's Charter – from the App Store?
It goes without saying that the "bad guys" the UK government claims it wants to target will be able to communicate in secret no matter what Apple does here. They can just use an Android phone and sideload a secure messaging app, or register an iPhone in Ireland or any other country and bring it to the UK. The only people who will be harmed by the combination of the British government's reckless disregard for security, and Apple's designs that trade the security of its users for the security of its shareholders are millions of law-abiding Britons, whose most sensitive data will be up for grabs by anyone who hacks their accounts."
https://pluralistic.net/2025/02/25/sneak-and-peek/
#CyberSecurity #UK #Apple #Encryption #Backdoors #Privacy #Totalitarianism #iCloud
"The furor after Apple removed full iCloud security for U.K. users may feel a long way from American users this weekend. But it’s not — far from it. What has just shocked the U.K. is exactly what the FBI told me it also wants in the U.S. “Lawful access” to any encrypted user data. The bureau’s quiet warning was confirmed just a few weeks ago.
The U.K. news cannot be seen in isolation and follows years of battling between big tech and governments over warranted, legal access to encrypted messages and content to fuel investigations into serious crimes such as terrorism and child abuse.
As I reported in 2020, “it is looking ever more likely that proponents of end-to-end security, the likes of Facebook and Apple, will lose their campaign to maintain user security as a priority.” It has taken five years, but here we now are.
The last few weeks may have seemed to signal a unique fork in the road between the U.S. and its primary Five Eyes ally, the U.K. But it isn’t. In December, the FBI and CISA warned Americans to stop sending texts and use encrypted platforms instead. And now the U.K. has forced open iCloud to by threatening to mandate a backdoor. But the devil’s in the detail — and we’re fast approaching a dangerous pivot."
https://www.forbes.com/sites/zakdoffman/2025/02/24/fbis-new-iphone-android-security-warning-is-now-critical/
#USA #FBI #CyberSecurity #Encryption #Privacy #UK #CISA #Apple #Backdoor
The U.K. news cannot be seen in isolation and follows years of battling between big tech and governments over warranted, legal access to encrypted messages and content to fuel investigations into serious crimes such as terrorism and child abuse.
As I reported in 2020, “it is looking ever more likely that proponents of end-to-end security, the likes of Facebook and Apple, will lose their campaign to maintain user security as a priority.” It has taken five years, but here we now are.
The last few weeks may have seemed to signal a unique fork in the road between the U.S. and its primary Five Eyes ally, the U.K. But it isn’t. In December, the FBI and CISA warned Americans to stop sending texts and use encrypted platforms instead. And now the U.K. has forced open iCloud to by threatening to mandate a backdoor. But the devil’s in the detail — and we’re fast approaching a dangerous pivot."
https://www.forbes.com/sites/zakdoffman/2025/02/24/fbis-new-iphone-android-security-warning-is-now-critical/
#USA #FBI #CyberSecurity #Encryption #Privacy #UK #CISA #Apple #Backdoor
FBI Warns iPhone, Android Users—We Want ‘Lawful Access’ To All Your Encrypted Data
UK forces Apple to provide encrypted data to security agencies—is America next?Forbes
"After the United Kingdom demanded that Apple create a backdoor that would allow government officials globally to spy on encrypted data, Apple decided to simply turn off encryption services in the UK rather than risk exposing its customers to snooping.
Apple had previously allowed end-to-end encryption of data on UK devices through its Advanced Data Protection (ADP) tool, but that ended Friday, a spokesperson said in a lengthy statement.
"Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature," Apple said."
https://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/
#UK #CyberSecurity #Apple #Encryption #Backdoors #DataProtection #Surveillance
Apple had previously allowed end-to-end encryption of data on UK devices through its Advanced Data Protection (ADP) tool, but that ended Friday, a spokesperson said in a lengthy statement.
"Apple can no longer offer Advanced Data Protection (ADP) in the United Kingdom to new users and current UK users will eventually need to disable this security feature," Apple said."
https://arstechnica.com/tech-policy/2025/02/apple-pulls-data-protection-tool-instead-of-caving-to-uk-demand-for-a-backdoor/
#UK #CyberSecurity #Apple #Encryption #Backdoors #DataProtection #Surveillance
Apple pulls end-to-end encryption in UK, spurning backdoors for gov’t spying
Apple abruptly yanks privacy tool in UK, taking bold stance against snooping law.Ashley Belanger (Ars Technica)
Apple pulls data protection tool after UK government security row https://www.bbc.com/news/articles/cgj54eq4vejo #Encryption
Apple pulls data protection tool after UK government security row
Customers' photos and documents stored online will no longer be protected by end to end encryption.Zoe Kleinman (BBC News)
"The encryption wars have reached a fever pitch, and the most contentious battle is not happening in the United States, where much of the action has been in the past — like the government’s efforts to restrict exports of encryption software until the 1990s and the FBI’s standoff with Apple in 2016. It’s in the United Kingdom, where the government has reportedly ordered Apple to give officials blanket access to iCloud users’ encrypted backups. And the order allegedly didn’t just apply to UK users — it demanded backdoor access for users worldwide.
The secret order, first reported by The Washington Post, was issued in January under the auspices of the UK’s Investigatory Powers Act of 2016. Apple’s compliance or refusal will have ramifications far beyond the UK, potentially making users less safe and signaling to other governments that they, too, can seek backdoor access — a way of bypassing encryption — to users’ information via legislation.
“Simply put, the message the UK government is sending is that its own citizens cannot expect its government to respect their privacy, and that it is willing to put their security at risk from all manner of bad actors like hackers and thieves because it cannot tolerate the ability to have a private conversation online,” Andrew Crocker, surveillance litigation director at the Electronic Frontier Foundation, told The Verge."
https://www.theverge.com/policy/612136/uk-icloud-investigatory-powers-act-war-on-encryption
#UK #CyberSecurity #Privacy #Encryption #Apple #iCloud
The secret order, first reported by The Washington Post, was issued in January under the auspices of the UK’s Investigatory Powers Act of 2016. Apple’s compliance or refusal will have ramifications far beyond the UK, potentially making users less safe and signaling to other governments that they, too, can seek backdoor access — a way of bypassing encryption — to users’ information via legislation.
“Simply put, the message the UK government is sending is that its own citizens cannot expect its government to respect their privacy, and that it is willing to put their security at risk from all manner of bad actors like hackers and thieves because it cannot tolerate the ability to have a private conversation online,” Andrew Crocker, surveillance litigation director at the Electronic Frontier Foundation, told The Verge."
https://www.theverge.com/policy/612136/uk-icloud-investigatory-powers-act-war-on-encryption
#UK #CyberSecurity #Privacy #Encryption #Apple #iCloud
The UK’s war on encryption affects all of us
The UK is using its Investigatory Powers Act to demand backdoor access to iCloud users’ encrypted backups worldwide.Gaby Del Valle (The Verge)
Verwendet ihr die serverseitige Verschlüsselung in Nextcloud? Wisst ihr, wovor sie euch schützt – und wovor nicht? Wir haben die drei Verschlüsselungsvarianten von Nextcloud verglichen und zeigen, wann sie sinnvoll sind – und wann es besser ist, auf eine Drittanbieter-Lösung zu setzen. 👇
https://www.kuketz-blog.de/verschluesselung-der-nextcloud-eine-grundlegende-entscheidung-nextcloud-teil-2/
#nextcloud #encryption #e2ee #cryptomator #security #sicherheit
https://www.kuketz-blog.de/verschluesselung-der-nextcloud-eine-grundlegende-entscheidung-nextcloud-teil-2/
#nextcloud #encryption #e2ee #cryptomator #security #sicherheit
Verschlüsselung der Nextcloud: Eine grundlegende Entscheidung – Nextcloud Teil 2
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel oder Ende-zu-Ende? Wir erklären die Unterschiede und helfen bei der richtigen Wahl.www.kuketz-blog.de
Teil 2 der Nextcloud-Serie! ☁️
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel, Ende-zu-Ende oder Drittanbieter-Lösung? Wir erklären die Unterschiede und helfen bei der richtigen Wahl. 👇
https://www.kuketz-blog.de/verschluesselung-der-nextcloud-eine-grundlegende-entscheidung-nextcloud-teil-2/
#nextcloud #encryption #e2ee #cryptomator #security #sicherheit
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel, Ende-zu-Ende oder Drittanbieter-Lösung? Wir erklären die Unterschiede und helfen bei der richtigen Wahl. 👇
https://www.kuketz-blog.de/verschluesselung-der-nextcloud-eine-grundlegende-entscheidung-nextcloud-teil-2/
#nextcloud #encryption #e2ee #cryptomator #security #sicherheit
Verschlüsselung der Nextcloud: Eine grundlegende Entscheidung – Nextcloud Teil 2
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel oder Ende-zu-Ende? Wir erklären die Unterschiede und helfen bei der richtigen Wahl.www.kuketz-blog.de
Teil 2 der Nextcloud-Serie! ☁️
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel, Ende-zu-Ende oder Drittanbieter-Lösung? Wir erklären die Unterschiede und helfen bei der richtigen Wahl. 👇
https://www.kuketz-blog.de/verschluesselung-der-nextcloud-eine-grundlegende-entscheidung-nextcloud-teil-2/
#nextcloud #encryption #e2ee #cryptomator #security #sicherheit
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel, Ende-zu-Ende oder Drittanbieter-Lösung? Wir erklären die Unterschiede und helfen bei der richtigen Wahl. 👇
https://www.kuketz-blog.de/verschluesselung-der-nextcloud-eine-grundlegende-entscheidung-nextcloud-teil-2/
#nextcloud #encryption #e2ee #cryptomator #security #sicherheit
Verschlüsselung der Nextcloud: Eine grundlegende Entscheidung – Nextcloud Teil 2
Verschlüsselung in Nextcloud: Serverseitig, mit Benutzer-Schlüssel oder Ende-zu-Ende? Wir erklären die Unterschiede und helfen bei der richtigen Wahl.www.kuketz-blog.de
"The Washington Post reported that the United Kingdom is demanding that Apple create an encryption backdoor to give the government access to end-to-end encrypted data in iCloud. Encryption is one of the best ways we have to reclaim our privacy and security in a digital world filled with cyberattacks and security breaches, and there’s no way to weaken it in order to only provide access to the “good guys.” We call on Apple to resist this attempt to undermine the right to private spaces and communications.
As reported, the British government’s undisclosed order was issued last month, and requires the capability to view all encrypted material in iCloud. The core target is Apple’s Advanced Data Protection, which is an optional feature that turns on end-to-end encryption for backups and other data stored in iCloud, making it so that even Apple cannot access that information. For a long time, iCloud backups were a loophole for law enforcement to gain access to data otherwise not available to them on iPhones with device encryption enabled. That loophole still exists for anyone who doesn’t opt in to using Advanced Data Protection. If Apple does comply, users should consider disabling iCloud backups entirely. Perhaps most concerning, the U.K. is apparently seeking a backdoor into users’ data regardless of where they are or what citizenship they have."
https://www.eff.org/deeplinks/2025/02/uks-demands-apple-break-encryption-emergency-us-all
#CyberSecurity #UK #Privacy #Encryption #Apple #iCloud
As reported, the British government’s undisclosed order was issued last month, and requires the capability to view all encrypted material in iCloud. The core target is Apple’s Advanced Data Protection, which is an optional feature that turns on end-to-end encryption for backups and other data stored in iCloud, making it so that even Apple cannot access that information. For a long time, iCloud backups were a loophole for law enforcement to gain access to data otherwise not available to them on iPhones with device encryption enabled. That loophole still exists for anyone who doesn’t opt in to using Advanced Data Protection. If Apple does comply, users should consider disabling iCloud backups entirely. Perhaps most concerning, the U.K. is apparently seeking a backdoor into users’ data regardless of where they are or what citizenship they have."
https://www.eff.org/deeplinks/2025/02/uks-demands-apple-break-encryption-emergency-us-all
#CyberSecurity #UK #Privacy #Encryption #Apple #iCloud
Blanket access to all encrypted material. Will the Apple crumble or is this (along with services such as Signal) be withdrawn from British users?
Back doors are not a good idea. And this comes on top of Starmer's proposals to open up all of our bank accounts to public examination
http://archive.today/2025.02.07-202742/https://www.thetimes.com/uk/politics/article/home-office-orders-apple-to-let-it-snoop-on-encrypted-files-rb8grfzh8 (archived)
https://bigbrotherwatch.org.uk/press-releases/big-brother-watch-response-to-the-government-ordering-apple-to-let-them-spy-on-users-messages/
https://bigbrotherwatch.org.uk/bankspying/big-issue-the-governments-mass-bank-spying-proposals-is-an-assault-on-welfare/
#Encryption #BigBrotherWatch #BigBotherWatch #Privacy #IT
Back doors are not a good idea. And this comes on top of Starmer's proposals to open up all of our bank accounts to public examination
http://archive.today/2025.02.07-202742/https://www.thetimes.com/uk/politics/article/home-office-orders-apple-to-let-it-snoop-on-encrypted-files-rb8grfzh8 (archived)
https://bigbrotherwatch.org.uk/press-releases/big-brother-watch-response-to-the-government-ordering-apple-to-let-them-spy-on-users-messages/
https://bigbrotherwatch.org.uk/bankspying/big-issue-the-governments-mass-bank-spying-proposals-is-an-assault-on-welfare/
#Encryption #BigBrotherWatch #BigBotherWatch #Privacy #IT
"It’s time to expand encryption on Android and iPhone. With governments around the world engaging in constant attacks on user’s digital rights and access to the internet, removing glaring and potentially dangerous targets off of people’s backs when they use their mobile phones is more important than ever.
So far we have seen strides for at least keeping messages private on mobile devices with end-to-end encrypted apps like Signal, WhatsApp, and iMessage. Encryption on the web has been widely adopted. We even declared in 2021 that “HTTPS Is Actually Everywhere.” Most web traffic is encrypted and for a website to have a reputable presence with browsers, they have to meet certain requirements that major browsers enforce today. Mechanisms like certificate transparency, Cross-origin resource sharing (CORS) rules, and enforcing HTTPS help prevent malicious activity happening to users every day.
Yet, mobile has always been a different and ever expanding context. You access the internet on mobile devices through more than just the web browser. Mobile applications have more room to spawn network requests in the app without the user ever knowing where and when a request was sent. There is no “URL bar” to see the network request URL for the user to see and check. In some cases, apps have been known to “roll their own” cryptographic processes outside of non-standard encryption practices."
https://www.eff.org/deeplinks/2025/02/closing-gap-encryption-mobile
#CyberSecurity #Encryption #Mobile #Cellphones #VPNs #Privacy
So far we have seen strides for at least keeping messages private on mobile devices with end-to-end encrypted apps like Signal, WhatsApp, and iMessage. Encryption on the web has been widely adopted. We even declared in 2021 that “HTTPS Is Actually Everywhere.” Most web traffic is encrypted and for a website to have a reputable presence with browsers, they have to meet certain requirements that major browsers enforce today. Mechanisms like certificate transparency, Cross-origin resource sharing (CORS) rules, and enforcing HTTPS help prevent malicious activity happening to users every day.
Yet, mobile has always been a different and ever expanding context. You access the internet on mobile devices through more than just the web browser. Mobile applications have more room to spawn network requests in the app without the user ever knowing where and when a request was sent. There is no “URL bar” to see the network request URL for the user to see and check. In some cases, apps have been known to “roll their own” cryptographic processes outside of non-standard encryption practices."
https://www.eff.org/deeplinks/2025/02/closing-gap-encryption-mobile
#CyberSecurity #Encryption #Mobile #Cellphones #VPNs #Privacy
Closing the Gap in Encryption on Mobile
It’s time to expand encryption on Android and iPhone. With governments around the world engaging in constant attacks on user’s digital rights and access to the internet, removing glaring and potentially dangerous targets off of people’s backs when th…Electronic Frontier Foundation
Therapists of the fediverse: how do you communicate safely with clients or other professionals privacy-wise?
How do you organise this communication in a way so that no-one - including police - can steal it?
Are you using encrypted computers and #email or #messengers with #e2e #encryption? - If so, what messengers or method are you using?
Are you storing documents in a safe? If so, where and what brand?
What is feasible, what is practical?
#privacy #therapy #data_protection #encryption
How do you organise this communication in a way so that no-one - including police - can steal it?
Are you using encrypted computers and #email or #messengers with #e2e #encryption? - If so, what messengers or method are you using?
Are you storing documents in a safe? If so, where and what brand?
What is feasible, what is practical?
#privacy #therapy #data_protection #encryption
Hey folks, unless you’re using an end-to-end encrypted messaging system, your DMs are readable (given sufficient incentive).
Please read up on whether your messaging system is *end-to-end* encrypted, not just “encrypted”, and think about whether you trust the developers to write good code and not lie to you about how things work.
Mastodon DMs are *not* end-to-end encrypted! You should not write anything on Mastodon that you don’t want published in the open (given sufficient incentive).
Some systems *can* be end-to-end encrypted but are not by default. RCS, FB Messenger, and Instagram DMs fall into this category AFAICT. Some systems don’t even offer it, like Discord.
Please consider moving your private messages to a system that is private by design! I’m partial to Signal, but feel free to choose your own.
#privacy #encryption
Please read up on whether your messaging system is *end-to-end* encrypted, not just “encrypted”, and think about whether you trust the developers to write good code and not lie to you about how things work.
Mastodon DMs are *not* end-to-end encrypted! You should not write anything on Mastodon that you don’t want published in the open (given sufficient incentive).
Some systems *can* be end-to-end encrypted but are not by default. RCS, FB Messenger, and Instagram DMs fall into this category AFAICT. Some systems don’t even offer it, like Discord.
Please consider moving your private messages to a system that is private by design! I’m partial to Signal, but feel free to choose your own.
#privacy #encryption
Aus der Nextcloud-Doku unter Storage encryption: "The Nextcloud Server Side Encryption feature provides secure storage of data by encrypting each file with a unique file key before it is stored. File keys are encrypted, in turn, either by a server wide key (default for feature and performance reasons) or a per-user key."
Wie bekommt man die "per-user keys" aktiviert? Die Doku erklärt das nicht wirklich.
https://nextcloud.com/de/blog/encryption-in-nextcloud/
#nextcloud #encryption
Wie bekommt man die "per-user keys" aktiviert? Die Doku erklärt das nicht wirklich.
https://nextcloud.com/de/blog/encryption-in-nextcloud/
#nextcloud #encryption
Data encryption methods in Nextcloud - Nextcloud
Exploring different kinds of encryption in Nextcloud to aid system administrators and taking the appropriate security measures.Jos Poortvliet (Nextcloud)
Ich habe schon viele Backup-Lösungen ausprobiert, aber #Kopia bietet IMHO das beste Gesamtpaket. Dank der GUI ist es auch für Einsteiger (nach Eingewöhnung) leicht bedienbar. Falls ihr nach einer Backup-Lösung sucht: Unbedingt anschauen!
https://kopia.io/
#backup #linux #macos #windows #sicherheit #datenschutz #encryption
https://kopia.io/
#backup #linux #macos #windows #sicherheit #datenschutz #encryption
"Of course, this user never requested that my on-device experiences be "enriched" by phoning home to Cupertino. This choice was made by Apple, silently, without my consent.
From my own perspective, computing privacy is simple: if something happens entirely on my computer, then it's private, whereas if my computer sends data to the manufacturer of the computer, then it's not private, or at least not entirely private. Thus, the only way to guarantee computing privacy is to not send data off the device.
I don't understand most of the technical details of Apple's blog post. I have no way to personally evaluate the soundness of Apple's implementation of Enhanced Visual Search. One thing I do know, however, is that Apple computers are constantly full of privacy and security vulnerabilities, as proved by Apple's own security release notes. You don't even have to hypothesize lies, conspiracies, or malicious intentions on the part of Apple to be suspicious of their privacy claims. A software bug would be sufficient to make users vulnerable, and Apple can't guarantee that their software includes no bugs. (To the contrary, Apple's QA nowadays is atrocious.)
It ought to be up to the individual user to decide their own tolerance for the risk of privacy violations. In this specific case, I have no tolerance for risk, because I simply have no interest in the Enhanced Visual Search feature, even if it happened to work flawlessly. There's no benefit to outweigh the risk. By enabling the "feature" without asking, Apple disrespects users and their preferences. I never wanted my iPhone to phone home to Apple.
Remember this advertisement? "What happens on your iPhone, stays on your iPhone.""
https://lapcatsoftware.com/articles/2024/12/3.html
#Apple #ApplePhotos #Privacy #DataProtection #Encryption #iOS #iPhone
From my own perspective, computing privacy is simple: if something happens entirely on my computer, then it's private, whereas if my computer sends data to the manufacturer of the computer, then it's not private, or at least not entirely private. Thus, the only way to guarantee computing privacy is to not send data off the device.
I don't understand most of the technical details of Apple's blog post. I have no way to personally evaluate the soundness of Apple's implementation of Enhanced Visual Search. One thing I do know, however, is that Apple computers are constantly full of privacy and security vulnerabilities, as proved by Apple's own security release notes. You don't even have to hypothesize lies, conspiracies, or malicious intentions on the part of Apple to be suspicious of their privacy claims. A software bug would be sufficient to make users vulnerable, and Apple can't guarantee that their software includes no bugs. (To the contrary, Apple's QA nowadays is atrocious.)
It ought to be up to the individual user to decide their own tolerance for the risk of privacy violations. In this specific case, I have no tolerance for risk, because I simply have no interest in the Enhanced Visual Search feature, even if it happened to work flawlessly. There's no benefit to outweigh the risk. By enabling the "feature" without asking, Apple disrespects users and their preferences. I never wanted my iPhone to phone home to Apple.
Remember this advertisement? "What happens on your iPhone, stays on your iPhone.""
https://lapcatsoftware.com/articles/2024/12/3.html
#Apple #ApplePhotos #Privacy #DataProtection #Encryption #iOS #iPhone
Quantum computing poses a significant threat to data security! 🔒💻 As highlighted in a recent article, if we want our data to remain confidential, action is needed now. The potential for quantum computers to crack encryption affects everyone. Let's prioritize our digital safety! 🚀✨ #QuantumComputing #DataSecurity #Encryption #TechNews #newz Read more: https://www.techradar.com/pro/security/if-we-want-our-data-to-remain-confidential-we-have-to-act-now-quantum-computing-can-crack-all-our-encryption-and-that-is-everyones-problem
“If we want our data to remain confidential, we have to act now”: Quantum computing can crack all our encryption, and that is everyone’s problem
Quantum computing's ability to crack encryption will cause a world of issuesBenedict Collins (TechRadar pro)
They See Your Photos
https://theyseeyourphotos.com/
#TheySeeYourPhotos #cloud #surveillance #photos #media #ai #privacy #ente #enteio #e2e #e2ee #encryption
https://theyseeyourphotos.com/
#TheySeeYourPhotos #cloud #surveillance #photos #media #ai #privacy #ente #enteio #e2e #e2ee #encryption
"End-to-end encryption means that the information is scrambled in transit and only the sender and recipient can access it. Regular text messages (SMS messages) and voice calls are usually not encrypted, and can be intercepted in transit or stored on a carrier’s server for extended periods of time.
Email services such as Gmail and Outlook generally offer encryption in transit, which means they can be read on the companies’ servers and by the end users. Messages that are encrypted in transit can’t be nabbed from a telecom network in an accessible format, but they could be accessed through an email service provider or a law enforcement request to that company.
End-to-end encryption—the kind offered by services like WhatsApp and Signal—is considered the best bet for privacy, particularly when paired with the option to auto-delete messages after a set period of time, says Mullin."
https://www.inc.com/jennifer-conrad/why-you-should-start-using-encrypted-communications-today/91034632
#CyberSecurity #Privacy #Encryption #E2EEncryption #Signal
Email services such as Gmail and Outlook generally offer encryption in transit, which means they can be read on the companies’ servers and by the end users. Messages that are encrypted in transit can’t be nabbed from a telecom network in an accessible format, but they could be accessed through an email service provider or a law enforcement request to that company.
End-to-end encryption—the kind offered by services like WhatsApp and Signal—is considered the best bet for privacy, particularly when paired with the option to auto-delete messages after a set period of time, says Mullin."
https://www.inc.com/jennifer-conrad/why-you-should-start-using-encrypted-communications-today/91034632
#CyberSecurity #Privacy #Encryption #E2EEncryption #Signal
European Court of Human Rights Confirms: Weakening #Encryption Violates Fundamental Rights - https://www.eff.org/deeplinks/2024/03/european-court-human-rights-confirms-undermining-encryption-violates-fundamental #privacidad #privacy
European Court of Human Rights Confirms: Weakening Encryption Violates Fundamental Rights
In a milestone judgment—Podchasov v. Russia—the European Court of Human Rights (ECtHR) has ruled that weakening of encryption can lead to general and indiscriminate surveillance of the communications of all users and violates the human right to priva…Electronic Frontier Foundation
My message for #GlobalEncryptionDay... for every entity interested in #surveillance:
I will resist and it's my human right.
Encryption is not for bad actors only, it protects innocent people every day.
We are not criminals.
#privacy #encryption
I will resist and it's my human right.
Encryption is not for bad actors only, it protects innocent people every day.
We are not criminals.
#privacy #encryption
