Ian Brown 👨🏻💻<p>The vast majority do (usual handwaving figure stat given is ~95%) <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23CyberCrime" target="_blank">#CyberCrime</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23CyberCyber" target="_blank">#CyberCyber</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23IGF2025" target="_blank">#IGF2025</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23EncroChat" target="_blank">#EncroChat</a><span class="quote-inline"><br><br>RE: <a href="https://bsky.app/profile/did:plc:ojkmbrahjgcjqvb7l3pcesov/post/3lsgl3slz622j" rel="nofollow noopener" target="_blank">https://bsky.app/profile/did:plc:ojkmbrahjgcjqvb7l3pcesov/post/3lsgl3slz622j</a></span></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
223active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#encrochat
0 posts · 0 participants · 0 posts today
Ian Brown 👨🏻💻<p>🌶️ <a href="https://eupolicy.social/tags/CPDP2025" class="mention hashtag" rel="tag">#<span>CPDP2025</span></a> <a href="https://eupolicy.social/tags/SkyECC" class="mention hashtag" rel="tag">#<span>SkyECC</span></a> <a href="https://eupolicy.social/tags/EncroChat" class="mention hashtag" rel="tag">#<span>EncroChat</span></a> <a href="https://eupolicy.social/tags/BigBrotherWatchVsUK" class="mention hashtag" rel="tag">#<span>BigBrotherWatchVsUK</span></a> <a href="https://eupolicy.social/tags/encryption" class="mention hashtag" rel="tag">#<span>encryption</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://eupolicy.social/@eu_os" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>eu_os</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@fedora" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fedora</span></a></span> <span class="h-card" translate="no"><a href="https://floss.social/@kde" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kde</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@almalinux" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>almalinux</span></a></span> <span class="h-card" translate="no"><a href="https://social.bund.de/@zendis" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zendis</span></a></span> <span class="h-card" translate="no"><a href="https://ec.social-network.europa.eu/@EC_OSPO" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>EC_OSPO</span></a></span> the same <a href="https://infosec.space/tags/France" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>France</span></a> that illegally phished data from <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> users in a means to allow <a href="https://infosec.space/tags/dutch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dutch</span></a> police to bypass a <a href="https://infosec.space/tags/Dutch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dutch</span></a> court decision that banned them from doing so?</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> It's not <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disinfo</span></a> when one points out that you demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> aka. <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> from Users and that is literally a architectural vulnerability, alongside your <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a> & <a href="https://infosec.space/tags/Centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Centralized</span></a> <a href="https://infosec.space/tags/Infrastructure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infrastructure</span></a>.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> being a <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> <a href="https://infosec.space/tags/Solution" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Solution</span></a> is literally the reason why I consider it <a href="https://infosec.space/tags/insecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>insecure</span></a>.</li></ul><p>Not to mention the lack of <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> support with an <a href="https://infosec.space/tags/OnionService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OnionService</span></a> or the willingness to fulfill <a href="https://infosec.space/tags/cyberfacist" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberfacist</span></a> <em>"Embargoes"</em> or shilling a <a href="https://infosec.space/tags/Shitcoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitcoin</span></a> <a href="https://infosec.space/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a> named <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileCoin</span></a>!</p><ul><li><a href="https://infosec.space/tags/KYC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KYC</span></a> <em>is</em> the illicit activity!!!</li></ul><p>And don't get me started on the <a href="https://infosec.space/tags/cyberfacism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberfacism</span></a> that is <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a>.</p><ul><li>If you were secure, criminals would've used your platform so hard, it would've been shutdown like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> and <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a>.</li></ul><p>I may nit have allvthe.evidence yet, but <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> stenches like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a>: <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a>-esque!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> I disagree because your platform is <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>proprietary</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a>, <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> and doesn't allow for <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a>, <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the Keys and you demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> in the form of a <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a> which can be used.to track users down!</p><ul><li>If <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> was as secure as claimed, it would've been shut down like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a>, <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a> & others...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@dalias" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dalias</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span><br><span class="h-card" translate="no"><a href="https://troet.cafe/@pixelschubsi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>pixelschubsi</span></a></span> </p><p>Also the <a href="https://hachyderm.io/@dalias/113999748481227961" rel="nofollow noopener" target="_blank">blatant dismissal</a> of absolitely basic <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> is just flabberghasting.</p><ul><li>It's inherently wrong to <em>put all eggs in one basket</em> and <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> being not shut down like <a href="https://infosec.space/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a> & <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> makes it just as sus as <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> / <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationIronside</span></a> / <a href="https://infosec.space/tags/OperatioTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperatioTrøjanShield</span></a> and <a href="https://infosec.space/tags/CryptoAG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CryptoAG</span></a> / <a href="https://infosec.space/tags/MINERVA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MINERVA</span></a> / <a href="https://infosec.space/tags/RUBIKON" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RUBIKON</span></a>.</li></ul><p>Only <a href="https://infosec.space/tags/decentralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralized</span></a>, <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> & <a href="https://infosec.space/tags/OpenStandards" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenStandards</span></a> can actuall survive long-term and remain <a href="https://infosec.space/tags/secure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>secure</span></a>.</p><ul><li>Otherwise we'd all gaslight ourselves into ignoring the hard lessions we learned that bought us to the <a href="https://infosec.space/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a> and why we ain't on <a href="https://infosec.space/tags/Shitter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shitter</span></a> or <a href="https://infosec.space/tags/tumblr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tumblr</span></a> or <a href="https://infosec.space/tags/BrownSky" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BrownSky</span></a> or <a href="https://infosec.space/tags/NSAbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NSAbook</span></a> (any more)!</li></ul><p>It's the same reasons we use <a href="https://infosec.space/tags/PGPG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGPG</span></a>/MIME & <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSH</span></a> and not <a href="https://infosec.space/tags/X400" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>X400</span></a> & <a href="https://infosec.space/tags/X25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>X25</span></a>!</p><ul><li>Unlike with <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> one doesn't has to trust the provider or app. <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> works regardless if you use <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> or <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> or do <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> and only trust code you wrote yourself...</li></ul><p>IOW: Think <em>"How can you weaponize Signal?"</em> and see what you csn do <em>just holding key people in contempt</em>...</p><ul><li>And I'm not even talkibg about <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> - <a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Backdoors</span></a> and <a href="https://infosec.space/tags/MassSurveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MassSurveillance</span></a> alike <a href="https://infosec.space/tags/Room651A" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Room651A</span></a>, but just <em>duely submitted warrants</em> that <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> <em>will comply with</em>... </li></ul><p>The less <a href="https://infosec.space/tags/info" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>info</span></a> a provider has, the less they can be forced to snitch upon customers.</p><ul><li>So even if you don't give a shit that <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> makes this a <em>"<a href="https://infosec.space/tags/CantUse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CantUse</span></a> & <a href="https://infosec.space/tags/WintUse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WintUse</span></a>"</em> (out of US-centrist privilegue to not comply <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> & <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BDSG</span></a>) for many, it's still dishonest.</li></ul><p><em>"<a href="https://infosec.space/tags/JustUseSgnal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JustUseSgnal</span></a>!"</em> is a form of <em>dangerous "<a href="https://infosec.space/tags/TechPopulism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechPopulism</span></a>"</em> aimed at bamboozling <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> <em>who don't know better</em>, abusing information asymetry to <em>pull rank</em> instead of investing the time and effort to *explain "how" and "why" this is indeed a good or bad idea.</p><ul><li>There's a reason why <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails</span></a></span> / <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tails</span></a> doesn't include <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> and why I'll say it again that XMPP+OMEMO over <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>torproject</span></a></span> / <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tor</span></a> is the gold standard in terms of <a href="https://infosec.space/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> and <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> when it comes to <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> that isn't <a href="https://infosec.space/tags/airgapped" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgapped</span></a> aka. <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank"><em>"Airgapped PGP"</em></a>.</li></ul><p>The only ones that have a chance to beat that are <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> but that's just <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME <a href="https://infosec.space/tags/eMail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>eMail</span></a> in a nice UI...</p><ul><li>You may now laugh at me and think my <em>"<a href="https://infosec.space/tags/TinfoilHat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TinfoilHat</span></a> sits too tight"</em> but I'm shure sooner or later I'll be evidenced as <em>correct</em>...</li></ul>
Matthias Monroy<p>Der BGH hat entschieden, dass Daten des vom FBI gefakten Kryptodienstes <a href="https://systemli.social/tags/Anom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Anom</span></a> gerichtlich verwertet werden dürfen:<br><a href="https://www.bundesgerichtshof.de/SharedDocs/Pressemitteilungen/DE/2025/2025002.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bundesgerichtshof.de/SharedDoc</span><span class="invisible">s/Pressemitteilungen/DE/2025/2025002.html</span></a></p><p>Für <a href="https://systemli.social/tags/Encrochat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encrochat</span></a> hat das Berliner Kammergericht jetzt das Gegenteil geurteilt:<br><a href="https://taz.de/Verschluesselte-Chats-und-Strafverfolgung/!6060800" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">taz.de/Verschluesselte-Chats-u</span><span class="invisible">nd-Strafverfolgung/!6060800</span></a></p>
Detlef Borchers<p>Überraschung zum Wochenende: Berliner Richterin entschied, das die verschlüsselten Chats bei der EncroChat-Aktion nicht als Beweismittel gelten dürfen. Freispruch für den Angeklagten, satte Niederlage für das BKA.</p><p><a href="https://taz.de/Verschluesselte-Chats-und-Strafverfolgung/!6060800" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">taz.de/Verschluesselte-Chats-u</span><span class="invisible">nd-Strafverfolgung/!6060800</span></a></p><p><a href="https://social.heise.de/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a></p>
Rigo Wenning<p><span class="h-card" translate="no"><a href="https://social.bau-ha.us/@CCC" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>CCC</span></a></span> Das wird dem Wüst aber nix nützen, denn sie können nix anfangen, mit den Daten. Der einzige Grund für den Irrsinn ist, dass die Polizei zu langsam ist. Das ist sie, weil sie im Verfahrensirrsinn gefangen ist. (zertifiziert in 3facher Ausfertigung). </p><p>Anstatt positive Lehren aus <a href="https://mamot.fr/tags/Encrochat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encrochat</span></a> zu ziehen, kommen die Herren Ahnungslos mit der Überwachungsgiesskanne, die ihnen von irgendwelchen Appartschiks eingeflüstert werden. </p><p>Das Risiko für Demokratie wird erhöht ohne wirklichen Gegenwert.</p>
tagesschau<p>Trotz großem Ermittlungserfolg floriert der Drogenhandel in Europa</p><p>Der Hack des Kryptohandy-Anbieters EncroChat vor vier Jahren galt als großer Schlag gegen die organisierte Kriminalität - vor allem gegen den Drogenhandel. Doch es gibt Zweifel an der Nachhaltigkeit des Ermittlungserfolgs. Von M. Seekamp.</p><p>➡️ <a href="https://www.tagesschau.de/investigativ/encrochat-ermittlungen-drogenhandel-100.html?at_medium=mastodon&at_campaign=tagesschau.de" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tagesschau.de/investigativ/enc</span><span class="invisible">rochat-ermittlungen-drogenhandel-100.html?at_medium=mastodon&at_campaign=tagesschau.de</span></a></p><p><a href="https://ard.social/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> <a href="https://ard.social/tags/Drogenhandel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Drogenhandel</span></a> <a href="https://ard.social/tags/OrganisierteKriminalit%C3%A4t" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OrganisierteKriminalität</span></a></p>
Prof. Dr. Dennis-Kenji Kipker<p>Zwar endlich eine Entscheidung vom <a href="https://chaos.social/tags/Bundesverfassungsgericht" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bundesverfassungsgericht</span></a> in Sachen <a href="https://chaos.social/tags/Encrochat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encrochat</span></a>, aber leider nicht im Sinne digitaler <a href="https://chaos.social/tags/B%C3%BCrgerrechte" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bürgerrechte</span></a>. Juristisch sind die getätigten Ausführungen zur <a href="https://chaos.social/tags/Datenverwertbarkeit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenverwertbarkeit</span></a> zwar nachvollziehbar, aber die mindestens genauso relevanten Fragen von <a href="https://chaos.social/tags/Datenauthentizit%C3%A4t" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenauthentizität</span></a> und <a href="https://chaos.social/tags/Datenintegrit%C3%A4t" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenintegrität</span></a> ermittlungsrelevanter Datensätze aus dem Ausland und der zukünftige Umgang mit derlei sich häufenden Verfahren wurden nicht wirklich thematisiert:<br><a href="https://www.bundesverfassungsgericht.de/SharedDocs/Pressemitteilungen/DE/2024/bvg24-104.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bundesverfassungsgericht.de/Sh</span><span class="invisible">aredDocs/Pressemitteilungen/DE/2024/bvg24-104.html</span></a></p>
me·ta·phil, der<p>Guten Morgen, <br>bevor ihr gleich – wie ich – senkrecht im Bett sitzt:</p><p>Nein, <a href="https://chaos.social/tags/Europol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Europol</span></a> hat nicht „den von 8.800 Kriminellen genutzten Chat-Dienst“ <span class="h-card" translate="no"><a href="https://mastodon.matrix.org/@matrix" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>matrix</span></a></span> abgeschaltet.</p><p>Ihr könnt liegenbleiben, denn es geht wohl weder um das dezentr. föd. Netzwerk an sich noch um dessen Krypto, Protokoll oder die Server der Foundation.</p><p>(War das der nächste <a href="https://chaos.social/tags/Encrochat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encrochat</span></a>-Honeypot? Die Takedown Notice sieht auf jeden Fall trashig genug aus.)</p><p><a href="https://matrix.org/blog/2024/12/unrelated-cybercriminal-network-taken-down/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">matrix.org/blog/2024/12/unrela</span><span class="invisible">ted-cybercriminal-network-taken-down/</span></a></p><p><a href="https://www.deutschlandfunk.de/chat-dienst-von-kriminellen-abgeschaltet-festnahmen-in-spanien-und-frankreich-108.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">deutschlandfunk.de/chat-dienst</span><span class="invisible">-von-kriminellen-abgeschaltet-festnahmen-in-spanien-und-frankreich-108.html</span></a></p><p><a href="https://chaos.social/tags/OperationPassionflower" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationPassionflower</span></a></p>
Matthias Monroy<p>War es wieder der Geheimdienst der Gendarmerie?<br>Nach <a href="https://systemli.social/tags/SkyECC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SkyECC</span></a> und <a href="https://systemli.social/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> haben Frankreich und Niederlande mit <a href="https://systemli.social/tags/Matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Matrix</span></a> wieder verschlüsselten Messenger gehackt, bieten abgehörtes Material europaweit für Ermittlungen an: <br><a href="https://www.europol.europa.eu/media-press/newsroom/news/international-operation-takes-down-another-encrypted-messaging-service-used-criminals" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">europol.europa.eu/media-press/</span><span class="invisible">newsroom/news/international-operation-takes-down-another-encrypted-messaging-service-used-criminals</span></a> <br><a href="https://systemli.social/tags/Exclu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Exclu</span></a> <a href="https://systemli.social/tags/Ghost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ghost</span></a> <br>(Edit: Weil es Missverständnisse gab: es geht nicht um das föderierte Matrix-Protokoll das staatlich gehackt wurde, sondern ein gleichnamiger Crypto-Messenger.)</p>
tagesschau<p>Bundesverfassungsgericht erklärt EncroChat-Datennutzung für zulässig</p><p>Bereits vor zwei Jahren hatte der Bundesgerichthof entschieden: EncroChat-Daten dürfen in deutschen Strafprozessen genutzt werden. Jetzt hat auch das Bundesverfassungsgericht eine Verfassungsbeschwerde dagegen abgewiesen. Von Max Bauer.</p><p>➡️ <a href="https://www.tagesschau.de/inland/bundesverfassungsgericht-encrochat-daten-100.html?at_medium=mastodon&at_campaign=tagesschau.de" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">tagesschau.de/inland/bundesver</span><span class="invisible">fassungsgericht-encrochat-daten-100.html?at_medium=mastodon&at_campaign=tagesschau.de</span></a></p><p><a href="https://ard.social/tags/Bundesverfassungsgericht" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Bundesverfassungsgericht</span></a> <a href="https://ard.social/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a></p>
Kevin Karhan :verified:<p>You use XMPP+OMEMO because you think it's neat.</p><p>I use XMPP+OMEMO because all centralized, single-vendor and/or single-provider messengers are inherently garbage, collect PII like <a href="https://infosec.space/@kkarhan/111968251463697943" rel="nofollow noopener" target="_blank">phone numbers</a> for no <em>"legitimate reason"</em> and don't offer proper End-to-End - Encryption with self-custody of all the keys, making them either honeypots or prime targets for warrants.</p><ul><li><em>We are not the same!</em></li></ul><p><a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a> <a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a> <a href="https://infosec.space/tags/WeAreNotTheSame" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WeAreNotTheSame</span></a> <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> <a href="https://infosec.space/tags/Centralization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Centralization</span></a> <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> <a href="https://infosec.space/tags/Encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encryption</span></a> <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> <a href="https://infosec.space/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> <a href="https://infosec.space/tags/Warrant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Warrant</span></a> <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telegram</span></a> <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationIronside</span></a> <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationTrøjanShield</span></a> <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a> <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a> <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> <a href="https://infosec.space/tags/PhoneNumber" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumber</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://freiburg.social/@ditol" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ditol</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@samueljohn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>samueljohn</span></a></span> <span class="h-card" translate="no"><a href="https://23.social/@linuzifer" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>linuzifer</span></a></span> </p><p><em>THIS</em> is where I disagree...</p><p>You may think it's elitist, but if people are too lazy to learn even fundamentals like how to use <a href="https://infosec.space/tags/Tails" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tails</span></a> then maybe they should just not do <a href="https://infosec.space/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> at all?</p><ul><li>Like: We expect people to show at the every least theoretical proficiency in terms of <a href="https://infosec.space/tags/TrafficCode" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrafficCode</span></a> and <a href="https://infosec.space/tags/VehicleSafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VehicleSafety</span></a> in +every juristiction I'm aware of* and literally mandated <a href="https://infosec.space/tags/DrivingLicense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DrivingLicense</span></a>|s for that reason.</li></ul><p>I'll gladly teach <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechIlliterates</span></a> but I won't waste my time on <a href="https://infosec.space/@kkarhan/113344834546549105" rel="nofollow noopener" target="_blank">people that spread disinfo</a>...</p><p>It's 2024: <span class="h-card" translate="no"><a href="https://venera.social/profile/tails_live" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails_live</span></a></span> / <span class="h-card" translate="no"><a href="https://fosstodon.org/@tails" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tails</span></a></span> has been out for over a decade and there are a shitload of guides ranging from written documentation to Zoomer-friendly TikTok-Style shorts on how to get started.</p><ul><li><p>I don't expect people to do <a href="https://infosec.space/tags/airgapped" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgapped</span></a> <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank">pffline-PGP</a> but with <span class="h-card" translate="no"><a href="https://mastodon.online/@thunderbird" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>thunderbird</span></a></span> including <a href="https://infosec.space/tags/Enigmail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enigmail</span></a> and not requiring any external dependencies like the god-awful <a href="https://infosec.space/tags/GPG4Win" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPG4Win</span></a> stuff's easier than ever.</p></li><li><p>Same with <a href="https://infosec.space/tags/mobile" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mobile</span></a>: <a href="https://infosec.space/tags/Appls" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Appls</span></a> like <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/monoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monoclesChat</span></a> are so easy, I've been able to onboard literal tech-illiterates remotely with few steps and <a href="https://docs.monocles.eu/apps/chat.app/" rel="nofollow noopener" target="_blank">simple instructions</a>. </p></li></ul><p>FOR THE LAST TIME: </p><p>*STOP MAKING EXCUSES TO JUSTIFY ESCALATING COMMITMENT TO EVIDENTLY BAD SOLUTIONS!"</p><ul><li>Cuz <a href="https://web.archive.org/web/20240000000000*/https://twitter.com/thegrugq/status/1085614812581715968" rel="nofollow noopener" target="_blank">when push comes to shove</a> <span class="h-card" translate="no"><a href="https://mastodon.world/@Mer__edith" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mer__edith</span></a></span> herself would introduce a <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Govware</span></a> <a href="https://infosec.space/tags/backdoor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backdoor</span></a> into <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> when faced with indefinite jailtime...</li></ul><p>Whereas with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of all the keys as well as <a href="https://infosec.space/tags/ReproduceableBuilds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReproduceableBuilds</span></a> and <em>real</em> <a href="https://infosec.space/tags/decentralization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralization</span></a>, this would be evidently impossible even if all the devs wanted to comply honestly and not just because they could be held at gunpoint.</p><ul><li><a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> is not your friend. It's merely a tax-exempt <em>"non-profit"</em> corporation, and corporations are explicitly nobodys friend - espechally when they demand <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/@kkarhan/111968251463697943" rel="nofollow noopener" target="_blank">phone numbers</a> for useage.</li></ul><p>Compare that to <a href="https://infosec.space/tags/monocles" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monocles</span></a> where you do pay like €2 p.m. but in return get <a href="https://infosec.space/tags/standard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>standard</span></a> <a href="https://infosec.space/tags/protocols" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>protocols</span></a> like <a href="https://infosec.space/tags/IMAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IMAP</span></a>, <a href="https://infosec.space/tags/SMTP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMTP</span></a> & <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a> and <a href="https://monocles.eu/more/#payment-section" rel="nofollow noopener" target="_blank">can pay anonymously</a> and not have to provide any PII whatsoever!</p><ul><li>And unlike <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> they ain't dependent on <a href="https://infosec.space/tags/VC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VC</span></a> funding and <a href="https://infosec.space/tags/grant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grant</span></a> money to keep the lights on.</li></ul><p>Make of that what you will, but just like allowing flatearthers to roam freely without caretaker supervision doesn't make the world less round, so won't the facts change about <a href="https://infosec.space/tags/ITsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ITsec</span></a>, <a href="https://infosec.space/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a>, <a href="https://infosec.space/tags/OpSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpSec</span></a> & <a href="https://infosec.space/tags/ComSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComSec</span></a>. </p><ul><li>The only reason Signal is still online and not <a href="https://infosec.space/tags/pwned" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pwned</span></a> like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> is because it's either a Sting op like <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> aka. <a href="https://infosec.space/tags/OperationIronside" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationIronside</span></a> aka. <a href="https://infosec.space/tags/OperationTr%C3%B8janShield" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OperationTrøjanShield</span></a> or they have already backdoored their <a href="https://infosec.space/tags/backend" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backend</span></a> so hard that all their <a href="https://infosec.space/tags/marketing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>marketing</span></a> is just <a href="https://infosec.space/tags/lies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lies</span></a> like <a href="https://infosec.space/tags/Apple" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Apple</span></a>...<br></li></ul><p>Because all <a href="https://infosec.space/tags/centralized" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>centralized</span></a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleVendor</span></a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SingleProvider</span></a> solutions are bad, and if they don't even allow for <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> then they are just a <a href="https://infosec.space/tags/grift" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grift</span></a> to <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> tech-illiterates that don't know and/or don't care! </p><p><a href="https://infosec.space/tags/thxbye" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>thxbye</span></a> <a href="https://infosec.space/tags/EOD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EOD</span></a></p>
Matt Potter<p>This goes back to the Trojan Horse & its warning. </p><p>Yes, making a horse that soldiers can hide in and then spring out of is ingenious.</p><p>But it’s useless unless you can make your enemy accept the thing you’ve primed. Coordinated & wholesale.</p><p>And orgs should know better.</p><p>See also: cops using EncroChat to catch whole drug dealing and organised crime networks.</p><p>I mean come on people. <br><a href="https://c.im/tags/Encrochat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Encrochat</span></a> <a href="https://c.im/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> </p><p><a href="https://www.newyorker.com/magazine/2023/04/24/crooks-mistaken-bet-on-encrypted-phones" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">newyorker.com/magazine/2023/04</span><span class="invisible">/24/crooks-mistaken-bet-on-encrypted-phones</span></a></p>
Alec Muffett<p>What if L’affaire {Durov, Telegram} is actually hiding a nation state turf war over mass surveillance?<br><a href="https://alecmuffett.com/article/110327" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">alecmuffett.com/article/110327</span><span class="invisible"></span></a><br><a href="https://mastodon.social/tags/FridayFun" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FridayFun</span></a> <a href="https://mastodon.social/tags/PavelDurov" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PavelDurov</span></a> <a href="https://mastodon.social/tags/encrochat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encrochat</span></a> <a href="https://mastodon.social/tags/france" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>france</span></a> <a href="https://mastodon.social/tags/surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>surveillance</span></a> <a href="https://mastodon.social/tags/telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>telegram</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://grapheneos.social/@GrapheneOS" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GrapheneOS</span></a></span> It doesn't change the fact that <a href="https://infosec.space/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> requires <a href="https://infosec.space/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>transparency</span></a> and thus full access & reproduceability from source.</p><p>To give you a good example, <em>source-available</em> <a href="https://infosec.space/tags/Tarsnap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tarsnap</span></a> demonstrates that stuff is truly securely encrypted by enabling <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> of keys <em>and</em> thus show they can't decrypt anything!</p><ul><li>You may call me paranoid, but having <em>'massive trust issues'</em> saved not only my own life more often than I'd be able to disclose so you may see this as a 'survivorship bias', but we'll only see <a href="https://infosec.space/tags/MassSurveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MassSurveillance</span></a> becoming impossible when people ain't just <em>users</em> of some big-ass platform that can be easily targeted once it becomes <em>inconvenient</em> for it's host nation, but actually push for <a href="https://infosec.space/tags/decentralization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>decentralization</span></a> and <a href="https://infosec.space/tags/TechLiteracy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechLiteracy</span></a>.</li></ul><p><em>"Just use A, B, C & D, E, F"</em> is the real threat as it sugfests people a <a href="https://grapheneos.social/@GrapheneOS/113047066349052609" rel="nofollow noopener" target="_blank">false sense if security</a>.</p><ul><li>Just like a dresh <a href="https://infosec.space/tags/TechInspection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechInspection</span></a> doesn't prevent one to hose an engine due to lack of oil!</li></ul><p>Collecting any <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> <a href="https://grapheneos.social/@GrapheneOS/113047045993549018" rel="nofollow noopener" target="_blank"><em>IS the illicit activity</em></a> NO MATTER the excuse...</p><ul><li>You may <a href="https://grapheneos.social/@GrapheneOS/113047083361853248" rel="nofollow noopener" target="_blank">choose ignorance</a> but like with <a href="https://infosec.space/tags/LavaBit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LavaBit</span></a>, <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> & <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> I tend to turn out to be right all along.</li></ul><p>Sooner or later the <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittification</span></a> of <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> will reach a point where you'd rethink and consider apologizing...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://grapheneos.social/@GrapheneOS" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GrapheneOS</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.world/@signalapp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>signalapp</span></a></span> I didn't say all of them have it...</p><p>Re: <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> I'd not consider it <a href="https://infosec.space/tags/disinfo" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>disinfo</span></a> as we've seen more elaborate Setups like <a href="https://infosec.space/tags/EncroChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EncroChat</span></a> & <a href="https://infosec.space/tags/AN%C3%98M" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ANØM</span></a> fall.</p><ul><li><p>Given the fact that one cannot <a href="https://infosec.space/tags/SelfHost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHost</span></a> <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a>'s backend, they shilled the <a href="https://infosec.space/tags/MobileCoin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileCoin</span></a> <a href="https://infosec.space/tags/scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>scam</span></a> and use <a href="https://infosec.space/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PII</span></a> like <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> to enforce <em>'selective availability'</em> as well being incorporated in the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a> all rubs be unpleasantly...</p></li><li><p><em>"The" correct way</em> to do things (sarcasm OFC!) is to do <a href="https://infosec.space/tags/OfflinePGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OfflinePGP</span></a> but we can all agree <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener" target="_blank">it's not practical</a>...</p></li></ul><p>I remember when <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Signal</span></a> did a good <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a> Messenger (<a href="https://infosec.space/tags/TextSecure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TextSecure</span></a>) and that had a reason to use <a href="https://infosec.space/tags/PhoneNumbers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PhoneNumbers</span></a> as it merely encrypted <a href="https://infosec.space/tags/SMS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SMS</span></a>, but that OFC has other issues.</p><ul><li>In terms if <em>"proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>E2EE</span></a>"</em> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfCustody</span></a> if <a href="https://infosec.space/tags/keys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keys</span></a>, <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> does fit even the stingest criteria - including <a href="https://infosec.space/tags/encrypted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>encrypted</span></a> <a href="https://infosec.space/tags/GroupChats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GroupChats</span></a>!</li></ul>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload