@debacle@sturmsucht@urbanprivacy@xmpp Schon mal #deltachat in Betracht gezogen? Bietet ähnlichen Funktionsumfang wie #Whatsapp#Signal#SignalApp und nutzt dafür aber Standard Internet Protokolle (Email Standards) für #E2EE über sog. chat relays. Diese speichern nur kurzfristig die (immer verschlüsselten) Nachrichten. #deltachat läuft nicht nur auf #Android oder #iOS sondern auch unter #linux#macos#ubuntutouch oder wer unbedingt will auch #windoof Man kann es gleichzeitig auf mehreren Geräten nutzen. Außerdem unterstützt es mehrere Profile.
#Google acaba de llamar #E2EE a un recién estrenado método de cifrado en #GMail que de hecho es la muestra más evidente de lo que podrían querer quienes apoyan #ChatControl. Las claves de cifrado quedan en mano de los administradores, y quien tenga acceso a ellas puede husmear en las comunicaciones de cualquiera bajo su paraguas. Venden su gestor de contraseñas igual.
Si las llaves de tu coche las custodia otro, no es tu coche. Con las claves de cifrado sucede lo mismo.
E2EE means that only a sender & recipient can encrypt & decrypt an email message. However, in E2EE Gmail, the actual encryption & decryption process occurs on end-user devices, so admins with keys could snoop any time.
**Are new Google E2EE emails really end-to-end encrypted? Kinda, but not really.**
> Yes, encryption/decryption occurs on end-user devices, but there's a catch.
> E2EE means that only the sender and the recipient have the means necessary to encrypt and decrypt the message. That’s not the case here, since the people inside Bob’s organization who deployed and manage the KACL have true custody of the key.
> Admins with full access can snoop on the communications at any time.
I said it before on Mastodon. I'm reposting this again. Comparing #DeltaChat and #Matrix together, if you want hassle free and consistent messenger for private #E2EE chats, don't go for Matrix. DeltaChat is way better.
However, if you want something like a public forum, or a public chatroom, don't go for DeltaChat. Matrix is way better suited for that. And DeltaChat does not support public groups at all. In DeltaChat groups, there is no admin or moderator and everyone have got permission to remove or add the others.
I think I have to write a longer post on my personal blog about these two, comparing them together.
PS: Another Matrix encryption bug few minutes ago triggered repost of this.
The European Commission announced on Tues its intention to join the ongoing debate about lawful access to data & end-to-end encryption while unveiling a new internal #security strategy
#ProtectEU , as the strategy has been named, describes the general areas that the bloc’s executive would like to address … although …does not offer any detailed policy proposals #e2ee
Ei jumalauta. #ChatControl tapettiin taas kerran mutta #EU ei lopeta #E2EE salauksen estämisen yrittämistä. Ny ne sanoo että tää on kansallisen turvallisuuden vuoksi ja Venäjältä suojautumiseen. Voi vittu mitä paskaa. #ProtectEU
@bontchev From the "on ProtectEU: a European Internal Security Strategy" document:
"[...] a framework for access to data which responds to the needs to enforce our laws and protect our values is essential. At the same time, ensuring digital systems remain secure from unauthorised access is equally vital to preserve cybersecurity and protect against emerging security threats. Such access frameworks must also respect fundamental rights, ensuring inter alia that privacy and personal data are adequately protected."
and
"the preparation of a Technology Roadmap on encryption, to identify and assess technological solutions that would enable law enforcement authorities to access encrypted data in a lawful manner, safeguarding cybersecurity and fundamental rights."
--> this roadmap should be published in the first half of 2025.
We would like to endorse what @kuketzblog writes about the inclusion of an “AI assistant” into an instant messenger that is still widely used:
It is unfortunate that many journalists do not realise how dangerous the new AI in WhatsApp really is. Der Spiegel, for example, writes in a recent article: “Meta AI does not have access to users' private chats, however, thanks to end-to-end encryption.” As a matter of fact, the AI does have access as it is used in the context of private chats or group chats. Sadly, this misinformation lulls users into a false sense of security.
»Gmail Gets End-To-End Encryption From Google As 21'st Birthday Present: […] Google Claims To Have Invented An Entirely New Type Of Encryption For Gmail Users […]«
This is not an April joke and yes Google offers OpenPGP for Gmail Accounts. This is not difficult to set up but too many people are too lazy in my opinion.
