Намери подобно съдържание

Elon Musk has confirmed that #Twitter 2.0 - The Everything App - will bring end-to-end #encryption (E2EE) for direct messages and long-form tweets to the platform. Read: https://thehackernews.com/2022/11/elon-musk-confirms-twitter-20-will.html

⚡️Du Rove's Channel: France's Encryption Debate Continues #encryption#freedom#privacy Last month, France's Senate passed a law for mandatory messaging app backdoors for police, but it was rejected by the National Assembly, preserving citizens' privacy. Despite rejection, the debate reignites as the Paris Police Prefect supports the law. Du Rove's Channel highlights the importance of encryption for protecting ordinary people's privacy and the ongoing need to defend digital freedoms. Source: link @tonlines

SimpleX Chat: private and secure cross platform messenger without any user IDs (not even random) :~ E2E-encrypted messages with markdown and editing :~ E2E-encrypted images and files :~ Decentralized secret groups — only users know they exist :~ E2E-encrypted voice messages :~ Disappearing messages :~ E2E-encrypted audio and video calls :~ Portable encrypted database — move your profile to another device :~Incognito mode — unique to SimpleX Chat Website : https://simplex.chat/ SimpleX Chat (SimpleX Chat - e2e encrypted messenger without any user IDs - private by design!) https://f-droid.org/packages/chat.simplex.app/ Quick start – https://simplex.chat/docs/guide/readme.html #SimpleXchat#security#privacy#encryption#E2EE #FLOSS

KryptEY - Secure E2EE communication An Android keyboard for secure end-to-end-encrypted messages through the Signal protocol in any messenger. Communicate securely and independent, regardless of the legal situation or whether messengers use E2EE. No server needed. https://github.com/amnesica/KryptEY F-Droid https://f-droid.org/packages/com.amnesica.kryptey/ IzzyOnDroid https://android.izzysoft.de/repo/apk/com.amnesica.kryptey Reminder : new apps available in F-Droid app may not emmediatly show on the F-Droid web site ( ie when you share the link app it returns a 404 error ) some extra time is needed for both to be available https://gitlab.com/fdroid/wiki/-/wikis/FAQ#how-long-does-it-take-for-my-app-to-show-up-on-website-and-client #encryption#keyboard#E2EE #messenger#security#Signal

#c_lang#cryptography#decryption#encryption#openssl#ssl#tls OpenSSL is a free, open-source toolkit that helps secure data by using strong encryption methods like TLS, SSL, and QUIC protocols. It includes libraries for cryptography and a command-line tool to create keys, certificates, encrypt data, and test security. OpenSSL is widely trusted and used by many software and websites to protect sensitive information during transmission, ensuring privacy and data integrity. It works on many operating systems and is regularly updated by a global community. Using OpenSSL helps you build secure applications and protect communications from cyber threats easily and reliably[1][3][5]. https://github.com/openssl/openssl

🚀 Telegram CEO Criticizes WhatsApp's Encryption Practices Telegram CEO Pavel Durov has criticized WhatsApp's end-to-end encryption, labeling it as a 'massive consumer fraud.' According to ChainCatcher, Durov highlighted that approximately 95% of private messages are stored in unencrypted backups on Apple and Google servers. Durov expressed concerns that this situation poses a risk to user privacy. Despite WhatsApp's claims of using end-to-end encryption for message transmission, the backup mechanism fails to ensure complete encryption of user information. His remarks have sparked industry attention regarding privacy protection measures in mainstream communication applications. #Telegram#WhatsApp#Encryption#Privacy#DataSecurity#PavelDurov#CyberSecurity#MessagingApps#TechNews#EndToEndEncryption

🚀 Security Concerns Arise Over LLM Agent API Routers On April 10, Solayer founder @Fried_rice highlighted on social media the growing reliance of large language model (LLM) agents on third-party API routers, which distribute tool call requests to multiple upstream providers. According to BlockBeats, these routers operate as application layer proxies and can access each JSON payload in plaintext during transmission. However, no provider currently enforces encryption integrity protection between the client and upstream models. A study tested 28 paid routers purchased from platforms like Taobao, Xianyu, and Shopify independent sites, along with 400 free routers collected from public communities. The findings revealed that one paid router and eight free routers were actively injecting malicious code. Additionally, two routers deployed adaptive evasion triggers, 17 accessed AWS Canary credentials owned by researchers, and one stole ETH from a private key held by researchers. Further poisoning studies demonstrated that seemingly harmless routers could also be exploited. A leaked OpenAI key was used to generate 100 million GPT-5.4 tokens and over seven Codex sessions. Weaker bait configurations resulted in 2 billion billing tokens, 99 credentials across 440 Codex sessions, and 401 sessions running autonomously in YOLO mode. The research team developed an experimental proxy named Mine, capable of executing all four types of attacks on four public proxy frameworks. They also verified three client defense strategies: fault lock strategy gating, response-side anomaly screening, and append-only transparent logging. #LLM#API#Security#CyberSecurity#Malware#DataBreach#Encryption#Proxy#AI#MachineLearning#ETH

《从 GFW 泄露文件审视网络代理的未来》 9 月 11 日，一份从 GFW 内部流出的文件（见 gfw.report 的报告, 或 TG 推文）颠覆了许多人对代理安全的既有认知：已快进到 通过植入证书来进行 MitM。 1️⃣ 当前主流的 “双层 TLS” 或不再安全 “双层 TLS” 代理思路：将真正想访问的网站流量 (内层 TLS )，用代理工具另套一层加密 (外层 TLS )，然后发往墙外。 ❯❯❯ 以期实现，让审查者只能看到 “外层” 目的地，却无法窥探 “内层” 具体内容❓ 💡然而，泄露文件及其讨论 1、讨论 2 等指出：只要你设备的 “证书” 被污染，无论套多少层加密或隧道技术，对于 #GFW 也不过是👙衣不蔽体🩲。 2️⃣ GFW 新技术：以主动 MitM 来监管流量 对于 TLS 代理，攻击者如何做到这一点？答案是污染上网设备的根证书。 简言之，你的终端设备里本就内置一些《信任白名单》(根证书)，用于打开各类网站。而 GFW 的新技术，能通过 蜜汁证书➕MitM 随时监控、解密你的流量——只需通过各种手段 [见 4️⃣ 后记]，把它的《蜜汁证书》悄悄植入，成为潜伏在你设备里的内鬼，丝滑小连招即成。 💡该思路与 iOS 部分代理 #App 的 MitM 去广告等场景类似。只是在 #去广告 场景中，你是主动安装第三方证书。而在 GFW 新技术场景中，你是被动植入第三方 (投毒) 证书❗️ 3️⃣ 今后的安全标准：或不能停留在 “传统加密” 面对 “主动 MitM” 和 “被动解密” 的双重威胁，更安全的代理协议要满足： ➊ 抗证书污染：协议不依赖一个可被轻易污染的客户端证书信任体系。 ➋ 客户端配置安全：配置泄露后，不影响过去＋未来的流量安全。 ➌ 前向安全：服务器密钥泄露后，不影响过去的历史流量安全。 以此为标杆，SS / Trojan / VMess 等协议 (族) 在后两项上几乎 0 分。 截至今日，VLESS 相关的 #Reality 协议 和 #抗量子加密 (Post-Quantum Encryption, 简称 Encryption) 新特性 都尝试破局。 ❯❯❯ 其中，前者在 GFW Pro Max 的新疆，表现与 #HY2 同属遥遥领先的协议；但后者的疗效如何，还有待观察。 💡 ━ 据悉，个别 #专线#中转 机场已经或计划考虑转用 VLESS 及 Encryption。 ━ 现仅 ⓵ Xray >= v25.9.5 [9月5日更新]、⓶ Mihomo >= v1.19.13 [8月27日更新] 等极个别核心的新版本支持 Encryption 特性❗️ ━ 基于上述核心的 App 名单，见海豚测速-代理工具篇。可利用版本号按图索骥 🔍 协议 / 新特性 支持动向。 4️⃣ 后记 近年来，一些看似孤立的事件似乎正在串联成一条微妙的时间线： ━ 2021 起，具有极高系统权限的 #反诈App 开始大规模推广。 ━ 2023 起，运营商通过 TR-069 协议 #远程控制光猫 的传闻甚嚣尘上，甚至部分激进的省市禁止改桥接。国行安卓固件，也据传内置反诈❓ ━ 2024 起，小米、一加等安卓厂商终于按捺不住收紧国行 #Root 权限申请；iPhone 国行固件也据传妥协内置反诈❓ ━ 2025 起，有无 内置反诈 或已不重要，内置《蜜汁证书》即可……❓ 接下来的情况或更加严峻，#代理协议 开发者与 GFW 免不了新一轮的斗智斗勇。明天，你还会翻墙吗？ #漫谈#技术杂谈#vless#抗量子#encryption#xray#mihomo

#TBOT Show 7: The Significance of Dorsey’s Bitchat, Worlds First eSIM Hack, Mexico’s Digital ID, New Show Source Insights Took a week off and now I’m back. 😎 (with a new addition to the show?!) (also - big sorry for the show being 40 minutes) WATCH THE SHOW ON SUBSTACK https://odysee.com/@takebackourtech:f/tbot-show-7:6 Here’s the stories for the week: Jack #Dorsey’s #Bitchat - The Real Story: The tech mogul Jack Dorsey released a censorship proof messaging app in late June - named Bitchat. It runs a #bluetooth#mesh network, end to end #e2e#encryption, and rolling IDs and is picking up traction. I share my thoughts on the app, and concerns I have - but that’s not even the real story. I think Jack has a bigger message than just the app. World’s First #eSIM Hack: A security lab out of Poland just demonstrated a hack on one of the largest SIM providers for IoT devices. We’ll get techy in our understanding and ask the question, could this impact our phones? #DigitalID, Coming Soon To #Mexico: The Mexican government has signed a new #Biometric#ID law, known as the CURP. How is this enforced and what does it mean for Mexican residents? Find out today. Decentralized #Video Conferencing: Recently I’ve been relying more on video conferences instead of calling people, especially while traveling. Good thing I’ve got the #Jitsi app, I’ll show you my setup! #videocall New Show, “Source Insights”: You follow #TBOT to stay informed on tech freedom. Now go deeper with a new weekly show “Source Insights”, where Hakeem shares his tools, lifestyle and productivity tips, entrepreneurial advice, wisdom from guides, and personal experiences. Go deeper, join me as a Source Seeker. Unlock access with a paid subscription. UNLOCK ACCESS 🪄 We aim for our show to be well-researched, well-informed and focused on the most impactful stories ⭐️ PLUS - Each story comes with recommendations and there’s one cool tech trick or open-source solution every week. We’ll be publishing full posts and clips of each of these stories soon. Share this post with your crew. 🚢 👩‍💻Get private phones, laptops, and tablets 📲SIM Swap Survival Guide Webinar

《参数汇总：代理工具的协议支持 & Apps与通用核心的隶属》 如两张图所示 VLESS 家族过于庞大，仅节选机场节点常用的特性/分支。 待有统计数据后，会再补充一些信息…… To be announced…… 网页版地址: https://www.haitunt.org/cheatsheet.html ⚠️这不是一份测评，而是纯粹的协议参数汇总表 #app#协议#代理工具#代理核心#代理协议#mihomo#singbox#xray#v2ray#v2fly#dae#大鹅#surge#小火箭#loon#stash#qx#surfboard#vless#reality#encryption#hy2#anytls#windows#win#macos#linux#openwrt#路由器#华硕#小米#软路由#插件#内网穿透#参数#速查手册#cheatsheet

《参数汇总：代理工具的协议支持 & Apps与通用核心的隶属》 如两张图所示 VLESS 家族过于庞大，仅节选机场节点常用的特性/分支。 待有统计数据后，会再补充一些信息…… To be announced…… 网页版地址: https://www.haitunt.org/cheatsheet.html ⚠️这不是一份测评，而是纯粹的协议参数汇总表 #app#协议#代理工具#代理核心#代理协议#mihomo#singbox#xray#v2ray#v2fly#dae#大鹅#surge#小火箭#loon#stash#qx#surfboard#vless#reality#encryption#hy2#anytls#windows#win#macos#linux#openwrt#路由器#华硕#小米#软路由#插件#内网穿透#参数#速查手册#cheatsheet