"[T]he main thing that people need to understand about Signal is that messages are encrypted from my phone to your phone in such a way that Signal can't read them as they go through their servers. The government could not read them off of Signal servers even with a warrant, even if they really wanted to. But if somebody has access to your phone, they can read those messages the same way you can by looking at them with their eyeballs because the messages have to be decrypted for you to read.

Now, there are a lot of ways that you can get access to somebody's phone. You can look over their shoulder while they're reading their messages, right? You can find out their password and unlock their phone, right? You can use forensic tools that police have like a Cellebrite or a break-in device to unlock phones, and then you can read the messages that way. You can also use malware. Installing malware on somebody's phone is a way that governments often gain access to people's private encrypted communications. Things like Pegasus malware or they're recently written about malware from Paragon Solutions that was going after WhatsApp messages, which was also end-to-end encrypted.

A concern about national security folks using these devices for the communications is that it makes it much more likely that their devices will get targeted by malware. And there's a lot of countries that have espionage capabilities that have the capability to target people's phones that would be very interested in knowing what Pete Hegseth is talking about, or what other high-level cabinet officials are talking about. So that makes for a very juicy intelligence target for foreign intelligence, and I think it's safe to assume that's something that many countries are now going to be going after."

https://www.techpolicy.press/about-that-signal-chat/

Universal Profile 3.0: GSMA verspricht endlich echte #RCS-Sicherheit | heise online https://www.heise.de/news/Messaging-per-RCS-Dank-Universal-Profile-3-0-zu-mehr-Sicherheit-fuer-alle-10328123.html #RichCommunicationStandard #Verschlüsselung #encryption #MLS #MessagingLayerSecurity

This week we participated in the Preparatory meeting of UNODC for the CrimeCongress 2026 in Abu Dhabi. In our oral intervention we highlighted the dangers of #spyware and #biometric surveillance, as well as how essential #encryption is for trust in a digital society.

Why do government officials and journalists use Signal? It's not just about #encryption. A cybersecurity professor explains the key factors in choosing a secure messaging app: https://theconversation.com/signal-is-not-the-place-for-top-secret-communications-but-it-might-be-the-right-choice-for-you-a-cybersecurity-expert-on-what-to-look-for-in-a-secure-messaging-app-250906 #cybersecurity

"Whittaker acknowledges that WhatsApp licenses Signal’s end-to-end encryption technology. Nevertheless, a lot of personal and intimate information isn’t protected. According to Signal’s president, this involves users’ location data, contact lists, when they send someone a message, when they stop, what users are in their group chats, their profile picture, and much more.

“These differences may be marketing gloss to Meta, but to us, they’re fundamental life or death issues that the public deserves to understand so they can make an informed choice,” Whittaker concludes.

On Sunday, WhatsApp sent a message to Dutch users stating that the company can’t read their messages, including text and voice messages, photos, videos, and calls.

“They are protected by end-to-end encryption because we are always committed to protecting your privacy,” the note reads."

https://cybernews.com/news/whatsapp-signal-executives-battle/

What is BLAKE3?

Even if I use a big fan from the use of BLAKE3 to hash, it is not possible to use it in a very advantageous way everywhere. What kind of thing is always what you have to question as a programmer. In the case of a product, the following conditions are met.

https://academy.bit2me.com/en/que-es-blake3-algoritmo-hash/

After the article from The Atlantic, I've seen a lot of misinformation circulating among journalists. I'm not getting into the political side of things, but many are focusing on the fact that Signal was used, claiming it's "not encrypted" or "not secure." This really saddens me because it spreads the wrong message.

Secure #encryption and online anonymity are now at risk in #Switzerland – here's what you need to know

#NymVPN, #Proton, and #Threema are ready to fight back
From: @ErikvanStraten
https://infosec.exchange/@ErikvanStraten/114231349910106815

@ozofriendly @evacide As a high-use daily Signal user on iOS and Android; Im unaware of how you could quietly slip in a new group member. It logs new group members just like the date and time. #whiskeyleaks #signal #encryption

Signal President Blasts WhatsApp's Privacy Claims - Signal president Meredith Whittaker challenged recent assertions by WhatsApp head ... - https://it.slashdot.org/story/25/03/26/1536221/signal-president-blasts-whatsapps-privacy-claims?utm_source=rss1.0mainlinkanon&utm_medium=feed #encryption

#Cloudflare erlaubt nur noch verschlüsselte Verbindungen mit #HTTPS | Security https://www.heise.de/news/Cloudflare-macht-unsicherem-HTTP-den-Garaus-10328030.html #SSL #Verschlüsselung #encryption

Days after the Signal leak, the Pentagon warned the app was the target of hackers

Several days after top national security officials accidentally included a reporter in a Signal chat about bombing Houthi sites in Yemen, a Pentagon-wide advisory warned against using the messaging app, even for unclassified information.

#Signal #messaging #encryption #privacy #pentagon #government #technology #tech

https://www.npr.org/2025/03/25/nx-s1-5339801/pentagon-email-signal-vulnerability

UK urges critical orgs to adopt quantum cryptography by 2035

The UK's National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035.

#PQC #quantum #cryptography #encryption #UK #security #cybersecurity #hacking #infosec

https://www.bleepingcomputer.com/news/security/uk-urges-critical-orgs-to-adopt-quantum-cryptography-by-2035/

Let’s Encrypt at risk from Trump cuts to OTF: “Let’s Encrypt received around $800,000 in funding from the OTF”

Dear @EUCommission, get your heads out of your arses and let’s find @letsencrypt €1M/year (a rounding error in EU finances) and have them move to the EU.

If Let’s Encrypt is fucked, the web is fucked, and the Small Web is fucked too. So how about we don’t let that happen, yeah?

(In the meanwhile, if the Let’s Encrypt folks want to make a point about how essential they are, it might be an idea to refuse certificates to republican politicians. See how they like their donation systems breaking in real time…)

CC @nlnet @NGIZero@mastodon.xyz

#USA #fascism #OpenTechFund #LetsEncrypt #SSL #TLS #encryption #EU #web #tech #SmallWeb #SmallTech https://mastodon.social/@publictorsten/114223873439053263

No, Using Signal Isn’t Safe for US Military Secrets — Here’s Why

#Signal #Cybersecurity #SecurityBreach #NationalSecurity #Encryption #Privacy #DataSecurity #Government #MobileSecurity #InfoSec #Yemen #Airstrikes #Politics #DataLeak #Espionage #USA

https://winbuzzer.com/2025/03/25/no-using-signal-isnt-safe-for-us-military-secrets-heres-why-xcxwbn/

Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit

Teilen er­be­ten

als PDF:

https://cryptpad.digitalcourage.de/file/#/2/file/NdmBgSYkRCto8B+JmJkE9mQ4/

 #DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone  #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena  #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz