How can you share photos if they are end-to-end encrypted?
We get that question a lot, so we’ve published a deep dive into how sharing works in zeitkapsl, why even we as the provider can’t open your links, and how the secret stays only on your device.
Read more: https://zeitkapsl.eu/en/e2ee-architecture/
»Phishing Simulationen (und SEG) sind weitgehend nutzlos:
Es gibt Firmen, die intern ihre Mitarbeiter einer Phishing-Schulung mit simulierten Angriffen unterziehen. In einer #Studie wurde nun belegt, dass diese #Phishing-Simulationen weitgehend nutzlos sind. Aber auch #Secure Email Gateways können Phishing-Mails nicht aufhalten.«
– von @gborn
Hach ja, wenn auch in Firmen gewisse #EMail services genutzt werden und ua zB #PGP als zu kompliziert angesehen wird, ja dann.
https://www.borncity.com/blog/2025/08/24/phishing-simulationen-sind-weitgehend-nutzlos/
Schalke 04 secured a valuable home victory against VfL Bochum in the third matchday of the 2. Bundesliga, winning 2-1.The early stages of the match were largely... https://news.osna.fm/?p=12728 | #news #bundesliga #goals #late #secure
Send files privately. No cloud. No trace.
I’m working towards something for #secure / #private / #simple #P2P #filetransfer. It isnt as “simple” as it could be, im still working on it, but ive got it down to:
Zero-installation as a #PWA
Zero-registration by using local-only storage
#P2P-authentication using #WebCryptoAPI
Fast #datatransfer using #WebRTC, #syncthing, #croc, #sphynctershare and countless others. the key difference in my approach is that its a #webapp thats ready to go without any "real" setup process. you just need a browser.
I’m aware there are things like #SFTP and several other established protocols and tools. I started doing this because I was learning about #WebRTC and it seems suprisingly capable. This isnt ready to replace any existing apps or services.
(Note: I know you guys are typically interested in #opensource code. this project is a spin-off from a bigger project: https://github.com/positive-intentions/chat)
Let me know what you think about the app, features and experience you would expect from a tool like this.
---
SUPER IMPORTANT NOTES TO PREVENT MISLEADING:
These projects are not ready to replace any existing apps or services.
These projects are not peer-reviewed or security audited.
The chat-app is #opensource for transparency (as linked above)... but the file-app is not open souce at all (especially spicy when not reviewed or audited.).
All projects behind positive-intentions are provided for testing and demo purposes only.
Selhosted P2P E2EE File Transfer & Messaging PWA
https://positive-intentions.com
* #OpenSource
* #CrossPlatform
* #PWA
* #iOS, #Android, #Desktop (self compile)
* App store, Play store (coming soon)
* Desktop
* #Windows, #MacOS, #Linux (self compile)
* run `index.html` on any modern #browser
* #Decentralized
* #Secure
* #NoCookies
* #P2P #encrypted
* No registration
* No installing
* #Messaging
* Group Messaging (coming soon)
* Text Messaging
* #Multimedia Messaging
* #Screensharing (on desktop browsers)
* Offline Messaging (in #research phase)
* #FileTransfer
* #VideoCalls
* #DataOwnership
* #SelfHosted
* GitHub pages Hosting
* #LocalOnly storage
Check them out!
(Degoogled links to the apps)
- P2P Chat: https://chat.positive-intentions.com
- P2P File: https://file.positive-intentions.com
- Encrypted drive storage: https://dim.positive-intentions.com/?path=/story/usefs--encrypted-demo
- GitHub: https://github.com/positive-intentions
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. It's for #testing and #demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* This is NOT meant to replace robust solutions like #VeraCrypt, #Simplexchat, #Signal, #Whatsapp, #wetransfer. It's just a #proofofconcept to show what's possible with #browser #APIs.
Would folks be interested in a writeup with working scripts for 100% locally #selfhosted #LanguageTool Desktop (#macOS, #Linux should work too) with full grammar checking and sentence rewriting capabilities, taking advantage of the open source LT server, #ollama, and #mitmproxy or #Proxyman ?
The upshot is #private #secure #grammarcheck with #LLM rewrites, like a secure self-hosted alternative to #Grammarly without sharing out every word you type. Awfully #hacky, but it works... #infosec
A recent survey conducted by the Ifo Institute reveals that a significant portion of Germany's self-employed and micro-entrepreneurs harbor concerns regarding t... https://news.osna.fm/?p=12212 | #news #retirement #secure #selfemployed
Trump seeks US-Russia-Ukraine summit after Putin meeting fails to secure ceasefire
“If all works out, we will then schedule a meeting with President Putin. Potentially, millions of pe…
#NewsBeep #News #Headlines #after #agreement #Ceasefire #Conflict #donald #failed #fails #full #highstakes #insisted #meeting #NewZealand #NZ #peace #president #Putin #russias #saturday #secure #seeks #summit #target #that #to #Trump #Ukraine #usrussiaukraine #vladimir #with #would
https://www.newsbeep.com/64631/
Our #booth at #FrOSCon25 is set up and ready for the visitors. Are you around and interested in #opensource #secure #wifi #router? Drop by!
Plans, Policies, and Procedures: Microsoft Secure Score
A measurement of an organization's security posture, with a higher number indicating more recommended actions taken.
https://blackcatwhitehatsecurity.com
#Plans #Policies #Procedures #Microsoft #Secure #Score #technology
Letting inmates run the asylum: Using AI to secure AI
https://mattsayar.com/letting-inmates-run-the-asylum-using-ai-to-secure-ai/
Supreme Court declines family’s bid for man’s release after 20 years in secure care
Efforts to free the man from compulsory care have been heard in multiple courts, including the Supreme Court.…
#NewsBeep #News #Headlines #20 #after #autistic #been #bid #care #court #declines #family #familys #for #freedom #gone #have #hes #in #mans #minor #nearly #NewZealand #NZ #offending #release #secure #supreme #years
https://www.newsbeep.com/61409/
just a friendly reminder to check out Signal Messenger.. 
Closed-source #secure chips? That’s a security risk. In this powerful #oSC25 keynote, discover the dangers of proprietary #hardware and how open architectures like #RISCV can save us. #openSUSE #tropicsquare https://youtu.be/LK1NwIMHc1g?si=ej8rUmQPjARXVrIl
Lower #taxes?
Lower #insurance or #drug prices?
More #jobs?
#Better jobs?
Can you #afford to buy a #car or #house?
Having #trouble paying #bills and #creditcard #debt?
Feel #secure in your job?
Do you feel #safer?
If the answer is NO to the above and you voted for a #republican politician, perhaps the #GOP #lied to you.
Is there anything like #Mastodon but more #secure? Particularly where anyone with access to the server does not have access to your data (via #encryption).
Can't help to wonder why does #Signal push their #smartphone version so hard? Smartphones are the least #secure #platforms for personal messaging, with a long and ugly track record of #privacy #violations, however it's very hard to register, install or use Signal without using a smartphone. Even if the #desktop #application is used, it requires constantly going back and forth to the smartphone version. That's weird for a privacy oriented service. Is there something fishy going on under the hood?
Secure Boot 憑證輪替:真實存在但不太可能造成影響
➤ 別擔心,你的 Linux 系統不會因此「開天窗」
✤ https://mjg59.dreamwidth.org/72892.html
本文探討了 Secure Boot 的憑證輪替機制,並澄清了關於 Linux 系統可能因微軟憑證過期而無法啟動的誤解。作者解釋了 Secure Boot 的工作原理,指出現有的系統設計實際上並未嚴格執行憑證到期日,因此即使憑證過期,系統仍可正常運作。文章進一步說明瞭未來憑證輪替的技術細節,以及對使用者實際影響的可能性,強調了此情況對絕大多數使用者而言並不會構成嚴重的啟動問題。
+ 原來我一直誤解了 Secure Boot 的運作方式,這篇文章解釋得很清楚,讓我鬆了一口氣。
+ 感謝作者的詳細說明,釐清了關於憑證過期的疑慮。實際操作細節很有參考價值。
#科技 #資訊安全 #UEFI #Secure Boot
