A security engineer specializing in cryptography announces a detailed review of Signal's cryptography, emphasizing the importance of proper security audits and transparency in messaging apps. The review aims to make applied cryptography understanding accessible to everyone, while addressing common misconceptions about encrypted messaging platforms.
X (formerly Twitter) is blocking links to Signal.me, preventing users from sharing direct contact links to the encrypted messaging service. The platform displays various error messages when users attempt to post Signal.me URLs, while other Signal domains remain accessible. This blocking coincides with federal employees using Signal to communicate with journalists about DOGE-related whistleblowing.
Google's new rules allowing 'fingerprinting' for online tracking have sparked criticism from privacy advocates, marking a reversal from their 2019 stance against such practices. The changes permit collection of IP addresses and device information for advertising purposes, which Google defends as necessary for emerging platforms while maintaining user privacy options.
Jellyfin is a free, privacy-focused media server solution that enables users to stream their personal content to any device without fees or data tracking. The platform is entirely community-driven, built by volunteers under GNU GPL license, allowing users complete control over their media management and streaming experience.
Senator Ron Wyden introduced the Global Trust in American Online Services Act to protect against foreign surveillance demands that could weaken U.S. technology security. The legislation aims to reform the CLOUD Act, which currently allows foreign governments to directly demand data from U.S. companies, addressing recent concerns about the UK's secret order to Apple regarding iCloud encryption.
Kagi Search introduces Privacy Pass authentication, allowing users to access search services anonymously while verifying their right to access, alongside a new Tor onion service for enhanced privacy. The feature enables users to perform searches without linking them to their accounts, making tracking technically impossible rather than just policy-based.
A security researcher discovered a method to leak any YouTube user's email address by exploiting a chain of vulnerabilities in YouTube's blocking system and Google's Pixel Recorder app, earning a $10,000 bug bounty. The exploit involved obtaining a user's Gaia ID through YouTube's API and converting it to an email address via Pixel Recorder's sharing functionality, while bypassing notification systems using an oversized recording title.
The UK government secretly ordered Apple to create a universal backdoor for accessing encrypted user data worldwide, challenging Apple's Advanced Data Protection system. Apple may cease offering encrypted storage in the UK rather than compromise global user security, as the order demands unprecedented access to encrypted content across all countries.
A technical validation page requesting JavaScript and cookie verification to proceed with access, including instructions for reviewing Terms of Service and contacting support if needed.
The UK government has ordered Apple to create an iCloud backdoor for encrypted data access, presenting Apple with three options: comply with potential global implications, exit the UK market entirely, or decentralize iCloud to allow third-party providers and self-hosting solutions.
Meta uses cookies and similar technologies to enhance product functionality, improve user experience, and deliver personalized advertising across their platforms. Users have control over optional cookies while essential cookies are required for core functionality.
UK security officials have ordered Apple to create a backdoor for accessing encrypted cloud backups of all Apple users globally, challenging the company's privacy commitments and potentially setting a significant precedent for digital privacy.
F-Droid received a $396,044 grant from Open Technology Fund to address sustainability challenges and enhance its infrastructure. The funding will support code refactoring, legal strategies, localization improvements, and infrastructure enhancements to ensure the platform's long-term viability in delivering FOSS-based, privacy-focused apps globally.
Latest Kagi updates introduce advanced filtering for AI-generated images, domain blocking support through uBlacklist, and major UI/UX improvements including a revamped search builder interface and simplified onboarding process.
A comprehensive guide for activists details essential digital security practices, focusing on protecting personal information during protests and daily life through secure communication tools and privacy measures. The resource provides specific recommendations for secure messaging apps, VPN services, and proper phone configuration to minimize surveillance risks and maintain anonymity during activist activities.