Google Moves Post-Quantum Encryption Timeline Up To 2029
Google has moved up its post-quantum encryption migration target to 2029. “This new timeline reflects migration needs for the PQC era in light of progress on quantum computing hardware development, quantum error correction, and quantum factoring resource estimates,” said vice president of security engineering Heather Adkins and senior staff cryptology engineer Sop … ⌘ Read more
Windows PCs Crash Three Times As Often As Macs, Report Says
A workplace-device study says Windows PCs crash significantly more often than Macs, lag further behind on patching and encryption in some sectors, and are typically replaced sooner. TechSpot reports: Omnissa’s 2026 State of Digital Workspace report outlines the IT challenges that various organizations face from the growing use of AI and the heterogeneous d … ⌘ Read more
Instagram Discontinues End-To-End Encryption For DMs
Meta plans to remove end-to-end encryption (E2EE) from Instagram direct messages by May 8, 2026. “Very few people were opting in to end-to-end encrypted messaging in DMs, so we’re removing this option from Instagram in the coming months,” says Meta. “Anyone who wants to keep messaging with end-to-end encryption can easily do that on WhatsApp.” The Hacker News reports: The … ⌘ Read more
Intel Demos Chip To Compute With Encrypted Data
An anonymous reader quotes a report from IEEE Spectrum: Worried that your latest ask to a cloud-based AI reveals a bit too much about you? Want to know your genetic risk of disease without revealing it to the services that compute the answer? There is a way to do computing on encrypted data without ever having it decrypted. It’s called fully homomorphic encryption, or FHE. But ther … ⌘ Read more
OpenSSL 4.0 Alpha 1 Released With Encrypted Client Hello “ECH” & Other Features
The first alpha release of OpenSSL 4.0 is now available for testing. With OpenSSL 3.0 they are removing support for SSLv3 that has been deprecated for over one decade while also dropping OpenSSL engines and other removals while also adding in some new features… ⌘ Read more
TikTok Says End-To-End Encryption Makes Users Less Safe
An anonymous reader quotes a report from the BBC: TikTok will not introduce end-to-end encryption (E2EE) – the controversial privacy feature used by nearly all its rivals – arguing it makes users less safe. E2EE means only the sender and recipient of a direct message can view its contents, making it the most secure form of communication available to the general … ⌘ Read more
Telegram Disputes Russia’s Claim Its Encryption Was Compromised
Russia’s domestic intelligence agency claimed Saturday that Ukraine can obtain sensitive information from troops using the Telegram app on the front line, reports Bloomberg. The fact that the claims were made through Russia’s state-operated news outlet RIA Novosti signals “tightening scrutiny over a platform used by millions of Russians,” Bloomberg no … ⌘ Read more
eCryptfs Sees Renewed Patch Activity With Linux 7.0
We haven’t heard much about eCryptfs in recent years for that stackable in-tree Linux file-system providing per-directory encryption support. The FSCRYPT framework has shown its strong capabilities in recent years with various file-systems, Canonical hasn’t been pursuing its user home directory encryption like it did years ago for the Ubuntu desktop, and full disk encryption is the most secure approach for ensuring data security on your system. But to some surprise wi … ⌘ Read more
Evaluating The Performance Cost To AMD SEV-SNP On EPYC 9005 VMs
AMD Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) provides memory encryption and integrity protections that can be especially useful in modern cloud computing. Typically a 2~10% performance overhead is reported when engaging AMD SEV-SNP for these hardware-backed security protections. In this article is an extensive look at the current AMD SEV-SNP performance impact for confidential computing on EPYC 9005 “Turin” servers. The curr … ⌘ Read more
Intel Releases QATlib 26.02 With New APIs For Zero-Copy DMA
Of Intel’s different CPU accelerator IPs, the arguably most useful and with the greatest customer interest remains around QuickAssist Technology (QAT). Intel QAT allows offloading various compression and encryption tasks for better performance. Intel this week released QATlib 26.02 as the newest version of their user-space library for leveraging QuickAssist Technology on capable hardware… ⌘ Read more
US Government Also Received a Whistleblower Complaint That WhatsApp Chats Aren’t Private
Remember that lawsuit questioning WhatsApp’s end-to-end encryption? Thursday Bloomberg reported those allegations had been investigated by special agents with America’s Commerce Department, “according to the law enforcement records, as well as a person familiar with the matter and one of the contractor … ⌘ Read more
WhatsApp End-to-End Encryption Allegations Questioned By Some Security Experts, Lawyers
Several security experts have “questioned the lack of technical detail” in that lawsuit alleging WhatsApp has no end-to-end encryption, reports the Washington Post:
“It’s pretty long on accusations and thin on any sort of evidence,” Matthew Green, a cryptography professor at Johns Hopkins University, sa … ⌘ Read more
Libgcrypt 1.12 Released With VAES/AVX-512 Accelerated AES: 2x Performance On AMD Zen 5
Werner Koch released libgcrypt 1.12 as the newest feature release to this library providing the cryptographic building blocks used by GnuPG and other software like email clients, file encryption utilities, and other software… ⌘ Read more
Lawsuit Alleges That WhatsApp Has No End-to-End Encryption
Longtime Slashdot reader schwit1 shares a report from PCMag: A lawsuit claims that WhatsApp’s end-to-end encryption is a sham, and is demanding damages, but the app’s parent company, Meta, calls the claims “false and absurd.” The lawsuit was filed in a San Francisco US district court on Friday and comes from a group of users based in countries such as Australi … ⌘ Read more
Microsoft Gave FBI a Set of BitLocker Encryption Keys To Unlock Suspects’ Laptops
An anonymous reader quotes a report from TechCrunch: Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday. Many modern Windows computers rely on full-disk encryption, called BitLocker, which is ena … ⌘ Read more
Ireland Wants To Give Its Cops Spyware, Ability To Crack Encrypted Messages
The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. From a report: The Communications (Interception and Lawful Access) Bill is being framed as a replacement for the current legislation that governs digital communic … ⌘ Read more
AI Agents ‘Perilous’ for Secure Apps Such as Signal, Whittaker Says
Signal Foundation president Meredith Whittaker warned that AI agents that autonomously carry out tasks pose a threat to encrypted messaging apps [non-paywalled source] because they require broad access to data stored across a device and can be hijacked if given root permissions.
Speaking at Davos on Tuesday, Whittaker said the deeper integrat … ⌘ Read more
Cryptsetup 2.8.2 Released With BitLocker Clear Key Support
Cryptsetup 2.8.2 released on Thursday for this open-source utility used for setting up disk encryption with dm-crypt on Linux systems, including for LUKS volumes, TrueCrypt, BitLocker, and other formats… ⌘ Read more
OpenZFS 2.4 Released With Faster Encryption Performance, Many Other Improvements
OpenZFS 2.4 is out as stable in time for the holidays! The big OpenZFS 2.4 feature release is now available for FreeBSD and Linux systems to continue advancing the open-source ZFS file-system support… ⌘ Read more
Microsoft Will Finally Kill Obsolete Cipher That Has Wrecked Decades of Havoc
An anonymous reader quotes a report from Ars Technica: Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the so … ⌘ Read more
Linux 6.19 Features: LUO, PCIe Link Encryption, ASUS Armoury, DRM Color Pipeline API & More
With Linux 6.19-rc1 released, the merge window for Linux 6.19 has now concluded. Here is a summary of the interesting Linux 6.19 new features and changes with this kernel version. ⌘ Read more
Russian Hackers Debut Simple Ransomware Service, But Store Keys In Plain Text
The pro-Russian CyberVolk group resurfaced with a Telegram-based ransomware-as-a-service platform, but fatally undermined its own operation by hardcoding master encryption keys in plaintext. The Register reports: First, the bad news: the CyberVolk 2.x (aka VolkLocker) ransomware-as-a-service operation that launched in late … ⌘ Read more
Linux 6.19 Introduces PCIe Link Encryption & Device Authentication, AMD SEV-TIO Enabling
One of the most exciting merges this weekend to the Linux 6.19 kernel is establishing the infrastructure for supporting PCI Express link encryption and device authentication. Multiple vendors are working on PCIe link encryption for their hardware while this initial pull begins laying the foundation of AMD SEV-TIO Trusted I/O support for the mainline kernel… ⌘ Read more
‘End-To-End Encrypted’ Smart Toilet Camera Is Not Actually End-To-End Encrypted
An anonymous reader quotes a report from TechCrunch: Earlier this year, home goods maker Kohler launched a smart camera called the Dekoda that attaches to your toilet bowl, takes pictures of it, and analyzes the images to advise you on your gut health. Anticipating privacy fears, Kohler said on its website that the Dekod … ⌘ Read more
Signal Private Messenger Rolls Out Secure Backups for iPhone
Encrypted messaging platform Signal now offers secure backups on iPhone, letting users save and restore messages if they lose access to their device.
There are free and paid versions of Signal’s secure backups. The free version lets users store up to 100MB of text messages, including photos, videos, and files from … ⌘ Read more
Thunderbird Pro Enters Production Testing Ahead of $9/Month Launch
Thunderbird Pro has moved its Thundermail email service into production testing as the open-source email client’s subscription bundle of additional services prepares for an Early Bird beta launch at $9 per month that will include email hosting, encrypted file sharing through Send, and scheduling via Appointment.
Internal team members are now tes … ⌘ Read more
ProcessOne: On Signal Protocol and Post-Quantum Ratchets
Signal improved its protocol to prepare encrypted messaging for the quantum era.
They call the improvement “Triple Ratchet” (or SPQR = Signal Post-Quantum Ratchet).
[Signal Protocol and Post-Quantum Ratchets\ \ We are excited to announce a significant advancement in the security … ⌘ Read more
NLnet sponsors development of WPA3 support for OpenBSD
The NLnet foundation has sponsored a project to add WPA3 support to OpenBSD, support which in turn can be used by other operating systems. This project delivers the second open-source implementation of WPA3, the current industry standard for Wi-Fi encryption, specifically for the OpenBSD operating system. Its code can also be integrated by other operating systems to enable modern Wi-Fi encryption, thereby enhancing the div … ⌘ Read more
** Encrypt & Decrypt Database Fields in Spring Boot Like a Pro (2025 Secure Guide)**
“Your database backup just leaked. Is your data still safe?”
[Continue reading on InfoSec Write-ups »](https://infos … ⌘ Read more
ProcessOne: Europe’s Digital Sovereignty Paradox - “Chat Control” update
October 14th was supposed to be the day the European Council voted to mandate scanning of all private communications, encrypted or not.
The vote was pulled at the last minute.
Germany withdrew support, creating a blocking minority that blocked the Danish Presidency&aposs hope to g … ⌘ Read more
How to break RSA? A guide for Hackers and CTF players to crack the RSA encryption algorithm ⌘ Read more
@prologic@twtxt.net Where do I stand on “Chat Control”? How long of a response/rant do you want? 😅 It’s a disaster. As I understand it, they want to spy on me directly on my devices before encryption even happens – jfc, no, fuck off. And since there are so many devices, they want to automate the scanning, which is the worst idea you could possibly have.
Oh man, if the EU actually rolled out this horribd idea called ChatControl that actually threatens the security and privacy of secure e2e encrypted messaging like Signal™, fuck me, I’m out 🤦♂️ I’ll just rage quit the IT industry and become a luddite. I’m out.
How I Captured a Password with One Command
Many beginner-friendly sites or older web applications still use HTTP, which transmits data without encryption.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/why-htt … ⌘ Read more
JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more
JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more
How to Enable iCloud Private Relay on Mac
iCloud Private Relay is a fantastic privacy feature that is part of the iCloud+ subscription that helps to protect your internet activity and browsing by obfuscating your IP address (via using a temporary IP address) and encrypting your DNS lookups, so that third parties can’t see what websites you’re visiting. The end result is that … Read More ⌘ Read more
How to Enable iCloud Private Relay on Mac
iCloud Private Relay is a fantastic privacy feature that is part of the iCloud+ subscription that helps to protect your internet activity and browsing by obfuscating your IP address (via using a temporary IP address) and encrypting your DNS lookups, so that third parties can’t see what websites you’re visiting. The end result is that … Read More ⌘ Read more
MITM HTTPS Payload with Python
A lightweight MITM tool for monitoring encrypted traffic and detecting threats powered by AI and built in Python
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mitm-https-payload-with-python-499ebf8e933f?source=rss—-7b722bfd1b8d— … ⌘ Read more
Crypto Failures | TryHackMe Medium
Questions: What is the value of the web flag? What is the encryption key? Solution: We are firstly given an IP address. I preformed a…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/crypto-failures-tryhackme-medium-d60d55b849 … ⌘ Read more
↳
In-reply-to
»
@bender Sure! 👍
⤋ Read More
@bender@twtxt.net It’s still a straight-through to the Eris backend that itself uses a Let’s Encrypt cert now. Haven’t tried to also terminate TLS at the Edge yet.
How Backups Can Break End-to-End Encryption (E2EE) ⌘ Read more
Coin-Sized RA4M1-Zero Board Features 32-Bit RA4M1 MCU
The RA4M1-Zero is a compact development board based on Renesas’ 32-bit RA4M1 MCU. Running at 48 MHz with a built-in FPU, it features firmware encryption, secure boot, and a castellated design for easy integration into custom hardware. The board uses the R7FA4M1AB3CFM microcontroller from the RA4M1 family. It includes 256 KB of flash memory, 32 […] ⌘ Read more