ProcessOne: On Signal Protocol and Post-Quantum Ratchets
Signal improved its protocol to prepare encrypted messaging for the quantum era.
They call the improvement “Triple Ratchet” (or SPQR = Signal Post-Quantum Ratchet).
[Signal Protocol and Post-Quantum Ratchets\ \ We are excited to announce a significant advancement in the security … ⌘ Read more
NLnet sponsors development of WPA3 support for OpenBSD
The NLnet foundation has sponsored a project to add WPA3 support to OpenBSD, support which in turn can be used by other operating systems. This project delivers the second open-source implementation of WPA3, the current industry standard for Wi-Fi encryption, specifically for the OpenBSD operating system. Its code can also be integrated by other operating systems to enable modern Wi-Fi encryption, thereby enhancing the div … ⌘ Read more
** Encrypt & Decrypt Database Fields in Spring Boot Like a Pro (2025 Secure Guide)**
“Your database backup just leaked. Is your data still safe?”
[Continue reading on InfoSec Write-ups »](https://infos … ⌘ Read more
ProcessOne: Europe’s Digital Sovereignty Paradox - “Chat Control” update
October 14th was supposed to be the day the European Council voted to mandate scanning of all private communications, encrypted or not.
The vote was pulled at the last minute.
Germany withdrew support, creating a blocking minority that blocked the Danish Presidency&aposs hope to g … ⌘ Read more
How to break RSA? A guide for Hackers and CTF players to crack the RSA encryption algorithm ⌘ Read more
@prologic@twtxt.net Where do I stand on “Chat Control”? How long of a response/rant do you want? 😅 It’s a disaster. As I understand it, they want to spy on me directly on my devices before encryption even happens – jfc, no, fuck off. And since there are so many devices, they want to automate the scanning, which is the worst idea you could possibly have.
Oh man, if the EU actually rolled out this horribd idea called ChatControl that actually threatens the security and privacy of secure e2e encrypted messaging like Signal™, fuck me, I’m out 🤦♂️ I’ll just rage quit the IT industry and become a luddite. I’m out.
How I Captured a Password with One Command
Many beginner-friendly sites or older web applications still use HTTP, which transmits data without encryption.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/why-htt … ⌘ Read more
JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more
JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more
How to Enable iCloud Private Relay on Mac
iCloud Private Relay is a fantastic privacy feature that is part of the iCloud+ subscription that helps to protect your internet activity and browsing by obfuscating your IP address (via using a temporary IP address) and encrypting your DNS lookups, so that third parties can’t see what websites you’re visiting. The end result is that … Read More ⌘ Read more
How to Enable iCloud Private Relay on Mac
iCloud Private Relay is a fantastic privacy feature that is part of the iCloud+ subscription that helps to protect your internet activity and browsing by obfuscating your IP address (via using a temporary IP address) and encrypting your DNS lookups, so that third parties can’t see what websites you’re visiting. The end result is that … Read More ⌘ Read more
MITM HTTPS Payload with Python
A lightweight MITM tool for monitoring encrypted traffic and detecting threats powered by AI and built in Python
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mitm-https-payload-with-python-499ebf8e933f?source=rss—-7b722bfd1b8d— … ⌘ Read more
Crypto Failures | TryHackMe Medium
Questions: What is the value of the web flag? What is the encryption key? Solution: We are firstly given an IP address. I preformed a…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/crypto-failures-tryhackme-medium-d60d55b849 … ⌘ Read more
↳
In-reply-to
»
@bender Sure! 👍
⤋ Read More
@bender@twtxt.net It’s still a straight-through to the Eris backend that itself uses a Let’s Encrypt cert now. Haven’t tried to also terminate TLS at the Edge yet.
How Backups Can Break End-to-End Encryption (E2EE) ⌘ Read more
Coin-Sized RA4M1-Zero Board Features 32-Bit RA4M1 MCU
The RA4M1-Zero is a compact development board based on Renesas’ 32-bit RA4M1 MCU. Running at 48 MHz with a built-in FPU, it features firmware encryption, secure boot, and a castellated design for easy integration into custom hardware. The board uses the R7FA4M1AB3CFM microcontroller from the RA4M1 family. It includes 256 KB of flash memory, 32 […] ⌘ Read more
Let’s Encrypt: Why You should (and Shouldn’t) use free SSL certificates
Free, fast, and secure — but is Let’s Encrypt the right SSL solution for your website?
[Continue reading on InfoSec Write-ups »](https://infosecwriteup … ⌘ Read more
DragonFlyBSD 6.4.1 released
It has been well over two years since the last release of DragonFlyBSD, version 6.4.0, and today the project pushed out a small update, DragonFlyBSD 6.4.1. It fixes a few small, longstanding issues, but as the version number suggests, don’t expect any groundbreaking changes here. The legacy IDE/NATA driver had a memory leak fixed, the ca_root_nss package has been updated to support newer Let’s Encrypt certificates, the package update command will no longer delete an importa … ⌘ Read more
Today I added support for Let’s Encrypt to eris via DNS-01 challenge. Updated the gcore libdns package I wrote for Caddy, Maddy and now Eris. Add support for yarn’s cache to support # type = bot and optionally # retention = N so that feeds like @tiktok@feeds.twtxt.net work like they did before, and… Updated some internal metrics in yarnd to be IMO “better”, with queue depth, queue time and last processing time for feeds.
↳
In-reply-to
»
Seem like it's a server-client thingy? 🤔 I much prefer tools in this case and defer the responsibility of storage to something else. I really like
⤋ Read More
restic for that reason and the fact that it's pretty rock solid. I have zero complaints 😅
I haven’t gotten very far with my experiments, yet. To be honest, I’m still not 100% sure if I want to trust that encryption. 😅 The target server will be completely out of my control … it is a real possibility that the (encrypted) data will leak at some point. Hm.
↳
In-reply-to
»
@lyse It wasn’t our building, yeah, luckily. But I’m pretty scared it might happen some day. I think I’ll put more effort into preparing for that. But whatever I do, it would be horrific to lose all your stuff and the memories attached to it …
⤋ Read More
On top of my usual backups (which are already offsite, but it requires me carrying a hard disk to that other site), I think I might rent a storage server and use Borg. 🤔 Hoping that their encryption is good enough. Maybe that’ll also finally convince me to get a faster internet connection. 😂
@andros@twtxt.andros.dev how often do you send a private message on the Fediverse? How often do you send PGP/SMIME encrypted emails? Are there other tools that are more suitable for the task? If implementing direct/private messages on twtxt scratches an itch (you know, that hobbyist itch we all get from time to time), then don’t give up so easily. Worse comes to worse, and your feed becomes too noisy, people can simply unfollow/mute.
I really don’t care about direct messages here, but I might be on that bottom 1%!
A Complete Guide to Securing Secrets in AWS Lambda
Learn how to securely manage secrets in AWS Lambda using environment variables, KMS encryption, Secrets Manager, and more.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-c … ⌘ Read more
Should Taxpayer Money Fund Open Source?
Mozilla, F-Droid, Let’s Encrypt, Tor, & more receive huge amounts of money from US taxes. ⌘ Read more
Tor, F-Droid, & Let’s Encrypt Lose Tax Payer Funding, Go To Court
The US tax payer funded Open Technology Fund has lost Federal funding and is taking the Trump administration to court. ⌘ Read more
Istio: The Highest-Performance Solution for Network Security
Ambient mode provides more encrypted throughput than any other project in the Kubernetes ecosystem. Encryption in transit is a baseline requirement for almost all Kubernetes environments today, and forms the foundation of a zero-trust security posture…. ⌘ Read more
France rejects backdoor mandate
Article URL: https://www.eff.org/deeplinks/2025/03/win-encryption-france-rejects-backdoor-mandate
Comments URL: https://news.ycombinator.com/item?id=43440513
Points: 500
# Comments: 124 ⌘ Read more
Erlang Solutions: Top 5 IoT Business Security Basics
IoT is now a fundamental part of modern business. With more than 17 billion connected devices worldwide, IoT business security is more important than ever. A single breach can expose sensitive data, disrupt operations, and damage a company’s reputation.
To help safeguard your business, we’ll cover five essential IoT security basics: data encryption, strong password policies, regular security audits, employee awareness tr … ⌘ Read more
ameriDroid Opens Preorders for VPN Server with WireGuard and DietPi
The VPN Server by ameriDroid is a pre-configured device for secure remote access to home and small office networks. Built on the ODROID-C4, it runs a lightweight Linux-based system with WireGuard for encrypted VPN connections and minimal setup. The device is based on the ODROID-C4, a single-board computer released in early 2020 by Hardkernel, featuring […] ⌘ Read more
Let’s Encrypt ends support for expiration notification emails
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025. ↫ Josh Aas on the Let’s Encrypt website They’re ending the expiration notification service because it’s costly, adds a ton of complexity to their systems, and constitutes a privacy risk because of all the email addresses the … ⌘ Read more
(#dap62ia) @movq@movq It’s all good 👍 Just discussing two things really a) Publishing private/encrypted messages to target rec …
@movq @www.uninformativ.de It’s all good 👍 Just discussing two things really a) Publishing private/encrypted messages to target recipients on a Twtxt feed (Direct Messages) and b) A new/alternative logo for https://twtxt.dev 😅 ⌘ Read more
It’s ok for most encrypted protocols (In salty you can fetch other messages but can’t decrypt). Btw i think recipient can be removed so if someone seen message they tried to decypt, if can’t - its not message to you
Apple has agreed to pay $95 million to settle a lawsuit alleging that its voice assistant Siri routinely recorded private conversations that were then sold to third parties for targeted ads.
From Siri “unintentionally” recorded private convos; Apple agrees to pay $95M https://arstechnica.com/tech-policy/2025/01/apple-agrees-to-pay-95m-delete-private-conversations-siri-recorded/
I’m not sure I’m convinced Apple is really that much better than the other big tech companies when it comes to this kind of thing. Their reputation is better and they do seem to be better about things like on-device encryption, but then stories like this come out.
[WTS] [$1.5K USD] Encrypted Graphene OS Pixels Fully Setup
PIXEL 6, 6a, 6 Pro, 7a, 7, 7 Pro, 8a, 8 Pro
Link: https://moneromarket.io/listing/e6cd0a03-238b-434f-9a25-382e8da30725
u/Encrypto84 (MoneroMarket.io) ⌘ Read more
Cloud Native Computing Foundation Announces cert-manager Graduation
Open source security project automates highly secure, encrypted data communications in cloud native environments SALT LAKE CITY, Utah – KubeCon + CloudNativeCon North America – November 12, 2024 – The Cloud Native Computing Foundation® (CNCF®), which… ⌘ Read more
(#o7heczq) LOL what does “lightly encrypted” mean?! 🤣
LOL what does “lightly encrypted” mean?! 🤣 ⌘ Read more
↳
In-reply-to
»
Lol. "Lighty Encrypted" https://www.pcmag.com/news/hot-topic-breach-confirmed-millions-of-credit-cards-email-addresses-exposed
⤋ Read More
Oof, is it any wonder some of us don’t want to just give out our info online willy-nilly.
Also that credit card ‘encryption’ will likely land that company in very hot water, no doubt far away from PCI DSS requirements.
Lol. “Lighty Encrypted” https://www.pcmag.com/news/hot-topic-breach-confirmed-millions-of-credit-cards-email-addresses-exposed
(#jsn6ija) @wbknl@wbknl The only thing I know about the HAM Radio space is that it’s considered “taboo” to encrypt the traffic. So that make …
@wbknl The only thing I know about the HAM Radio space is that it’s considered “taboo” to encrypt the traffic. So that makes secure IP a bit difficult to say the least right? 🤔 ⌘ Read more