Cryptsetup 2.8.2 Released With BitLocker Clear Key Support
Cryptsetup 2.8.2 released on Thursday for this open-source utility used for setting up disk encryption with dm-crypt on Linux systems, including for LUKS volumes, TrueCrypt, BitLocker, and other formats… ⌘ Read more
OpenZFS 2.4 Released With Faster Encryption Performance, Many Other Improvements
OpenZFS 2.4 is out as stable in time for the holidays! The big OpenZFS 2.4 feature release is now available for FreeBSD and Linux systems to continue advancing the open-source ZFS file-system support… ⌘ Read more
Microsoft Will Finally Kill Obsolete Cipher That Has Wrecked Decades of Havoc
An anonymous reader quotes a report from Ars Technica: Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and recently faced blistering criticism from a prominent US senator. When the so … ⌘ Read more
Linux 6.19 Features: LUO, PCIe Link Encryption, ASUS Armoury, DRM Color Pipeline API & More
With Linux 6.19-rc1 released, the merge window for Linux 6.19 has now concluded. Here is a summary of the interesting Linux 6.19 new features and changes with this kernel version. ⌘ Read more
Russian Hackers Debut Simple Ransomware Service, But Store Keys In Plain Text
The pro-Russian CyberVolk group resurfaced with a Telegram-based ransomware-as-a-service platform, but fatally undermined its own operation by hardcoding master encryption keys in plaintext. The Register reports: First, the bad news: the CyberVolk 2.x (aka VolkLocker) ransomware-as-a-service operation that launched in late … ⌘ Read more
Linux 6.19 Introduces PCIe Link Encryption & Device Authentication, AMD SEV-TIO Enabling
One of the most exciting merges this weekend to the Linux 6.19 kernel is establishing the infrastructure for supporting PCI Express link encryption and device authentication. Multiple vendors are working on PCIe link encryption for their hardware while this initial pull begins laying the foundation of AMD SEV-TIO Trusted I/O support for the mainline kernel… ⌘ Read more
‘End-To-End Encrypted’ Smart Toilet Camera Is Not Actually End-To-End Encrypted
An anonymous reader quotes a report from TechCrunch: Earlier this year, home goods maker Kohler launched a smart camera called the Dekoda that attaches to your toilet bowl, takes pictures of it, and analyzes the images to advise you on your gut health. Anticipating privacy fears, Kohler said on its website that the Dekod … ⌘ Read more
Signal Private Messenger Rolls Out Secure Backups for iPhone
Encrypted messaging platform Signal now offers secure backups on iPhone, letting users save and restore messages if they lose access to their device.
There are free and paid versions of Signal’s secure backups. The free version lets users store up to 100MB of text messages, including photos, videos, and files from … ⌘ Read more
Thunderbird Pro Enters Production Testing Ahead of $9/Month Launch
Thunderbird Pro has moved its Thundermail email service into production testing as the open-source email client’s subscription bundle of additional services prepares for an Early Bird beta launch at $9 per month that will include email hosting, encrypted file sharing through Send, and scheduling via Appointment.
Internal team members are now tes … ⌘ Read more
ProcessOne: On Signal Protocol and Post-Quantum Ratchets
Signal improved its protocol to prepare encrypted messaging for the quantum era.
They call the improvement “Triple Ratchet” (or SPQR = Signal Post-Quantum Ratchet).
[Signal Protocol and Post-Quantum Ratchets\ \ We are excited to announce a significant advancement in the security … ⌘ Read more
NLnet sponsors development of WPA3 support for OpenBSD
The NLnet foundation has sponsored a project to add WPA3 support to OpenBSD, support which in turn can be used by other operating systems. This project delivers the second open-source implementation of WPA3, the current industry standard for Wi-Fi encryption, specifically for the OpenBSD operating system. Its code can also be integrated by other operating systems to enable modern Wi-Fi encryption, thereby enhancing the div … ⌘ Read more
** Encrypt & Decrypt Database Fields in Spring Boot Like a Pro (2025 Secure Guide)**
“Your database backup just leaked. Is your data still safe?”
[Continue reading on InfoSec Write-ups »](https://infos … ⌘ Read more
ProcessOne: Europe’s Digital Sovereignty Paradox - “Chat Control” update
October 14th was supposed to be the day the European Council voted to mandate scanning of all private communications, encrypted or not.
The vote was pulled at the last minute.
Germany withdrew support, creating a blocking minority that blocked the Danish Presidency&aposs hope to g … ⌘ Read more
How to break RSA? A guide for Hackers and CTF players to crack the RSA encryption algorithm ⌘ Read more
@prologic@twtxt.net Where do I stand on “Chat Control”? How long of a response/rant do you want? 😅 It’s a disaster. As I understand it, they want to spy on me directly on my devices before encryption even happens – jfc, no, fuck off. And since there are so many devices, they want to automate the scanning, which is the worst idea you could possibly have.
Oh man, if the EU actually rolled out this horribd idea called ChatControl that actually threatens the security and privacy of secure e2e encrypted messaging like Signal™, fuck me, I’m out 🤦♂️ I’ll just rage quit the IT industry and become a luddite. I’m out.
How I Captured a Password with One Command
Many beginner-friendly sites or older web applications still use HTTP, which transmits data without encryption.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/why-htt … ⌘ Read more
JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more
JMP: Mitigating MITMs in XMPP
In October 2023, Jabber.ru, “the largest Russian XMPP messaging service”, discovered that both Hetzner and Linode had been targeting them with Machine-In-The-Middle (MITM) attacks for up to 6 months. MITM attacks are when an unauthorised third party intercepts traffic intended for someone else. At the point of interception, the attacker can inspect and even modify that traffic. TLS was created to mitigate this; all communication between the two parties is encrypted, so the third party sees … ⌘ Read more
How to Enable iCloud Private Relay on Mac
iCloud Private Relay is a fantastic privacy feature that is part of the iCloud+ subscription that helps to protect your internet activity and browsing by obfuscating your IP address (via using a temporary IP address) and encrypting your DNS lookups, so that third parties can’t see what websites you’re visiting. The end result is that … Read More ⌘ Read more
How to Enable iCloud Private Relay on Mac
iCloud Private Relay is a fantastic privacy feature that is part of the iCloud+ subscription that helps to protect your internet activity and browsing by obfuscating your IP address (via using a temporary IP address) and encrypting your DNS lookups, so that third parties can’t see what websites you’re visiting. The end result is that … Read More ⌘ Read more
MITM HTTPS Payload with Python
A lightweight MITM tool for monitoring encrypted traffic and detecting threats powered by AI and built in Python
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mitm-https-payload-with-python-499ebf8e933f?source=rss—-7b722bfd1b8d— … ⌘ Read more
Crypto Failures | TryHackMe Medium
Questions: What is the value of the web flag? What is the encryption key? Solution: We are firstly given an IP address. I preformed a…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/crypto-failures-tryhackme-medium-d60d55b849 … ⌘ Read more
↳
In-reply-to
»
@bender Sure! 👍
⤋ Read More
@bender@twtxt.net It’s still a straight-through to the Eris backend that itself uses a Let’s Encrypt cert now. Haven’t tried to also terminate TLS at the Edge yet.
How Backups Can Break End-to-End Encryption (E2EE) ⌘ Read more
Coin-Sized RA4M1-Zero Board Features 32-Bit RA4M1 MCU
The RA4M1-Zero is a compact development board based on Renesas’ 32-bit RA4M1 MCU. Running at 48 MHz with a built-in FPU, it features firmware encryption, secure boot, and a castellated design for easy integration into custom hardware. The board uses the R7FA4M1AB3CFM microcontroller from the RA4M1 family. It includes 256 KB of flash memory, 32 […] ⌘ Read more
Let’s Encrypt: Why You should (and Shouldn’t) use free SSL certificates
Free, fast, and secure — but is Let’s Encrypt the right SSL solution for your website?
[Continue reading on InfoSec Write-ups »](https://infosecwriteup … ⌘ Read more
DragonFlyBSD 6.4.1 released
It has been well over two years since the last release of DragonFlyBSD, version 6.4.0, and today the project pushed out a small update, DragonFlyBSD 6.4.1. It fixes a few small, longstanding issues, but as the version number suggests, don’t expect any groundbreaking changes here. The legacy IDE/NATA driver had a memory leak fixed, the ca_root_nss package has been updated to support newer Let’s Encrypt certificates, the package update command will no longer delete an importa … ⌘ Read more
Today I added support for Let’s Encrypt to eris via DNS-01 challenge. Updated the gcore libdns package I wrote for Caddy, Maddy and now Eris. Add support for yarn’s cache to support # type = bot and optionally # retention = N so that feeds like @tiktok@feeds.twtxt.net work like they did before, and… Updated some internal metrics in yarnd to be IMO “better”, with queue depth, queue time and last processing time for feeds.
↳
In-reply-to
»
Seem like it's a server-client thingy? 🤔 I much prefer tools in this case and defer the responsibility of storage to something else. I really like
⤋ Read More
restic for that reason and the fact that it's pretty rock solid. I have zero complaints 😅
I haven’t gotten very far with my experiments, yet. To be honest, I’m still not 100% sure if I want to trust that encryption. 😅 The target server will be completely out of my control … it is a real possibility that the (encrypted) data will leak at some point. Hm.
↳
In-reply-to
»
@lyse It wasn’t our building, yeah, luckily. But I’m pretty scared it might happen some day. I think I’ll put more effort into preparing for that. But whatever I do, it would be horrific to lose all your stuff and the memories attached to it …
⤋ Read More
On top of my usual backups (which are already offsite, but it requires me carrying a hard disk to that other site), I think I might rent a storage server and use Borg. 🤔 Hoping that their encryption is good enough. Maybe that’ll also finally convince me to get a faster internet connection. 😂
@andros@twtxt.andros.dev how often do you send a private message on the Fediverse? How often do you send PGP/SMIME encrypted emails? Are there other tools that are more suitable for the task? If implementing direct/private messages on twtxt scratches an itch (you know, that hobbyist itch we all get from time to time), then don’t give up so easily. Worse comes to worse, and your feed becomes too noisy, people can simply unfollow/mute.
I really don’t care about direct messages here, but I might be on that bottom 1%!
A Complete Guide to Securing Secrets in AWS Lambda
Learn how to securely manage secrets in AWS Lambda using environment variables, KMS encryption, Secrets Manager, and more.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-c … ⌘ Read more
Should Taxpayer Money Fund Open Source?
Mozilla, F-Droid, Let’s Encrypt, Tor, & more receive huge amounts of money from US taxes. ⌘ Read more
Tor, F-Droid, & Let’s Encrypt Lose Tax Payer Funding, Go To Court
The US tax payer funded Open Technology Fund has lost Federal funding and is taking the Trump administration to court. ⌘ Read more
Istio: The Highest-Performance Solution for Network Security
Ambient mode provides more encrypted throughput than any other project in the Kubernetes ecosystem. Encryption in transit is a baseline requirement for almost all Kubernetes environments today, and forms the foundation of a zero-trust security posture…. ⌘ Read more
France rejects backdoor mandate
Article URL: https://www.eff.org/deeplinks/2025/03/win-encryption-france-rejects-backdoor-mandate
Comments URL: https://news.ycombinator.com/item?id=43440513
Points: 500
# Comments: 124 ⌘ Read more
Erlang Solutions: Top 5 IoT Business Security Basics
IoT is now a fundamental part of modern business. With more than 17 billion connected devices worldwide, IoT business security is more important than ever. A single breach can expose sensitive data, disrupt operations, and damage a company’s reputation.
To help safeguard your business, we’ll cover five essential IoT security basics: data encryption, strong password policies, regular security audits, employee awareness tr … ⌘ Read more
ameriDroid Opens Preorders for VPN Server with WireGuard and DietPi
The VPN Server by ameriDroid is a pre-configured device for secure remote access to home and small office networks. Built on the ODROID-C4, it runs a lightweight Linux-based system with WireGuard for encrypted VPN connections and minimal setup. The device is based on the ODROID-C4, a single-board computer released in early 2020 by Hardkernel, featuring […] ⌘ Read more
Let’s Encrypt ends support for expiration notification emails
Since its inception, Let’s Encrypt has been sending expiration notification emails to subscribers that have provided an email address to us. We will be ending this service on June 4, 2025. ↫ Josh Aas on the Let’s Encrypt website They’re ending the expiration notification service because it’s costly, adds a ton of complexity to their systems, and constitutes a privacy risk because of all the email addresses the … ⌘ Read more