#E2EE

If IRC is ancient and Matrix is too complex - there is XMPP (Jabber) in the middle ground.

#xmpp #jabber #chat #instantmessaging #privacy #selfhosted #e2ee #opsec

http://tomsitcafe.com/2026/04/24/xmpp-the-middle-ground-of-instant-messaging/

I'm looking forward to giving everyone a demo of #E2EE at #FediForum. If I can get enough done, I open up a beta for people who attend.

I'm going to call this the @jaz screen:

I'm looking forward to giving everyone a demo of #E2EE at #FediForum. If I can get enough done, I open up a beta for people who attend.

I'm going to call this the @jaz screen:

💡 Got a story to tell about Matrix? The #MatrixConf 2026 CFP is open!

Topics include: Matrix internals, public sector deployments, community, safety, and more.

🗓️ Oct 20-23, 2026 | Malmö, Sweden

https://cfp.2026.matrix.org/matrix-conference-2026/cfp

#DigitalSovereignty #Decentralization #E2EE

💡 Got a story to tell about Matrix? The #MatrixConf 2026 CFP is open!

Topics include: Matrix internals, public sector deployments, community, safety, and more.

🗓️ Oct 20-23, 2026 | Malmö, Sweden

https://cfp.2026.matrix.org/matrix-conference-2026/cfp

#DigitalSovereignty #Decentralization #E2EE

#E2EE is coming to the #Fediverse. Every effort will be made for #Fedilab to be among the first Android clients to support it. Not as a spectator but as an actor, thanks to the beta testers who make early iterations possible. Be ready.

ZOMG! #E2EE news on the Fediverse keeps getting better

The @HolosSocial team is planning to implement the same encryption standard as Mastodon, Bonfire, and Emissary.

When it lands, truly private messages should interoperate between all four platforms. This is an _absolute_win_ for open platforms and open APIs.

#E2EE is coming to the #Fediverse. Every effort will be made for #Fedilab to be among the first Android clients to support it. Not as a spectator but as an actor, thanks to the beta testers who make early iterations possible. Be ready.

#E2EE is coming to the #Fediverse. Every effort will be made for #Fedilab to be among the first Android clients to support it. Not as a spectator but as an actor, thanks to the beta testers who make early iterations possible. Be ready.

#E2EE is coming to the #Fediverse. Every effort will be made for #Fedilab to be among the first Android clients to support it. Not as a spectator but as an actor, thanks to the beta testers who make early iterations possible. Be ready.

#E2EE is coming to the #Fediverse. Every effort will be made for #Fedilab to be among the first Android clients to support it. Not as a spectator but as an actor, thanks to the beta testers who make early iterations possible. Be ready.

ZOMG! #E2EE news on the Fediverse keeps getting better

The @HolosSocial team is planning to implement the same encryption standard as Mastodon, Bonfire, and Emissary.

When it lands, truly private messages should interoperate between all four platforms. This is an _absolute_win_ for open platforms and open APIs.

ZOMG! #E2EE news on the Fediverse keeps getting better

The @HolosSocial team is planning to implement the same encryption standard as Mastodon, Bonfire, and Emissary.

When it lands, truly private messages should interoperate between all four platforms. This is an _absolute_win_ for open platforms and open APIs.

E2EE is coming to Mastodon. And it’s long overdue. Not until next year, but at least it’s on the horizon.

On one hand, it’s a little scary seeing Mastodon features receiving large sums of money for features and improvements. On the other, it’s meaningful to see Mastodon maturing.

https://www.privacyguides.org/news/2026/04/15/mastodon-to-get-e2ee-for-private-messages-thanks-to-sovereign-tech-fund/

#Privacy #Mastodon #InfoSec #E2EE #Encryption #PrivateMessaging #DM

E2EE is coming to Mastodon. And it’s long overdue. Not until next year, but at least it’s on the horizon.

On one hand, it’s a little scary seeing Mastodon features receiving large sums of money for features and improvements. On the other, it’s meaningful to see Mastodon maturing.

https://www.privacyguides.org/news/2026/04/15/mastodon-to-get-e2ee-for-private-messages-thanks-to-sovereign-tech-fund/

#Privacy #Mastodon #InfoSec #E2EE #Encryption #PrivateMessaging #DM

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

@manul70 Yup! Though I'm less concerned with nation states. Nation-states are considered an "Advanced Persistent Threat" - and if they want into your devices, then god help you. Relevant xkcd: https://xkcd.com/538/

But, this will be great for thwarting the next tier down: web scrapers, nosy admins, and corporate spies.

Anyone building #E2EE is a win for the Fediverse...

MASTODON building e2ee is a HUGE win for the Fediverse.

@rick @phnt@fluffytail.org

Sorry, I can't see the intermediate message you're replying to (xenofem.me is returning errors) so here's just a generic take on content scanning.

It's not possible to content scan MLS-encrypted messages, so that won't apply to this project. And yeah, people will use #E2EE to do bad things. It's the same calculus as with Matrix, Signal, Apple Messages, and others: the benefits to good people outweigh the negatives.

@GreenSkyOverMe

As I understand it, Mastodon is building to the MLS in ActivityPub spec from the SWF - the same one #Bonfire and #Emissary are building to today. So it will be compatible with those.

I think Hollos uses the Signal protocol, which is similar, but not the same as MLS.

What other #E2EE solutions are you referring to?

https://swicg.github.io/activitypub-e2ee/mls

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

@linstrom-developer

The good news is that the whole spec is modular. And it’s not too much work on the server. If you can build out basic C2S services, then 90% of the work is on the client (as you’d hope with #E2EE)

But clients *should* be interchangeable, so the Emissary messenger app would be able to work with a Linstrom server.

It’s the seeds of an ecosystem that many more builders will be joining. 🤘🏻🤘🏻🤘🏻

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

listening to music on #spotify 👎

listening to #music inside #ArcaneChat while the playlist and currently playing song is synchronized #p2p so me and the boys chill listening to the same song at the same time in real-time 👍

all end-to-end #encrypted, with Perfect Forward Secrecy (#PFS), no centralized servers, no #billionaire platform, no #DRM, no logins, no personal data, no age verification, no bullshit, just you, your friends and the chilling vibes

#privacy #e2ee #DeltaChat #webxdc

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

Have you seen this news?

#Mastodon just got funding to add end to end encryption into their software.

So, some time next year, you’ll be able to send truly private messages to the vast majority of the #Fediverse

Im so excited about this.

Because it’s an open spec, this opens the doors for every Fediverse app to join the party.

Yesterday, this project was a proof of concept. Today, Mastodon has turned it into a stampede.

#E2EE

https://blog.joinmastodon.org/2026/04/sovereign-tech-agency-funding/

listening to music on #spotify 👎

listening to #music inside #ArcaneChat while the playlist and currently playing song is synchronized #p2p so me and the boys chill listening to the same song at the same time in real-time 👍

all end-to-end #encrypted, with Perfect Forward Secrecy (#PFS), no centralized servers, no #billionaire platform, no #DRM, no logins, no personal data, no age verification, no bullshit, just you, your friends and the chilling vibes

#privacy #e2ee #DeltaChat #webxdc

#Holos started at the end of 2025. A full #ActivityPub server now runs on your phone, with the ability to use your own domain as your identity, #E2EE DMs via Signal Protocol, zero-knowledge encrypted backup, #ActivityPub media served from your own cloud, a tailored timeline based on your interests thanks to #HolosDiscover, and the ability to switch views depending on your mood or the content you want to browse. Thank you for your feedback and support that helped to go through these steps.

#Holos started at the end of 2025. A full #ActivityPub server now runs on your phone, with the ability to use your own domain as your identity, #E2EE DMs via Signal Protocol, zero-knowledge encrypted backup, #ActivityPub media served from your own cloud, a tailored timeline based on your interests thanks to #HolosDiscover, and the ability to switch views depending on your mood or the content you want to browse. Thank you for your feedback and support that helped to go through these steps.

#Holos started at the end of 2025. A full #ActivityPub server now runs on your phone, with the ability to use your own domain as your identity, #E2EE DMs via Signal Protocol, zero-knowledge encrypted backup, #ActivityPub media served from your own cloud, a tailored timeline based on your interests thanks to #HolosDiscover, and the ability to switch views depending on your mood or the content you want to browse. Thank you for your feedback and support that helped to go through these steps.

#Holos started at the end of 2025. A full #ActivityPub server now runs on your phone, with the ability to use your own domain as your identity, #E2EE DMs via Signal Protocol, zero-knowledge encrypted backup, #ActivityPub media served from your own cloud, a tailored timeline based on your interests thanks to #HolosDiscover, and the ability to switch views depending on your mood or the content you want to browse. Thank you for your feedback and support that helped to go through these steps.

#Holos started at the end of 2025. A full #ActivityPub server now runs on your phone, with the ability to use your own domain as your identity, #E2EE DMs via Signal Protocol, zero-knowledge encrypted backup, #ActivityPub media served from your own cloud, a tailored timeline based on your interests thanks to #HolosDiscover, and the ability to switch views depending on your mood or the content you want to browse. Thank you for your feedback and support that helped to go through these steps.

@grammasaurus : if I understand the patent correctly, the content seen by a user in their browser will not for 100% originate from your website given its domain name.

However, Google may let their Chrome browser show your domain name in the address bar and even suggest that a server-authenticated and encrypted valid https connection is being used (proving the authenticity of your website, which is then fully broken).

Google may even force other browser makers (such as Mozilla, sponsored by Google) to do the same.

@SteveRudolfi

#Authenticity #Authentic #MitM #AitM #GoogleIsEvil #BigTechIsEvil #TLSisBroken #httpsIsBroken #httpsIsNoLongerE2EE #E2EE

Taking on challenges like #E2EE direct messages or making your identity independent from any server was a priority for me. Not depending on any external API means all the cards are in our hands to respond to what people need, without compromise. Behind the scenes, the work between the app and the relay is tightly coupled. A lot of relay improvements, especially around Bloom filter performance, are not always reflected in changelogs.(3/4)

I'm deep into refactoring the #E2EE code today. My goal is to reconstruct all of the server side code.

So, it's back to #Bandwagon roulette for today's coding music. It's simple: go to search, pick a hashtag (#Ambient for me, please), then play the top album in the results. They shuffle every time you reload, so there's always something new.

First up for me ~ Pathfinder by HCM: https://bandwagon.fm/678ec24cd84b0eb346b7a482

I'm deep into refactoring the #E2EE code today. My goal is to reconstruct all of the server side code.

So, it's back to #Bandwagon roulette for today's coding music. It's simple: go to search, pick a hashtag (#Ambient for me, please), then play the top album in the results. They shuffle every time you reload, so there's always something new.

First up for me ~ Pathfinder by HCM: https://bandwagon.fm/678ec24cd84b0eb346b7a482

I'm deep into refactoring the #E2EE code today. My goal is to reconstruct all of the server side code.

So, it's back to #Bandwagon roulette for today's coding music. It's simple: go to search, pick a hashtag (#Ambient for me, please), then play the top album in the results. They shuffle every time you reload, so there's always something new.

First up for me ~ Pathfinder by HCM: https://bandwagon.fm/678ec24cd84b0eb346b7a482

@fromjason precisely that!

After all, #NSAbook provides bulk access to peoples' comms on their platforms to #DHS, #CPB & #TSA!

• Including #WhatsApp which doesn't have real "#E2EE"…

@dansup That would be amazing. I would love to help you any way you need, and I can chat whenever it's good for you.

And, don't forget @Bonfire - they're also building to the same standard. #E2EE will be awesome for the #Fediverse.. but only if there's general #interop between different projects.

If you want some fun bedtime reading before we chat, I'm collecting all of my notes on the project here: https://emissary.dev/e2ee

That page includes links to the spec, Github, and other stuff.

I'm deep into refactoring the #E2EE code today. My goal is to reconstruct all of the server side code.

So, it's back to #Bandwagon roulette for today's coding music. It's simple: go to search, pick a hashtag (#Ambient for me, please), then play the top album in the results. They shuffle every time you reload, so there's always something new.

First up for me ~ Pathfinder by HCM: https://bandwagon.fm/678ec24cd84b0eb346b7a482

I'm deep into refactoring the #E2EE code today. My goal is to reconstruct all of the server side code.

So, it's back to #Bandwagon roulette for today's coding music. It's simple: go to search, pick a hashtag (#Ambient for me, please), then play the top album in the results. They shuffle every time you reload, so there's always something new.

First up for me ~ Pathfinder by HCM: https://bandwagon.fm/678ec24cd84b0eb346b7a482

"The option “Move automatically to DeltaChat Folder” as well as other legacy options will be removed in the next weeks.

...

Only if you share the same email address for chatting and classic usage, which is discouraged since some time, the encrypted messages in the Inbox may be annoying."

https://delta.chat/en/legacy-move

This is news to me @delta.

(1/?)

#chat #E2EE #DeltaChat

@liaizon

Everything on the table:

I should do this, but have been waiting because I *really* want to self-host the main #Emissary and #Bandwagon accounts on my own software.

Right now, Emissary is a great PUBLISHER and READER, but it does a poor job with DMs. So I couldn’t really use Emissary to support questions like this one.

It’s been on my roadmap for a while, and it’s why I’m excited to build #e2ee DMs, too.

But I do plan to launch these as soon as I have a good solution for DMs.

@hollo

Fantastic! If you already support the ActivityPub API (C2S) then the server-side changes are relatively small. Once we've road-tested the spec, I'm happy to help you set it up :)

And, my apologies. I confused you with another project that's doing #e2ee with the Signal protocol. In my defense, https://holos.social is a similar enough name at first glance.

Check this out: https://clip.place/w/ajgJ5Hi69bbbxHCK3nXNdj

I just published a video of the new "end to end encryption" protocol for ActivityPub in #Emissary. The UX is rougher than I'd like, but you can see the client app is coming along nicely.

Today, it sends and receives messages using MLS, a widely used industry standard and successor to the Signal protocol.

By June 2026, it should be ready for you.

For more details on the project and my progress, see: https://emissary.dev/e2ee

#JustBetweenUs #e2ee

@benpate Yes, of course we're interested in #E2EE too! (For reference, Hollo doesn't have E2EE for DMs yet.) We're completely open to collaborating with the #Bonfire team.

@hollo

Very cool, guys! Kudos!

#Bonfire is also working on encrypted DMs similar to Hollo. They’re using MLS, which is similar, but slightly different from the Signal protocol you’re using.

I know it’s a big request, but what are the chances of getting your #E2EE messages to work with Bonfire (and #Emissary) too?

It would be great for the Fediverse to have a unified E2EE standard in 2026.

Let me know if it’s a possibility. I’m happy to tour you through our work so far!

Check this out: https://clip.place/w/ajgJ5Hi69bbbxHCK3nXNdj

I just published a video of the new "end to end encryption" protocol for ActivityPub in #Emissary. The UX is rougher than I'd like, but you can see the client app is coming along nicely.

Today, it sends and receives messages using MLS, a widely used industry standard and successor to the Signal protocol.

By June 2026, it should be ready for you.

For more details on the project and my progress, see: https://emissary.dev/e2ee

#JustBetweenUs #e2ee

Check this out: https://clip.place/w/ajgJ5Hi69bbbxHCK3nXNdj

I just published a video of the new "end to end encryption" protocol for ActivityPub in #Emissary. The UX is rougher than I'd like, but you can see the client app is coming along nicely.

Today, it sends and receives messages using MLS, a widely used industry standard and successor to the Signal protocol.

By June 2026, it should be ready for you.

For more details on the project and my progress, see: https://emissary.dev/e2ee

#JustBetweenUs #e2ee

Check this out: https://clip.place/w/ajgJ5Hi69bbbxHCK3nXNdj

I just published a video of the new "end to end encryption" protocol for ActivityPub in #Emissary. The UX is rougher than I'd like, but you can see the client app is coming along nicely.

Today, it sends and receives messages using MLS, a widely used industry standard and successor to the Signal protocol.

By June 2026, it should be ready for you.

For more details on the project and my progress, see: https://emissary.dev/e2ee

#JustBetweenUs #e2ee

Check this out: https://clip.place/w/ajgJ5Hi69bbbxHCK3nXNdj

I just published a video of the new "end to end encryption" protocol for ActivityPub in #Emissary. The UX is rougher than I'd like, but you can see the client app is coming along nicely.

Today, it sends and receives messages using MLS, a widely used industry standard and successor to the Signal protocol.

By June 2026, it should be ready for you.

For more details on the project and my progress, see: https://emissary.dev/e2ee

#JustBetweenUs #e2ee

Signal Protocol for a P2P Webapp

TL;DR: I have open-sourced a #Rust implementation of the #SignalProtocol that compiles to #WASM for #Browser-based #P2P messaging, overcoming the #NodeJS limitations of the official library.

I am sharing my implementation of the Signal Protocol designed specifically for the #Frontend. While the official libsignal is the gold standard, its #JavaScript targets are often optimized for Node.js, which creates integration challenges for client-side web applications.

My version is built in #RustLang and compiles to #WebAssembly, utilizing #ModuleFederation to provide robust #Encryption for decentralized environments. It currently powers the end-to-end security for my #P2P messaging project.

Protocol Demo:
https://signal.positive-intentions.com/

P2P App Demo:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story

I am looking for feedback from the #Dev and #Infosec community. If you have experience with #Cryptography audits or formal-proof verification, I would appreciate your eyes on the codebase as I work toward a more finished state.

GitHub Repository:
https://github.com/positive-intentions/signal-protocol

#Signal #SignalProtocol #Rust #RustLang #WASM #WebAssembly #OpenSource #OSS #Privacy #Encryption #E2EE #WebDev #Frontend #BrowserTech #Decentralized #WebApps #Coding #Security #SoftwareEngineering #Networking #PeerToPeer #P2P #Cryptography #Audit #CyberSecurity #Tech #JavaScript #Programming #ModuleFederation #P2PWeb #PrivacyTech #SecureMessaging #WebPerf #TechCommunity #InfoSec #WebSecurity

Signal Protocol for a P2P Webapp

TL;DR: I have open-sourced a #Rust implementation of the #SignalProtocol that compiles to #WASM for #Browser-based #P2P messaging, overcoming the #NodeJS limitations of the official library.

I am sharing my implementation of the Signal Protocol designed specifically for the #Frontend. While the official libsignal is the gold standard, its #JavaScript targets are often optimized for Node.js, which creates integration challenges for client-side web applications.

My version is built in #RustLang and compiles to #WebAssembly, utilizing #ModuleFederation to provide robust #Encryption for decentralized environments. It currently powers the end-to-end security for my #P2P messaging project.

Protocol Demo:
https://signal.positive-intentions.com/

P2P App Demo:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story

I am looking for feedback from the #Dev and #Infosec community. If you have experience with #Cryptography audits or formal-proof verification, I would appreciate your eyes on the codebase as I work toward a more finished state.

GitHub Repository:
https://github.com/positive-intentions/signal-protocol

#Signal #SignalProtocol #Rust #RustLang #WASM #WebAssembly #OpenSource #OSS #Privacy #Encryption #E2EE #WebDev #Frontend #BrowserTech #Decentralized #WebApps #Coding #Security #SoftwareEngineering #Networking #PeerToPeer #P2P #Cryptography #Audit #CyberSecurity #Tech #JavaScript #Programming #ModuleFederation #P2PWeb #PrivacyTech #SecureMessaging #WebPerf #TechCommunity #InfoSec #WebSecurity

Signal Protocol for a P2P Webapp

TL;DR: I have open-sourced a #Rust implementation of the #SignalProtocol that compiles to #WASM for #Browser-based #P2P messaging, overcoming the #NodeJS limitations of the official library.

I am sharing my implementation of the Signal Protocol designed specifically for the #Frontend. While the official libsignal is the gold standard, its #JavaScript targets are often optimized for Node.js, which creates integration challenges for client-side web applications.

My version is built in #RustLang and compiles to #WebAssembly, utilizing #ModuleFederation to provide robust #Encryption for decentralized environments. It currently powers the end-to-end security for my #P2P messaging project.

Protocol Demo:
https://signal.positive-intentions.com/

P2P App Demo:
https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story

I am looking for feedback from the #Dev and #Infosec community. If you have experience with #Cryptography audits or formal-proof verification, I would appreciate your eyes on the codebase as I work toward a more finished state.

GitHub Repository:
https://github.com/positive-intentions/signal-protocol

#Signal #SignalProtocol #Rust #RustLang #WASM #WebAssembly #OpenSource #OSS #Privacy #Encryption #E2EE #WebDev #Frontend #BrowserTech #Decentralized #WebApps #Coding #Security #SoftwareEngineering #Networking #PeerToPeer #P2P #Cryptography #Audit #CyberSecurity #Tech #JavaScript #Programming #ModuleFederation #P2PWeb #PrivacyTech #SecureMessaging #WebPerf #TechCommunity #InfoSec #WebSecurity

This is how #Holos currently handles #E2EE DMs over #ActivityPub. Holos is a project we develop alongside #Fedilab.

https://holos.social/e2ee

#HolosSocial

This is how #Holos currently handles #E2EE DMs over #ActivityPub. Holos is a project we develop alongside #Fedilab.

https://holos.social/e2ee

#HolosSocial

This is how #Holos currently handles #E2EE DMs over #ActivityPub. Holos is a project we develop alongside #Fedilab.

https://holos.social/e2ee

#HolosSocial

This is how #Holos currently handles #E2EE DMs over #ActivityPub. Holos is a project we develop alongside #Fedilab.

https://holos.social/e2ee

#HolosSocial

This is how #Holos currently handles #E2EE DMs over #ActivityPub. Holos is a project we develop alongside #Fedilab.

https://holos.social/e2ee

#HolosSocial

We talk about #HolosSocial forgetting some of you might not know this project.
#Holos is a full ActivityPub server running on your device. Currently on Android, next on iOS.
We already introduced #E2EE DMs and #ActivityPub identity through custom domains. You own your followers, your keys, and your identity. Relays are just infrastructure.
On the footer of https://holos.social we added pages explaining the project. Have a look!

Mastodon: @HolosSocial Don't hesitate to share

We talk about #HolosSocial forgetting some of you might not know this project.
#Holos is a full ActivityPub server running on your device. Currently on Android, next on iOS.
We already introduced #E2EE DMs and #ActivityPub identity through custom domains. You own your followers, your keys, and your identity. Relays are just infrastructure.
On the footer of https://holos.social we added pages explaining the project. Have a look!

Mastodon: @HolosSocial Don't hesitate to share

If you're interested in setting up a secure chat service for you and your friends, you might want to try @snikket_im

🌱 https://snikket.org

It's really cheap to run and easy to set up, it's managed hosting so you don't need to do techy stuff.

Technical details: it runs on XMPP with OMEMO end-to-end encryption, but this is hidden behind non-technical branding so it doesn't scare people.

Instances are federated, Snikket and other types of XMPP instance can communicate.

#XMPP #OMEMO #E2EE

If you're interested in setting up a secure chat service for you and your friends, you might want to try @snikket_im

🌱 https://snikket.org

It's really cheap to run and easy to set up, it's managed hosting so you don't need to do techy stuff.

Technical details: it runs on XMPP with OMEMO end-to-end encryption, but this is hidden behind non-technical branding so it doesn't scare people.

Instances are federated, Snikket and other types of XMPP instance can communicate.

#XMPP #OMEMO #E2EE

@delta and that's why #PGP/MIME as with #deltaChat is the only option besides #XMPP+#OMEMO that ofers real #E2EE, because without #SelfCustody any claims of #E2E - #Encryption are just "#TrustMeBro!"-Style #MarketingLies!

I want to be part of a flat collective/network of folks / orgs working together to provide resilient e2ee data storage using free software.

Like a file backup / object storage federation of sorts.

I want it to be scalable, i.e. folks and orgs who have spare storage capacity can contribute this capacity to the collective, effectively increasing the collective's total storage capacity. The collective should gracefully handle nodes dropping off or quitting the collective, and re-joining.

The API should be well-known, preferably something like S3, so the collective/network easily integrates as a backend for existing software.

I think there should be some way to 'balance the books' so to speak, to avoid selfish behavior like a participant providing 3GiB of storage and using 3TiB.

The balancing can be in-software, e.g. each participant gets an identity which the software uses to identify how much the participant contributes and utilizes across all their nodes.

The balancing can also be out-of software, through a member system or similar.

Would be nice with a social aspect.

Is there already something like this?

What software would be good for building something like this?

@deuxfleurs would #garage fit this use case?
If I understand correctly, Garage can scale to many nodes in many locations/zones, but 3-4 zones (one of which can be a hot spare) is recommended. If a garage cluster consists of 50 zones with 150 nodes total, will chunks be spread across zones in a way that isn't limited by low-capacity zones? Does the total storage capacity of the cluster depend on whichever location has the least capacity?

Another option I found earlier is @peergos, but I'm fairly lacking in knowledge about the project. Being p2p, would that fit this use case better?

#techCollective #democracy #privacy #digitalIndependence #e2ee #anarchism #p2p

I want to be part of a flat collective/network of folks / orgs working together to provide resilient e2ee data storage using free software.

Like a file backup / object storage federation of sorts.

I want it to be scalable, i.e. folks and orgs who have spare storage capacity can contribute this capacity to the collective, effectively increasing the collective's total storage capacity. The collective should gracefully handle nodes dropping off or quitting the collective, and re-joining.

The API should be well-known, preferably something like S3, so the collective/network easily integrates as a backend for existing software.

I think there should be some way to 'balance the books' so to speak, to avoid selfish behavior like a participant providing 3GiB of storage and using 3TiB.

The balancing can be in-software, e.g. each participant gets an identity which the software uses to identify how much the participant contributes and utilizes across all their nodes.

The balancing can also be out-of software, through a member system or similar.

Would be nice with a social aspect.

Is there already something like this?

What software would be good for building something like this?

@deuxfleurs would #garage fit this use case?
If I understand correctly, Garage can scale to many nodes in many locations/zones, but 3-4 zones (one of which can be a hot spare) is recommended. If a garage cluster consists of 50 zones with 150 nodes total, will chunks be spread across zones in a way that isn't limited by low-capacity zones? Does the total storage capacity of the cluster depend on whichever location has the least capacity?

Another option I found earlier is @peergos, but I'm fairly lacking in knowledge about the project. Being p2p, would that fit this use case better?

#techCollective #democracy #privacy #digitalIndependence #e2ee #anarchism #p2p

We have published a new version of #Holos app (rc-1) that supports #E2EE DMs over ActivityPub.

We wrote a page that explains our E2EE implementation: https://holos.social/e2ee

If you want to discover how Holos app and relay work together: https://holos.social/how-it-works

#HolosSocial

We are entering a new step in the development of #Holos and we need more people to test.
We have reopened subscriptions through the app: https://holos.social/signup

We wrote a page explaining how we implemented #E2EE DMs over #ActivityPub: https://holos.social/e2ee

Don't hesitate to contribute and share your feedback with us. Thank you.

#HolosSocial

We are entering a new step in the development of #Holos and we need more people to test.
We have reopened subscriptions through the app: https://holos.social/signup

We wrote a page explaining how we implemented #E2EE DMs over #ActivityPub: https://holos.social/e2ee

Don't hesitate to contribute and share your feedback with us. Thank you.

#HolosSocial

We are entering a new step in the development of #Holos and we need more people to test.
We have reopened subscriptions through the app: https://holos.social/signup

We wrote a page explaining how we implemented #E2EE DMs over #ActivityPub: https://holos.social/e2ee

Don't hesitate to contribute and share your feedback with us. Thank you.

#HolosSocial

We are entering a new step in the development of #Holos and we need more people to test.
We have reopened subscriptions through the app: https://holos.social/signup

We wrote a page explaining how we implemented #E2EE DMs over #ActivityPub: https://holos.social/e2ee

Don't hesitate to contribute and share your feedback with us. Thank you.

#HolosSocial

We are entering a new step in the development of #Holos and we need more people to test.
We have reopened subscriptions through the app: https://holos.social/signup

We wrote a page explaining how we implemented #E2EE DMs over #ActivityPub: https://holos.social/e2ee

Don't hesitate to contribute and share your feedback with us. Thank you.

#HolosSocial

We are entering a new step in the development of #Holos and we need more people to test.
We have reopened subscriptions through the app: https://holos.social/signup

We wrote a page explaining how we implemented #E2EE DMs over #ActivityPub: https://holos.social/e2ee

Don't hesitate to contribute and share your feedback with us. Thank you.

#HolosSocial

We have published a new version of #Holos app (rc-1) that supports #E2EE DMs over ActivityPub.

We wrote a page that explains our E2EE implementation: https://holos.social/e2ee

If you want to discover how Holos app and relay work together: https://holos.social/how-it-works

#HolosSocial

We have published a new version of #Holos app (rc-1) that supports #E2EE DMs over ActivityPub.

We wrote a page that explains our E2EE implementation: https://holos.social/e2ee

If you want to discover how Holos app and relay work together: https://holos.social/how-it-works

#HolosSocial

#XMPP Summit

The next topic is #Onion #Routing 🧅

The XMPP Summit:
https://xmpp.org/2025/11/xmpp-summit-28/

Meet us at #FOSDEM 2026, too!

#jabber #chat #opensource #messaging #federation #Brussels, #Belgium #opensource #rtc #e2ee

#XMPP Summit

The next topic is #Onion #Routing 🧅

The XMPP Summit:
https://xmpp.org/2025/11/xmpp-summit-28/

Meet us at #FOSDEM 2026, too!

#jabber #chat #opensource #messaging #federation #Brussels, #Belgium #opensource #rtc #e2ee

@evacide
Someone clarify me please 🤔

If e2ee happens from client to client, means a closed proprietary app like WhatsApp can use the decrypted messages at the client level & do can steal it even though the connection is marketed as e2ee

Am I right, or I'm missing out something?

Coz I see the option to send last 5 messages to meta when I report a spam and block the number.

So the e2ee is useless if the client is closed source right? 🤔

#e2ee #WhatsApp #client #encryption #data #connection

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption

A lawsuit filed in San Francisco alleges that #WhatsApp's end-to-end encryption contains backdoors allowing #Meta employees to access user messages in real-time.

According to the complaint, internal tools allow engineers to view chats by User ID without a separate decryption step, bypassing the Signal Protocol protections the app claims to use.

The lawsuit cites £whistleblowers who claim that workers can request access to specific accounts via internal tasks, gaining unlimited temporal scope to a user's history, including deleted messages. Meta has labeled these claims false and absurd.

Technical experts note that while the Signal Protocol itself is mathematically secure, the integrity of end-to-end encryption relies entirely on the security of the endpoints. Potential vulnerabilities in WhatsApp include unencrypted cloud backups, metadata collection, and the fact that the client software is closed-source.

Without the ability to audit the code or verify public keys through an independent directory, users must trust that the application is not exfiltrating plaintext data before it is encrypted for transit.

The legal action highlights the ongoing tension between corporate privacy marketing and the technical reality of centralized messaging platforms. If the allegations of an internal "widget" for message access are proven true, it would represent a fundamental breach of the encryption standards Meta has advertised since 2016.
https://it.slashdot.org/story/26/01/27/0550249/lawsuit-alleges-that-whatsapp-has-no-end-to-end-encryption

#WhatsApp #Meta #Privacy #CyberSecurity #Encryption #DataPrivacy #E2EE #TechNews #Lawsuit #Whistleblower #DigitalRights #Messaging #InformationSecurity #SignalProtocol

Lawsuit Alleges That WhatsApp Has No End-to-End Encryption

A lawsuit filed in San Francisco alleges that #WhatsApp's end-to-end encryption contains backdoors allowing #Meta employees to access user messages in real-time.

According to the complaint, internal tools allow engineers to view chats by User ID without a separate decryption step, bypassing the Signal Protocol protections the app claims to use.

The lawsuit cites £whistleblowers who claim that workers can request access to specific accounts via internal tasks, gaining unlimited temporal scope to a user's history, including deleted messages. Meta has labeled these claims false and absurd.

Technical experts note that while the Signal Protocol itself is mathematically secure, the integrity of end-to-end encryption relies entirely on the security of the endpoints. Potential vulnerabilities in WhatsApp include unencrypted cloud backups, metadata collection, and the fact that the client software is closed-source.

Without the ability to audit the code or verify public keys through an independent directory, users must trust that the application is not exfiltrating plaintext data before it is encrypted for transit.

The legal action highlights the ongoing tension between corporate privacy marketing and the technical reality of centralized messaging platforms. If the allegations of an internal "widget" for message access are proven true, it would represent a fundamental breach of the encryption standards Meta has advertised since 2016.
https://it.slashdot.org/story/26/01/27/0550249/lawsuit-alleges-that-whatsapp-has-no-end-to-end-encryption

#WhatsApp #Meta #Privacy #CyberSecurity #Encryption #DataPrivacy #E2EE #TechNews #Lawsuit #Whistleblower #DigitalRights #Messaging #InformationSecurity #SignalProtocol

@evacide @mshelton

Signal is centralised and was attempted backdoored by the uks online safety bill and saved by signal threatening to walk. Simplex is open source and quantum resistant e2ee like signal and also has its secret group chats and metadata protection like Signal but SimpleX is also decentralised with ip protection, tor support, no persistent id basically "a burner phone for every contact"
Signals centralisation also makes it more vulnerable to total censorship, all you need to do is block signals domains, being a decentralised network SimplexChat has no single point of failure to censor and anyone can run their own relay node

#PSA #E2EE #Privacy #Encryption #Anonymity #Signal #SimpleX #UnitedKingdom #OnlineSafetyAct #Censorship

#JustBetweenUs

I've just sent the first end-to-end-encrypted #MLS messages from one #Emissary instance to another.

News from around the USA really has me down, so it's important to celebrate the little wins 🎉

And, there's still so much to do. But with equal quantities of luck and caffeine, I can screencast some early prototypes for you before too long.

I believe #E2EE is important for the #Fediverse because it will give us more ways to use this network, and expand what people can do here.

#JustBetweenUs

I've just sent the first end-to-end-encrypted #MLS messages from one #Emissary instance to another.

News from around the USA really has me down, so it's important to celebrate the little wins 🎉

And, there's still so much to do. But with equal quantities of luck and caffeine, I can screencast some early prototypes for you before too long.

I believe #E2EE is important for the #Fediverse because it will give us more ways to use this network, and expand what people can do here.

#deltachat does

- no bindings to public handles/numbers

- no address-book upload

- not do public contact or group discovery

- not have critical persistent server state (!)

Social identification is private, between people though ephemeral #P2P #E2EE messages.

Servers see messages with random sender and recipient addresses, but those can not be mapped to a phone number or public handle. Servers see IP addresses. But you can use Tor, or a VPN, if you want to hide that.

It' not all bad :)

#JustBetweenUs

I've just sent the first end-to-end-encrypted #MLS messages from one #Emissary instance to another.

News from around the USA really has me down, so it's important to celebrate the little wins 🎉

And, there's still so much to do. But with equal quantities of luck and caffeine, I can screencast some early prototypes for you before too long.

I believe #E2EE is important for the #Fediverse because it will give us more ways to use this network, and expand what people can do here.

#deltachat does

- no bindings to public handles/numbers

- no address-book upload

- not do public contact or group discovery

- not have critical persistent server state (!)

Social identification is private, between people though ephemeral #P2P #E2EE messages.

Servers see messages with random sender and recipient addresses, but those can not be mapped to a phone number or public handle. Servers see IP addresses. But you can use Tor, or a VPN, if you want to hide that.

It' not all bad :)

#JustBetweenUs

I've just sent the first end-to-end-encrypted #MLS messages from one #Emissary instance to another.

News from around the USA really has me down, so it's important to celebrate the little wins 🎉

And, there's still so much to do. But with equal quantities of luck and caffeine, I can screencast some early prototypes for you before too long.

I believe #E2EE is important for the #Fediverse because it will give us more ways to use this network, and expand what people can do here.

Another one bites the dust.

https://comitiscapital.com/news/comitis-capital-announces-the-acquisition-of-threema

#Threema #ThreemaApp #ThreemaMessenger #e2ee

cc @soatok

Another one bites the dust.

https://comitiscapital.com/news/comitis-capital-announces-the-acquisition-of-threema

#Threema #ThreemaApp #ThreemaMessenger #e2ee

cc @soatok

Free Open-Source Whistleblower Platform Without Self-Hosting

Anonymous, end-to-end encrypted reporting for journalists, lawyers, employers, and more. Hush Line is a free & open-source whistleblower platform that provides secure, anonymous tip lines with no self-hosting, maintenance, or technical overhead.

🤫 https://hushline.app
@hushlineapp

#whisteleblower #hashline #security #free #report #e2ee #encryption #selfhosting #anonymous #journalism #lawers #employ #opensource #freedom

WhatsApp is untrustable

TL;DR: As the client applications of WhatsApp are closed-source, claims of end-to-end encryption cannot be validated. This invalidates the primary benefit of end-to-end encryption, that is, not needing to trust a third-party. […]

👉 https://toki.la/posts/whatsapp

#whatsapp #notSecure #e2ee #chat #security #endtoendencryption #itsec #itsecurity #invalidites #closedsource #WhatsappMarketing

Free Open-Source Whistleblower Platform Without Self-Hosting

Anonymous, end-to-end encrypted reporting for journalists, lawyers, employers, and more. Hush Line is a free & open-source whistleblower platform that provides secure, anonymous tip lines with no self-hosting, maintenance, or technical overhead.

🤫 https://hushline.app
@hushlineapp

#whisteleblower #hashline #security #free #report #e2ee #encryption #selfhosting #anonymous #journalism #lawers #employ #opensource #freedom

It's called Inbox for a reason, I'm working on Encrypted Direct Messages that will interoperate with Pixelfed's upcoming E2EE DMs 😎

#Loops #E2EE #EncryptedDirectMessages

If you are at #39c3 and want to learn more about the current advances we made in the SDK of @nextgraph thanks to the contributions of @laurin ., he will be presenting his work on Tuesday the 30th at 10:30 in the CDC Triangle.

#localfirst #p2p #p4p #e2ee #crdts #decentralization #semanticweb #rdf #activitypub

https://events.ccc.de/congress/2025/hub/de/event/detail/nextgraph-demo-local-first-e2ee-rdf-graph-db-and-a

If you are at #39c3 and want to learn more about the current advances we made in the SDK of @nextgraph thanks to the contributions of @laurin ., he will be presenting his work on Tuesday the 30th at 10:30 in the CDC Triangle.

#localfirst #p2p #p4p #e2ee #crdts #decentralization #semanticweb #rdf #activitypub

https://events.ccc.de/congress/2025/hub/de/event/detail/nextgraph-demo-local-first-e2ee-rdf-graph-db-and-a

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

@bob

I'm happy with this #MLS #e2ee development.

Just not with the way in which the #ActivityPub #fediverse now evolves, i.e. on the basis of protocol decay, tech debt, and whack-a-mole development. Which have been my #sighs and frustration in the past years of #SocialHub facilitation and #SocialWeb advocacy.

Where I have use cases is in Personal #SocialNetworking, to enable #DelightfulCommons participation, and subsequently work collectively on #GrassrootsStandards

https://coding.social/introduction/#personal-social-networking

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

Big news for the #Fediverse! End-to-end encryption is coming to #ActivityPub.

@swf with support from @sovtechfund is coordinating two interoperable implementations.

Bonfire is proud to be one of these first two projects, alongside #Emissary by @benpate

We think #E2EE should simply be the default for any private communications, and we’re especially thrilled to bring private, trusted collaboration to the fediverse.

#JustBetweenUs #Privacy #Encryption #SocialWeb

🔐 Did CryptPad help you this year?

Millions of documents were written and shared on CryptPad this year, all encrypted on the user’s device.

If every active user gave 5 EUR in December, the project could be funded for all of 2026 without external grants.

If you want to support private, open-source collaboration, you can donate here:
👉 https://opencollective.com/cryptpad

Thank you to everyone who already supports us 💚.

#CryptPad #FLOSS #Privacy #E2EE #DigitalSustainability

🔐 Did CryptPad help you this year?

Millions of documents were written and shared on CryptPad this year, all encrypted on the user’s device.

If every active user gave 5 EUR in December, the project could be funded for all of 2026 without external grants.

If you want to support private, open-source collaboration, you can donate here:
👉 https://opencollective.com/cryptpad

Thank you to everyone who already supports us 💚.

#CryptPad #FLOSS #Privacy #E2EE #DigitalSustainability

I just started using @delta and it's just great!
Quick and straigthforward sign-up process, very cool features, no ads, no AI crap, allows text, image and voice messages, groups, multiple accounts. And free! (based on donations).
Everything is end to end encrypted, can be synced across devices and zero personal data is required whatsoever to create an account (no phone number, no email). Using standard yet powerful chatmail relays.

My daughter needs to communicate with a correspondent in another country, she has no phone but can use a laptop, so this is perfect. Also we can create a family group 😊

Kudos to the team behind this amazing project.
#foss #e2ee

I just started using @delta and it's just great!
Quick and straigthforward sign-up process, very cool features, no ads, no AI crap, allows text, image and voice messages, groups, multiple accounts. And free! (based on donations).
Everything is end to end encrypted, can be synced across devices and zero personal data is required whatsoever to create an account (no phone number, no email). Using standard yet powerful chatmail relays.

My daughter needs to communicate with a correspondent in another country, she has no phone but can use a laptop, so this is perfect. Also we can create a family group 😊

Kudos to the team behind this amazing project.
#foss #e2ee

@raucao It is also not a part of the official Mastodon Roadmap even though there are some open issues in the GitHub repository concerning E2EE.

I personally hope that it will get integrated into ActivityPub and/or Mastodon but for 2026 and 2027 I do not see any signs that there is anything remotely close to being published.

#E2EE #Issue​s #Github: https://github.com/mastodon/mastodon/issues?q=is%3Aissue%20state%3Aopen%20e2ee
#Mastodon #Public #Roadmap: https://joinmastodon.org/roadmap

End-to-end Encryption (E2EE) over ActivityPub

Encrypted direct messages supply the confidence that people need to connect with family, friends and colleagues privately over a social network. As part of the Summer of Protocols 2024, we explore the integration of end-to-end encryption (E2EE) into the ActivityPub protocol.

https://socialwebfoundation.org/program-protocol-e2ee/

#ActivityPub #E2EE #SocialWeb #Foundation #SocialWebFoundation #Encryption #Verschlüsselung #Sicherheit #Privatnachricht

Ganz grundsätzlich muss jetzt sicher gestellt werden, dass #E2EE geschützt wird und nicht Client-Side-Scanning durch die Hintertür verhandelt wird.
Auch verpflichtetende Altersverifikation müssen dringend ausgeschlossen werden.

What is going on in #France with their craze for restricting user freedoms?

Now they are intimidating #GrapheneOS developers, because they make good software with actual security from start to finish??

If you get a new phone, get a #GooglePixel with GrapheneOS. Donate to them, they can use the support.

Show these totalitarian #Surveillance States that #Privacy and #ITSecurity are important for everyone, not only people breaking legitimate laws.

#ChatControl #E2EE #ANSSI #EUNews

Are there any fediverse apps where the bulk of the processing, the rendering, and the authoritative datastore are all on the client? In other words, where the server does almost nothing but forward messages to clients and other servers, and minimizes storage on the server?

This structure seems necessary for a privacy-centric app, in order to minimize how much a user needs to trust their own server and possibly other servers. E2ee will help a lot, but it would be even better if servers didn't store who all our follows and followers are, for example.

Just brainstorming on how to get to a fediverse app with good privacy. I wrote a non-AP app like this with a simple UI, but I'd much rather take an existing fediverse app with a well-developed UX and modify it as needed. So that's what I'm looking for.

Thanks for any ideas!

#fediverse #privacy #e2ee #FediverseApp

Are there any fediverse apps where the bulk of the processing, the rendering, and the authoritative datastore are all on the client? In other words, where the server does almost nothing but forward messages to clients and other servers, and minimizes storage on the server?

This structure seems necessary for a privacy-centric app, in order to minimize how much a user needs to trust their own server and possibly other servers. E2ee will help a lot, but it would be even better if servers didn't store who all our follows and followers are, for example.

Just brainstorming on how to get to a fediverse app with good privacy. I wrote a non-AP app like this with a simple UI, but I'd much rather take an existing fediverse app with a well-developed UX and modify it as needed. So that's what I'm looking for.

Thanks for any ideas!

#fediverse #privacy #e2ee #FediverseApp

While constantly accusing the opponents of #ChatControl of spreading false narratives (always without evidence), Peter Hummelgaard has no problems with giving highly misleading answers to journalists.

When asked about security problems with client-side scanning, he first declines to go into specifics on the technical details, and then highlights the voluntary scanning schemes (from 5:00 https://newsroom.consilium.europa.eu/events/20251013-justice-and-home-affairs-council-october-2025/150291-doorstep-danish-eu-presidency-hummelgaard-20251013)

Highly misleading because there is no voluntary scanning with CSS (for #E2EE).

Politicians:
Terrified about citizens that might be sending private messages they cannot read on Signal -> Sudden panic about "protecting the children" 🙃

Also politicians:
Grok AI Chatbot collects data and asks for nudes from a 12-year old -> AI is innovation! We should invest billions in taxpayers money in it! 💰💰💰

https://www.cbc.ca/news/investigates/tesla-grok-mom-9.6956930

#NoAI #NoGrok #E2EE #ChatControl #ProtectTheChildrenForReal

Politicians:
Terrified about citizens that might be sending private messages they cannot read on Signal -> Sudden panic about "protecting the children" 🙃

Also politicians:
Grok AI Chatbot collects data and asks for nudes from a 12-year old -> AI is innovation! We should invest billions in taxpayers money in it! 💰💰💰

https://www.cbc.ca/news/investigates/tesla-grok-mom-9.6956930

#NoAI #NoGrok #E2EE #ChatControl #ProtectTheChildrenForReal

We are excited to share our latest work on making secure messaging more decentralized!

We've developed DMLS – a new approach that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.

This work was made possible by eQualitie, who funded it as part of the SplinterCon Breakout program.

#Cryptography #MessagingLayerSecurity #DecentralizedMessaging #Messaging #OpenSource #Security #E2EE #Encryption

https://blog.phnx.im/making-mls-more-decentralized/

We are excited to share our latest work on making secure messaging more decentralized!

We've developed DMLS – a new approach that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.

This work was made possible by eQualitie, who funded it as part of the SplinterCon Breakout program.

#Cryptography #MessagingLayerSecurity #DecentralizedMessaging #Messaging #OpenSource #Security #E2EE #Encryption

https://blog.phnx.im/making-mls-more-decentralized/

We are excited to share our latest work on making secure messaging more decentralized!

We've developed DMLS – a new approach that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.

This work was made possible by eQualitie, who funded it as part of the SplinterCon Breakout program.

#Cryptography #MessagingLayerSecurity #DecentralizedMessaging #Messaging #OpenSource #Security #E2EE #Encryption

https://blog.phnx.im/making-mls-more-decentralized/

We are excited to share our latest work on making secure messaging more decentralized!

We've developed DMLS – a new approach that brings fork resilience to the MLS protocol, solving a key challenge in distributed systems while maintaining Forward Secrecy.

This work was made possible by eQualitie, who funded it as part of the SplinterCon Breakout program.

#Cryptography #MessagingLayerSecurity #DecentralizedMessaging #Messaging #OpenSource #Security #E2EE #Encryption

https://blog.phnx.im/making-mls-more-decentralized/

Has there been any word on post-quantum encryption for #XMPP #OMEMO?

Or is there some other FOSS #E2EE chat that does have post-quantum encryption?

Has there been any word on post-quantum encryption for #XMPP #OMEMO?

Or is there some other FOSS #E2EE chat that does have post-quantum encryption?

Keiner versteht die Sprache von #enten. Deren Kommunikation ist von Natur aus Ente-zu-Ente verschlüsselt 🦆

#encryption #e2ee

Edit: wäre doch ein netter Marketing Gag für die deutsche Seite von @ente

Keiner versteht die Sprache von #enten. Deren Kommunikation ist von Natur aus Ente-zu-Ente verschlüsselt 🦆

#encryption #e2ee

Edit: wäre doch ein netter Marketing Gag für die deutsche Seite von @ente

Remember, no one and no law can "destroy #E2EE" (as long as the crypto isn't broken). As much as they want to.

1/2

Today October 21st is
Global Encryption Day! 🔒🎉

This is a good time to remember that encryption is essential to online security and digital privacy.

Despite some governments pushing hard to weaken it, we must remind them that we all need encryption, and especially end-to-end encryption, to stay safe online 💚

Privacy is a human right
and end-to-end encryption is one of the best tool we have to enforce that right.

https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

#GlobalEncryptionDay #Encryption #E2EE #Privacy #RootForE2EE

Today October 21st is
Global Encryption Day! 🔒🎉

This is a good time to remember that encryption is essential to online security and digital privacy.

Despite some governments pushing hard to weaken it, we must remind them that we all need encryption, and especially end-to-end encryption, to stay safe online 💚

Privacy is a human right
and end-to-end encryption is one of the best tool we have to enforce that right.

https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

#GlobalEncryptionDay #Encryption #E2EE #Privacy #RootForE2EE

@signalapp
Signal selected Google Gmail as their email provider.

Consider asking for a public PGP encryption key if you are concerned about Google accessing the content of your message, this can provide end-to-end encryption of the message content but the metadata will be available to Google.

Signal: Please publish a key on your website.

Gmail PGP encryption options: https://mastodon.online/@blueghost/114748498901944225

#Signal #Google #Gmail #Encryption #E2EE #Privacy #CyberSecurity #InfoSec #Mailvelope #Thunderbird

Which, if any, do you use/prefer? #chat #e2ee #encryption #privacy #Signal #Telegram #DeltaChat #Matrix #Discord

While constantly accusing the opponents of #ChatControl of spreading false narratives (always without evidence), Peter Hummelgaard has no problems with giving highly misleading answers to journalists.

When asked about security problems with client-side scanning, he first declines to go into specifics on the technical details, and then highlights the voluntary scanning schemes (from 5:00 https://newsroom.consilium.europa.eu/events/20251013-justice-and-home-affairs-council-october-2025/150291-doorstep-danish-eu-presidency-hummelgaard-20251013)

Highly misleading because there is no voluntary scanning with CSS (for #E2EE).

Safety Reminder:

Although the Fediverse is much better than Big Tech for your privacy, no communication here is end-to-end encrypted, and all your Mastodon public and quiet-public posts can be seen by anyone on the internet.

For sensitive communications, you should only use trustworthy applications using end-to-end encryption.

Stay safe 💚

#Mastodon #Fediverse #Safety #Privacy #Encryption #E2EE

Safety Reminder:

Although the Fediverse is much better than Big Tech for your privacy, no communication here is end-to-end encrypted, and all your Mastodon public and quiet-public posts can be seen by anyone on the internet.

For sensitive communications, you should only use trustworthy applications using end-to-end encryption.

Stay safe 💚

#Mastodon #Fediverse #Safety #Privacy #Encryption #E2EE

Safety Reminder:

Although the Fediverse is much better than Big Tech for your privacy, no communication here is end-to-end encrypted, and all your Mastodon public and quiet-public posts can be seen by anyone on the internet.

For sensitive communications, you should only use trustworthy applications using end-to-end encryption.

Stay safe 💚

#Mastodon #Fediverse #Safety #Privacy #Encryption #E2EE

Want to send messages and video calls with:

* no installs
* no sign-ups
* no tracking
* end-to-end encryption

This new prototype uses PeerJS to establish a secure browser-to-browser connection. Everything is ephemeral and cleared when you refresh the page—true zerodata privacy!

Check out the [testable demo here](https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story).

I am working towards a look-and-feel to match Whatsapp as seen in this [hardcoded UI demo](http://glitr.positive-intentions.com).

IMPORTANT NOTE: This is still a work-in-progress and a close-source project. It is based on the open source MVP see [here](https://github.com/positive-intentions/chat). It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.

* Docs: https://positive-intentions.com/docs/category/sparcle
* Reddit: https://www.reddit.com/r/positive_intentions
* GitHub: https://github.com/positive-intentions

#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging

Want to send messages and video calls with:

* no installs
* no sign-ups
* no tracking
* end-to-end encryption

This new prototype uses PeerJS to establish a secure browser-to-browser connection. Everything is ephemeral and cleared when you refresh the page—true zerodata privacy!

Check out the [testable demo here](https://p2p.positive-intentions.com/iframe.html?globals=&id=demo-p2p-messaging--p-2-p-messaging&viewMode=story).

I am working towards a look-and-feel to match Whatsapp as seen in this [hardcoded UI demo](http://glitr.positive-intentions.com).

IMPORTANT NOTE: This is still a work-in-progress and a close-source project. It is based on the open source MVP see [here](https://github.com/positive-intentions/chat). It has NOT been audited or reviewed. For testing purposes only, not a replacement for your current messaging app.

* Docs: https://positive-intentions.com/docs/category/sparcle
* Reddit: https://www.reddit.com/r/positive_intentions
* GitHub: https://github.com/positive-intentions

#P2P #WebRTC #PeerJS #ZeroData #EphemeralData #Encryption #E2EE #BrowserToBrowser #NoInstall #Privacy #Security #Decentralized #Messaging #VideoCall #NoTracking #PrivateMessaging #Prototype #Demo #WorkInProgress #CloseSource #OpenSource #WebDev #GitHub #TechDevelopment #WhatsApp #ChatApp #InstantMessaging

📣 An incredibly important intervention by the German Child Protection Association who have now come out against #EU Chat Control #E2EE

https://brusselssignal.eu/2025/10/german-child-protection-association-against-eu-digital-chat-control/

📣 An incredibly important intervention by the German Child Protection Association who have now come out against #EU Chat Control #E2EE

https://brusselssignal.eu/2025/10/german-child-protection-association-against-eu-digital-chat-control/

Es ist schockierend, dass das @BMDS das sich so klar zu Staatsmodernisierung und Souverenität bekennt. Sich nicht äußern will wenn es um den Schutz von #E2EE geht. Einem Ministerium, dass sich diese Ziele auf die Fahnen geschrieben hat muss klar sein, dass Verschlüsselung und vertrauliche Kommunikation untrennbar von IT-Sicherheit und Souveränität sind.
Hier zu empfehle ich die Lektüre von:
https://arxiv.org/abs/2110.07450
Quelle zur Position des BMDS:
https://netzpolitik.org/2025/chatkontrolle-der-digitalminister-duckt-sich-weg/
#Chatkontrolle #CSS

Es ist schockierend, dass das @BMDS das sich so klar zu Staatsmodernisierung und Souverenität bekennt. Sich nicht äußern will wenn es um den Schutz von #E2EE geht. Einem Ministerium, dass sich diese Ziele auf die Fahnen geschrieben hat muss klar sein, dass Verschlüsselung und vertrauliche Kommunikation untrennbar von IT-Sicherheit und Souveränität sind.
Hier zu empfehle ich die Lektüre von:
https://arxiv.org/abs/2110.07450
Quelle zur Position des BMDS:
https://netzpolitik.org/2025/chatkontrolle-der-digitalminister-duckt-sich-weg/
#Chatkontrolle #CSS

In case you are falsely feeling protected outside of Europe:

Chat Control doesn't just concern Europeans. It concerns all of us.

These kind of regulations will come for all of us, everywhere, if we do not ALL push against it everywhere.

If you do not understand how this is all intertwined, I invite you to read more privacy news and in-depth analysis. Because we must all support each other's privacy fights.

Privacy is a human right 💚

Fight for a better world, together ✊🌍

#ChatControl #AgeVerification #DataMinimization #HumanRights #DigitalRights #Privacy #Encryption #E2EE #RootForE2EE 🎉

🕑 EU Citizens have 4 days: the clock is ticking!

European countries are finalizing their positions on Chat Control this Friday. If your country supports Chat Control, it is vital you contact your representatives and voice your opposition to the EU's latest surveillance and censorship tactic. 🇪🇺

The latest from staff writer Em: https://www.privacyguides.org/articles/2025/09/08/chat-control-must-be-stopped/

#ChatControl #EU #Privacy #E2EE #StopChatControl #CSAR #ChatControle #Bulgaria #Croatia #Cyprus #Denmark #France #Hungary #Ireland #Italy #Latvia #Lithuania #Malta #Portugal #Slovakia #Spain #Sweden #EUpol #CSARegulation #Article #PrivacyGuides

Diesen Freitag soll im Rat erneut über die #Chatkontrolle abgestimmt werden.
Erneut warnen über 400 Wissenschaftlerinnen vor dem aktuellen Vorschlag und den Implikationen für #E2EE
https://csa-scientist-open-letter.org/Sep2025

Der dänische Vorschlag ist wie schon geschrieben ein gefährlicher Rückschritt, eine Zusammenfassung findet ihr hier:
https://edri.org/our-work/denmark-council-deadlock-on-the-csa-regulation-are-they-genuinely-trying/

🕑 EU Citizens have 4 days: the clock is ticking!

European countries are finalizing their positions on Chat Control this Friday. If your country supports Chat Control, it is vital you contact your representatives and voice your opposition to the EU's latest surveillance and censorship tactic. 🇪🇺

The latest from staff writer Em: https://www.privacyguides.org/articles/2025/09/08/chat-control-must-be-stopped/

#ChatControl #EU #Privacy #E2EE #StopChatControl #CSAR #ChatControle #Bulgaria #Croatia #Cyprus #Denmark #France #Hungary #Ireland #Italy #Latvia #Lithuania #Malta #Portugal #Slovakia #Spain #Sweden #EUpol #CSARegulation #Article #PrivacyGuides

🕑 EU Citizens have 4 days: the clock is ticking!

European countries are finalizing their positions on Chat Control this Friday. If your country supports Chat Control, it is vital you contact your representatives and voice your opposition to the EU's latest surveillance and censorship tactic. 🇪🇺

The latest from staff writer Em: https://www.privacyguides.org/articles/2025/09/08/chat-control-must-be-stopped/

#ChatControl #EU #Privacy #E2EE #StopChatControl #CSAR #ChatControle #Bulgaria #Croatia #Cyprus #Denmark #France #Hungary #Ireland #Italy #Latvia #Lithuania #Malta #Portugal #Slovakia #Spain #Sweden #EUpol #CSARegulation #Article #PrivacyGuides

🕑 EU Citizens have 4 days: the clock is ticking!

European countries are finalizing their positions on Chat Control this Friday. If your country supports Chat Control, it is vital you contact your representatives and voice your opposition to the EU's latest surveillance and censorship tactic. 🇪🇺

The latest from staff writer Em: https://www.privacyguides.org/articles/2025/09/08/chat-control-must-be-stopped/

#ChatControl #EU #Privacy #E2EE #StopChatControl #CSAR #ChatControle #Bulgaria #Croatia #Cyprus #Denmark #France #Hungary #Ireland #Italy #Latvia #Lithuania #Malta #Portugal #Slovakia #Spain #Sweden #EUpol #CSARegulation #Article #PrivacyGuides

🕑 EU Citizens have 4 days: the clock is ticking!

European countries are finalizing their positions on Chat Control this Friday. If your country supports Chat Control, it is vital you contact your representatives and voice your opposition to the EU's latest surveillance and censorship tactic. 🇪🇺

The latest from staff writer Em: https://www.privacyguides.org/articles/2025/09/08/chat-control-must-be-stopped/

#ChatControl #EU #Privacy #E2EE #StopChatControl #CSAR #ChatControle #Bulgaria #Croatia #Cyprus #Denmark #France #Hungary #Ireland #Italy #Latvia #Lithuania #Malta #Portugal #Slovakia #Spain #Sweden #EUpol #CSARegulation #Article #PrivacyGuides

More than 90% of all my communications are going through @signalapp . I don't know what I would do without it.

I'm so scared anything could happen to it. That's why I give them money every month, and you should too if you can 💙👇

Support Signal: https://signal.org/donate/

#Privacy #Signal #Messaging #E2EE

More than 90% of all my communications are going through @signalapp . I don't know what I would do without it.

I'm so scared anything could happen to it. That's why I give them money every month, and you should too if you can 💙👇

Support Signal: https://signal.org/donate/

#Privacy #Signal #Messaging #E2EE

Step 3: turned off #iCloud syncing of calendar, notes, contacts etc. in favour of local syncing (first time via USB from my mac Mini, then after that by WiFi). Clunky, but works. Might switch to an alternative #E2EE service, like Proton or fastmail, soon

I find it deeply troubling that the @EUCommission is using #Signal to communicate. End-to-end #e2ee encryption and disappearing messages have no place in public administration. Society has a right to #transparency from the people who work for them. We pay their salaries and we deserve to know what they do with the power we give them.

The worst part: While they hide THEIR communications they want to enforce #ChatControl to break OUR #privacy

https://www.ftm.eu/articles/von-der-leyen-puts-signal-messages-autodelete

I find it deeply troubling that the @EUCommission is using #Signal to communicate. End-to-end #e2ee encryption and disappearing messages have no place in public administration. Society has a right to #transparency from the people who work for them. We pay their salaries and we deserve to know what they do with the power we give them.

The worst part: While they hide THEIR communications they want to enforce #ChatControl to break OUR #privacy

https://www.ftm.eu/articles/von-der-leyen-puts-signal-messages-autodelete

Lakiesitys, joka vain ei suostu kuolemaan:

Tanskan ehdotus vahvasti salatun viestiliikenteen murtamiseksi Euroopan Unionissa saattaa mennä läpi - Suomi päätti vastustaa, mutta se ei välttämättä riitä

https://dawn.fi/uutiset/2025/08/29/csam-tanskan-esitys-suomi-vastustaa

#chatcontrol #csam #uutinen #yksityisyys #sananvapaus #salaus #e2ee #teknologia #euroopanunioni #tanska #tekniikka

"Parents who find Signal on their child's phone should contact the police." - Petra Lundh, Sweden's National Police Commissioner

I don’t know what’s worse: if they actually believe this, or if they’re deliberately trying to fool the masses. Both are terrifying.

Framing a basic right to private communication as a danger isn’t just careless, it’s harmful.

What’s next? Criminals drive cars, call us if you see one.

https://www.tv4.se/artikel/3SFX15URbIpuIgTK6lLc7C/journalisten-rasar-mot-rikspolischefens-signal-uttalande-bara-knaeppt

#privacy #signal #E2EE #chatcontrol #encryption #freespeech #digitalrights #surveillance #police

"Parents who find Signal on their child's phone should contact the police." - Petra Lundh, Sweden's National Police Commissioner

I don’t know what’s worse: if they actually believe this, or if they’re deliberately trying to fool the masses. Both are terrifying.

Framing a basic right to private communication as a danger isn’t just careless, it’s harmful.

What’s next? Criminals drive cars, call us if you see one.

https://www.tv4.se/artikel/3SFX15URbIpuIgTK6lLc7C/journalisten-rasar-mot-rikspolischefens-signal-uttalande-bara-knaeppt

#privacy #signal #E2EE #chatcontrol #encryption #freespeech #digitalrights #surveillance #police

The UK has pulled its order to put a backdoor into Apple's encrypted services.

BUT "powers to attack encryption are still on the law books, and pose a serious risk to user security and protection against criminal abuse of our data."

🗣️ @jim, ORG Exec Director.

https://www.bbc.co.uk/news/articles/cdj2m3rrk74o

#apple #encryption #e2ee #privacy #security #cybersecurity #ukpolitics #ukpol

In case you are falsely feeling protected outside of Europe:

Chat Control doesn't just concern Europeans. It concerns all of us.

These kind of regulations will come for all of us, everywhere, if we do not ALL push against it everywhere.

If you do not understand how this is all intertwined, I invite you to read more privacy news and in-depth analysis. Because we must all support each other's privacy fights.

Privacy is a human right 💚

Fight for a better world, together ✊🌍

#ChatControl #AgeVerification #DataMinimization #HumanRights #DigitalRights #Privacy #Encryption #E2EE #RootForE2EE 🎉

NO to Chat Control 🚫

NO to Encryption Backdoors 🚫

NO to Age-Verification 🚫

NO to KOSA 🚫

Privacy is a human right 🔒💚

#Privacy #ChatControl #NoChatControl #KOSA #AgeVerification #Encryption #E2EE #RootForE2EE #PrivacyIsAHumanRight

They didn’t not tell us to break encryption 🤐

First Apple, now the UK government has seemingly ordered a backdoor into Google’s encrypted services.

To access anyone’s data, files and photos, they’re happy to break everyone’s security 😵‍💫

Read more ⬇️

https://www.openrightsgroup.org/press-releases/google-refuses-to-deny-uk-encryption-demands/

#e2ee #encryption #privacy #security #google #apple #ukpolitics #ukpol #surveillance #cybersecurity #android

They didn’t not tell us to break encryption 🤐

First Apple, now the UK government has seemingly ordered a backdoor into Google’s encrypted services.

To access anyone’s data, files and photos, they’re happy to break everyone’s security 😵‍💫

Read more ⬇️

https://www.openrightsgroup.org/press-releases/google-refuses-to-deny-uk-encryption-demands/

#e2ee #encryption #privacy #security #google #apple #ukpolitics #ukpol #surveillance #cybersecurity #android

@pancake every post, comment and like in the social network is #e2ee thanks to #DeltaChat, the container super-app, but if you want forward-secrecy-secure ephemeral #p2p communications inside a Delta Chat chat, there is the "Live Chat" mini-app in the store (IRC style plus /me and "foo is typing..." support!!)

@delta

I mean, these ain't like in the old days where a few Megabytes got you #Pidgin and other Multi-Protocol Clients of the old days where everyone had to implement bespoke, custom and incompatible and *often completely undocumented, proprietary * protocols like #ICQ, #AIM, #SIPE, etc.

• Nowadays all these do have some kind of #WebApp or Web Interface one can just login (because *none of them do proper #E2EE with #SelfCustody of all the keys!) so this should be way easier these days: All they do is do HTTP(S) GET/POST so the most critical part is to attain credentials like a #Login #cookie and to basically run a console on i.e. #Firefox to reverse-engineer the #API...

Magical backdoor only for "the good guys" is a complete fantasy 🔑✨

Let's say the strategy is akin to creating a MagicalKey that unlocks every door (a magical key because thinking encryption backdoors would only be used by "the good guys" is a great example of magical thinking).

Imagine only 1000 police officers have MagicalKeys.

Overtime, let's say only 1% of the police officers accidentally lose their MagicalKey. Now 10 MagicalKeys are lost in the wild and could be used by anyone else, for any purposes, including crime.

Then, let's say only 0.1% of police officers get corrupted by a crime gang. That's just one right? This corrupted "good guy" lets the gang create a double of the MagicalKey. Which crime gang wouldn't want a key that can magically open any door?

Now, the gang creates doubles of the MagicalKey they have. They use it subtly at first to avoid detection. They make sure they never leave traces behind, so victims have no idea their door got unlocked.

During this time, they steal your data, they sell it, they use it to impersonate you, they use it to harm you and your loved ones.

Then, another criminal figures out on their own how to emulate a MagicalKey without even having access to one.

The criminal creates a reproducible mold for this Emulated-MagicalKey and sells it to other criminals on the criminal market. Now, the MagicalKey™️ is available to any criminals looking for it.

Restrictions on the backdoor are off. Your personal data is up for grabs.

This is what is going to happen if backdoors are implemented in end-to-end encryption. But don't worry they say, "it's only for the good guys!".

At least, the criminals' data will also be up for grabs, right?

Nope! The criminals knew about this, so they just started using different channels that weren't impacted.

Criminals will have their privacy intact, they don't care about using illegal tools, but your legal privacy protections will be gone.

Backdoored end-to-end encryption isn't end-to-end anymore, it's just open-ended encryption. This offers pretty much no protection at all.

Extract from: https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

#Privacy #Encryption #E2EE #RootForE2EE

Magical backdoor only for "the good guys" is a complete fantasy 🔑✨

Let's say the strategy is akin to creating a MagicalKey that unlocks every door (a magical key because thinking encryption backdoors would only be used by "the good guys" is a great example of magical thinking).

Imagine only 1000 police officers have MagicalKeys.

Overtime, let's say only 1% of the police officers accidentally lose their MagicalKey. Now 10 MagicalKeys are lost in the wild and could be used by anyone else, for any purposes, including crime.

Then, let's say only 0.1% of police officers get corrupted by a crime gang. That's just one right? This corrupted "good guy" lets the gang create a double of the MagicalKey. Which crime gang wouldn't want a key that can magically open any door?

Now, the gang creates doubles of the MagicalKey they have. They use it subtly at first to avoid detection. They make sure they never leave traces behind, so victims have no idea their door got unlocked.

During this time, they steal your data, they sell it, they use it to impersonate you, they use it to harm you and your loved ones.

Then, another criminal figures out on their own how to emulate a MagicalKey without even having access to one.

The criminal creates a reproducible mold for this Emulated-MagicalKey and sells it to other criminals on the criminal market. Now, the MagicalKey™️ is available to any criminals looking for it.

Restrictions on the backdoor are off. Your personal data is up for grabs.

This is what is going to happen if backdoors are implemented in end-to-end encryption. But don't worry they say, "it's only for the good guys!".

At least, the criminals' data will also be up for grabs, right?

Nope! The criminals knew about this, so they just started using different channels that weren't impacted.

Criminals will have their privacy intact, they don't care about using illegal tools, but your legal privacy protections will be gone.

Backdoored end-to-end encryption isn't end-to-end anymore, it's just open-ended encryption. This offers pretty much no protection at all.

Extract from: https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

#Privacy #Encryption #E2EE #RootForE2EE

Magical backdoor only for "the good guys" is a complete fantasy 🔑✨

Let's say the strategy is akin to creating a MagicalKey that unlocks every door (a magical key because thinking encryption backdoors would only be used by "the good guys" is a great example of magical thinking).

Imagine only 1000 police officers have MagicalKeys.

Overtime, let's say only 1% of the police officers accidentally lose their MagicalKey. Now 10 MagicalKeys are lost in the wild and could be used by anyone else, for any purposes, including crime.

Then, let's say only 0.1% of police officers get corrupted by a crime gang. That's just one right? This corrupted "good guy" lets the gang create a double of the MagicalKey. Which crime gang wouldn't want a key that can magically open any door?

Now, the gang creates doubles of the MagicalKey they have. They use it subtly at first to avoid detection. They make sure they never leave traces behind, so victims have no idea their door got unlocked.

During this time, they steal your data, they sell it, they use it to impersonate you, they use it to harm you and your loved ones.

Then, another criminal figures out on their own how to emulate a MagicalKey without even having access to one.

The criminal creates a reproducible mold for this Emulated-MagicalKey and sells it to other criminals on the criminal market. Now, the MagicalKey™️ is available to any criminals looking for it.

Restrictions on the backdoor are off. Your personal data is up for grabs.

This is what is going to happen if backdoors are implemented in end-to-end encryption. But don't worry they say, "it's only for the good guys!".

At least, the criminals' data will also be up for grabs, right?

Nope! The criminals knew about this, so they just started using different channels that weren't impacted.

Criminals will have their privacy intact, they don't care about using illegal tools, but your legal privacy protections will be gone.

Backdoored end-to-end encryption isn't end-to-end anymore, it's just open-ended encryption. This offers pretty much no protection at all.

Extract from: https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

#Privacy #Encryption #E2EE #RootForE2EE

All #encryption #e2ee experts around the world — please consider applying to save the EU from its own fuckwitted police ideas about “safe” backdoors
From: @aristot73
https://infosec.exchange/@aristot73/114756135579776190

All #encryption #e2ee experts around the world — please consider applying to save the EU from its own fuckwitted police ideas about “safe” backdoors
From: @aristot73
https://infosec.exchange/@aristot73/114756135579776190

Hier nochmal der ganze Überblick zum aktuellen Kampf um #Chatkontrolle und #E2EE
📅 Dezember 2024
Die High-Level Working Group „Going Dark“ stellt erste Pläne zur Umgehung von Verschlüsselung vor. Einordnung von der Zivilgesellschaft:
👉 https://www.ccc.de/de/updates/2024/gegen-uberzogene-eu-uberwachungsplane

📅 April 2025
Die EU-Kommission legt mit dem #ProtectEU-Fahrplan ein umfassendes Überwachungskonzept vor:
👉 https://edri.org/our-work/protecteu-security-strategy-a-step-further-towards-a-digital-dystopian-future/

1/x