Let's Encrypt is 10 years old today!
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Huge thanks to everyone involved in making HTTPS available to everyone for free

letsencrypt.org/

#tech #technology #security #privacy #encryption #https #letsencrypt #ISRG

Let's Encrypt

Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Read all about our nonprofit work this year in our 2023 Annual Report.

^{letsencrypt.org}

Brauchst du wirklich ein VPN?

Zu vielen Themen im IT-Bereich gibt es kontroverse Ansichten/Meinungen. Eines dieser Themen ist zweifellos Virtual Private Network (VPN). Insbesondere dubiose VPN-Anbieter verbreiten falsche Informationen und Aussagen. Im Folgenden sind einige Kriterien aufgeführt, was ein VPN leisten kann und was nicht. 👇

kuketz-blog.de/brauchst-du-wir…

#vpn #sicherheit #security #bullshit #mythen

Brauchst du wirklich ein VPN?

Zu vielen Themen im IT-Bereich gibt es kontroverse Ansichten/Meinungen. Eines dieser Themen ist zweifellos Virtual Private Network (VPN). Insbesondere dubiose…

^{www.kuketz-blog.de}

Oh nice. For a test project I installed a #telegram app on a tablet with an empty #adressbook only to find out that it send out that information to obviously every Telegram user that had my number in their adressbook. How illegal...

And that happened BEFORE I could adjust any settings during the setup. I dont think I just missed that, but that is a big fail. It's been a while, but does #Signal do the same? I hat such practice.
#securemessenger #security #dataprotection

Our Matrix chat rooms are once again being severely impacted by major flaws in the protocol and the main implementations of it. It appears to have been caused by temporarily making rooms invite-only in response to raids targeting our project members and community with harassment.

#GrapheneOS #privacy #security #matrix #synapse #element

#w3cTPAC
A fews weeks ago, @seth, W3C's President and CEO, provided updates from @tag chairs and @w3c team leads on key technical topics for the consortium, including #EthicalWeb principles, #security, #privacy, #accessibility, #identity, #internationalization, and advanced #APIs.

🎬 Watch the video: youtu.be/zR9CQIKT68w

"A sophisticated malware attack on Free and Open Source Software can be disastrous for developers, users, companies & countries", says Philippe Ombredanne.

His project FOSS Code Supply Chain Assurance improves the security of FOSS packages.

"The project scans code to observe and recognize distinguishing features, and then matches the code against databases of those features to identify outliers or red flags."

Read the entire interview here: nlnet.nl/project/FOSS-supplych…

#FOSS #security #NGI0

X-it: GÉANT is no longer active on #X (fka #Twitter), follow instead at @geant

On p.28-29 of this month's #GÉANT Connect magazine, read how the #European #scientific community are abandoning X en-masse

Twitter has morphed into "a completely different platform which amplifies #hatespeech, #fakenews, #scams, #extreme views, and #illegal content. #Verification badges have lost all meaning, costs have been cut at the expense of #security, #privacy, and #contentmoderation"

connect.geant.org/wp-content/u…

Patrick Breyer fordert zum Widerstand gegen die Chatkontrolle auf und gibt Tipps, wie sich jeder Einzelne aktiv beteiligen kann. Werdet JETZT aktiv, sonst kann es sein, dass die Unvernunft siegt. 👇

patrick-breyer.de/rat-soll-cha…

#chatkontrolle #ChatkontrolleStoppen #sicherheit #security #datenschutz #privacy

Rat soll Chatkontrolle durchwinken - Werde jetzt aktiv!

Der belgische Vorsitz im Rat der EU will die Chatkontrolle am Mittwoch den 19. Juni abstimmen lassen. Damit bestätigen sich die Befürchtungen: die Verfechter der Chatkontrolle wollen ausnutzen, dass es nach den Wahlen weniger öffentliche Aufmerksamke…

^{Patrick Breyer}

It just clicked in my brain. What I haven't been able to articulate about why I'm so anxious about #Windows Recall. I'm sure others have already gotten to where I am.

It's worse than "a system that tracks everything you do" and stores that info in a basic database that could be easily compromised.
It's worse than a nanny surveillance tool for companies to spy on their employees.

It's inescapable.

It doesn't matter if I make a dozen "how to disable recall" tutorials. The second YOUR data shows up on someone ELSE'S screen, it's in THEIR recall database.

It won't matter if you're a master #security expert specialist. You can't account for EVERY other computer you've ever interacted with. If a family member looks up an old email with your personal data in it, your data is now at risk.

If THEIR system is compromised YOUR data is at risk.

I just went from "vague feeling of unease" to "actively writing templates to canvas elected officials, regulators, and attorneys general."

Down the Parcel Hole (gpn22)

Dieser Vortrag beschreibt, wie wir fehlerhafte Prozesse in der Paketverfolgung der meisten deutschen Paketzustelldienste entdeckt haben, wie diese auf unsere Erkenntnisse reagiert haben und warum dies
media.ccc.de/v/gpn22-266-down-… #ccc #Security #gpn22 #2024 #266

Down the Parcel Hole

Dieser Vortrag beschreibt, wie wir fehlerhafte Prozesse in der Paketverfolgung der meisten deutschen Paketzustelldienste entdeckt haben, ...

^media.ccc.de

As #DNS domain names grow in importance, standards and best practices are needed for their responsible integration, e.g. in terms of domain name lifecycles, with applications and protocols.

In his recent talk at last @w3c member meeting in #Hiroshima 🇯🇵, Swapneel Sheth (Verisign) called for community collaboration to develop these standards and best practices to prevent internet #security and stability issues.

🎬 Watch the video: youtu.be/3M5WylC-jbg

#Privacy and #security, fundamental to #HumanRights and civil liberties, have always been key W3C agenda items.

At the recent @w3c member meeting in Hiroshima 🇯🇵, @simone - new W3C Security Lead - outlined a three-pillar approach to security: developing security standards, verifying those standards, and guiding #developers to create a secure web.

🎬 Watch the video: youtu.be/_dq28QMKdeM

Large Language Models (LLMs) are being distributed across many devices and platforms. Having these models available on-device can help reduce the need for sending private data to cloud-hosted systems.

At the @w3c member meeting last month in #Hiroshima 🇯🇵, Chunhui Mo (Huawei) explored what it would take to expose these LLMs to #WebApps through a Web #API and the advantages it could bring in terms of #privacy, #security and #performance.

🎬 Watch the video: youtu.be/7S60LNBAFj0

In the evolving digital landscape, "Identity on the Web" is crucial for online interaction, #privacy and #security.

At the @w3c member meeting in #Hiroshima 🇯🇵, Heather Flanagan, co-chair of the newly created W3C Federated Identity #WorkingGroup discussed challenges in establishing a common understanding of #identity and explored this topic's technological, social, and #ethical dimensions in relation to the W3C’s mission.

▶️ w3.org/groups/wg/fedid/
🎬 Watch the video: youtu.be/GI3UTZJ0Ue4