military grade encryption explained in a single image

Cryptowars Update: "Ghost Participant" Encryption Backdoors & More

#cryptowars #encryption #e2ee #backdoors #communication #security #infosec #cybersecurity #policing #Europe #Florida

https://tube.tchncs.de/w/t75E7TnaBRzeaVnLtNtMs4

I am moving away from #ProtonMail and my main reservation about switching to another provider is that when I don’t use end-to-end encryption (e2ee) my emails would be stored unencrypted in its server, whereas Proton Mail stores all emails with no-access encryption.

I really don’t want sensitive emails that I receive without PGP encryption (medical info, personal government communications…) to be stored without any sort of server-side encryption.

So I’m wondering if it exist some tool that encrypts emails saved in a mailserver even when they are not end-to-end encrypted. Something like @cryptomator, but for emails.

Thoughts? Tips?

(@thunderbird is the main client I would be using)

Edit: someone suggested Posteo, but I have to use my own custom domain, and Posteo does not allow it.

Gmail’s New #Encrypted Messages Feature Opens a Door for #Scams

#Google is rolling out an end-to-end encrypted email feature for business customers, but it could spawn #phishing attacks, particularly in non-Gmail inboxes.
#gmail #e2ee #encryption

https://www.wired.com/story/gmail-end-to-end-encryption-scams/

End-to-End Encryption is only as good as the security stance of the person on the other side. If they're using Windows 11...

https://cyberplace.social/@GossiTheDog/114360637766024432

Hello #mastodon!

We are Oliver, Peter and Simeon from #zeitkapsl
a European alternative for securely storing, sharing, and organizing your precious memories with end-to-end encryption.

No ads. No tracking. Just your memories, safe and sound.​

Für was würdest du dich entscheiden?
#mailboxorg oder #posteode ?
#datenschutz #e2ee #unplugtrump #privacy

If you're using Linux, and you're looking to set up encrypted network-accessible storage, I have a blog post describing how to do that using rclone.

https://michael.kjorling.se/blog/2024/setting-up-encrypted-remote-storage-on-linux-using-rclone/

You can use this with any storage backend that rclone supports, which is *many*:

https://rclone.org/#providers

Note that you'll need to have rclone on any system you want to access your files from.

Not sure if this qualifies as a QT or addendum to https://social.circl.lu/@quinn/114337209093756652

New Privacy Guides article
by me:

Encryption Is Not a Crime

The war against encryption isn't new, but the quantity of data about us that needs protection is.

Despite the senseless attacks,
it is vital that we fight back to protect the right to using end-to-end encryption.

Encryption protects us all: https://www.privacyguides.org/articles/2025/04/11/encryption-is-not-a-crime/

Tech question: What event scheduling tools / platforms offer the best security against passive surveillance, and why?

(boosts welcome)

Florida’s New #SocialMedia Bill Says the Quiet Part Out Loud and Demands an #Encryption #Backdoor
#privacy #florida #e2ee #security

https://www.eff.org/deeplinks/2025/04/floridas-new-social-media-bill-says-quiet-part-out-loud-and-demands-encryption

#signal #whatsapp #e2ee

https://cyberinsider.com/whatsapps-end-to-end-encryption-undermined-by-prekey-depletion-attack/

Sigh. We are, as a security community, making good progress on some old as well as some new topics. #Rust, #Go, and other memory safe systems languages are going well and having a real impact in reducing memory safety issues - which has been the most important security bug class for decades, and we are finally improving! Compartmentalization and isolation of processes and services have now become common knowledge and the minimum bar for new designs. Security and privacy by design are being honored in many new projects, and not just as lip service, but because the involved developers deeply believe in these principles nowadays. #E2EE is finally available to most end-users, both for messaging and backups.

And again and again, we are forced into having discussions (https://www.theregister.com/2025/04/03/eu_backdoor_encryption/) about breaking all the progress.

Let me be clear for Nth time:
* We *cannot* build encryption systems that can only be broken by the "good guys". If they are not completely secure, foreign enemy states, organized crime, and intimate partners will break and abuse them as well. There is no halfway in this technology. Either it is secure or it isn't - for and against everybody.
* We *cannot* build safe, government-controlled censorship filters into our global messaging apps that are not totally broken under the assumption of (current or future) bad government policies and/or insider attacks at the technology providers (https://www.mayrhofer.eu.org/talk/insider-attack-resistance-in-the-android-ecosystem/). Either one-to-one communication remains secure and private, or it doesn't (https://www.ins.jku.at/chatcontrol/).
* We *cannot* allow exploitation of open security vulnerabilities in smartphones or other devices for law enforcement. If they are not closed, they are exploitable by everybody. "Nobody but us" is an illusion, and makes everybody less secure.

My latest recorded public talk on the topic was https://www.mayrhofer.eu.org/talk/secure-messaging-and-attacks-against-it/, and nothing factual has changed since then. Policymakers keep asking for a different technological reality than the one we live in, and that sort of thing doesn't tend to produce good, sustainable outcomes.

(Edited to only fix a typo. No content changes.)

CC @epicenter_works @edri @suka_hiroaki @heisec @matthew_d_green @ilumium