PrivacyDigest5h ago

A Secure #Chat App’s #Encryption Is So Bad It Is ‘Meaningless’

TeleGuard, an app that markets itself as a secure, end-to-end encrypted messaging platform …implements its encryption so poorly that an attacker can trivially access a user’s private key & decrypt their messages,…#TeleGuard also uploads users’ private keys to a company server, … could decrypt its users’ messages, & the key can also at least partially be derived from simply intercepting a user’s traffic
#e2ee

https://www.404media.co/a-secure-chat-apps-encryption-is-so-bad-it-is-meaningless/

A Secure Chat App’s Encryption Is So Bad It Is ‘Meaningless’

TeleGuard is an app downloaded more a million times that markets itself as a secure way to chat. The app uploads users’ private keys to the company’s server, and makes decryption of messages trivial.

404 Media
Built In EU13h ago

Proton launched end-to-end encrypted video conferencing on March 31.

Proton Meet uses the open-source MLS protocol; even Proton can't access your calls. Free for up to 50 participants.

A real European alternative to Zoom and Teams, built in Switzerland.

https://builtineu.eu/news/proton-meet-encrypted-video-conferencing-europe-2026

#Privacy #Proton #E2EE #EUTech #VideoConferencing #ProtonMeet

Proton Meet Gives Europe a Zoom Alternative With Real Privacy

Proton launched end-to-end encrypted video conferencing. Proton Meet uses open-source MLS encryption and supports up to 50 free participants.

BuiltInEu
Lyra1d ago
CW: discussion of child sexual abuse material in the context of EU legislation

I finally finished my deep dive into Chat Control and the various issues it has both legally and technically feel free to give it a read, or don't its a rather long piece at 7878 words ^^

https://vixen.moe/chat-control-the-technical-and-legal-case-against-mass-scanning/

#eu #law #chatcontrol #privacy #surveillance #security #ai #tech #datenschutz #e2ee
Chat Control: The Technical and Legal Case Against Mass Scanning

The EU is moving to make a temporary emergency measure permanent. The proportionality questions it was supposed to defer? Still unanswered.

Vixen
maniabel2d ago

Wer hört mit und schaut zu? Falls jemensch ein Bedürfnis nach digitaler Souveränität verspürt, könnte der neue Proton-Service ProtonMeet eine Alternative zu BigTech sein.

Mehr dazu: https://digiprax.maniabel.work/archiv/1158

#digitalesouveränität #proton #protonmeet #privacy #e2ee #videocalls #up2date

Erik Jonker2d ago
Older paper but worth reading: "Our findings reveal that mechanisms embedded in modern E2EE messaging architectures – such as delivery receipts and multi-device support – can have significant implications on user privacy. Consequently, it is essential to balance functional requirements, usability and convenience with privacy and security, particularly in E2EE applications that are inherently privacy-sensitive per design."
https://arxiv.org/abs/2411.11194
#cybersecurity #carelesswhisper #E2EE #chat
Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers

With over 3 billion users globally, mobile instant messaging apps have become indispensable for both personal and professional communication. Besides plain messaging, many services implement additional features such as delivery and read receipts informing a user when a message has successfully reached its target. This paper highlights that delivery receipts can pose significant privacy risks to users. We use specifically crafted messages that trigger delivery receipts allowing any user to be pinged without their knowledge or consent. By using this technique at high frequency, we demonstrate how an attacker could extract private information such as the online and activity status of a victim, e.g., screen on/off. Moreover, we can infer the number of currently active user devices and their operating system, as well as launch resource exhaustion attacks, such as draining a user's battery or data allowance, all without generating any notification on the target side. Due to the widespread adoption of vulnerable messengers (WhatsApp and Signal) and the fact that any user can be targeted simply by knowing their phone number, we argue for a design change to address this issue.

arXiv.org
Habr3d ago

12 слов вместо номера телефона: как мы сделали мессенджер невидимым для файрволов

BIP39 вместо номера телефона, ECDH P-256 + AES-256-GCM, non-extractable CryptoKey, трафик неотличимый от HTTPS. Как это устроено, что сломалось в процессе и почему некоторые решения были болезненными.

https://habr.com/ru/articles/1016900/

#e2ee #мессенджер #шифрование #bip39 #web_crypto_api #pwa #seed_phrase #приватность #dpi #typescript

12 слов вместо номера телефона: как мы сделали мессенджер невидимым для файрволов

Тот вечер я помню хорошо. Двадцать минут в звонке, пытаясь объяснить человеку как установить VPN. Через пару дней и этот способ тоже закрыли. Но это была не единственная боль. Простой звонок другу в...

Хабр
Holos Social5d ago
#Holos started at the end of 2025. A full #ActivityPub server now runs on your phone, with the ability to use your own domain as your identity, #E2EE DMs via Signal Protocol, zero-knowledge encrypted backup, #ActivityPub media served from your own cloud, a tailored timeline based on your interests thanks to #HolosDiscover, and the ability to switch views depending on your mood or the content you want to browse. Thank you for your feedback and support that helped to go through these steps.
Show threadRené5d ago
@barbarakathmann #lumo van #proton is #e2ee #privacy
Ю ⁂6d ago

I had a dream where @signalapp and @Tutanota released an end-to-end-encrypted note-taking app and I couldn't decide which one to use since they were both good.

#e2ee #privacy

Aubreader Masto6d ago

Everyone Cheering The Social Media Addiction Verdicts Against Meta Should Understand What They’re Actually Cheering For | Techdirt

https://www.techdirt.com/2026/03/26/everyone-cheering-the-social-media-addiction-verdicts-against-meta-should-understand-what-theyre-actually-cheering-for/

> First things first: Meta is a terrible company that has spent years making terrible decisions and being terrible at explaining the challenges of social media trust & safety, all while prioritiz…

#Meta #Section230 #E2EE

Everyone Cheering The Social Media Addiction Verdicts Against Meta Should Understand What They’re Actually Cheering For

First things first: Meta is a terrible company that has spent years making terrible decisions and being terrible at explaining the challenges of social media trust & safety, all while prioritiz…

Techdirt