As promised, here is the technical audit of Signal (v8.3.4) and Wire (v4.21.0) using the GAMA v1.0 methodology. Analysis is strictly based on evidence from production binaries (DEX, ELF, Smali).Key Findings:Post-Quantum: Signal uses a continuous PQ-ratchet (ML-KEM1024). Wire implements a hybrid KEM (Kyber768 Draft) in MLS setup.Metadata: Signal's Sealed Sender v2 obfuscates the social graph. Wire's architecture prioritizes enterprise federation over metadata hiding.Telemetry: Detected a Firebase Measurement Connector bridge in Wire's production build.Integrity: Binary evidence of Signal’s SVR2 Noise channel for SGX-backed PIN recovery.I have also corrected material errors from my preliminary notes regarding SQLCipher and PQC in Wire. This is an objective look at architectural trade-offs.Feedback and peer review are welcome to improve the GAMA framework.Full Report:
https://blackcodeitalia.wordpress.com/2026/03/22/comparative-binary-analysis-of-signal-8-3-4-and-wire-4-21-0-a-gama-v1-0-perspective/

for gama methods availabile on my github repository

#Infosec #Signal #Wire #SignalApp #WireApp #Cybersecurity #BinaryAnalysis #GAMA #PostQuantum #Privacy

Quantum computers threaten to break most modern cryptography within minutes — perhaps seconds. The theoretical threat is becoming practical reality.

What stands to be compromised:

Financial systems and transactions

Government communications and classified information

Medical records and health data

Corporate trade secrets and intellectual property

Personal communications and private messages

The "harvest now, decrypt later" strategy is already in use. State actors are collecting encrypted data today, anticipating future quantum decryption capabilities.

NIST's post-quantum cryptography competition has identified promising algorithms across several approaches: lattice-based, code-based, multivariate, and hash-based cryptography. Each presents trade-offs in performance, key size, and implementation complexity.

The transition will cost billions globally. The geopolitical stakes are immense: the nation that achieves practical quantum computing first gains unprecedented strategic advantage — the ability to decrypt adversaries' communications, access protected state secrets, and undermine financial systems.

This is a quantum arms race. The winner may effectively read the digital world's thoughts.
https://newsgroup.site/quantum-computing-cryptography-threat-encryption-2026/
#QuantumComputing #Cryptography #PostQuantum #NIST #CyberSecurity #DataPrivacy

Croudsourcing information on post-quantum enabled TPMs.

Do these exist yet, are there any #OSS friendly laptops shipping themyet?

#OSS #OpenSource #cryptography #PostQuantum #crypto #PQC

This Wed I am teaching SANS SEC529: Quantum Security Readiness for Executives.

1 day, virtual, 3 hands-on labs.

Not a quantum hype session. This is the operational, practical course. Myth-busing, what you really have to do, how to build a practical migration plan, how to put together a budget.

Built for CISOs and security leaders who need to start moving now (i.e. everyone).

Register: https://www.sans.org/cyber-security-courses/quantum-security-readiness-executives

#infosec #quantumcomputing #pqc #postquantum #cybersecurity #SANS

Static + dynamic analysis of Signal's APK. The good news first: Signal is genuinely exceptional.

Rust core (libsignal_jni.so), post-quantum hybrid Double Ratchet (Kyber-1024 + X25519), Direct ByteBuffers with immediate zeroing after PIN/username hashing, Intel SGX attestation for SVR — MREnclave verification means even a compromised Signal server can't extract your PIN hash.

But two things stood out:

1. Firebase is always there. Google receives IP + notification timestamps regardless of message content. If you need metadata privacy, Signal still leaks presence data to Google's infrastructure.

2. Certificate revocation endpoints hit http://g.symcd.com in plaintext. An ISP or state-level observer can fingerprint Signal usage from DNS queries and HTTP traffic to those CAs — without touching message content.

Conclusion: strongest crypto engineering in consumer messaging. The attack surface isn't the cryptography. It's the operational dependencies.

Soon the full analysis

#infosec #AndroidSecurity #Signal #privacy #ReverseEngineering #postquantum #mobileforensics

DATE: March 11, 2026 at 07:34PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

How #Healthcare Can Get Started Addressing #PostQuantum Risk https://t.co/6787maq6ay

Here are any URLs found in the article text:

https://t.co/6787maq6ay

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

DATE: March 11, 2026 at 07:27PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

#MedicalDevice Concerns for a #PostQuantum World https://t.co/6yFwJuGogB

Here are any URLs found in the article text:

https://t.co/6yFwJuGogB

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Most traditional systems of encryption were designed with current technology in mind. Change is a threat.

Quantumography is designed with tomorrow in mind, to help protect you from tomorrow's threats.

Insure tomorrow with Quantumography.

#Quantumography #FutureEncryption #PostQuantum #CyberSecurity #DataProtection #Neuronus

Researchers warn that advances in quantum computing could break current crypto wallet encryption within years. Post-quantum cryptography is being developed to secure exchanges and wallets against future quantum attacks. The shift would require significant infrastructure changes across the crypto ecosystem.

https://decrypt.co/360394/post-quantum-shift-crypto-exchanges-wallet-security #Blockchain #Crypto #Security #PostQuantum