Are Web Components & Cybersecurity A Better Combo?

I'm not trying to dunk on popular #UI #frameworks – I'm sure they're totally fine for #cybersecurity stuff, probably get loads of reviews and #audits.

But from my angle: Web Components are *native* to the #browser. Doesn't that just inherently reduce the risk of **#SupplyChainAttacks** (you know, like a rogue `npm install` on a bad network) for your #AppSecurity?

Or am I overthinking it, and the #framework choice is less important than the #browser, #OS, or #device running it? What are your thoughts, #DevCommunity?

---

Quick context: I've got a #ReactJS #messagingApp (repo here: https://github.com/positive-intentions/chat) and a separate #UIFramework (repo here: https://github.com/positive-intentions/dim) built with #Lit (which uses Web Components). I'm genuinely wondering if there's a compelling #cybersecurity reason to refactor the chat app to use my #WebComponent UI framework. Might be a whole new level of #SecurityByDesign for #FrontEndDev.

FYI, same question's on Reddit here: https://www.reddit.com/r/ExperiencedDevs/comments/1lmk1rg/are_web_components_better_for_cybersecurity/, got some good #insights, but want to make sure nothing's getting overlooked! Let's discuss #InfoSec #WebDev #JavaScript #OpenSource #TechQuestion.

WhatsApp banned on House staffers' devices

https://www.axios.com/2025/06/23/whatsapp-house-congress-staffers-messaging-app

#HackerNews #WhatsApp #HouseBan #Congress #Staffers #MessagingApp

You know how we've always claimed "#WhatsApp could introduce features that you don't agree with"? Well, we've just got our latest demonstration. WhatsApp has started to introduce #ads to users—"contextual" ones, of course (guess what that means).

cnet.com/tech/services-and-sof…

If Prāv turned evil, we'd have to start with a consensus process like this which would probably get blocked at the first step 🛑

(Not to mention the fact that you could always switch to some other #Jabber/#XMPP supporting app and seamlessly carry on communication as before!)

#Prav #MessagingFreedom #Messaging #MessagingApp #SeizeTheMeansOfCommunication

Considering that both #XMPP and #Matrix re-invented #decentralized communication while #email was already there, makes #deltachat more interesting.

The fact that DC didn't invent a new protocol for #InstantMessaging and just used the protocol which was already there, and also that how far has it gone, is mind blowing.

At first when I was chatting with @treefit, I already was developing a Matrix client(#chooj) for #KaiOS and it was the only decentralized IM which I was using and investing resources into. I was skeptical but then I thought it would be a good idea to invest into DeltaChat, as well as Matrix. His argument, of course, wasn't good. He was arguing that we need multiple options in the case one of decentralized IMs fail. However this convinced me to give DC a try.

But now, I see that DC has very unique advantages no other messenger has. Their moto is "playing the long term" game. Unlike Matrix which suddenly exploded, DC moves very slowly. As an advantage, DC is much more consistent, hassle free, has less bugs(in my experience) and has better UI/UX than many Matrix clients. But it has got several disadvantages. Matrix has tons more features which DC hasn't got or has added them just recently such as editing messages and reactions. And it is not yet suitable for public groups, like the ones we've got in the Matrix network.

Overall, if you want secure chat with friends or family or other people you trust, DeltaChat is a very good option and the experience is very good. And I haven't seen something like #webxdc in any other IM. However if you want something like #Discord guilds for a community, Matrix is the way to go.

BTW, DC currently lacks funding, thanks to what #Trump did with #OpenTechnologyFund(#OTF). If you can help in anyway, financial or otherwise, it will be extra valuable at this point.

Edit:

BTW, here are websites of webxdc and DC:

https://delta.chat
https://webxdc.org/

Edit2: Make sure to check WebXDC, apps shared in #P2P deltachat groups or DMs.

#IM #FOSS #Messenger #MessagingApp #opensource #opensourceIM #freesoftware

WhatsApp Ban? Here’s How to Restore Your Account in Minutes!

#TycoonWorld #WhatsAppBan #WhatsAppRecovery #RestoreWhatsApp #WhatsAppHelp #WhatsAppSupport #UnbanWhatsApp #WhatsAppAccount #WhatsAppTips #TechNews #WhatsAppUpdate #SecureMessaging #WhatsAppGuide #MessagingApp #DigitalSecurity #WhatsAppIndia

https://tycoonworld.in/whatsapp-ban-heres-how-to-restore-your-account-in-minutes/

"So the phones are vulnerable. Imagine literally somebody looking over my shoulder at my phone. They can see what's in it and what I'm texting on #Signal. And so can somebody remotely reading my screen. That does not mean Signal has been compromised. It means the phone has been compromised and you can look inside the tunnel at the opening of the tunnel."

#encryption
#messagingapp

https://www.pbs.org/newshour/show/the-security-vulnerabilities-of-using-signal-to-discuss-military-operations

Telegram Without Phone Number: Everything You Need to Know

In this technology-driven world, several messaging platforms are available to connect with other people, and Telegram is one of them. It is highly known for its speed, security, and other authentic features.

https://www.startupeditor.com/....telegram-without-pho

#telegram #nophonenumber #privacy #virtualnumber #messagingapp #securemessaging #telegramtips #techguide #onlinesecurity #anonymousmessaging

https://www.startupeditor.com/

Thank you @signalapp

#Signal #MessagingApp #Privacy #Security #E2EE #FOSS

RetroShare is a free, cross-platform software for serverless communication, including letters, instant messages, and file exchanges over an encrypted F2F/P2P network. This network is built on GPG algorithms and the Perfect Forward Secrecy protocol.

https://bastyon.com/post?s=5b8ca60211e5f0df4ed3316953990e2650f0881ace9ec7a0325327e5c33b6dbf&ref=PFN2jQQL5PSwEdGP7h5T7JzkZMzeps98P2

What is RetroShare?
RetroShare is part of the darknet class of networks, where connections and data exchanges are limited to a specific group of participants, excluding external contacts. In this network, participants' IP addresses are hidden from each other, except within a trusted circle.
Instead of using IP addresses for packet addressing, RetroShare employs a 128-bit random identifier—an anonymous ID. This makes it nearly impossible to determine the IP addresses of participants, even within a user's close network. In essence, monitoring file-sharing or communication activities is exceedingly difficult, and determining the number of participants in the dark network is non-trivial.
Key Features of Dark Networks
Dark networks like RetroShare share two important characteristics:
Difficult Monitoring: It's hard for external parties to monitor user activities, as they are not connected to the network.
Invisible Connectivity: It is impossible to know whether a user is connected to such a network from outside the immediate environment, making RetroShare hard to detect.
This distinguishes dark (private) anonymous networks from public anonymous networks, where participants' IP addresses can be observed directly or indirectly. Furthermore, connecting to an arbitrary node in RetroShare requires confirmation from the counterpart, which adds an extra layer of privacy.
A Simple Guide to Connecting to RetroShare
This article is for those who want to quickly connect to the RetroShare network without delving into the complexities of accessing it via Tor or I2P. Here's a simple guide to getting started with RetroShare:
Download and Install the Client Program
Visit the official RetroShare website: retroshare.net.
RetroShare is cross-platform, which means it supports various operating systems, including mobile ones! Linux users can build from source, but for simplicity, we’ll use an AppImage.
Set Up the Program
It's recommended to route all traffic through a VPN for added security. Leave it enabled for the duration of RetroShare’s usage. If you’re communicating only with trusted individuals (e.g., family), it’s not critical.
Download the AppImage here: RetroShare AppImage.
Make the file executable by right-clicking and enabling the "Allow execution of the file as a program" option.
Open a terminal and navigate to the file's location: /root/RetroShare-0.6.4.20180313.0e6d27ad-x86_64.AppImage.
RetroShare will launch, and a new profile creation window will appear. Before proceeding, click on “Options” in the top-right corner.
Configure Your Profile
Fill in the following fields:
Name
Device Name
Password (and confirm)
Chat Name
Encryption Key (be sure to set it to 4096 bits)
Node Settings (leave as default)
Entropy (wait until the bar is full)
Once done, click "Let’s Get Started." RetroShare will generate your certificate, which can be shared via closed channels or in person. You can then request and add the certificate of the person you're communicating with.
Network Settings
Before diving into the network, it’s essential to modify some default settings:
Expand the service data exchange channel and increase the number of tunnels available to other users.
Higher values mean you contribute more to the network by handling both your own and transit traffic from other users. The default is set for a 20 Mbit/s network speed, but you can increase it based on your actual connection speed.
Check the “Use relay servers” box if you have a restrictive router or firewall. This ensures easier access to the network.
Set the destination folder for downloaded files to avoid confusion later. By default, files are saved in a hidden directory like: /root/.retroshare/LOC06_c098e80721a7d1685271211cbe361c03/Downloads.
Finding Trusted Peers
If you don’t have friends using RetroShare but wish to join the dark network, finding trusted peers can be challenging. However, RetroShare now makes this process easier. You can find trusted peers in the built-in chat by exchanging certificates with other users or robots on websites like retroshare.ch.
Enter your certificate in the provided window, press "Submit," and obtain the server certificate. Copy it and add it to your RetroShare certificate list.
Connecting and Building Your Network
Once connected, RetroShare will notify you, and the first node will appear in your list. You can set the trust level for each node according to your discretion.
RetroShare’s Features
Now that you're connected, RetroShare offers a wide range of services:
Contact List
Chat
Post Office
File Sharing
Channels
Forum
Publications
Unlike regular networks, RetroShare keeps the connection details of users within your trusted environment hidden from others in the network. Only those within your immediate network can know you’re connected to RetroShare.
Enhancements with Tor Network Integration
Starting from RetroShare version 0.6, the platform integrates with the Tor network for added privacy. As long as Tor is reliable, RetroShare remains secure, even if the user’s exchange of certificates is disorganized or the settings are unconventional.
The Dark Network and the Role of Authorities
Anyone who exchanges their personal certificate with a RetroShare node becomes a full-fledged member of the dark web and can receive data from anonymous sources. Interestingly, a representative from a punitive or detective agency, after exchanging certificates with two or more nodes, can become a transit point for encrypted data across the network, without knowing the source or destination. This ensures that even law enforcement, while helping grow the network, cannot trace the traffic.
Final Thoughts
Take care of yourself, user! This article is purely informational and does not advocate for any particular actions. The author holds no responsibility, as the ideas presented here are hypothetical, with all coincidences to real events or names being purely accidental.
Author: Telegram Channel @ZapiskiLizermana (Lizerman's Notes)
Швейцарский нож среди мессенджеров
https://omimedia.blogspot.com/2025/03/blog-post.html
#RetroShare #Darknet #Privacy #Security #Encryption #P2P #Anonymous #SafeChat #OpenSource #DigitalPrivacy #CryptoNetwork #MessagingApp #FileSharing #TechForPrivacy #Tor #I2P #PeerToPeer #EncryptedNetwork #Decentralized #PrivateComms #SecureFiles #AnonymousMessaging #DataPrivacy #RetroShareGuide