Benj EdwardsYay, Ars Technica now has an official Mastodon presence! @arstechnica
sbug
- 30 Followers
- 146 Following
- 29 Posts
Privacy is a human right!
Benno“You must rotate your credentials every 60 days.”
*takes USB-C YubiKey out of slot*
*turns it upside down*
*plugs it back in*
CryptomatorAlmost 5 years ago, when #Cryptomator Android was still Open Core, a user submitted a request to add it to the #FDroid store.
Using reproducible builds, Cryptomator is finally in the main F-Droid repo 🥳 🎉
See https://docs.cryptomator.org/en/latest/android/setup/ for a detailed description of all variants.
Patrick BreyerLive aus LIBE zur #Chatkontrolle: Berichterstatter kritisiert den Begriff der #Chatkontrolle und lobt EU-Kommissarin Johannsson für ihren neutralen und übergreifenden Einsatz... Die #Chatkontrolle ganzer "Teile/Komponenten von Diensten" sei keine generelle Überwachung.
EDRi🚨Recent POLITICO Europe leak revealed that US and EU officials have agreed to cooperate on measures to turn public opinion against #encryption.
Experts' statements by EDRi and Global Encryption Coalition have called out against this plan:
➡️https://edri.org/our-work/eu-us-plan-offensive-to-legitimise-police-access-to-data-civil-society-responds-amid-growing-fears-press-release/
➡️https://www.globalencryption.org/2023/04/statement-on-eu-us-cooperation-against-encryption/
Matthew GreenMany folks in law enforcement and politics seem genuinely confused about the popularity of end-to-end encrypted messaging, like we all just decided to become anarchists or something. That’s not at all the dynamic we’re seeing here. The entire basis of our communications infrastructure shifted in a direction that’s inimical to privacy; encryption is the obvious solution.
I have an old spare iPhone I used for more testing.
First I wiped it.
Then I set it up, and during the setup I:
- Set a passcode
- Created a new Apple-ID
After it was up and running I saved a few passwords to the keychain.
I then logged out from iCloud and wiped the device.
Then I set it up again, using the same passcode.
When it was up and running I checked, and the passwords I had save before were still there.
I then added another password to the keychain.
Then I changed the passcode.
Efter that I logged out from iCloud and wiped the phone again.
Then I set it up again.
This time I set it up to use the first passcode.
During the last step of the setup I was asked for a previous passcode.
I tried the first I set but that was a no go.
Then I tried the newer passcode, and that was accepted and I when the phone was up and running I could see all the passwords in the keychain.
So it seems that the passcode from the last device can be used to access iCloud data.
Tom Forsyth@aeva
"Linux is mature now! They even have it on the ISS."
"So that's why there's no sound in space."
"Linux is mature now! They even have it on the ISS."
"So that's why there's no sound in space."
But if there is a retention period, that means your data could be at risk for all that time, if you change from an insecure passcode, or remove a device with an insecure passcode.
I had an iPhone and an MacBook both on iCloud and keychain synced.
I then logged out from iCloud on both, wiped them and sold them.
I then bought a new iPhone and MacBook and logged in to my iCloud account, used the same passcode on my devices and all my keychain data was still there!
According to Apples documentation the keychain should be wiped off the servers when all devices logout.
(I had two Apple TVs logged in to my account the whole time, but they don’t have access to the keychain from what I understand).