Nedelne rano @nedelne_rano@mastodon.opencloud.lu
Privacy and security researcher
Joined Jan 2019
Testing Sequoia encryption/decryption speed. Results are significantly better than GnuPG. Time to switch your projects from GnuPG to Sequoia.
Choose encrypted cloud storage provider with zero knowledge about your files or end up as Ever customers..
Hagrid: A New Verifying Key Server Built on Sequoia
https://www.coindesk.com/encrypted-email-service-launches-on-blockstack-with-bitcoin-features
New encrypted email provider not compatible with current ecosystem
Protonmail voluntarily and proactively sharing data in real time with Swiss police
https://steigerlegal.ch/2019/05/23/protonmail-real-time-surveillance/
It's time for some better service.
pEp nominated as a Security Project of the year in Luxembourg
Encryption Europe is an industry alliance of European companies committed to make encryption simple, useful and stable for everyone.
To become a member of Encryption Europe is simple: no weak encryption solutions or products, no backdoors, no key escrows. We represent and promote the best practice in encryption standards.
In Europe, no security without privacy.
Huawei could use F-Droid instead of Google Play Store now.
RC for new Android release with Sequoia and keysync is coming soon as well.
Join the testing on https://play.google.com/apps/testing/security.pEp
So after testing new implementation of OpenPGP in rust in real app - Sequoia project, I can say it's around 10 times faster than GnuPG!
NSO should applied for the label http://www.made-in-luxembourg.lu/en/ (https not working)
So #posteo.ch is refusing EC certs and only supporting RSA certs for their email :) Must be hard job to do support there.
Conclusion is that I haven't seen one product which you could buy anonymously and use without any public cloud or without sharing your location/address.
Not a single company, including few based in EU, offer option to host own private cloud for communication with smart lock or completely offline solution.
Get #smartlock lose #privacy
And it continues..
device id, computer and connection information
Optionally also your voice to Amazon.
It was sharing it with multiple companies including Amazon, Google and many other companies not completely mentioned in their policy. Facebook and Twitter for marketing.
So anyone with access to their cloud can get all these info and also open the door.
All information stored with US cloud providers.
I was looking into smart locks this week. What I find out really scared me. One company was gathering following info:
Type of intercom, intercom bell signal, intercom buzzer signal, every entrance attempt (successful and unsuccessful) and who tried to enter if available.
First name, last name, e-mail address, address and password, telephone number, credit card information, IMEI code of the mobile phone, mobile phone version and version of operating system of the mobile phone.
#SU1492 is sadly just another example when things which should work, just didn't and the results caused so many deaths :(
1. Plane significantly failing after the strike of the lightning.
2. Airport emergency services coming too late.
3. Ordinary passengers delaying emergency evacuation by taking their luggage.
So 3 different security layers failing one by one. I'm curious, what changes will it bring.
Security is difficult and expensive. Even global players like Mozilla can't handle it without some occasional issues.
Now think about ordinary user in random country. How can we make it easier for them?
I wonder if there is some resource, describing all the previous sec. issues, which can be used for learning and proactively improving ecosystem the similar way it works with airline industry.
Privacy and security researcher
Joined Jan 2019
