It’s that time of the year when people will be traveling, relaxing and generally trying to have a good time in this crazy situation. Travel and vacations have some specific privacy challenges, which we will be exploring in this Salon.

Today, the European Parliament approved the ePrivacy Derogation, allowing providers of e-mail and messaging services to automatically search all personal messages of each citizen for presumed suspect content and report suspected cases to the police.

Looking for some anti-censhorship tools/tech/ideas for static web content.

Do you have some ideas/links to share?

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

I can no longer recommend "pretty easy privacy" a.k.a. pEp email clients due strong unethical behavior of the company behind them. I highly recommend to use alternative solutions.

How to observe law enforcement surveillance

The Atlas of Surveillance is a database of surveillance technologies deployed by law enforcement

The Widespread Power of U.S. Law Enforcement to Search Mobile Phones

Based on 110 public records requests to state and local law enforcement agencies across the country, our research documents more than 2,000 agencies that have purchased these tools, in all 50 states and the District of Columbia. We found that state and local law enforcement agencies have performed hundreds of thousands of cellphone extractions since 2015, often without a warrant.

Building a fenced garden, one step at a time

"In the name of security and privacy, Google is taking away the ability for users to select third-party camera apps in Android 11, forcing users to rely on the built-in camera app."

Considering that Atlassian’s policy and government affairs head, Patrick Zhang complained about the encryption laws in Australia, I'd suggest to give 0 trust to Atlassian products like jira, since most likely it contains some backdoor as required by local laws. Also isolating any email account used by its products

Show more