Meine Datenschutz und Privatsphäre Übersicht 2025, für die Allgemeinheit

Teilen er­be­ten

als PDF:

https://cryptpad.digitalcourage.de/file/#/2/file/pIOSst7Z53pFECyng-lX9LlQ/

 #DSGVO #TDDDG ( #unplugtrump )
#Datenschutz #Privatsphäre #sicherheit #Verschlüsselung
#encryption #WEtell #SoloKey #NitroKey #Email #Cybersecurity #Pixelfed #Massenűberwachung
#Google #Metadaten #WhatsApp #Threema #Cryptpad #Signal
#Hateaid #Cyberstalking #Messenger #Browser #Youtube #NewPipe #Chatkontrolle #nichtszuverbergen #ÜberwachungsKapitalismus #Microsoft #Apple #Windows #Linux #Matrix #Mastodon #Friendica #Fediverse #Mastodir #Loops #2FA #Ransomware #Foss #VeraCrypt #HateAid #Coreboot #Volksverpetzer #Netzpolitik #Digitalisierung #FragdenStaat #Shiftphone  #OpenSource #GrapheneOS #CCC #Mail #Mullvad #PGP #GnuPG #DNS #Gaming #linuxgaming #Lutris #Protondb #eOS #Enshittification
#Bloatware #TPM #Murena  #LiberaPay #GnuTaler #Taler #PreppingforFuture
#FediLZ #BlueLZ #InstaLZ #ThreatModel
#FLOSS #UEFI #Medienkompetenz

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hey! I'm https://lor.sh/@skobkin and I'm moving to my own GoToSocial instance here:
https://gts.skobk.in/@skobkin
Feel free to verify this message using my public PGP key which is present in my profile, on my site or several key servers.
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQReSjXrVHxrrK5L33ZDieZwWVv4qAUCZ/19rgAKCRBDieZwWVv4
qBACAQCEgBG7Y05wxU37/3vqGO56y8khraqhLM3EKtd7EBLeoAD8CnK9KaWAYqqB
OQZNN+NjZT+41XZ5zzLl6h7vXqnQ4AA=
=Xy5J
-----END PGP SIGNATURE-----

So I've given @mailfence a very quick test on their Free tier.

That seems to be quite reasonable alternative for e-mail services. In som parts it's what I would expect @mailbox_org being. Except of one thing: Unencrypted incoming e-mails will not be stored encrypted.

Since I'm on the free tier currently, I've not tested the IMAP integration.

The weakness of #Mailfence and #Mailbox are that the PGP setup requires some efforts to happen. The "settings" panel on Mailfence is cleaner and better organized than mailbox.org, but the latter one is capable of ensuring all received e-mails are stored encrypted - regardless if it was encrypted at arrival or not.

PGP key management is still not as easy as it should be for non-tech users. "It should just happen automatically", is my stance here. It's close to being good, but you need to explicitly enable encryption on each mail you send - unless you reply to an already encrypted mail. This will confuse users and it will result in more unencrypted mails sent than intended.

Neither Mailfence nor mailbox.org will decrypt encrypted Subject fields.

I've briefly tested the WebDAV integration, which seems to work. But WebDAV is not end-to-end-encrypted, so uploaded data will not be stored in so-called "zero access" mode. This means the Mailfence people managing their servers can access and read your data. This will be the same for CalDAV/CardDAV too (calendar and contacts synching)

Mailbox.org recently announced they will upgrade their login system - which is long overdue. Their OTP setup is currently just confusing and very far from user friendly. Here Mailfence is very straight forward.

Both Mailfence and #mailbox_org still got quite a long way to provide a properly privacy enabled service. They're on a good path, but currently far from the capabilities of @protonprivacy, even on the most basic features in e-mail.

Heutiger Aha-Moment: #PGP-Key-Verteilung über die eigene #Webseite, komplett ohne zentralisierte #Keyserver o.ä. - sehr schön! Gleich eingerichtet.
Macht Ihr auch mit?

https://blog.mister-muffin.de/2025/03/31/til-openpgp-web-key-directory/

Looking back...

In 1991, Bill 266 was proposed in the U.S. Senate. It would have forced electronic communications service providers to turn over people's personal information.

The key clause, S.266, was pushed by the then chairman of the U.S. Senate Judiciary Committee [guess who...] :

...
...
...

Senator Joe Biden.

**Cypherpunks Write Code**

https://www.americanscientist.org/article/cypherpunks-write-code

0d - #Zeroday: 0d122 - #PGP per #DNS

Für die heutige Episode hat sich Sven die verschiedenen Möglichkeiten angesehen, um PGP-Keys per DNS auszuliefern und eine eigene Bewertung durchgeführt.

Es kristallisiert sich ein klarer Favorit heraus, bei dem Stefan jedoch ein durchaus reales Risiko sieht, dessen Eintrittswahrscheinlichkeit jedoch nicht abschätzbar ist.

Webseite der Episode:
https://0x0d.de/2025/03/0d122-pgp-per-dns/

Mediendatei:
https://zeroday-podcast.de/podlove/file/987/s/feed/c/mp3/0d122.mp3

@zeroday@chaos.social
@zeroday@podcasts.social

finally found some time to play with #SOPS (https://getsops.io/docs/) and migrated a project to it. seems like a good replacement and optimization for our current secrets sharing workflow. also super useful that it works with both #PGP/ #GPG and #age keys

#Gwit est un protocole de publication de contenus textuels (sites, documentation, etc) simplissime, pensé pour fonctionner essentiellement hors-ligne. Il est basé sur #Git et #PGP. Il permet de repartager des sites (même hors ligne) sans risque que le contenu ait été modifié

Pour le moment, seuls deux sites existent à ma connaissance ^^. Mais n'importe quel site statique léger peut facilement être "hébergé" sur Gwit.

gwit : https://sr.ht/~ivilata/gwit/

#gpg #offline

1/2

This is hilarious. For years, people criticized PGP for its usability and security risks. And now, after a decade of UX design, Signal introduces usernames, without any visibility into who you're adding. What could possibly go wrong?

when you've been surrounded by linux nerds all weekend and then end up at a bar.

Den krönenden Abschluss hat heute für mich @qbi gemacht. Danke! In seinem Vortrag „25 Jahre später verschlüsselt Johnny immer noch nicht” geht er auf die vielfältigen Probleme der Emailverschlüsselung ein. Er kommt zur einfachen, aber sicher auch traurigen Schlussfolgerung: „Email ist irreparabel kaputt für Verschlüsselung, nutzt @signalapp“ #clt2025 #encryption #pgp

Note to self: Heul doch!

Ich kann, will und werde es nicht verstehen, warum die Menschen um mich herum immer noch nach Motto „Dann haben die halt meine Daten. Na und?“ verfahren, und es erst einen Trump braucht, um sie zumindest von US-amerikanischen Datensammlern gaaanz langsam wegzubekommen.

Aber Mail verliert ohnehin an Bedeutung, seit es mehr oder weniger verschlüsselte Messenger gibt, die einem die ganze Arbeit mit der Verschlüsselung abnehmen.

https://konstantinklein.com/note-to-self-heul-doch/

Getting started with XMPP/Jabber and PGP for federated, encrypted messaging

This is a short thread where I explain how I started using the XMPP protocol and PGP encryption for secure messaging. I am not a security expert, but I am a mathematician and I am confortable with the Linux command line. This guide is for people who want to use PGP for secure messaging easily. You will need to be okay with typing commands into the Linux command line in order to do this, but I will tell you exactly what to enter.

Part 1: XMPP

Mastodon is like email, but for social media. You sign up for an account with a server, and then you can talk with any other accounts that are signed up on other servers, as long as your servers are getting along. (No one wants emails from the sketchy spam server, and we want to be able to choose between Yahoo, Gmail, etc.) XMPP (a.k.a. Jabber) is the same thing for text messaging.

Just like signing up for an email/Mastodon account, you need to sign up for an account. You can find a list of servers at https://list.jabber.at/ and will probably at least need to provide an email addess when making an account.

Once you have made an account, you need a client. On Linux, I've been having a good time using Dino (https://dino.im/). You can then enter your account name and password to log into your XMPP account and start chatting! There are both public rooms and you can also message directly with your friends.

#security #PGP #XMPP #FOSS #Jabber #Dino #MonoclesChat

(1/4)

"Kann es sein, dass du gehackt wurdest? Deine dienstliche E-Mail hatte einen Anhang mit so 'ner komischen Datei."

"Die komische Datei ist mein öffentlicher PGP-Schlüssel."

"..."

"..."

I'd already begun my journey into transforming my online experience: data security, supporting ethical software/services, right to repair, degoogling, federation, etc. (May make ACCESSIBLE guides?)
But today was a big milestone for me because I've done something that, in it's current form (possibly on purpose), is pretty frustrating and inaccessible. I'd been eyeing PGP encryption for a variety functional and philosophical reasons (eg the creator was #punk ).
So I finally figured out how to make encryption keys, exchanged public keys with contacts, joined an XMPP server (XMPP is a similar federated protocol to email but with an SMS/text feel), downloaded DINO, a GUI (graphical user interface for Linux that does XMPP communication AND supports PGP encryption), signed in, subscribed to my contacts so we could enable PGP-encrypted communication, and started chatting.
Now, I can breathe and freely communicate knowing my messages are the most secure they've ever been.