Why is Windows Compressed Folders support stuck at the turn of the century? (2018)
(microsoft.com)
Every so often, a customer will ask whether Windows Compressed Folders (Zip folders) supports something fancy like AES encryption, and we have to shake our head and apologize. “Sorry, no.”
Every so often, a customer will ask whether Windows Compressed Folders (Zip folders) supports something fancy like AES encryption, and we have to shake our head and apologize. “Sorry, no.”
When encryption works perfectly and still fails
(digitalseams.com)
Encryption underpins the security of every software system with more than one user. Modern cryptography enables us to send and receive messages over the literal air, processed by who-knows-how-many-people’s hardware, with confidence that no one can listen in or tamper with those messages.
Encryption underpins the security of every software system with more than one user. Modern cryptography enables us to send and receive messages over the literal air, processed by who-knows-how-many-people’s hardware, with confidence that no one can listen in or tamper with those messages.
Gmail will soon stop support for the 3DES encryption cipher for incoming SMTP
(googleblog.com)
Starting May 30, 2025, we will no longer support the Triple Data Encryption Standard (3DES) for incoming SMTP connections.
Starting May 30, 2025, we will no longer support the Triple Data Encryption Standard (3DES) for incoming SMTP connections.
When encryption works perfectly and still fails
(digitalseams.com)
Encryption underpins the security of every software system with more than one user. Modern cryptography enables us to send and receive messages over the literal air, processed by who-knows-how-many-people’s hardware, with confidence that no one can listen in or tamper with those messages.
Encryption underpins the security of every software system with more than one user. Modern cryptography enables us to send and receive messages over the literal air, processed by who-knows-how-many-people’s hardware, with confidence that no one can listen in or tamper with those messages.
Windows 11 users losing data due to Microsoft's forced BitLocker encryption
(neowin.net)
Microsoft now automatically enables BitLocker during onboarding when signing into a Microsoft Account.
Microsoft now automatically enables BitLocker during onboarding when signing into a Microsoft Account.
Indian court orders blocking of Proton Mail
(techcrunch.com)
A court in India has ordered the blocking of encrypted email provider Proton Mail across the country.
A court in India has ordered the blocking of encrypted email provider Proton Mail across the country.
What the heck is AEAD again?
(ochagavia.nl)
Here’s a problem you might be familiar with: I keep forgetting what AEAD exactly means and why you would ever use it. Yes, I know the acronym stands for “Authenticated Encryption with Associated Data”, but does that really clarify anything? Not to me, so I’ve finally decided to sit down and write this blog post as a piece of help for my future self… and for anyone else who finds AEAD hard to retain.
Here’s a problem you might be familiar with: I keep forgetting what AEAD exactly means and why you would ever use it. Yes, I know the acronym stands for “Authenticated Encryption with Associated Data”, but does that really clarify anything? Not to me, so I’ve finally decided to sit down and write this blog post as a piece of help for my future self… and for anyone else who finds AEAD hard to retain.
How encryption for Cinema Movies works
(serverless.industries)
The Cinema Industry is using its own standards for creating and distributing movies in a secure way. The DCI (Digital Cinema Initiatives) specification defines everything from file formats and encryption to the projection systems itself.
The Cinema Industry is using its own standards for creating and distributing movies in a secure way. The DCI (Digital Cinema Initiatives) specification defines everything from file formats and encryption to the projection systems itself.
Florida's New Social Media Bill Demands an Encryption Backdoor
(techdirt.com)
At least Florida’s SB 868/HB 743, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.”
At least Florida’s SB 868/HB 743, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.”
Encryption Is Not a Crime
(privacyguides.org)
Contrary to what some policymakers seem to believe, whether naively or maliciously, encryption is not a crime. Anyone asserting encryption is a tool for crime is either painfully misinformed or is attempting to manipulate legislators to gain oppressive power over the people.
Contrary to what some policymakers seem to believe, whether naively or maliciously, encryption is not a crime. Anyone asserting encryption is a tool for crime is either painfully misinformed or is attempting to manipulate legislators to gain oppressive power over the people.
AES and ChaCha
(phase.dev)
A technical deep dive into how the ChaCha20 cipher is taking on AES as the gold standard for symmetric encryption, and a lesson about the power of simplicity in cryptographic design.
A technical deep dive into how the ChaCha20 cipher is taking on AES as the gold standard for symmetric encryption, and a lesson about the power of simplicity in cryptographic design.
DragonFlyBSD Lands "Next-Gen" Disk Encryption Code
(phoronix.com)
It's been a while since having any exciting feature development to talk about with DragonFlyBSD but merged this past week was dm_target_crypt_ng, a next-generation implementation of their DM-crypt code for disk encryption.
It's been a while since having any exciting feature development to talk about with DragonFlyBSD but merged this past week was dm_target_crypt_ng, a next-generation implementation of their DM-crypt code for disk encryption.
Florida's New Social Media Bill Explicitly Demands an Encryption Backdoor
(eff.org)
At least Florida’s SB 868/HB 743, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.”
At least Florida’s SB 868/HB 743, “Social Media Use By Minors” bill isn’t beating around the bush when it states that it would require “social media platforms to provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena.”
Apple has won legal battle in UK to disclose backdoor publicly
(theverge.com)
Apple has won its first legal battle over the UK’s demand for a backdoor to encrypted data: the right to tell everyone it’s happening.
Apple has won its first legal battle over the UK’s demand for a backdoor to encrypted data: the right to tell everyone it’s happening.
WhatsApp MCP Exploited
(invariantlabs.ai)
This blog post demonstrates how an untrusted MCP server can attack and exfiltrate data from an agentic system that is also connected to a trusted WhatsApp MCP instance, side-stepping WhatsApp's encryption and security measures.
This blog post demonstrates how an untrusted MCP server can attack and exfiltrate data from an agentic system that is also connected to a trusted WhatsApp MCP instance, side-stepping WhatsApp's encryption and security measures.
Gmail E2E is as terrible as expected
(sapka.pl)
Google announced that end-to-end encryption would be coming to Gmail.
Google announced that end-to-end encryption would be coming to Gmail.
Google unveils end-to-end messages for Gmail. Only thing is: It's not true E2EE
(arstechnica.com)
When Google announced Tuesday that end-to-end encrypted messages were coming to Gmail for business users, some people balked, noting it wasn’t true E2EE as the term is known in privacy and security circles. Others wondered precisely how it works under the hood.
When Google announced Tuesday that end-to-end encrypted messages were coming to Gmail for business users, some people balked, noting it wasn’t true E2EE as the term is known in privacy and security circles. Others wondered precisely how it works under the hood.
European Commission pushes for encryption 'backdoors'
(brusselssignal.eu)
The European Commission has announced new plans for extending the powers of European Union security agencies and expanding Europol into “a truly operational police agency”.
The European Commission has announced new plans for extending the powers of European Union security agencies and expanding Europol into “a truly operational police agency”.
European Commission takes aim at end-to-end encryption
(therecord.media)
The European Commission announced on Tuesday its intention to join the ongoing debate about lawful access to data and end-to-end encryption while unveiling a new internal security strategy aimed to address ongoing threats.
The European Commission announced on Tuesday its intention to join the ongoing debate about lawful access to data and end-to-end encryption while unveiling a new internal security strategy aimed to address ongoing threats.
Gmail is making it easier for businesses to send encrypted emails
(theverge.com)
Google is updating Gmail to allow enterprise users to send encrypted messages to any inbox in just a few clicks.
Google is updating Gmail to allow enterprise users to send encrypted messages to any inbox in just a few clicks.
Fix U.S. National Security
(github.com/signalapp)
This pull request introduces a COMSEC (communications security) advisory banner to chat threads, reminding specific pool of users that Signal—despite its robust encryption—is not an appropriate venue for discussing classified information, coordinating military operations, or engaging in off-the-books foreign policy.
This pull request introduces a COMSEC (communications security) advisory banner to chat threads, reminding specific pool of users that Signal—despite its robust encryption—is not an appropriate venue for discussing classified information, coordinating military operations, or engaging in off-the-books foreign policy.
Trump calls Signal chat fallout a 'witch hunt',says 'app could be defective'
(apnews.com)
President Donald Trump downplayed the Signal chat leak Wednesday as a “witch hunt” and said, without evidence, that the encrypted messaging app “could be defective” as his administration struggles to stem the fallout.
President Donald Trump downplayed the Signal chat leak Wednesday as a “witch hunt” and said, without evidence, that the encrypted messaging app “could be defective” as his administration struggles to stem the fallout.
CIA Director Reveals Signal Comes Installed on Agency Computers
(theintercept.com)
For years, U.S. officials villainized end-to-end encrypted messaging apps like Signal as the domain of criminals and terrorists and a threat to national security.
For years, U.S. officials villainized end-to-end encrypted messaging apps like Signal as the domain of criminals and terrorists and a threat to national security.