Email or username:

Password:

Forgot your password?
ansuz / ऐरन's posts Back to profile
16 posts total
ansuz / ऐरन

parts of the European government are gearing up to push through their "ChatControl" surveillance legislation.

I don't want to ignore this, but it feels like most of the people that follow me have already heard all about it. Maybe I'd be better off spending my time and energy on other stuff.

So, uhh, indulge my curiousity #EU people:

Anonymous poll

Poll

I have already contacted my EU reps
3
14.3%
I know about it but haven't acted on it
7
33.3%
I only know the basics
5
23.8%
What is ChatControl?
6
28.6%
21 people voted.
Voting ended 24 September at 8:10.
21 September at 8:10 | Open on social.cryptography.dog
ansuz / ऐरन

application developers: [frequently introducing vulnerabilities by choosing the wrong AES mode]

NIST: what's up, chat. on today's stream we're gonna cook up a new AES mode!

nist.gov/news-events/events/ni

13 August at 9:16 | Open on social.cryptography.dog
ansuz / ऐरन

Man goes to doctor, says "Unable to decrypt message".

Doctor says, "Treatment is simple. Matrix protocol is great. Go try it. That should pick you right up."

Man bursts into tears. Says, "Unable to decrypt message... Unable to decrypt message!"

9 August at 22:37 | Open on social.cryptography.dog
ansuz / ऐरन

True story. Happened to a guy I know.

Screenshot of Element encrypted messenger's UI, showing a series of messages from someone named "ansuz" with some white guy's display picture. Instead of useful text, every one of the messages instead says "Unable to decrypt message".
9 August at 22:43 | Open on social.cryptography.dog
Григорий Клюшников

On the upside, it's 100% secure if no one, not even you, can decrypt it.

10 August at 8:19
ansuz / ऐरन
ansuz / ऐरन

for the love of all that is good in the world please put the hammer down

graph demonstrating exponential growth. x-axis: years in the tech industry y-axis: time spent explaining that a thing isn't a nail and it doesn't need a hammer
6 July at 8:21 | Open on social.cryptography.dog
ansuz / ऐरन

It was nearly two years ago that I wrote this article[1] about the EU #ChatControl surveillance directive on behalf of the @cryptpad team.

Very little has changed since then. Experts in technology, law, and policy all agree that the proposal undermines basic European rights, that it will be abused by authoritarian member states, and that the proposed tech solutions cannot possibly do the job the supporting legislators have claimed.

Nevertheless, they have persisted, claiming the support of "expert testimony" that overwhelmingly consists of unsupported claims by lobbyists associated with law enforcement and defense contractors who stand to benefit financially from its implementation.

A vote is expected to take place on June 19th. These have been scheduled and delayed multiple times already, but this it feels like they might get away with it. There is a lot going on in the EU at the moment, and people are both distracted and tired from fighting this for so long.

I'll try to make resistance easier by collecting some suggested actions below, with links.

[1]: blog.cryptpad.org/2022/05/19/a

It was nearly two years ago that I wrote this article[1] about the EU #ChatControl surveillance directive on behalf of the @cryptpad team.

Very little has changed since then. Experts in technology, law, and policy all agree that the proposal undermines basic European rights, that it will be abused by authoritarian member states, and that the proposed tech solutions cannot possibly do the job the supporting legislators have claimed.

17 June at 6:07 | Open on social.cryptography.dog
Show previous comments
Kristoff Bonne 🇪🇺 🇧🇪

@ansuz @cryptpad I agree with the fact that encryption is a fundamental part of democracy.

But the problem is that I have not seen proposals on how to handle a situation where encryption is used by actors who want to undermine democracy, hiding their actions via encryption.

E.g. A foreign state actor using telegram in a combined randsomware-against-hosptitals and disinformation campaign, this to cause social unrest and inlluence people to vote tor more-extremist parties.

17 June at 20:47 | Open on m.krbonne.net
ansuz / ऐरन

good morning, #EU residents. have you written to your elected representatives about #ChatControl yet?

EDIT: comments should be addressed to the offices of "permanent representatives" listed on this page: op.europa.eu/en/web/who-is-who

I don't know for sure that these offices are elected. start with these contact points, after that you can still feel free to contact your MEPs, but start here

18 June at 4:27 | Open on social.cryptography.dog
𝙊𝙩𝙩𝙤 𝙅. 𝙈𝙖̈𝙠𝙚𝙡𝙖̈

@ansuz @cryptpad It should be noted that Finland seems to be on the fence after these cosmetic changes. "Won't anyone think of the Children?"

19 June at 6:45 | Open on infosec.exchange
ansuz / ऐरन
ansuz / ऐरन

I haven't seen much mention of this on the fediverse so far, so I figured I'd give it a signal boost.

Just a few days ago a new data breach was announced affecting a number of very large tech companies. It is being called the "Mother Of All Breaches":

cybernews.com/security/billion

Tencent's part of the leak alone included 1.5 Billion account credentials. Twitter's part is 281 Million.

I highly recommend reviewing whether you use any affected sites and changing both their passwords and those on any other platform where a similar password might have been used.

#motherOfAllBreaches #leaks #privacy

I haven't seen much mention of this on the fediverse so far, so I figured I'd give it a signal boost.

Just a few days ago a new data breach was announced affecting a number of very large tech companies. It is being called the "Mother Of All Breaches":

cybernews.com/security/billion

29 January at 20:41 | Open on social.cryptography.dog
SQU∄▲KY P▲Nᐊ▲K∄S

@ansuz Guess I gotta change my myspace password, I may be one of the 360m effected.

29 January at 20:49 | Open on sunbeam.city
ansuz / ऐरन

every morning I wake up and read a series of articles about all the massive data breaches from the previous 24 hours.

once I'm done reading those I move on to the articles about the latest government efforts to legislate mandatory backdoors in encryption.

22 Sep 2023 at 2:25 | Open on social.cryptography.dog
ansuz / ऐरन

> whooops, we leaked 38TB of data.

> my bad - 34 years of social security numbers and passports leaked

> what do you mean the national postal service can't rent access to lists of citizen's information?

real reactions from database administrators. they have played us for absolute fools

22 Sep 2023 at 2:30 | Open on social.cryptography.dog
Gytis Repečka

@ansuz 🤷‍♂️ :michael_scott:

22 Sep 2023 at 7:09 | Open on fedi.lt
ansuz / ऐरन

@echo_pbreyer blogged about the latest leaked #chatControl document from the Spanish presidency:

patrick-breyer.de/en/chat-cont

I think this is the third time I'm reading a 100+ page document to see the exact language used to describe exactly who will be targeted by this legislation, and what safeguards will be in place.

Spoiler alert: it's still an absolute dumpster-fire

13 Sep 2023 at 15:39 | Open on social.cryptography.dog
ansuz / ऐरन

"Recital 12a" is interesting. It seems mostly geared towards excluding the "national security" apparatus from any measures that might be introduced by the legislation, but it also uses some pretty broad language that could include some other groups.

> Accordingly,
this Regulation should not apply to interpersonal communications services that are not
available to the general public and the use of which is instead restricted to persons
involved in the activities of a particular company, organisation, body or authority

I'm guessing this was included thanks to industry lobbying, but I can see it being useful for others if the legislation passes in the proposed form. Maybe the self-hosted group-chat can be framed as some kind of organisation and get an exemption?

That probably won't work for anything that federates, though, as it's murky as to whether they could be considered as "limited to persons..."

"Recital 12a" is interesting. It seems mostly geared towards excluding the "national security" apparatus from any measures that might be introduced by the legislation, but it also uses some pretty broad language that could include some other groups.

> Accordingly,
this Regulation should not apply to interpersonal communications services that are not
available to the general public and the use of which is instead restricted to persons
involved in the activities of a particular company, organisation,...

In the light of the more limited risk of their use for the purpose of child sexual abuse and the need to preserve confidential information, including classified information, information covered by professional secrecy and trade secrets, electronic communications services that are not publicly available, such as those used for national security purposes, should be excluded from the scope of this Regulation. Accordingly, this Regulation should not apply to interpersonal communications services that are not available to the general public and the use of which is instead restricted to persons involved in the activities of a particular company, organisation, body or authority
13 Sep 2023 at 15:53 | Open on social.cryptography.dog
ansuz / ऐरन

After several years of closely following their legal cases I finally signed up as a supporting member of @noybeu.

It's so refreshing to see a non-profit hosting their site with prominent links to their RSS feed and mastodon account, and without a single third-party tracking script in sight 😍

#privacy #GDPR

20 Jul 2023 at 11:48 | Open on social.cryptography.dog
ansuz / ऐरन

tired: I'm a bad plant-parent :(

inspired: I'm an amateur botanist selecting for drought-resistance :)

#plants

12 Jul 2023 at 17:28 | Open on social.cryptography.dog
ansuz / ऐरन

git merge:

+ does exactly what its name suggests
+ works most of the time

git rebase:

- not a common verb
- uses re- prefix although there's no "git base"
- literally does historical revisionism
- gaslights anyone who knows the truth
- probably kicks puppies when you aren't looking
- constantly wrecking shit
- basically only exists for "aesthetics"
- forces you into learning about "reflog"

8 Jul 2023 at 1:20 | Open on social.cryptography.dog
ansuz / ऐरन

you might not like it, but this is what peak UI looks like

screenshot mastodon's form for posting, featuring a modified toot button with rainbow colors and a farting elephant
8 Jun 2023 at 23:48 | Open on social.cryptography.dog
ansuz / ऐरन

div.compose-form__publish-button-wrapper button.button.button--block {
background: linear-gradient(180deg, #FE0000 16.66%, #FD8C00 16.66%, 33.32%, #FFE500 33.32%, 49.98%, #119F0B 49.98%, 66.64%, #0644B3 66.64%, 83.3%, #C22EDC 83.3%) !important;
text-shadow: 1px 1px #2229 !important;
}

8 Jun 2023 at 23:50 | Open on social.cryptography.dog
ansuz / ऐरन

my partner and I finally chopped up the pineapple fruit from the plant that has been growing for about two years. not very big, but very sweet and flavourful.

5 Jul 2022 at 19:05 | Open on social.cryptography.dog
wakest ⁂

@ansuz wow thats so awesome, do you have pictures? was it started from a top you planted?

5 Jul 2022 at 19:20 | Open on social.wake.st
ansuz / ऐरन

> Man who made website to rank female students by appearance now aims to achieve "global teen penetration" according to leaked documents

gizmodo.com/leaked-facebook-do

7 Oct 2021 at 6:26 | Open on social.cryptography.dog
Go Up