U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack

The US Govt 5 years ago: e2e encryption is for terrorists. The govt should have backdoors.

The US Govt now: Oh fuck, our back door got breached, everyone quick use e2e encryption asap!

Oh gee, forcing companies to leave backdoors for the government might compromise security, everyone. Who'd have thunk it? 🤦

It's probably also good practice to assume that not all encrypted apps are created equal, too. Google's RCS messaging, for example, says "end-to-end encrypted", which sounds like it would be a direct and equal competitor to something like Signal. But Google regularly makes money off of your personal data. It does not behoove a company like Google to protect your data.

Start assuming every corporation is evil. At worst you lose some time getting educated on options.

Like Signal?

until the republicans ban them so they can find queer kids and pregnant people getting healthcare and people reading books

Everybodies aunt at thanksgiving:

"I should be fine. I only trust the facebook with my information. Oh, did I tell you? We have 33 more cousins we didn't know about. I found out on 23andme.com. All of them want to borrow money."

Real encrypted apps, ...or just the ones their own government can use to spy on them?

Sounds bad I guess, but the USA has been spying on us for a long time now. Is the bad part that it's China?

From RFC 2804:

• The IETF believes that adding a requirement for wiretapping will make affected protocol designs considerably more complex. Experience has shown that complexity almost inevitably jeopardizes the security of communications even when it is not being tapped by any legal means; there are also obvious risks raised by having to protect the access to the wiretap. This is in conflict with the goal of freedom from security loopholes.

https://datatracker.ietf.org/doc/rfc2804/

This was written in 2000 in response to US government requests to add backdoors to voice-over-IP (VoIP) standards.

It was recognized 25 years ago that having tapping capabilities is fundamentally insecure.

End-to-end encryption is indispensable. Our legislators (no matter where we live) need to be made to understand this next time they try to outlaw it.

On January 20th: The cyberattack is coming from inside the house!

Dumbfuck and his cronies now have access to PRISM and ECHELON. Again.

I use a one time pad with all of my contacts. I ask them to eat or burn each page when they are used up.

What i read [and corrected] from the article :

"The hacking campaign [group], nicknamed [ by Microsoft ] Salt Typhoon by Microsoft,
[ this actual campaign of attacks ] is one of the largest intelligence compromises in U.S. history, and not yet fully remediated. Officials in a press call Tuesday [ 2024-12-3 ] refused to set a timetable for declaring the country’s telecommunications systems free of interlopers. Officials had previously told NBC News that China hacked AT&T, Verizon and Lumen Technologies to spy on customers."

The same people who want to get rid of encryption

Hear me out, maybe we should update pots and sms to have optional end-to-end encryption for modern implementations as well...Optional as backwards compatible and clearly shown as unencrypted when used that way to be clear.

Guess that confirms that E2EE is effective against these backdoors.

There's been a lot of good research done lately on how to achieve trusted communication on untrusted platforms and over untrusted channels. Encryption is a big part of that.

And there are a number of scenarios where the ISP creates a hostile environment without having been compromised by an external actor. A malicious government, for example, or an ISP wanting to exploit customer communications for commercial reasons.

Hey you guys remember that big AT&T breach recently?

Question for more tech savvy people: should I be worried about wiping old data, and if so for which apps? Just messaging apps, or also email and social media? Or can I just use the encrypted apps moving forward?

FBI: Here's some communications security tips from the Sureños: tell someone you'll meet them and leave your phone in a nightstand

Just stop using your electronic devices. Not like they don't all have monitors built in already anyway. Every connected device could be sending screenshots home and we'd never know. I mean, I guess you could use something like Wireshark to monitor your home network, but something tells me nowadays there are ways around even that. I'm not a certified network tech or even a script kiddie, but I don't trust my tech as far as my dog can throw it. I just try to secure through obfuscation as much as possible. Everyone thinks I have carbon monoxide poisoning, but it's a small price to pay for peace of mind - even a small one.

The US gov should provide us with their own encryption app to protect us and just have a backdoor only they can access so they can keep an eye on any baddies! #Igotnothingtohide #amiright #muricafuckyeah

Interpretation - the NSA can now crack all common encryption methods, so let's disadvantage our adversaries at no real cost to us.