GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Privacy Guides (privacyguides@mastodon.neat.computer)'s status on Thursday, 19-Feb-2026 22:50:40 JST Privacy Guides Privacy Guides

    🚨 New research from ETH Zurich has found that popular password manager's zero-knowledge encryption claims don't fully hold up if their servers are compromised. ⚠️

    🔑 LastPass, Dashlane & Bitwarden were identified as being affected, this is significant because cloud password managers commonly claim that their user's data would be unaffected if they were compromised. 👾

    #privacy #security #passwordmanager

    https://www.theregister.com/2026/02/16/password_managers/

    In conversation about 5 months ago from mastodon.neat.computer permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Thursday, 19-Feb-2026 22:50:38 JST Rich Felker Rich Felker
      in reply to

      @privacyguides This sounds like the kind of thing that cannot just be "fixed". As far as I can tell, *all three were lying* about their servers being dumb storage without access to your secrets. This is a problem of vendor integrity not a technical problem.

      In conversation about 5 months ago permalink
    • Embed this notice
      Privacy Guides (privacyguides@mastodon.neat.computer)'s status on Thursday, 19-Feb-2026 22:50:39 JST Privacy Guides Privacy Guides
      in reply to

      ✅ Dashlane & Bitwarden promptly issued fixes.

      ❌ LastPass did not issue a fix and stated: "our own assessment of these risks may not fully align with the severity ratings assigned by the ETH Zürich team."

      💡In 2022, LastPass experienced a breach that impacted 1.6 million users due to inadequately strong technical and security measures within their infrastructure.

      The best time to switch from LastPass was yesterday; the second best is today. 🗑️

      Here's what we recommend ⬇️

      #lastpass #security

      In conversation about 5 months ago permalink
    • Embed this notice
      Rich Felker (dalias@hachyderm.io)'s status on Thursday, 19-Feb-2026 23:50:17 JST Rich Felker Rich Felker
      in reply to
      • Artur

      @h0m3 @privacyguides It doesn't even need self-hosting. It just needs the storage backend to be a pure content-agnostic storage backend fot opaque encrypted data, not having some control channel interaction that puts the vendor in a privileged position and locks you in to using their cloud infrastructure.

      In conversation about 5 months ago permalink
    • Embed this notice
      Artur (h0m3@mastodon.social)'s status on Thursday, 19-Feb-2026 23:50:18 JST Artur Artur
      in reply to
      • Rich Felker

      @dalias @privacyguides Self-host, some things are better of self hosted. And a password manager is one of them. And better without any internet access, your devices can sync when they are on your local network.

      In conversation about 5 months ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.