Notices by F. Maury ⏚ (x_cli@infosec.exchange)

@dalias Unfortunately, it is already there... The ship has sailed. And it is the age-old argument "do not invent something that could be misused". We would still be living in caves if we did not invent stuff. What matters is what you do with that stuff and if that stuff can be built to be trusted.

In my town, I would love to be able to set up informal polls/surveys that can only be voted (truly anonymously) by the people living or working in the town. Sounds legit, don't you think?

I mean, if you think about it, there are valid use cases. Maybe you disagree with enforcing age restrictions on some products or content. In many cases, I share that opinion. But I can think of use cases that are benign. For those that aren't, the real fight is to stop their use, not to stop the tech from being invented. But this is debatable, I'm sure ; it is just my opinion :)
@chrisvest @eff

@chrisvest
I believe there might be some anonymous online attribute verification that may be legit.
For instance, for selling drugs like alcohol or tobacco online, or ensuring that someone does have a ID card in a specific region of the world. YMMV.

I'm not saying all attribute verifications are relevant or desirable, but some might me worth discussing democratically, and if some are valid, then we ought to have a truly privacy-preserving way of doing it that does not just pretend to be privacy-preserving by using ZKP just because it sounds secure.

@dalias @eff

@dalias
Exactly. The point of a ZKP is to provide repudiable proof, which goes against the very goal of these age proofs (i.e. allowing verifiers to prove to the authorities that they did verify users age). So if they use ZKP, it is only because the name induces a false sense of security. Nothing more. Digital signatures would be way more appropriate, but they are scary, on paper.
@eff

@Modiie
Si les gens le proposent gratuitement, pourquoi refuser l'économie du don ? Pourquoi rendre tout capitaliste en considérant que "tout travail mérite salaire" ?
Je veux dire, je comprends le cout d'une instance Peertube et du streaming. C'est mon métier. Mais il y a aussi des mécènes 🤷

@playit I heard a lot of great things about Vector (https://vector.dev/) and I had plans to use it in my previous job before I quit.
Vector is featureful and the documentation is great.

@delta Good attempt, but I'll resist the urge of adding you to my talk :D Please implement PFS to be a candidate for the next one: https://cfp.pass-the-salt.org/pts2025/talk/7K9MEV/ ;)

@delta

> What does PFS have to do with minimizing metadata?

Absolutely nothing. You are correct.

The thing is the research behind this talk is an unpaid independent research, done on my free time. So I had to set some arbitrary criteria to filter the dozens of applications to study. If people want me to study a specific application, my rate is 500€/day (which is lower than my standard rate; a sacrifice I am willing to make because I think there is a social value to this work).

My belief is that E2EE, PFS and ephemeral messages are the minimum requirements for a secure messaging application to be taken seriously.

These are beliefs. Some people might have different beliefs and that's obviously OK.

So when people ask me "Have you considered Delta Chat?", my answer is "lol, no, they don't even have PFS; let's talk about serious applications".

The truth is I did fund Delta Chat, studied it and even contributed to its translation. There is value in Delta Chat, and I am not denying it. But if I have to use an application to secure my communications, Delta Chat is not a valid option for me. Sorry.
---
> Can you link a real-world case where PFS played a role and protected someone from repressive persecution?

PFS protects against the recovery of past communications that were recorded and ultimately decrypted after the attacker gets access to the key material. People able to setup dragnet surveillance are generally working for intelligence services and law enforcement. They don't tend to brag about their methods in the press.

Still, the NSA (Prism) showed to the world that there are nations recording large amount of Internet traffic. Pegasus showed that mobile phone surveillance and key extraction are a thing.

The (almost) general adoption of ephemeral messages shows that the public is aware that when law enforcement forcefully unlocks your phone, you don't want to have your personal conversation lying around. But what about your key material?

Well, if you don't have PFS, law enforcement will get their dirty hands on it... and with that, they will get access to all past conversations that you thought were confidential because you used ephemeral messages.

My point is ephemeral messages are pretty much useless if your adversary recorded your encrypted conversations and you don't have PFS.

So do I have a real-world case where PFS played a role? No.
Do I know real-world cases where ephemeral messages prevented law enforcement from accessing someone's data? Yes.
Do I know real-world cases where traffic was recorded and decrypted on the side thanks to the lack of PFS? Yes. I even worked for a company building surveillance appliances that do that... (not being too proud about that but hey... not having PFS is a serious flaw in my book).

@Natouille Contradiction détectée 😅

@elzen (je m'inscris en faux sur cette affirmation ; il s'agit de la seule interprétation de @elzen des textes que j'ai fournis et qui, à mon avis, disent l'exact opposé :))
@crowdagger @parleur @lanodan

@lanodan Les lois applicables, c'est toujours les mêmes depuis 20 ans : la LCEN et la LCEN2.

@crowdagger @elzen @parleur

@parleur
Loin de moi l'idée de défendre des racistes.

Je rappelle néanmoins qu'en droit, un hébergeur est un hébergeur tant qu'il ne fait d'action de choix éditoriaux ; autrement tant qu'il se contente de supprimer le contenu qui est manifestement illégal dès lors que celui-ci lui est signalé et dans un délai raisonnable. Dès lors que ses actions de modération s'étendent des décisions sur du contenu qui n'est pas manifestement illégal, alors il devient éditeur, et il est responsable légalement des propos tenus sur sa plateforme.

Est-ce que des messages que tu assimiles à du dog whistle (je te crois sur parole ; je m'y connais pas assez) sont qualifiables de manifestement illégal ? Par définition, j'ai l'impression que non.

Zéro confiance en Olvid.

https://web.archive.org/web/20250228063029/https://infosec.exchange/@x_cli/114071933034464431

1) L'État ne représente pas un risque selon eux ;
2) Épandage de la peur et du doute sur les concurrents ("nos concurrents sont des outils de surveillance de masse", sans justification) ;
3) Usage de post-vérité : "nous avons été audité, contrairement aux autres, que les gogos croient sur parole" ;
4) emploi de comptes marionnettes/ferme à trolls pour poster de la désinformation sur les concurrents (https://mastodon.top/@atchi150585/114078339465195398)

Ne tombez pas dans le piège. Déconseillez Olvid.

@rgacogne
I second that opinion, but the structure has to be a non-profit. This is why I refuse to fund Thunderbird.
@rakoo @exception @sarahjamielewis

Donc l'#ANSSI sort un guide sur la sécurisation des serveurs ACME.

**PAS UNE mention de DNSSEC**

Fucking amateurs

#infosec #acme #cybersecurity

@solene
Nope. Not IPv6 related 😉

Check your #DNS skills:

On GNU/Linux:

ping broken-by-design.fr => name resolution OK

resolvectl query broken-by-design.fr => name resolution OK

wget https://broken-by-design.fr => Temporary lookup failure

apt update => Temporary lookup failure

What did the user (sudoer) change on their system to break it?

For those of you on Atomic Desktops (Fedora Silverblue) wanting to run Signal Desktop and not trusting the non-official flatpak (which is broken anyway...): you can install Signal Desktop on a toolbox.

toolbox create -d ubuntu -r 24.04
toolbox enter ubuntu-toolbox-24.04
<run the commands to install signal desktop as indicated by the Signal website>
apt update && apt install -y alsa

and boom ! You can run Signal Desktop!

Toolbx is an excellent tool, including for running applications with graphic displays. Audio and video calls work too!

@solene Random noise can be nullified given enough input data. Sounds inefficient.

@soatok Out of curiosity, would you please care explaining to me why you consider DNSSEC to be off-limits? I believe it is a key component to secure the ACME protocol, which is the basis of so many modern PKIs. I wouldn't know how to do in it without DNSSEC.
This is not me trying to evangelize about it, but trying to understand what are the alternatives? Do you consider that ACME is a mistake?

@ryanc Yeah, but at the same time, the concurrent protocols was using ASN.1. So yeah. SMTP is kinda cool in regard.