@phreaknerd @melsdung @nocci exakt deshalb rate ich zu #XMPP+#OMEMO ( @monocles & @gajim ) sowie #PGP/MIME ( @delta & @thunderbird ), denn nur #dezentral mit #SelfCustody aller #Keys besteht echte #E2EE!

• Außerdem funktionieren die einwandfrei via @torproject / #Tor und damit auch noch #anonym!

Ich helfe gern "#Normies" und "#TechIlliterates" darauf umzustellen...

@phreaknerd @melsdung @nocci bis darauf dass #Signal auch unter #CloudAct fällt und genauso zentralisiert ist wie #Telegram und genauso #TrustMeBro in Sachen Nicht-Kooperation agiert...

• Geb' dir lieber #XMPP+#OMEMO, denn das geht über @torproject / #Tor und selbst wenn bspw. @monocles na Anfrage bekämen könnten die faktisch nichts brauchbares abgeben selbst wenn all deren Hardware beschlagnahmt würde.

@marove ich bin auf @torproject / #TorBrowser migriert...

Weil ich hab' keine Lust auf #Tracking und shice - #Tor ist nen #Qualitätsfilter!

@koenvh #FunFact: THIS is actually real when it comes to #OnionServices on #Tor / @torproject despite (or rather because of) having a self-routing and self-administrating, self-authentificating namespace utilizing #Pubkeys for addressing.

• @alecm / @alecmuffett actually has a pretty substantial list.

Mine merely covers a few #BonaFide ones and there are literal #scam businesses when it comes to the kinds of sites I won't name nor list!

@evangreer @fightforthefuture.org @bsky.app @guardianproject @internetarchive @torproject @signalapp @session @simplex @freedomofpress @eff @privacysafe
#PrivacySafe Locker: Secure file #sharing that disappears.
Upload a file or paste a long text memo — and share it for 24 hours before it self-destructs.
Built to be forgotten and, like PrivacySafe Link, you can use it with #Tor @torproject for max #privacy. https://bitsontape.com/p/email-files-privacysafe-locker

@evangreer @fightforthefuture.org @bsky.app @guardianproject
Save (by OpenArchive): Preserve your media.
Send photos, videos, or #audio to @internetarchive and archive over #Tor @torproject . Metadata is added by you, *not* your phone. Evidence is vital for protection — please try to balance that with personal #privacy
https://guardianproject.info/apps/net.opendasharchive.openarchive.release/

@JessTheUnstill @bohwaz @punkfairie @ajsadauskas @tomiahonen @fuchsiii

Granted, @tails_live @tails / #Tails and @torproject / #TorBrowser are propably one of the best & most battle-tested options that are useable for #TechIlliterates...

• OFC #OpenBSD + #LynxBrowser forced through #Tor would be more #secure (on paper) but we can all agree it's neither feasible nor practical to expect "#Normies" to work within a 80x25 TUI and learn #BSD.

THAT'S NOT GOING TO HAPPEN!

If not for being absurd then for the fact that people need to get things done!

• And it's not as if I haven't taught people how to get started, ranging from having to crash-course someone remotely via chat to hand-on #CryptoParty sessions: If it's way more complex than an AKM chances are people won't stick with it!

So you can imagine how glad I was when @thunderbird merged #Enigmail into #Thunderbird so there's no more fiddling around getting #PGP/MIME to work!

@JessTheUnstill @bohwaz @punkfairie @ajsadauskas @tomiahonen @fuchsiii Exactly...

Coincidentially, that's why #Android (and #iOS) doesn't let users have #root access because billions of devices owned by mostly "#TechIlliterates" that hardly get #SecurityUpdates would be an even bigger risk if they didn't boot a locked-down #ROM image, thus only allowing for #malware in user-privilegued userspace!

• I'd even go so far that I'd wish for @torproject to basically merge fmr. #FirefoxOS / #KaiOS & @tails_live / @tails / #Tails to build a #privacy-focussed #ROM for #Smartphones and #Tablets i.e. "#TailsMobile" or sth.

Cuz having a mobile OS that shoves everything through #Tor and only allows #userspace-Apps in the form modern web technologies would be a big #security and #privacy gain.

• Not to mention #amd64 is on it's way out and inevitably they gotta have to transition to supporting #arm64 and eventually #RISCv-#64bit at some point.

This is undoubtedly the most promising Post-Quantum TLS deployment situation I have seen for #Tor since we started discussing it more actively in the team. Very exciting!

I hope that OpenSSL 3.5, when released, will make it into #Debian Trixie. That would make deployment of this so much more snappy and easy for the Tor network to upgrade, but that may be dreaming. The timelines here look quite difficult for that to happen, but let's hope.

OpenSSL, unlike BoringSSL, did not require us to make any additions to our codebase (BoringSSL required the PQ-KEM to be enabled explicitly via a function call): the ML-KEM is enabled by default, which will do wonders for adoption as OpenSSL 3.5 gets bundled in more and more OS distributions over time.

However, we did need to modify #Tor slightly to be less conservative with which TLS cipher suites it is willing to use. I will talk with the team about what we do here to get this fixed soon.

Lo and behold, #OpenSSL 3.5 (their upcoming LTS release) will come out here at the beginning of April, and it does indeed support some of these hybrid PQC schemes. Their recent beta2 announcement can be read here: https://openssl-library.org/post/2025-03-25-openssl-3.5-beta/ and their roadmap is at https://openssl-library.org/roadmap/index.html

Very excited by this work. Big kudos to the OpenSSL Team here! Already planning on giving this a spin with the C implementation of #Tor later this week to see how it goes!