614
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack (www.nbcnews.com)
submitted 2 months ago by WhatsHerBucket@lemmy.world to c/technology@lemmy.world
159 comments fedilink hide all child comments
(page 2) 50 comments
sorted by: hot top controversial new old
[-] Kbobabob@lemmy.world 7 points 2 months ago

Hey you guys remember that big AT&T breach recently?

[-] OldManBOMBIN@lemmy.world 6 points 2 months ago

Just stop using your electronic devices. Not like they don't all have monitors built in already anyway. Every connected device could be sending screenshots home and we'd never know. I mean, I guess you could use something like Wireshark to monitor your home network, but something tells me nowadays there are ways around even that. I'm not a certified network tech or even a script kiddie, but I don't trust my tech as far as my dog can throw it. I just try to secure through obfuscation as much as possible. Everyone thinks I have carbon monoxide poisoning, but it's a small price to pay for peace of mind - even a small one.

load more comments (6 replies)
[-] PagingDoctorLove@lemmy.world 6 points 2 months ago

Question for more tech savvy people: should I be worried about wiping old data, and if so for which apps? Just messaging apps, or also email and social media? Or can I just use the encrypted apps moving forward?

[-] WhyJiffie@sh.itjust.works 5 points 2 months ago

just wanted to add that deleting an app will not result in deletion of your data stored in the cloud (e.g. your emails)

load more comments (2 replies)
[-] sugar_in_your_tea@sh.itjust.works 5 points 2 months ago

That depends on the privacy protections where you live and the policies of each service:

  • most places in the US - they already have your data and aren't obligated to delete it
  • outside the EU - probably the same as the US
  • the EU or select states (e.g. CA) - you have some protections and a legal obligation to honor delete requests

For the first two, I wouldn't bother. I personally poisoned my data with Reddit before leaving, because I've heard of then reversing deletions. For the third, deleting may make sense.

But in general, I'd keep your other accounts open until you fully transition to the new one.

Below is information when considering a replacement service.

Anything where data is stored on a server you don't directly control can be leaked or subpoenad from the org that owns that server. Any unencrypted communication can be intercepted, and any regular encryption (HTTPS) can be logged by that server (e.g. under court order without notifying the customer).

Even "secure" services can be ordered to keep logs. Here's an example from Proton mai, and here's one involving Tutanota.

So it depends on your threat model, or in other words, who you're trying to keep away from your data. Just think about how screwed you might be if:

  • a hacker dumps the servers data
  • a police agency secretly orders recording of data and metadata
  • someone steals your device
  • the police confiscate your device

The answers to the above should help you decide which to type of service you'd feel comfortable with, and what tradeoffs you're willing to make.

[-] NikkiDimes@lemmy.world 4 points 2 months ago

Check out your old reddit account. I poisoned my data, too, then deleted it, but they restored it completely like the bastards they are. I deleted my 2F too, so it's there forever now.

load more comments (3 replies)
[-] JackbyDev@programming.dev 4 points 2 months ago

Wiping old stuff won't hurt, but they might not actually delete it.

load more comments (1 replies)
load more comments (5 replies)
[-] Bluetreefrog@lemmy.world 5 points 2 months ago

Interpretation - the NSA can now crack all common encryption methods, so let's disadvantage our adversaries at no real cost to us.

[-] Lofenyy@sh.itjust.works 6 points 2 months ago

I vaguely recall Bruce Schneier saying that there is good evidence that the NSA cannot crack certain encryption methods. At the time, RSA was on the list. Maybe common methods mean roll-your-own corporate encryption, but it's my understanding that GNUpg and similar software are safe.

load more comments (1 replies)
[-] Imgonnatrythis@sh.itjust.works 4 points 2 months ago

The US gov should provide us with their own encryption app to protect us and just have a backdoor only they can access so they can keep an eye on any baddies! #Igotnothingtohide #amiright #muricafuckyeah

load more comments (2 replies)
load more comments
view more: ‹ prev next ›
this post was submitted on 04 Dec 2024
614 points (100.0% liked)

Technology

61346 readers
3606 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world