Hans-Christoph Steiner @eighthave@librem.one

fdroidserver v2.3.5 was released to fix issues with `AllowedAPKSigningKeys` when used in specific configurations. More details in the changelog: https://gitlab.com/fdroid/fdroidserver/-/blob/2.3.5/CHANGELOG.md#235---2025-01-20 #FDroid

Michiel Leenaars (our director of strategy) speaks at #FOSDEM about Europe's ambition to increase its digital sovereignty in relation to the #NextGenerationInternet. Despite its contribution to tech sovereignty with over 1300 Free and Open technologies supported, so far #NGI is not in the EU's future plans. Michiel addresses the question: What should our new EU Commissioner for Tech Sovereignty be working on for the next 5 years from the the vantage point of NGI?
https://fosdem.org/2025/schedule/event/fosdem-2025-6508-next-generation-internet-2025-where-next-/
#FOSS

The gig economy is ground zero for the use of experimental algorithms that use workers' own data against them. Leaving workers playing a game that they don’t know the rules to and that the house always wins.
#TimeToDeliverAnswers

https://privacyinternational.org/news-analysis/5510/12-organsations-tell-just-eat-uber-and-deliveroo-time-deliver-answers

There's a "Signal deanonymized" thing going around:
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117

Stay calm. Deep breaths.

👉 while this is a real consideration, the only thing the attacker gets from this is a very rough (kilometers or tens of kilometers radius) location

👉 other communication platforms that use any kind of caching CDN to deliver attachments are just as vulnerable

👉 you almost certainly should continue to use Signal, unless you specifically know that this is a big problem for you.

#Signal #InfoSec

Reminder: Tech jobs with real impact are rare. At the Sovereign Tech Agency, we work to strengthen digital infrastructure – fostering security, innovation, and resilience to provide a stable foundation for participation and democracy.

You can still apply for our open positions! 📩

https://mastodon.social/@sovtechfund/113792992197932834

We need for community-run, ethical, well-moderated communication platforms more than ever.

I'm sure this is one of the reasons why many folks are joining fedi today. Welcome, glad to see you here! 👋

However:
👉 infrastructure is not free
👉 moderation is hard emotional labor
👉 managing a server takes time and effort

Please consider getting engaged and contributing, if you can. Help moderate your instance. Support your instance financially. Help make fedi sustainable.

#NewHere #TikTokRefugee

Citizens can only trust the 🇪🇺 digital ID if it’s transparent & gives them control over their data. The @EUCommission must protect users from illegal access to their sensitive information & fix loopholes in the upcoming #eID now! ☔
#eIDAS
https://epicenter.works/en/content/civil-society-demands-eu-commission-must-close-e-id-loopholes

🇪🇺 EU Commission's Microsoft 365 reliance raises privacy alarms!

Internal documents reveal the EU Commission's data privacy concerns over dependency on Microsoft.

Should the EU embrace #opensource to prioritize data sovereignty?

#EUDataProtection #DigitalPrivacy

https://www.euractiv.com/section/tech/news/internal-documents-reveal-commission-fears-over-microsoft-dependency/

Remember that #Facebook's new name #Meta doesn't really refer to the doomed-from-the-start #Metaverse whim, but its much more important reliance on #metadata as the core business model.

#Instagram, #WhatsApp, and the other "products" are primarily metadata collectors. Who communicates with whom, when, how often, how much, through which types of data; which groups are they members of, how do they interact with them; which posts/articles/products do they read, like, or buy? This metadata is sufficiently detailed that the actual content of "what" somebody sent is no longer important - and therefore it doesn't hurt the business model to provide end-to-end encryption in WhatsApp and (more hesitantly) Facebook Messenger. Or, as Gen. Michael Hayden (ex-NSA) infamously once admitted "We kill people based on metadata" (https://abcnews.go.com/blogs/headlines/2014/05/ex-nsa-chief-we-kill-people-based-on-metadata). And #Meta's metadata collection is much more detailed than the mere phone call/message and email and IP packet records the NSA/CIA/etc. use(d).

That metadata is the basis for targeted advertisement and manipulation of individual and public opinion. That's where the money and the power is, not some silly 3D avatars. So the company name #Meta is, actually, interestingly descriptive and honest about the exploitative business model.

Protect yourselves. Use @torproject, @signalapp, @Mastodon, @pixelfed, and other federated services instead of feeding more into the metadata collection.

It is now possible to use #Python as an #ECH client using the DEfO development fork:
https://guardianproject.info/2025/01/10/using-tls-ech-from-python/

#TLS #EncryptedClientHello

I wrote a blog post about using TLS ECH from Python https://guardianproject.info/2025/01/10/using-tls-ech-from-python/

Today Mastodon is taking another step towards its founding ideals: independence and non-profit ownership. We're transferring ownership of key assets to a new, European not-for-profit entity, ensuring our mission remains true to a decentralised social web, not corporate control. #MastodonNonProfit

https://blog.joinmastodon.org/2025/01/the-people-should-own-the-town-square/