Show more

We're new here. Please keep away from the scaffolding while we paint and remodel. 😎

We want to add the official onion service for f-droid.org as an official mirror, so that clients will automatically use it. Please test by sharing the repo link to client then add it as a mirror:
gitlab.com/fdroid/admin/-/issu

This should prompt to add it as a mirror, which is safe since the keys need to match. Click cancel if it offers to add a new repo.

We're thankful for secure end-to-end encryption 🔐 , but...

If you want to try ECH (Encrypted ClientHello), the next generation of , you can use nightlies and our test fork of that forces an ECH connection to a mirror of f-droid.org hosted on Cloudflare: f-droid.org/packages/ie.defo.e

If you are a developer who has posted on public mailing lists, watch out for spearphishing replies to your posts guardianproject.info/2022/02/2

For anyone looking to run a full fledged circumvention system, we're working to bring 's proven software to any context, starting with github.com/greatfire/envoy

User accounts are so often a method of tracking users, yet they are not a requirement for running most internet services. all provide shining examples of working without accounts. f-droid.org/2022/02/28/no-user

"EU data protection authorities find that the consent popups that plagued Europeans for years are illegal. All data collected through them must be deleted. This decision impact Google's, Amazon's and Microsoft's online advertising businesses."

iccl.ie/news/gdpr-enforcer-rul

regional court finds embedding Google Fonts in a website violates , "legitimate interest" did not apply since the fonts can easily be directly integrated into their website, thereby avoiding sending IP addresses to .

thehackernews.com/2022/01/germ

Some of the team will be at 113 in Vienna, it'll be good to see people in person again!

Registration for (19-24 March 2022) is now open. Sign up to participate in and read all the details about the first-ever hybrid IETF meeting: ietf.org/blog/113-registration

Like many problems with targeted ads, both Naviance, the platform, and college officials who use the platform to target applicants by race, are at fault. Children aren't products. themarkup.org/machine-learning

With , it is now possible to get all updates from official HTTPS sources. In combination with other work from the apt developers, this improves privacy and provides backup security guardianproject.info/2021/12/0

Our first build of Conscrypt which includes the next version of known as (Encrypted ClientHello) is now available for Android and Java:

implementation 'info.guardianproject.conscrypt:conscrypt-android:2.6.alpha1638179154.job1828169525'
github.com/google/conscrypt/is

Yet another of the many ways that breaks the open : connecting without a User Agent gives 403 Forbidden with an obscure "error code 1010". My test suite works fine on all the other sites, only Cloudflare does this.

One of the hazards of is that a deployment could end up leaking as much information as a non-ECH TLS connection if the ECH Config in DNS is only associated with a given domain. blog.cloudflare.com/handshake-

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml