Signal and Matrix were founded in popular opposition to the email system but End-to-End encrypted instant messaging via emails works now, and reliably, with #deltachat V2 app releases, and with #chatmail relays forming a growing secure email network that minimizes metadata and enforces TLS and E2EE messaging.

You can't really argue with working code, can you?

Contrary to popular belief SMTP and DKIM and IMAP are no holy ingredients and can be improved upon btw. See eg https://github.com/chatmail/relay/issues/487

**keverets** · Jul 28, 2025, 16:50

keverets boosted

**Electronic Frontier Foundation** @eff@mastodon.social · Jul 28, 2025, 16:50

Jul 28, 2025, 16:50

Electronic Frontier Foundation @eff@mastodon.social

Bill C-2 lets Canadian cops demand users' info without a warrant—and it paves the way for that info to go to U.S. government agencies. https://www.eff.org/deeplinks/2025/07/canadas-bill-c-2-opens-floodgates-us-surveillance

**keverets** · Jul 28, 2025, 07:52

keverets boosted

**Fabio Manganiello** @fabio@manganiello.social · Jul 28, 2025, 07:52

Jul 28, 2025, 07:52

Fabio Manganiello @fabio@manganiello.social

The EU is making a very bad mistake here.

The EU is developing an app for age verification that can be used by many other applications as a legal way of ensuring that a user is at least 18 before accessing some protected content.

The problem is here: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui?tab=readme-ov-file#disclaimer

The current release provides only basic functionality, with several key features to be introduced in future versions, including:

App and device verification based on Google Play Integrity API and Apple App Attestation
Additional issuance methods beyond the currently implemented eID based method.

What does it mean that it relies on the Google Play Integrity API?

Put simply, that:

Any Android device not certified by Google will not be able to run the app. Do you use /e/OS (which is a European fork of Android btw), GrapheneOS, LineageOS or any other open-source fork of Android? Sorry, no age verification for you, which will mean that you’ll probably be locked out of many applications in the future. We often forget it, but, even though developed by Google, the core of Android (AOSP) is open-source and anyone can fork it. Google lately is already trying to attack that core hard enough to turn Android into a fully closed-source operating system exclusively controlled by them. The EU is just doing them a favour apparently.
The Google Play Integrity API relies on keys and certificates exclusively owned by Google. Which means that if you use alternative privacy-aware frameworks to the Google Play Services (like microG) you won’t be able to do age verification. Google is already trying hard to force all vendors that install Android on their devices to get a certification from them only if they also pre-install Google apps and the Google Play Services (see the Android Certified program https://www.android.com/certified/). The EU in the past opposed such plans because they clearly violate all the possible antitrust rules on the face of the earth. But, by piggybacking on mandatory Google Play Services for age verification, it seems that it’s just doing a U-turn and doing Google another favour.

In other words, EU representatives have (rightfully) talked a lot over the past years about digital sovereignty, technological independence from American tech giants and supporting open-source.

And then, when tasked to build an institutional app for age verification, what do they do?

Well, they entirely delegate the process to an American tech company that they pledged to decouple us from, and they play in their interests by putting another nail in the AOSP’s coffin.

Luckily the age verification app is still in alpha state and it’ll still take time to be deployed, and it’s also open-source.

So please, if you have a Github account, add a reaction or a comment to the issue opened by @SylvieLorxu on the project of the app to boost its visibility: https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui/issues/10

And if you have contacts with a EU representative don’t hesitate to write to them and express these implementation concerns.