@campuscodi i say it doesn't matter how you cut it all these big apps or sites like signal and coinbase are fraught - people didn't get the msg and are pumping them like they are legit #lily tomlin #secure comms
Michael Downey 🧢
boosted
→ We Are Still Unable to Secure LLMs from #Malicious Inputs
https://www.schneier.com/blog/archives/2025/08/we-are-still-unable-to-secure-llms-from-malicious-inputs.html
“This kind of thing should make everybody stop and really think before deploying any AI agents. We simply don’t know to defend against these attacks. We have zero agentic AI systems that are secure against these attacks.”
“It’s an existential problem that, near as I can tell, most people developing these technologies are just pretending isn’t there.”
→ We Are Still Unable to Secure LLMs from #Malicious Inputs
https://www.schneier.com/blog/archives/2025/08/we-are-still-unable-to-secure-llms-from-malicious-inputs.html
“This kind of thing should make everybody stop and really think before deploying any AI agents. We simply don’t know to defend against these attacks. We have zero agentic AI systems that are secure against these attacks.”
“It’s an existential problem that, near as I can tell, most people developing these technologies are just pretending isn’t there.”
just small circles 🕊
boosted
Selhosted P2P E2EE File Transfer & Messaging PWA
https://positive-intentions.com
* #OpenSource
* #CrossPlatform
* #PWA
* #iOS, #Android, #Desktop (self compile)
* App store, Play store (coming soon)
* Desktop
* #Windows, #MacOS, #Linux (self compile)
* run index.html on any modern #browser
* #Decentralized
* #Secure
* #NoCookies
* #P2P #encrypted
* No registration
* No installing
* #Messaging
* Group Messaging (coming soon)
* Text Messaging
* #Multimedia Messaging
* #Screensharing (on desktop browsers)
* Offline Messaging (in #research phase)
* #FileTransfer
* #VideoCalls
* #DataOwnership
* #SelfHosted
* GitHub pages Hosting
* #LocalOnly storage
Check them out!
(Degoogled links to the apps)
- P2P Chat: https://chat.positive-intentions.com
- P2P File: https://file.positive-intentions.com
- Encrypted drive storage: https://dim.positive-intentions.com/?path=/story/usefs--encrypted-demo
- GitHub: https://github.com/positive-intentions
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. It's for #testing and #demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* This is NOT meant to replace robust solutions like #VeraCrypt, #Simplexchat, #Signal, #Whatsapp, #wetransfer. It's just a #proofofconcept to show what's possible with #browser#APIs.
Selhosted P2P E2EE File Transfer & Messaging PWA
https://positive-intentions.com
* #OpenSource
* #CrossPlatform
* #PWA
* #iOS, #Android, #Desktop (self compile)
* App store, Play store (coming soon)
* Desktop
* #Windows, #MacOS, #Linux (self compile)
* run index.html on any modern #browser
* #Decentralized
* #Secure
* #NoCookies
* #P2P #encrypted
* No registration
* No installing
* #Messaging
* Group Messaging (coming soon)
* Text Messaging
* #Multimedia Messaging
* #Screensharing (on desktop browsers)
* Offline Messaging (in #research phase)
* #FileTransfer
* #VideoCalls
* #DataOwnership
* #SelfHosted
* GitHub pages Hosting
* #LocalOnly storage
Check them out!
(Degoogled links to the apps)
- P2P Chat: https://chat.positive-intentions.com
- P2P File: https://file.positive-intentions.com
- Encrypted drive storage: https://dim.positive-intentions.com/?path=/story/usefs--encrypted-demo
- GitHub: https://github.com/positive-intentions
IMPORTANT NOTES (PLEASE READ!):
* These are NOT products. It's for #testing and #demonstration purposes only.
* They have NOT been reviewed or audited. Do NOT use for sensitive data.
* All functionality demonstrated is experimental.
* This is NOT meant to replace robust solutions like #VeraCrypt, #Simplexchat, #Signal, #Whatsapp, #wetransfer. It's just a #proofofconcept to show what's possible with #browser#APIs.
F-Droid
boosted
@fdroidorg We have to put a lot of trust in a couple of systems: the signing server and the production buildserver. That is why they are not easy to upgrade. That provides key benefits down the line, like knowing that the client app will always receive uncompromised files, no matter where it downloads the files from (e.g. verification via the signed index). Thanks for your patience while we work in getting new hardware into our trusted #secure #maintenance setup. 1/2
"F-Droid, started in 2010, still building on the same CPU" would be our anti-planned obsolescence imaginary campaign motto 😄
Jokes aside, #FDroid can't ask you to star https://issuetracker.google.com/issues/438515318 (and have its priority raised) but we can't stop you either. 😉
@fdroidorg We have to put a lot of trust in a couple of systems: the signing server and the production buildserver. That is why they are not easy to upgrade. That provides key benefits down the line, like knowing that the client app will always receive uncompromised files, no matter where it downloads the files from (e.g. verification via the signed index). Thanks for your patience while we work in getting new hardware into our trusted #secure #maintenance setup. 1/2
💖 #fedi
#ThoughtProvoker
Around 1975 Abdul Qadeer Khan, a Pakistani spy, managed to steal nuclear secrets from the highly secure uranium enrichment plant Urenco in the Netherlands. This led to nuclear proliferation and Pakistan having the nuclear bomb.
The layers of security at Urenco could not avoid this from happening.
Now..
Are we in #FOSS enriching uranium fully out in the open in how we develop the decentralized #SocialWeb? Or are we reasonably #secure?
In the Everlasting search for clients and servers Federated, detached from corporate underlords, connected to the masses I learned about the following client server duo
Client: Delta Chat
Servers: Chat Mail servers
One thing that jumps immediately into attention, is the fact that when you download the client, select a server, you get a QR code
When you've configured your client, you will immediately notice that you do not need to enter a password for your client. The system is passwordless by default.
You do not need to enter a multi-factor authentication code it doesn't need it.
What you need to do is be careful with, is who you share your link with. Go and play with it, see if it something for you
#Federated#FediVerse#OpenSource#POSIX#Chat#Mail#Secure #encryption #programming #underlords#DeltaChat #email
The image shows a smartphone screen displaying the settings menu of an application with avatar"Radio Azureus." The screen is predominantly black with white text and icons. At the top, there is a status bar showing the time as 02:30, a Wi-Fi signal, full battery at 82%, and a temperature of 24 degrees. Below the status bar, the word "Settings" is displayed in white text, with a left-pointing arrow icon.
The settings menu includes several options: "Chats and Media" with "Read Receipts On," "Notifications" turned on, "Appearance" set to "System default, Wallpaper Default," "Add Second Device," "Connectivity" with "Connected," and "Advanced." At the bottom of the screen, there are two additional options: "Donate" with a heart icon and "Help" with a question mark icon, indicating the version of the application as "Delta Chat 1.58.4." The profile picture next to the name "Radio Azureus" shows a scenic image of a blue sky and water.
The image displays a smartphone screen with a dark background. At the top, there is a status bar showing the time as 02:42, a battery level of 91%, and a 4G signal. Below the status bar, there is a text section that provides information about Chatmail servers. The text explains that Chatmail servers offer a privacy-preserving and speedy messaging experience, interoperable with chatmail and classic email servers. It instructs users to tap a chatmail server link to see the home page and then tap the QR invite code.
The text lists several Chatmail server links, each with a brief description:
"nine.testrun.org" is the default onboarding chatmail server for Delta Chat apps and has been stable since the December 2023 Chatmail announcement.
"mehl.cloud" is geared towards German-speaking users.
"mailchat.pl" is geared towards Polish-speaking users.
"chatmail.woodpeckersnest.space" and "chatmail.culturander.it" are focused on Italian-speaking users.
"chika.aangat.lahat.computer" operates in the US.
"tarpit.fun" is hosted in Germany.
At the bottom of the screen, there is a navigation bar with a home icon, a search bar displaying "delta.chat/en/chat," and a number "28" indicating unread notifications. The navigation bar also includes options for "webxdc apps," "bots," and "cosmos."
Ovis2-8B
🌱 Energy used: 2.305 Wh
The image shows a screenshot of a mobile device displaying the Delta Chat website. The top section of the screen features a dark gray bar with the text "Home Download Blog Contribute FAQ Forum" and a logo with a speech bubble containing the letter "D." The time is 02:43, and the battery is at 91%.
Below the bar, the main content area is black with white and blue text. It states, "Delta Chat is a decentralized and secure messenger app." The features listed include reliable instant messaging with multi-profile and multi-device support, the option to sign up for secure fast chatmail servers or use classic e-mail servers, interactive web apps in chats for gaming and collaboration, and audited end-to-end encryption safe against network and server attacks. The text also mentions that Delta Chat is FOSS software built on Internet Standards, avoiding xkcd927.
At the bottom of the screen, there is a search bar with the URL "delta.chat/en" and a number "28" in a square, indicating notifications. The navigation bar includes a home icon, a lock icon, and a menu icon.
#ElonMusk’s #DOGE team is using #AI software accessed through #Microsoft’s #cloud computing service #Azure to pore through every dollar of money the department disburses, from contracts to grants to work trip expenses…. Lower level department staffers were directed by agency leadership to let #Musk’s teams access the sensitive financial data….
#law #security#InfoSec#CyberSecurity#NationalSecurity#Trump#TrumpCoup
#ElonMusk’s #DOGE team plans to replicate this process across many depts & agencies, accessing back-end software at different parts of the govt & then using #AI to extract & sift through info about spending on employees & programs, including #DEI initiatives….
Like other #tech leaders, #Musk has championed AI as a tool capable of rapidly making sense of data….However, because of its risks, many private-sector companies & #US govt depts have banned workers from using it on #secure materials.