home.social

#comsec — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #comsec, aggregated by home.social.

  1. Stories and reasoning we put to our work is often not that visible. Here is my Link project, which is partly AI implemented communication system to test various transport and security measures. It's built with buildroot and all other details can be found here: codeberg.org/resiliencetheatre
    #opsec #comsec #outofband #opensource #buildroot #embedded #lvgl #prepping #preparedness #nitrokey #fido2 #satcom

  2. Stories and reasoning we put to our work is often not that visible. Here is my Link project, which is partly AI implemented communication system to test various transport and security measures. It's built with buildroot and all other details can be found here: codeberg.org/resiliencetheatre
    #opsec #comsec #outofband #opensource #buildroot #embedded #lvgl #prepping #preparedness #nitrokey #fido2 #satcom

  3. Stories and reasoning we put to our work is often not that visible. Here is my Link project, which is partly AI implemented communication system to test various transport and security measures. It's built with buildroot and all other details can be found here: codeberg.org/resiliencetheatre
    #opsec #comsec #outofband #opensource #buildroot #embedded #lvgl #prepping #preparedness #nitrokey #fido2 #satcom

  4. You need communication resilience and security. Security cannot be black box, platform and operating system needs to be in house. Crypto agility and geostationary routing. I think you need something way better.
    #comsec #opsec #resilience #redteam #satcom #dfir #outofband #preparedness

  5. You need communication resilience and security. Security cannot be black box, platform and operating system needs to be in house. Crypto agility and geostationary routing. I think you need something way better.
    #comsec #opsec #resilience #redteam #satcom #dfir #outofband #preparedness

  6. You need communication resilience and security. Security cannot be black box, platform and operating system needs to be in house. Crypto agility and geostationary routing. I think you need something way better.
    #comsec #opsec #resilience #redteam #satcom #dfir #outofband #preparedness

  7. You need communication resilience and security. Security cannot be black box, platform and operating system needs to be in house. Crypto agility and geostationary routing. I think you need something way better.
    #comsec #opsec #resilience #redteam #satcom #dfir #outofband #preparedness

  8. You need communication resilience and security. Security cannot be black box, platform and operating system needs to be in house. Crypto agility and geostationary routing. I think you need something way better.
    #comsec #opsec #resilience #redteam #satcom #dfir #outofband #preparedness

  9. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs. Modern platforms are NOT designed for privacy or security. pleroma.envs.net/notice/B5AlP... #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

    pleroma.envs.net/notice/B5AlPcZ...

  10. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs. Modern platforms are NOT designed for privacy or security. pleroma.envs.net/notice/B5AlP... #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

    pleroma.envs.net/notice/B5AlPcZ...

  11. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs. Modern platforms are NOT designed for privacy or security. pleroma.envs.net/notice/B5AlP... #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

    pleroma.envs.net/notice/B5AlPcZ...

  12. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs.

    That’s obvious. How many times it has to be told to people that modern platforms are NOT designed for privacy or security. It’s not that hard to understand that. If you need those things, you should use platform which is designed from ground up correctly, every part. Hardware, operating system and minimal application on that, with proper internal context separation and encryption and extremely limited data retention.

    I’ve posted about this over and over again, and people never learn. With basically every modern device, every layer of the stack is bad!

    #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

  13. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs.

    That’s obvious. How many times it has to be told to people that modern platforms are NOT designed for privacy or security. It’s not that hard to understand that. If you need those things, you should use platform which is designed from ground up correctly, every part. Hardware, operating system and minimal application on that, with proper internal context separation and encryption and extremely limited data retention.

    I’ve posted about this over and over again, and people never learn. With basically every modern device, every layer of the stack is bad!

    #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

  14. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs.

    That’s obvious. How many times it has to be told to people that modern platforms are NOT designed for privacy or security. It’s not that hard to understand that. If you need those things, you should use platform which is designed from ground up correctly, every part. Hardware, operating system and minimal application on that, with proper internal context separation and encryption and extremely limited data retention.

    I’ve posted about this over and over again, and people never learn. With basically every modern device, every layer of the stack is bad!

    #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

  15. Signal / Apple / Notifications - All that discussion about secret messages being recovered from notification logs.

    That’s obvious. How many times it has to be told to people that modern platforms are NOT designed for privacy or security. It’s not that hard to understand that. If you need those things, you should use platform which is designed from ground up correctly, every part. Hardware, operating system and minimal application on that, with proper internal context separation and encryption and extremely limited data retention.

    I’ve posted about this over and over again, and people never learn. With basically every modern device, every layer of the stack is bad!

    #Privacy #ComSec #InfoSec #CyberSecurity #OpSec #DataPrivacy #SignalApp #Apple

  16. Training code for embedded Linux development resilience. Resulting communication system with selectable one-time-pad for codec2 based fullduplex or symmetric crypto for push-to-talk usage.
    #resilience #comsec #onetimepad #vibecoding #buildroot #embedded #dfir #redteam #preparedness

  17. Training code for embedded Linux development resilience. Resulting communication system with selectable one-time-pad for codec2 based fullduplex or symmetric crypto for push-to-talk usage.
    #resilience #comsec #onetimepad #vibecoding #buildroot #embedded #dfir #redteam #preparedness

  18. When you understand that all you've been told is Dogma. When you touch your own independence in communication. When you are able to control the device and infrastructure.
    #opsec #dfir #comsec #preparedness

  19. When you understand that all you've been told is Dogma. When you touch your own independence in communication. When you are able to control the device and infrastructure.
    #opsec #dfir #comsec #preparedness

  20. Family of development devices with DSI & SPI displays. These will do codec2 and opus PTT and can be tailored to various networks and security requirements. When you require something out of dogma.
    #comsec #opsec #dfir #preparedness #soverignty

  21. Family of development devices with DSI & SPI displays. These will do codec2 and opus PTT and can be tailored to various networks and security requirements. When you require something out of dogma.
    #comsec #opsec #dfir #preparedness #soverignty

  22. Communication platforms evolving. Been tailoring my PTT codebase for various use cases. #OPSEC #COMSEC #Resilience #dfir #embedded

  23. Communication platforms evolving. Been tailoring my PTT codebase for various use cases. #OPSEC #COMSEC #Resilience #dfir #embedded

  24. @kkarhan @GrapheneOS @tails_live @torproject @signalapp

    "GrapheneOS chose their requirements and they can happily design their own platform instead."

    There's no need to reinvent the wheel. AOSP is a secure, open-source platform that has been around for almost 20 years. I don't want to debate rumors that Google wants to make AOSP proprietary because there is no evidence to support this, especially since it would not benefit them in any way.

    "I just think that their stubbornness"

    It's not stubborness and I explained why.

    "They are the antithesis to #Tails when it comes to #UserFriendly-ness and approachability for #Normies and #TechIlliterates

    It's probably the first time I've seen “Tails” and “Normie” in the same sentence, It's not that Tails is difficult to use, but I'm really not sure that many “normies” use it or even know it exists. The user experience on GrapheneOS is almost identical to Pixel OS, the standard operating system for Google Pixel devices, so using GrapheneOS is likely to seem much simpler and familiar to normies, as they will already be used to it.

    "Espechally since the problems woth #MobilePhones and the underlying technology ain't fixable with an #AndroidROM

    GrapheneOS is not a ROM, Pixel OS is not a ROM, and LineageOS is not a ROM either, theses operating systems are not ROMs.

    "Instead we need to foster a #SecurityCulture and proper #ITsec, #InfoSec, #OpSec & #comsec

    Indeed, and what GrapheneOS does about security is completely appropriate, including informing people and giving them good advice.

    "Otherwise we'll see them fail the same way @signalapp did, which is eitger getting shut down (#EncroChat-style) or being uncovered as a controlled opposition / honeypot (like #ANØM aka. #OperationIronside aka. #OperationTrøjanShield)…"

    Signal did not fail, and mentioning Encrochat, ANON, and honeypots in the same sentence is irrelevant. These things have absolutely nothing in common with Signal, you seem to be believing made-up stories.

  25. @kkarhan @GrapheneOS @tails_live @torproject @signalapp

    "GrapheneOS chose their requirements and they can happily design their own platform instead."

    There's no need to reinvent the wheel. AOSP is a secure, open-source platform that has been around for almost 20 years. I don't want to debate rumors that Google wants to make AOSP proprietary because there is no evidence to support this, especially since it would not benefit them in any way.

    "I just think that their stubbornness"

    It's not stubborness and I explained why.

    "They are the antithesis to #Tails when it comes to #UserFriendly-ness and approachability for #Normies and #TechIlliterates

    It's probably the first time I've seen “Tails” and “Normie” in the same sentence, It's not that Tails is difficult to use, but I'm really not sure that many “normies” use it or even know it exists. The user experience on GrapheneOS is almost identical to Pixel OS, the standard operating system for Google Pixel devices, so using GrapheneOS is likely to seem much simpler and familiar to normies, as they will already be used to it.

    "Espechally since the problems woth #MobilePhones and the underlying technology ain't fixable with an #AndroidROM

    GrapheneOS is not a ROM, Pixel OS is not a ROM, and LineageOS is not a ROM either, theses operating systems are not ROMs.

    "Instead we need to foster a #SecurityCulture and proper #ITsec, #InfoSec, #OpSec & #comsec

    Indeed, and what GrapheneOS does about security is completely appropriate, including informing people and giving them good advice.

    "Otherwise we'll see them fail the same way @signalapp did, which is eitger getting shut down (#EncroChat-style) or being uncovered as a controlled opposition / honeypot (like #ANØM aka. #OperationIronside aka. #OperationTrøjanShield)…"

    Signal did not fail, and mentioning Encrochat, ANON, and honeypots in the same sentence is irrelevant. These things have absolutely nothing in common with Signal, you seem to be believing made-up stories.

  26. @kkarhan @GrapheneOS @tails_live @torproject @signalapp

    "GrapheneOS chose their requirements and they can happily design their own platform instead."

    There's no need to reinvent the wheel. AOSP is a secure, open-source platform that has been around for almost 20 years. I don't want to debate rumors that Google wants to make AOSP proprietary because there is no evidence to support this, especially since it would not benefit them in any way.

    "I just think that their stubbornness"

    It's not stubborness and I explained why.

    "They are the antithesis to #Tails when it comes to #UserFriendly-ness and approachability for #Normies and #TechIlliterates

    It's probably the first time I've seen “Tails” and “Normie” in the same sentence, It's not that Tails is difficult to use, but I'm really not sure that many “normies” use it or even know it exists. The user experience on GrapheneOS is almost identical to Pixel OS, the standard operating system for Google Pixel devices, so using GrapheneOS is likely to seem much simpler and familiar to normies, as they will already be used to it.

    "Espechally since the problems woth #MobilePhones and the underlying technology ain't fixable with an #AndroidROM

    GrapheneOS is not a ROM, Pixel OS is not a ROM, and LineageOS is not a ROM either, theses operating systems are not ROMs.

    "Instead we need to foster a #SecurityCulture and proper #ITsec, #InfoSec, #OpSec & #comsec

    Indeed, and what GrapheneOS does about security is completely appropriate, including informing people and giving them good advice.

    "Otherwise we'll see them fail the same way @signalapp did, which is eitger getting shut down (#EncroChat-style) or being uncovered as a controlled opposition / honeypot (like #ANØM aka. #OperationIronside aka. #OperationTrøjanShield)…"

    Signal did not fail, and mentioning Encrochat, ANON, and honeypots in the same sentence is irrelevant. These things have absolutely nothing in common with Signal, you seem to be believing made-up stories.

  27. @kkarhan @GrapheneOS @tails_live @torproject @signalapp

    "GrapheneOS chose their requirements and they can happily design their own platform instead."

    There's no need to reinvent the wheel. AOSP is a secure, open-source platform that has been around for almost 20 years. I don't want to debate rumors that Google wants to make AOSP proprietary because there is no evidence to support this, especially since it would not benefit them in any way.

    "I just think that their stubbornness"

    It's not stubborness and I explained why.

    "They are the antithesis to #Tails when it comes to #UserFriendly-ness and approachability for #Normies and #TechIlliterates

    It's probably the first time I've seen “Tails” and “Normie” in the same sentence, It's not that Tails is difficult to use, but I'm really not sure that many “normies” use it or even know it exists. The user experience on GrapheneOS is almost identical to Pixel OS, the standard operating system for Google Pixel devices, so using GrapheneOS is likely to seem much simpler and familiar to normies, as they will already be used to it.

    "Espechally since the problems woth #MobilePhones and the underlying technology ain't fixable with an #AndroidROM

    GrapheneOS is not a ROM, Pixel OS is not a ROM, and LineageOS is not a ROM either, theses operating systems are not ROMs.

    "Instead we need to foster a #SecurityCulture and proper #ITsec, #InfoSec, #OpSec & #comsec

    Indeed, and what GrapheneOS does about security is completely appropriate, including informing people and giving them good advice.

    "Otherwise we'll see them fail the same way @signalapp did, which is eitger getting shut down (#EncroChat-style) or being uncovered as a controlled opposition / honeypot (like #ANØM aka. #OperationIronside aka. #OperationTrøjanShield)…"

    Signal did not fail, and mentioning Encrochat, ANON, and honeypots in the same sentence is irrelevant. These things have absolutely nothing in common with Signal, you seem to be believing made-up stories.

  28. @kkarhan @GrapheneOS @tails_live @torproject @signalapp

    "GrapheneOS chose their requirements and they can happily design their own platform instead."

    There's no need to reinvent the wheel. AOSP is a secure, open-source platform that has been around for almost 20 years. I don't want to debate rumors that Google wants to make AOSP proprietary because there is no evidence to support this, especially since it would not benefit them in any way.

    "I just think that their stubbornness"

    It's not stubborness and I explained why.

    "They are the antithesis to #Tails when it comes to #UserFriendly-ness and approachability for #Normies and #TechIlliterates

    It's probably the first time I've seen “Tails” and “Normie” in the same sentence, It's not that Tails is difficult to use, but I'm really not sure that many “normies” use it or even know it exists. The user experience on GrapheneOS is almost identical to Pixel OS, the standard operating system for Google Pixel devices, so using GrapheneOS is likely to seem much simpler and familiar to normies, as they will already be used to it.

    "Espechally since the problems woth #MobilePhones and the underlying technology ain't fixable with an #AndroidROM

    GrapheneOS is not a ROM, Pixel OS is not a ROM, and LineageOS is not a ROM either, theses operating systems are not ROMs.

    "Instead we need to foster a #SecurityCulture and proper #ITsec, #InfoSec, #OpSec & #comsec

    Indeed, and what GrapheneOS does about security is completely appropriate, including informing people and giving them good advice.

    "Otherwise we'll see them fail the same way @signalapp did, which is eitger getting shut down (#EncroChat-style) or being uncovered as a controlled opposition / honeypot (like #ANØM aka. #OperationIronside aka. #OperationTrøjanShield)…"

    Signal did not fail, and mentioning Encrochat, ANON, and honeypots in the same sentence is irrelevant. These things have absolutely nothing in common with Signal, you seem to be believing made-up stories.

  29. EU considering Matrix for communications? Well, it has its problems. But this is probably one of the use cases it's quite well suited for.

    https://www.euractiv.com/news/commission-trials-european-open-source-communications-software/

    #EU #COMSEC #privacy #Europe #Matrix
  30. EU considering Matrix for communications? Well, it has its problems. But this is probably one of the use cases it's quite well suited for.

    https://www.euractiv.com/news/commission-trials-european-open-source-communications-software/

    #EU #COMSEC #privacy #Europe #Matrix
  31. EU considering Matrix for communications? Well, it has its problems. But this is probably one of the use cases it's quite well suited for.

    https://www.euractiv.com/news/commission-trials-european-open-source-communications-software/

    #EU #COMSEC #privacy #Europe #Matrix
  32. EU considering Matrix for communications? Well, it got it's problems. But this is probably one of the use cases it's quite well suited for.

    https://www.euractiv.com/news/commission-trials-european-open-source-communications-software/

    #EU #COMSEC #privacy #Europe #Matrix