-
Using Emoji for fingerprint verification
The messaging app Telegram recently introduced end-to-end encrypted voice calls. As most of you probably know, encryption without verification is pretty useless since there is the risk of man-in-the-middle attacks. I don’t want to get too much into details about this. The point I want to make is, that you should verify your partners fingerprint…
-
Attack of the Regulators
Recently, the german “Bundesnetzagentur” (the German Federal Network Agency) contacted over 100 developers of XMPP (Jabber) clients in order to ask them to register their “services”. This is justified with section 6 of the German Telecommunications Act. Clients like eg. Xabber that are working on a server-client principle are considered a “service” and therefore have…
-
OMEMO
Recently there was a lot of news coverage of an alleged „backdoor“ in WhatsApp, the proprietary messaging application owned by Facebook. WhatsApp deployed OpenWhisperSystem’s Signal-protocol roughly a year ago. Now a researcher showed, that WhatsApp’s servers are able to register a new device key for a user, so that messages that the user did not…
-
Starting to use the Fellowship Card
I recently became a fellow of the FSFE and so I received a nice letter containing the FSFE fellowship OpenPGP smartcard. After a quick visual examination I approved the card to be *damn cool*, even though the portrait format of the print of it still confuses me when I look at it. I especially like,…