Tatiana·25wProton rolled out Proton Sheets - a spreadsheet Google can’t peek into.
Proton launched Proton Sheets, an end-to-end encrypted spreadsheet application with zero-knowledge architecture. The service encrypts all data including file names, preventing third parties (including Proton itself) from accessing user content. This privacy-focused alternative to Google Sheets aims to protect user data from Big Tech surveillance and AI training data collection.
InfoSec Write-ups·1yHow to Build a Secure Password Manager in Python
This guide provides a step-by-step approach to building a secure password manager using Python. It covers key components such as encryption with the cryptography library, data storage using SQLite, and secure handling of master passwords. The project aims to enhance cybersecurity knowledge through practical implementation, while emphasizing security best practices.
DuckDB·37wAnnouncing DuckDB 1.4.0
DuckDB 1.4.0 'Andium' introduces Long Term Support with 1 year community maintenance, database encryption using AES-256, MERGE statement for upsert operations, Iceberg write support, CLI progress bar with ETA, FILL window function for interpolation, and performance improvements including sorting rework and materialized CTEs. The release also includes macOS notarization and moves Python integration to a separate repository.
Collections·44wProton's Lumo: A Privacy-First AI Assistant
Proton launched Lumo, a privacy-focused AI assistant that operates from European data centers with zero-access encryption and no server-side logging. Key features include ghost mode for temporary chats, no account requirement, and integration with Proton Drive for encrypted file handling. Built on open-source models, Lumo offers document summarization, code generation, email writing, and web search capabilities while ensuring user data isn't used for training. Available free with limited features or $12.99/month for unlimited access.
Fireship·1yUK demands backdoor for encrypted Apple user data...
The UK government has issued a technical capability notice to Apple, demanding a backdoor to access users' encrypted iCloud data. The notice, part of the Investigatory Powers Act 2016, aims to allow access to private data globally, which could impact all Apple users and other end-to-end encrypted services like Telegram and WhatsApp. Despite Apple's history of protecting user data, it's unclear how they will respond. Users are advised to use encryption, VPNs, and other privacy tools to safeguard their information.
Product Hunt·49wAroCrypt: Encrypt files, then make them vanish inside images
AroCrypt combines AES-256 encryption with steganography to hide encrypted files inside PNG images. This cross-platform, open-source tool provides local file protection without requiring setup or dependencies, allowing users to securely store sensitive data in plain sight by embedding it within ordinary-looking images.
Hacker News·1y"We would be less confidential than Google" – Proton threatens to quit Switzerland over new surveillance law
Proton and NymVPN, prominent VPN service providers, are threatening to leave Switzerland due to proposed amendments to the country's surveillance law. The changes would require VPNs and messaging apps to identify and retain user data, compromising encryption and online privacy. This amendment is opposed by companies and political entities in Switzerland, with concerns about privacy rights and international competitiveness.
The Verge·31w‘There isn’t really another choice:’ Signal chief explains why the encrypted messenger relies on AWS
Signal president Meredith Whittaker defends the encrypted messenger's reliance on AWS following a major outage, explaining that AWS, Microsoft Azure, and Google Cloud are the only viable options for providing global-scale, low-latency communication services. She emphasizes that the real issue isn't Signal's choice, but the concentration of power among 3-4 cloud infrastructure providers, making it practically impossible for services to avoid dependency on these hyperscalers without spending billions to build their own infrastructure.
Milan Jovanović·1yImplementing AES Encryption With C#
Learn how to implement AES encryption in .NET with practical code examples for both encryption and decryption. Understand the differences between symmetric and asymmetric encryption, and get insights into secure key management and best practices for protecting sensitive data like API keys and database credentials.
System Weakness·1yBasics of cryptography ( Part1 )
Cryptography converts readable text into unreadable ciphertext using encryption methods. Three main types include symmetric encryption (same key for encryption/decryption), asymmetric encryption (public/private key pairs), and hashing (one-way transformation for data integrity). Practical examples and websites for implementing these methods are provided.
Lobsters·28wRelease v0.12 · perkeep/perkeep
Perkeep 0.12 ships after a 5-year hiatus with major modernization: upgraded to Go 1.25, integrated Tailscale's tsnet library for private server deployment without public endpoints, migrated encryption from GPG to age, completed UI transition from GopherJS to native JavaScript, unified cloud storage backends (S3, B2, GCS), added container image distribution, expanded CI to macOS and Windows, and introduced comprehensive linting and testing improvements. The release includes contributions from 27 new contributors and removes deprecated features like AppEngine support and macOS FUSE.
Codigee·1yDoes the NSA build secret backdoors in the new encryption standards? No. In the past? Yes
In the late 1990s and early 2000s, the NSA was found to have inserted a compromised pseudorandom number generator (PRNG) called Dual_EC_DRBG into cryptographic standards, which could potentially provide backdoor access to encrypted communications. The revelation caused significant distrust in the NSA and prompted the cryptographic community to be highly vigilant against such tampering. Today, the NSA cannot interfere in the same way due to the community's heightened awareness and scrutiny of new cryptographic standards.
InfoWorld·1yMicrosoft .NET 10 Preview 2 shines on C#, runtime, encryption
Microsoft has released .NET 10 Preview 2, featuring improvements in C# 14, encryption, and the .NET runtime. Key updates include enhancements to the JIT compiler's devirtualization capabilities, new ExportPkcs12 methods for encryption, and upgrades to the dotnet CLI tool. Additional improvements cover Blazor Web App project templates, .NET for Android and iOS, WPF performance, and NativeAOT apps' startup time and memory footprint.
Noted·1yYeetfile - Self Hosted and Encrypted File Sharing and Password Vault
YeetFile is a secure, end-to-end encrypted file storage solution created by Ben Busby. It can be self-hosted using Docker or accessed through a public instance. Key features include easy deployment, server-specific passwords, customizable settings, flexible storage options, and a command-line interface. Installation via Docker Compose is straightforward, with guides available for beginners. The web UI includes features like secure file storage, password vaults, and sharing options, but its restrictive account settings might not suit everyone's needs.
Dave's Garage·1yPassword Cracking 101: From DES to ZIP
Dave, a retired operating systems engineer from Microsoft, demonstrates various password-cracking techniques. He shows how to break into Unix systems, deep crack DES, use John the Ripper, and decrypt encrypted ZIP files. The post highlights the evolution of password security, the importance of using complex, non-dictionary passwords, and the effectiveness of modern tools in testing and verifying security. Understanding these methods is crucial for creating and maintaining secure systems.
