Apple's end-to-end iCloud encryption product ("Advanced Data Protection") was famously removed in the U.K. after a government order demanded backdoors for accessing user data.

So now a Google software engineer wants to build an open source version of Advanced Data Protection for everyone. "We need to take action now to protect users..." they write (as long-time Slashdot reader WaywardGeek). "The whole world would be able to use it for free, protecting backups, passwords, message history, and more, if we can get existing applications to talk to the new data protection service." "I helped build Google's Advanced Data Protection (Google Cloud Key VaultService) in 2018, and Google is way ahead of Apple in this area. I know exactly how to build it and can have it done in spare time in a few weeks, at least server-side... This would be a distributed trust based system, so I need folks willing to run the protection service. I'll run mine on a Raspberry PI...

The scheme splits a secret among N protection servers, and when it is time to recover the secret, which is basically an encryption key, they must be able to get key shares from T of the original N servers. This uses a distributed oblivious pseudo random function algorithm, which is very simple.

In plain English, it provides nation-state resistance to secret back doors, and eliminates secret mass surveillance, at least when it comes to data backed up to the cloud... The UK and similarly confused governments will need to negotiate with operators in multiple countries to get access to any given users's keys. There are cases where rational folks would agree to hand over that data, and I hope we can end the encryption wars and develop sane policies that protect user data while offering a compromise where lives can be saved.
"I've got the algorithms and server-side covered," according to their original submission. "However, I need help." Specifically...

• Running protection servers. "This is a T-of-N scheme, where users will need say 9 of 15 nodes to be available to recover their backups."
• Android client app. "And preferably tight integration with the platform as an alternate backup service."
• An iOS client app. (With the same tight integration with the platform as an alternate backup service.)
• Authentication. "Users should register and login before they can use any of their limited guesses to their phone-unlock secret."

"Are you up for this challenge? Are you ready to plunge into this with me?"


In the comments he says anyone interested can ask to join the "OpenADP" project on GitHub — which is promising "Open source Advanced Data Protection for everyone."

An anonymous reader quotes a report from Ars Technica: An accused movie pirate who stole more than 1,000 Blu-ray discs and DVDs while working for a DVD manufacturing company struck a plea deal (PDF) this week to lower his sentence after the FBI claimed the man's piracy cost movie studios millions. Steven Hale no longer works for the DVD company. He was arrested in March, accused of "bypassing encryption that prevents unauthorized copying" and ripping pre-release copies of movies he could only access because his former employer was used by major movie studios. As alleged by the feds, his game was beating studios to releases to achieve the greatest possible financial gains from online leaks.

Among the popular movies that Hale is believed to have leaked between 2021 and 2022 was Spider-Man: No Way Home, which the FBI alleged was copied "tens of millions of times" at an estimated loss of "tens of millions of dollars" for just one studio on one movie. Other movies Hale ripped included animated hits like Encanto and Sing 2, as well as anticipated sequels like The Matrix: Resurrections and Venom: Let There Be Carnage. The cops first caught wind of Hale's scheme in March 2022. They seized about 1,160 Blu-rays and DVDs in what TorrentFreak noted were the days just "after the Spider-Man movie leaked online." It's unclear why it took close to three years before Hale's arrest, but TorrentFreak suggested that Hale's case is perhaps part of a bigger investigation into the Spider-Man leaks. A plea deal for Hale significantly reduced the estimated damages from his piracy case to under $40,000 and led to the dismissal of two charges, though he still faces up to five years in prison and a $250,000 fine for one remaining copyright infringement charge. His final sentence and restitution amount will be decided at a court hearing in Tennessee at the end of August.

A year ago, the original creator of SerenityOS posted that "for the past two years, I've been almost entirely focused on Ladybird, a new web browser that started as a simple HTML viewer for SerenityOS." So it became a stand-alone project that "aims to render the modern web with good performance, stability and security." And they're also building a new web engine.

"We are building a brand-new browser from scratch, backed by a non-profit..." says Ladybird's official web site, adding that they're driven "by a web standards first approach." They promise it will be truly independent, with "no code from other browsers" (and no "default search engine" deals).

"We are targeting Summer 2026 for a first Alpha version on Linux and macOS. This will be aimed at developers and early adopters." More from the Ladybird FAQ: We currently have 7 paid full-time engineers working on Ladybird. There is also a large community of volunteer contributors... The focus of the Ladybird project is to build a new browser engine from the ground up. We don't use code from Blink, WebKit, Gecko, or any other browser engine...

For historical reasons, the browser uses various libraries from the SerenityOS project, which has a strong culture of writing everything from scratch. Now that Ladybird has forked from SerenityOS, it is no longer bound by this culture, and we will be making use of 3rd party libraries for common functionality (e.g image/audio/video formats, encryption, graphics, etc.) We are already using some of the same 3rd party libraries that other browsers use, but we will never adopt another browser engine instead of building our own...

We don't have anyone actively working on Windows support, and there are considerable changes required to make it work well outside a Unix-like environment. We would like to do Windows eventually, but it's not a priority at the moment.
"Ladybird's founder Andreas Kling has a solid background in WebKit-based C++ development with both Apple and Nokia,," writes software developer/author David Eastman: "You are likely reading this on a browser that is slightly faster because of my work," he wrote on his blog's introduction page. After leaving Apple, clearly burnt out, Kling found himself in need of something to healthily occupy his time. He could have chosen to learn needlepoint, but instead he opted to build his own operating system, called Serenity. Ladybird is a web project spin-off from this, to which Kling now devotes his time...

[B]eyond the extensive open source politics, the main reason for supporting other independent browser projects is to maintain diverse alternatives — to prevent the web platform from being entirely captured by one company. This is where Ladybird comes in. It doesn't have any commercial foundation and it doesn't seem to be waiting to grab a commercial opportunity. It has a range of sponsors, some of which might be strategic (for example, Shopify), but most are goodwill or alignment-led. If you sponsor Ladybird, it will put your logo on its webpage and say thank you. That's it. This might seem uncontroversial, but other nonprofit organisations also give board seats to high-paying sponsors. Ladybird explicitly refuses to do this...

The Acid3 Browser test (which has nothing whatsoever to do with ACID compliance in databases) is an old method of checking compliance with web standards, but vendors can still check how their products do against a battery of tests. They check compliance for the DOM2, CSS3, HTML4 and the other standards that make sure that webpages work in a predictable way. If I point my Chrome browser on my MacBook to http://acid3.acidtests.org/, it gets 94/100. Safari does a bit better, getting to 97/100. Ladybird reportedly passes all 100 tests.
"All the code is hosted on GitHub," says the Ladybird home page. "Clone it, build it, and join our Discord if you want to collaborate on it!"

Wednesday Google security researchers published a preprint demonstrating that 2048-bit RSA encryption "could theoretically be broken by a quantum computer with 1 million noisy qubits running for one week," writes Google's security blog.

"This is a 20-fold decrease in the number of qubits from our previous estimate, published in 2019... " The reduction in physical qubit count comes from two sources: better algorithms and better error correction — whereby qubits used by the algorithm ("logical qubits") are redundantly encoded across many physical qubits, so that errors can be detected and corrected... [Google's researchers found a way to reduce the operations in a 2024 algorithm from 1000x more than previous work to just 2x. And "On the error correction side, the key change is tripling the storage density of idle logical qubits by adding a second layer of error correction."]

Notably, quantum computers with relevant error rates currently have on the order of only 100 to 1000 qubits, and the National Institute of Standards and Technology (NIST) recently released standard PQC algorithms that are expected to be resistant to future large-scale quantum computers. However, this new result does underscore the importance of migrating to these standards in line with NIST recommended timelines.
The article notes that Google started using the standardized version of ML-KEM once it became available, both internally and for encrypting traffic in Chrome...

"The initial public draft of the NIST internal report on the transition to post-quantum cryptography standards states that vulnerable systems should be deprecated after 2030 and disallowed after 2035. Our work highlights the importance of adhering to this recommended timeline."

SiFive was one of the first companies to produce a RISC-V chip. This week they announced a new collaboration with Red Hat "to bring Red Hat Enterprise Linux support to the rapidly growing RISC-V community" and "prepare Red Hat's product portfolio for future intersection with RISC-V server hardware from a diverse set of RISC-V suppliers."

Red Hat Enterprise Linux 10 is available in developer preview on the SiFive HiFive Premier P550 platform, which they call "a proven, high performance RISC-V CPU development platform." The SiFive HiFive Premier P550 provides a proven, high performance RISC-V CPU development platform. Adding support for Red Hat Enterprise Linux 10, the latest version of the world's leading enterprise Linux platform, enables developers to create, optimize, and release new applications for the next generation of enterprise servers and cloud infrastructure on the RISC-V architecture...

SiFive's high performance RISC-V technology is already being used by large organizations to meet compute-intensive AI and machine learning workloads in the datacenter... "With the growing demand for RISC-V, we are pleased to collaborate with SiFive to support Red Hat Enterprise Linux 10 deployments on SiFive HiFive Premier P550," said Ronald Pacheco, senior director of RHEL product and ecosystem strategy, "to further empower developers with the power of the world's leading enterprise Linux platform wherever and however they choose to deploy...."

Dave Altavilla, principal analyst at HotTech Vision And Analysis, said "Native Red Hat Enterprise Linux support on SiFive's HiFive Premier P550 board offers developers a substantial enterprise-grade toolchain for RISC-V.

"This is a pivotal step forward in enabling a full-stack ecosystem around open RISC-V hardware. SiFive says the move will "inspire the next generation of enterprise workloads and AI applications optimized for RISC-V," while helping their partners "deliver systems with a meaningfully lower total cost of ownership than incumbent platforms."

"With the growing demand for RISC-V, we are pleased to collaborate with SiFive to support Red Hat Enterprise Linux 10 deployments on SiFive HiFive Premier P550..." said Ronald Pacheco, senior director of RHEL product and ecosystem strategy. .

Beta News notes that there's also a new AI-powered assistant in RHEL 10, so "Instead of spending all day searching for answers or poking through documentation, admins can simply ask questions directly from the command line and get real-time help Security is front and center in this release, too. Red Hat is taking a proactive stance with early support for post-quantum cryptography. OpenSSL, GnuTLS, NSS, and OpenSSH now offer quantum-resistant options, setting the stage for better protection as threats evolve. There's a new sudo system role to help with privilege management, and OpenSSH has been bumped to version 9.9. Plus, with new Sequoia tools for OpenPGP, the door is open for even more robust encryption strategies. But it's not just about security and AI. Containers are now at the heart of RHEL 10 thanks to the new "image mode." With this feature, building and maintaining both the OS and your applications gets a lot more streamlined...

An anonymous reader quotes a report from TechCrunch: A Florida bill, which would have required social media companies to provide an encryption backdoor for allowing police to access user accounts and private messages, has failed to pass into law. The Social Media Use by Minors bill was "indefinitely postponed" and "withdrawn from consideration" in the Florida House of Representatives earlier this week. Lawmakers in the Florida Senate had already voted to advance the legislation, but a bill requires both legislative chambers to pass before it can become law.

The bill would have required social media firms to "provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena," which are typically issued by law enforcement agencies and without judicial oversight. Digital rights group the Electronic Frontier Foundation called the bill "dangerous and dumb." Security professionals have long argued that it is impossible to create a secure backdoor that cannot also be maliciously abused, and encryption backdoors put user data at risk of data breaches.

Remember when U.S. National Security Adviser Mike Waltz mistakenly included a journalist in an encrypted chatroom to discuss looming U.S. military action against Yemen's Houthis?

A recent photo of a high-level cabinet meeting caught Waltz using a "less-secure Signal app knockoff," reports the Guardian: The chat app Waltz was using appears to be a modified version of Signal called TM SGNL, made by a company that copies messaging apps but adds an ability to retain messages and archive them. The White House officials may be using the modified Signal in order to comply with the legal requirement that presidential records be preserved... That function suggests the end-to-end encryption that makes Signal trusted for sharing private communications is possibly "not maintained, because the messages can be later retrieved after being stored somewhere else", according to 404 Media.
Thursday the national security adviser was removed from his position, the article points out.

He was instead named America's ambassador to the United Nations.

A court has blocked a British government attempt to keep secret a legal case over its demand to access Apple user data. From a report: The UK Investigatory Powers Tribunal, a special court that handles cases related to government surveillance, said the authorities' efforts were a "fundamental interference with the principle of open justice" in a ruling issued on Monday. The development comes after it emerged in January that the British government had served Apple with a demand to circumvent encryption that the company uses to secure user data stored in its cloud services.

Apple challenged the request, while taking the unprecedented step of removing its advanced data protection feature for its British users. The government had sought to keep details about the demand -- and Apple's challenge of it -- from being publicly disclosed. Apple has regularly clashed with governments over encryption features that can make it difficult for law enforcement to access devices produced by the company. The world's most valuable company last year criticized UK surveillance powers as "unprecedented overreach" by the government.

The European Commission has announced its intention to join the ongoing debate about lawful access to data and end-to-end encryption while unveiling a new internal security strategy aimed to address ongoing threats. From a report: ProtectEU, as the strategy has been named, describes the general areas that the bloc's executive would like to address in the coming years although as a strategy it does not offer any detailed policy proposals. In what the Commission called "a changed security environment and an evolving geopolitical landscape," it said Europe needed to "review its approach to internal security."

Among its aims is establishing Europol as "a truly operational police agency to reinforce support to Member States," something potentially comparable to the U.S. FBI, with a role "in investigating cross-border, large-scale, and complex cases posing a serious threat to the internal security of the Union." Alongside the new Europol, the Commission said it would create roadmaps regarding both the "lawful and effective access to data for law enforcement" and on encryption.

Google is rolling out a new encryption model for Gmail that allows enterprise users to send encrypted messages without requiring recipients to use custom software or exchange encryption certificates. The feature, launching in beta today, initially supports encrypted emails within the same organization, with plans to expand to all Gmail inboxes "in the coming weeks" and third-party email providers "later this year."

Unlike Gmail's current S/MIME-based encryption, the new system lets users simply toggle "additional encryption" in the email draft window. Non-Gmail recipients will receive a link to access messages through a guest Google Workspace account, while Gmail users will see automatically decrypted emails in their inbox.

The Certification Authority/Browser Forum "is a cross-industry group that works together to develop minimum requirements for TLS certificates," writes Google's Security blog. And earlier this month two proposals from Google's forward-looking roadmap "became required practices in the CA/Browser Forum Baseline Requirements," improving the security and agility of TLS connections... Multi-Perspective Issuance Corroboration
Before issuing a certificate to a website, a Certification Authority (CA) must verify the requestor legitimately controls the domain whose name will be represented in the certificate. This process is referred to as "domain control validation" and there are several well-defined methods that can be used. For example, a CA can specify a random value to be placed on a website, and then perform a check to verify the value's presence has been published by the certificate requestor.

Despite the existing domain control validation requirements defined by the CA/Browser Forum, peer-reviewed research authored by the Center for Information Technology Policy of Princeton University and others highlighted the risk of Border Gateway Protocol (BGP) attacks and prefix-hijacking resulting in fraudulently issued certificates. This risk was not merely theoretical, as it was demonstrated that attackers successfully exploited this vulnerability on numerous occasions, with just one of these attacks resulting in approximately $2 million dollars of direct losses.

The Chrome Root Program led a work team of ecosystem participants, which culminated in a CA/Browser Forum Ballot to require adoption of MPIC via Ballot SC-067. The ballot received unanimous support from organizations who participated in voting. Beginning March 15, 2025, CAs issuing publicly-trusted certificates must now rely on MPIC as part of their certificate issuance process. Some of these CAs are relying on the Open MPIC Project to ensure their implementations are robust and consistent with ecosystem expectations...

Linting
Linting refers to the automated process of analyzing X.509 certificates to detect and prevent errors, inconsistencies, and non-compliance with requirements and industry standards. Linting ensures certificates are well-formatted and include the necessary data for their intended use, such as website authentication. Linting can expose the use of weak or obsolete cryptographic algorithms and other known insecure practices, improving overall security... The ballot received unanimous support from organizations who participated in voting. Beginning March 15, 2025, CAs issuing publicly-trusted certificates must now rely on linting as part of their certificate issuance process.
Linting also improves interoperability, according to the blog post, and helps reduce the risk of non-compliance with standards that can result in certificates being "mis-issued".

And coming up, weak domain control validation methods (currently permitted by the CA/Browser Forum TLS Baseline Requirements) will be prohibited beginning July 15, 2025.

"Looking forward, we're excited to explore a reimagined Web PKI and Chrome Root Program with even stronger security assurances for the web as we navigate the transition to post-quantum cryptography."

JPMorgan Chase used a quantum computer from Honeywell's Quantinuum to generate and mathematically certify truly random numbers -- an advancement that could significantly enhance encryption, security, and financial applications. The breakthrough was validated with help from U.S. national laboratories and has been published in the journal Nature. From a report: Between May 2023 and May 2024, cryptographers at JPMorgan wrote an algorithm for a quantum computer to generate random numbers, which they ran on Quantinuum's machine. The US Department of Energy's supercomputers were then used to test whether the output was truly random. "It's a breakthrough result," project lead and Head of Global Technology Applied Research at JPMorgan, Marco Pistoia told Bloomberg in an interview. "The next step will be to understand where we can apply it."

Applications could ultimately include more energy-efficient cryptocurrency, online gambling, and any other activity hinging on complete randomness, such as deciding which precincts to audit in elections.

Signal president Meredith Whittaker challenged recent assertions by WhatsApp head Will Cathcart that minimal differences exist between the two messaging platforms' privacy protections. "We're amused to see WhatsApp stretching the limits of reality to claim that they are just like Signal," Whittaker said in a statement published Monday, responding to Cathcart's comments to Dutch journalists last week.

While WhatsApp licenses Signal's end-to-end encryption technology, Whittaker said that WhatsApp still collects substantial user metadata, including "location data, contact lists, when they send someone a message, when they stop, what users are in their group chats, their profile picture, and much more." Cathcart had previously stated that WhatsApp doesn't track users' communications or share contact information with other companies, claiming "we strongly believe in private communication."

The president of Signal defended the messaging app's security on Wednesday after top Trump administration officials mistakenly included a journalist in an encrypted chatroom they used to discuss looming U.S. military action against Yemen's Houthis. For a report: Signal's Meredith Whittaker did not directly address the blunder, which Democratic lawmakers have said was a breach of U.S. national security. But she described the app as the "gold standard in private comms" in a post on X, which outlined Signal's security advantages over Meta's WhatsApp messaging app. "We're open source, nonprofit, and we develop and apply (end-to-end encryption) and privacy-preserving tech across our system to protect metadata and message contents," she said.

For weeks Signal has been one of the three most-downloaded apps in the Netherlands, according to a local news site. And now "Higher education institutions in the Netherlands have been looking for an alternative," according to DUB (an independent news site for the Utrecht University community): Employees of the Utrecht University of Applied Sciences (HU) were recently advised to switch to Signal. Avans University of Applied Sciences has also been discussing a switch...The National Student Union is concerned about privacy. The subject was raised at last week's general meeting, as reported by chair Abdelkader Karbache, who said: "Our local unions want to switch to Signal or other open-source software."
Besides being open source, Signal is a non-commercial nonprofit, the article points out — though its proponents suggest there's another big difference. "HU argues that Signal keeps users' data private, unlike WhatsApp." Cybernews.com explains the concern: In an interview with the Dutch newspaper De Telegraaf, Meredith Whittaker [president of the Signal Foundation] discussed the pitfalls of WhatsApp. "WhatsApp collects metadata: who you send messages to, when, and how often. That's incredibly sensitive information," she says.... The only information [Signal] collects is the date an account was registered, the time when an account was last active, and hashed phone numbers... Information like profile name and the people a user communicates with is all encrypted... Metadata might sound harmless, but it couldn't be further from the truth. According to Whittaker, metadata is deadly. "As a former CIA director once said: 'We kill people based on metadata'."
WhatsApp's metadata also includes IP addresses, TechRadar noted last May: Other identifiable data such as your network details, the browser you use, ISP, and other identifiers linked to other Meta products (like Instagram and Facebook) associated with the same device or account are also collected... [Y]our IP can be used to track down your location. As the company explained, even if you keep the location-related features off, IP addresses and other collected information like phone number area codes can be used to estimate your "general location."

WhatsApp is required by law to share this information with authorities during an investigation...

[U]nder scrutiny is how Meta itself uses these precious details for commercial purposes. Again, this is clearly stated in WhatsApp's privacy policy and terms of use. "We may use the information we receive from [other Meta companies], and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings," reads the policy. This means that yes, your messages are always private, but WhatsApp is actively collecting your metadata to build your digital persona across other Meta platforms...
The article suggests using a VPN with WhatsApp and turning on its "advanced privacy feature" (which hides your IP address during calls) and managing the app's permissions for data collection. "While these steps can help reduce the amount of metadata collected, it's crucial to bear in mind that it's impossible to completely avoid metadata collection on the Meta-owned app... For extra privacy and security, I suggest switching to the more secure messaging app Signal."

The article also includes a cautionary anecdote. "It was exactly a piece of metadata — a Proton Mail recovery email — that led to the arrest of a Catalan activist."

Thanks to long-time Slashdot reader united_notions for sharing the article.

The French National Assembly has rejected a controversial provision that would have forced messaging platforms like Signal and WhatsApp to allow government access to encrypted private conversations, lawmakers voted Thursday night. The measure, embedded within anti-drug trafficking legislation, would have implemented a "ghost participant model" allowing law enforcement to silently join encrypted chats without users' knowledge.

The GSM Association has released new specifications for RCS messaging incorporating end-to-end encryption (E2EE) based on the Messaging Layer Security protocol, six months after iOS 18 introduced RCS compatibility.

The specifications ensure messages remain secure between Android and iOS devices, making RCS "the first large-scale messaging service to support interoperable E2EE between client implementations from different providers," said GSMA Technical Director Tom Van Pelt.

The system combines E2EE with SIM-based authentication to strengthen protection against scams and fraud. Apple confirmed it "helped lead a cross industry effort" on the standard and will implement support in future software updates without specifying a timeline. Google's RCS implementation has featured default E2EE since early 2024.

An anonymous reader quotes a report from Ars Technica: A 37-year-old Tennessee man was arrested Thursday, accused of stealing Blu-rays and DVDs from a manufacturing and distribution company used by major movie studios and sharing them online before the movies' scheduled release dates. According to a US Department of Justice press release, Steven Hale worked at the DVD company and allegedly stole "numerous 'pre-release' DVDs and Blu-rays" between February 2021 and March 2022. He then allegedly "ripped" the movies, "bypassing encryption that prevents unauthorized copying" and shared copies widely online. He also supposedly sold the actual stolen discs on e-commerce sites, the DOJ alleged.

Hale has been charged with "two counts of criminal copyright infringement and one count of interstate transportation of stolen goods," the DOJ said. He faces a maximum sentence of five years for the former, and 10 years for the latter. Among blockbuster movies that Hale is accused of stealing are Dune, F9: The Fast Saga, Venom: Let There Be Carnage, Godzilla v. Kong, and, perhaps most notably, Spider-Man: No Way Home. The DOJ claimed that "copies of Spider-Man: No Way Home were downloaded tens of millions of times, with an estimated loss to the copyright owner of tens of millions of dollars."

1Password has introduced a 'nearby items' feature, allowing users to tag credentials with physical locations so the relevant information automatically surfaces when users are near those locations. Engadget reports: Location information can be added to any new or existing item in a 1Password vault. The app has also been updated with a map view for setting and viewing the locations of your items. In the blog post announcing the feature, the company cited examples such as door codes for a workplace, health records at a doctor's office, WiFi access at the gym and rewards membership information for local shops as potential uses for location data.

Privacy and security are paramount for a password manager, and 1Password confirmed that a user's location coordinates are only used locally and do not leave the device. Nearby items is available to 1Password customers starting today.

The U.K. government appears to have quietly scrubbed encryption advice from government web pages, just weeks after demanding backdoor access to encrypted data stored on Apple's cloud storage service, iCloud. From a report: The change was spotted by security expert Alec Muffett, who wrote in a blog post on Wednesday that the U.K.'s National Cyber Security Centre (NCSC) is no longer recommending that high-risk individuals use encryption to protect their sensitive information.

The NCSC in October published a document titled "Cybersecurity tips for barristers, solicitors & legal professionals," that advised the use of encryption tools such as Apple's Advanced Data Protection (ADP). ADP allows users to turn on end-to-end encryption for their iCloud backups, effectively making it impossible for anyone, including Apple and government authorities, to view data stored on iCloud. The URL hosting the NCSC document now redirects to a different page that makes no mention of encryption or ADP. Instead, it recommends that at-risk individuals use Apple's Lockdown Mode, an "extreme" security tool that restricts access to certain functions and features.