this post was submitted on 20 Feb 2025
209 points (99.1% liked)

Technology

63009 readers
3669 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
209
Russia-aligned hackers are targeting Signal users with device-linking QR codes (arstechnica.com)
submitted 1 day ago by solo@slrpnk.net to c/technology@lemmy.world
12 comments fedilink hide all child comments
 

Swapping QR codes in group invites and artillery targeting are latest ploys.

you are viewing a single comment's thread
view the rest of the comments
[–] chaosCruiser@futurology.today 7 points 1 day ago (4 children)

Message in a bottle is the way to go.

If hackers don’t know where the bottle is floating, they can’t read the message. It’s also completely disconnected from the Internet, further enhancing the already robust security. This protocol also supports all encryption methods you can fit inside the bottle. There’s no central authority, no servers, no licenses, and no EULAs to accept without reading.

The only bottlenecks are bandwidth, packet loss, and the physical dimensions of the glass container.

[–] southsamurai@sh.itjust.works 4 points 1 day ago

You forgot one bottleneck. The bottleneck.

[–] AutistoMephisto@lemmy.world 3 points 1 day ago* (last edited 1 day ago)

For the landlocked, may I recommend the Dead Drop Protocol? Leave the message in a place that everyone knows about, but only the intended recipients knows a message is there to be read. Like the Message in a Bottle, it supports all encryption methods and is disconnected from the Internet.

There are a couple drawbacks, though. For one, unless you are watching the drop point, you have no way of knowing whether your message made it to the intended recipient or if it was intercepted. Vice versa, if you are the intended recipient of a dropped message, the only guarantee you have that the message is authentic is if the message uses a self-authenticating encryption method. Also, there is a potential that any drop point you use may be under surveillance, so make sure to not use the same drop point too often.

[–] joshcodes@programming.dev 5 points 1 day ago

Reliance on security by obscurity is unacceptable, except when the obscurity method is the oceans entire fucking surface area.

[–] Fantabread@lemm.ee 5 points 1 day ago

And the actual neck of the bottle.