Latest IronFox for Android update
Updated to Firefox 138.0.
Updated to Phoenix 2025.04.27.1. - (See changes from the last IronFox release)
Added a toggle under Privacy and security in settings to control Safe Browsing. Note that this requires a restart to take effect.
Added toggles under Privacy and security -> Site settings to control JavaScript, JIT, and WebAssembly. (Note that the JIT toggle requires a restart to take effect). Due to the addition of these toggles, we've now enabled WebAssembly by default (due to the notable breakage it causes), though users are recommended to disable it if possible to improve security. JIT will remain disabled by default.
Neutered the mozAddonManager API to restrict its capabilities and limit the data shared with Mozilla, while still allowing users to install extensions from addons.mozilla.org.
We now harden FPP (Fingerprinting Protection) and set our overrides to unbreak websites internally, instead of using the privacy.fingerprintingProtection.granularOverrides & privacy.fingerprintingProtection.overrides preferences like we have previously. This makes it far easier for users to add their own overrides if needed. If you have previously configured either of these preferences, it is highly recommended to reset them after updating to these release. If you would like to disable our overrides to unbreak websites (as well as Mozilla's), you can do so by setting privacy.fingerprintingProtection.remoteOverrides.enabled to false in your about:config.
Added a Quick fixes list to uBlock Origin by default to allow us to work-around/fix issues caused by our default config significantly faster (while we wait on the upstream list maintainers to fix the issues...).
Implemented LibreWolf's Remote Settings Blocker patch to allow us (and users) to limit what collections are read/downloaded from Mozilla, and reduce the data shared. Users can configure this from the browser.ironfox.services.settings.allowedCollections preference in the about:config, though we would not recommend editing this unless necessary, as the collections we allow by default were carefully considered and provide important functionality, including for security.
Improved visibility of domains in the URL bar to better protect against phishing. - (Thanks to @mimi89999! π)
Significantly improved upon and expanded Mozilla's built-in certificate pinning to protect against MITM attacks. If you're a website operator and would like your domain to be added or want to request details be changed, please file an issue!
Took back control of all Safe Browsing preferences, meaning these can now be freely controlled by the users from the about:config (with the exception of browser.safebrowsing.malware.enabled & browser.safebrowsing.phishing.enabled - these are controlled by the new toggle in Settings). For example, users can now set their own custom Safe Browsing provider if desired, disable our proxy and revert back to Google's standard domains, etc...
Hardened the internal PDF Viewer (PDF.js) with changes inspired by GrapheneOS's PDF Viewer. - #79
Disabled CSP Reporting to improve privacy, reduce undesired network activity, and limit the data shared with website operators.
Enabled Proxy Bypass Protection to help prevent leaks for proxy users.
Fixed a bug that caused cookies/site data and permissions to always clear on exit, regardless of their check boxes/values set by users.
Disabled Firefox's new Unified Trust Panel redesign for the menu that appears when you select the lock icon on the top left of the URL bar by default, due to phishing concerns (as it unfortunately doesn't currently display the full URL if it's too long). - You can re-enable this if preferred by navigating to IronFox's Settings -> About IronFox -> Tap IronFox's logo at the top 5 times, then go back to Settings -> Secret Settings -> Unified Trust Panel.
Disabled the com.widevine.alpha key system (MediaDrm).
Disabled Mozilla's GeoIP/Region Service to prevent Firefox from monitoring the user's region/general location and reduce unwanted network activity.
Updated to Firefox 138.0.
Updated to Phoenix 2025.04.27.1. - (See changes from the last IronFox release)
Added a toggle under Privacy and security in settings to control Safe Browsing. Note that this requires a restart to take effect.
Added toggles under Privacy and security -> Site settings to control JavaScript, JIT, and WebAssembly. (Note that the JIT toggle requires a restart to take effect). Due to the addition of these toggles, we've now enabled WebAssembly by default (due to the notable breakage it causes), though users are recommended to disable it if possible to improve security. JIT will remain disabled by default.
Neutered the mozAddonManager API to restrict its capabilities and limit the data shared with Mozilla, while still allowing users to install extensions from addons.mozilla.org.
We now harden FPP (Fingerprinting Protection) and set our overrides to unbreak websites internally, instead of using the privacy.fingerprintingProtection.granularOverrides & privacy.fingerprintingProtection.overrides preferences like we have previously. This makes it far easier for users to add their own overrides if needed. If you have previously configured either of these preferences, it is highly recommended to reset them after updating to these release. If you would like to disable our overrides to unbreak websites (as well as Mozilla's), you can do so by setting privacy.fingerprintingProtection.remoteOverrides.enabled to false in your about:config.
Added a Quick fixes list to uBlock Origin by default to allow us to work-around/fix issues caused by our default config significantly faster (while we wait on the upstream list maintainers to fix the issues...).
Implemented LibreWolf's Remote Settings Blocker patch to allow us (and users) to limit what collections are read/downloaded from Mozilla, and reduce the data shared. Users can configure this from the browser.ironfox.services.settings.allowedCollections preference in the about:config, though we would not recommend editing this unless necessary, as the collections we allow by default were carefully considered and provide important functionality, including for security.
Improved visibility of domains in the URL bar to better protect against phishing. - (Thanks to @mimi89999! π)
Significantly improved upon and expanded Mozilla's built-in certificate pinning to protect against MITM attacks. If you're a website operator and would like your domain to be added or want to request details be changed, please file an issue!
Took back control of all Safe Browsing preferences, meaning these can now be freely controlled by the users from the about:config (with the exception of browser.safebrowsing.malware.enabled & browser.safebrowsing.phishing.enabled - these are controlled by the new toggle in Settings). For example, users can now set their own custom Safe Browsing provider if desired, disable our proxy and revert back to Google's standard domains, etc...
Hardened the internal PDF Viewer (PDF.js) with changes inspired by GrapheneOS's PDF Viewer. - #79
Disabled CSP Reporting to improve privacy, reduce undesired network activity, and limit the data shared with website operators.
Enabled Proxy Bypass Protection to help prevent leaks for proxy users.
Fixed a bug that caused cookies/site data and permissions to always clear on exit, regardless of their check boxes/values set by users.
Disabled Firefox's new Unified Trust Panel redesign for the menu that appears when you select the lock icon on the top left of the URL bar by default, due to phishing concerns (as it unfortunately doesn't currently display the full URL if it's too long). - You can re-enable this if preferred by navigating to IronFox's Settings -> About IronFox -> Tap IronFox's logo at the top 5 times, then go back to Settings -> Secret Settings -> Unified Trust Panel.
Disabled the com.widevine.alpha key system (MediaDrm).
Disabled Mozilla's GeoIP/Region Service to prevent Firefox from monitoring the user's region/general location and reduce unwanted network activity.
Internet News
Netscape Unveils Enterprise Management Tools | Internet News
Netscape Communications Corp. is now shipping its Mission Control Desktop 4.5, a new collection of enterprise tools, with its Communicator Pro management
π₯16π7β€3
Disabled system extensions & system policies at build-time.
Disabled & removed the build dependency on legacy AutoConfig functionality (also known as Mission Control Desktop, debuted in Netscape Communicator 4.5... https://www.internetnews.com/enterprise/netscape-unveils-enterprise-management-tools/) to reduce attack surface and reliance on legacy code.
Disabled more unnecessary debugging/development features at build-time.
Explicitly disabled SpiderMonkey performance telemetry at build-time.
Enabled mobile optimizations at build-time.
Updated the onboarding to remove Privacy Policy/Terms of Use references, and replaced the Firefox logo (and certain other elements) with our own.
Removed Swisscows as a default search engine due to concerns regarding false marketing of their VPN and spreading false claims about other services, such as Signal.
Other minor tweaks, fixes, & adjustments.
https://gitlab.com/ironfox-oss/IronFox/-/releases
Disabled & removed the build dependency on legacy AutoConfig functionality (also known as Mission Control Desktop, debuted in Netscape Communicator 4.5... https://www.internetnews.com/enterprise/netscape-unveils-enterprise-management-tools/) to reduce attack surface and reliance on legacy code.
Disabled more unnecessary debugging/development features at build-time.
Explicitly disabled SpiderMonkey performance telemetry at build-time.
Enabled mobile optimizations at build-time.
Updated the onboarding to remove Privacy Policy/Terms of Use references, and replaced the Firefox logo (and certain other elements) with our own.
Removed Swisscows as a default search engine due to concerns regarding false marketing of their VPN and spreading false claims about other services, such as Signal.
Other minor tweaks, fixes, & adjustments.
https://gitlab.com/ironfox-oss/IronFox/-/releases
GitLab
feat: Ensure system extensions + system policies are disabled (a2087a1e) Β· Commits Β· IronFox OSS / IronFox Β· GitLab
Signed-off-by: celenity
π₯16π3
FUTO is launching a new open-source software distribution project: the FUTOcore Software Store.
https://www.bitchute.com/video/dVmDId8GPn8b/
You can learn more about FUTOcore and participate in our survey here: https://futocore.futo.org/
This talk was given by Adam Jesionowski on March 15 during FUTO's Don't be Evil Conference
#futo #apk #store
https://www.bitchute.com/video/dVmDId8GPn8b/
You can learn more about FUTOcore and participate in our survey here: https://futocore.futo.org/
This talk was given by Adam Jesionowski on March 15 during FUTO's Don't be Evil Conference
#futo #apk #store
Bitchute
Announcing FUTOcore: A New Software Store
You can learn more about FUTOcore and participate in our survey here: https://futocore.futo.org/
This talk was given by Adam Jesionowski on March 15 during FUTO's Don't be Evil Conference
This talk was given by Adam Jesionowski on March 15 during FUTO's Don't be Evil Conference
β€βπ₯9π5π2π₯2
Zapstore
Permissionless and social app store built on the #nostr protocol
For #Android #Linux and #Mac
https://zapstore.dev
Download
https://zapstore.dev/download/
Sources
https://github.com/zapstore
Secure by default
Everything you install comes from trusted sources and is cryptographically verified. Not satisfied with the default? Choose your own curators, or mix and match! Censorship has no place in our world.
Relevant to you
Supercharged by the nostr open protocol, recommendations come right from your social connections β or use it in totally private way. With our growing catalog, you will never run out of great apps.
Support your devs
Connect with your favorite developers: send them direct feedback, request features and support them through micropayments, all without any middlemen.
#apk #store
Permissionless and social app store built on the #nostr protocol
For #Android #Linux and #Mac
https://zapstore.dev
Download
https://zapstore.dev/download/
Sources
https://github.com/zapstore
Secure by default
Everything you install comes from trusted sources and is cryptographically verified. Not satisfied with the default? Choose your own curators, or mix and match! Censorship has no place in our world.
Relevant to you
Supercharged by the nostr open protocol, recommendations come right from your social connections β or use it in totally private way. With our growing catalog, you will never run out of great apps.
Support your devs
Connect with your favorite developers: send them direct feedback, request features and support them through micropayments, all without any middlemen.
#apk #store
π₯10β‘7β€1
#FUTO #Keyboard UpdatesοΌ The Swipe Dataset is Public!
https://peertube.futo.org/videos/watch/44d2e41a-307b-49ab-9a14-1e2e1eaa9a94
You can access the dataset here: https://huggingface.co/datasets/futo-org/swipe.futo.org
More info about FUTO Keyboard
https://t.iss.one/Libreware/1299
You can learn more about FUTO here: https://futo.org
https://peertube.futo.org/videos/watch/44d2e41a-307b-49ab-9a14-1e2e1eaa9a94
You can access the dataset here: https://huggingface.co/datasets/futo-org/swipe.futo.org
More info about FUTO Keyboard
https://t.iss.one/Libreware/1299
You can learn more about FUTO here: https://futo.org
FUTO PeerTube Instance
FUTO Keyboard UpdatesοΌ The Swipe Dataset is Public!
You can access the dataset here: https://huggingface.co/datasets/futo-org/swipe.futo.org You can learn more about FUTO here: https://futo.org/
π₯9π€·ββ1π1
WLED
Control WS2812B and many more types of digital RGB #LEDs with an #ESP32 over WiFi
https://kno.wled.ge
Compatible controllers - WLED Project
https://kno.wled.ge/basics/compatible-controllers/
ββ¬forums
https://wled.discourse.group/
https://discord.gg/QAh7wJHrRM
https://github.com/wled/WLED
https://github.com/Aircoookie/WLED-App
Control WS2812B and many more types of digital RGB #LEDs with an #ESP32 over WiFi
https://kno.wled.ge
Compatible controllers - WLED Project
https://kno.wled.ge/basics/compatible-controllers/
ββ¬forums
https://wled.discourse.group/
https://discord.gg/QAh7wJHrRM
https://github.com/wled/WLED
https://github.com/Aircoookie/WLED-App
kno.wled.ge
Welcome to WLED - WLED Project
π2
PeerTube Mobile App v1 Is Out | Linuxiac
The PeerTube mobile app has reached version 1, allowing users to easily edit playlists, comment on videos, and switch between accounts
Sortie de la v1 de l'application mobile ! | JoinPeerTube
PeerTube | F-Droid - Free and Open Source Android App Repository
Go to the git page to get version 1.0 the F-Droid link is 0.6
https://framagit.org/framasoft/peertube/mobile-application/-/releases
Via @linuxgram
#PeerTube
The PeerTube mobile app has reached version 1, allowing users to easily edit playlists, comment on videos, and switch between accounts
Sortie de la v1 de l'application mobile ! | JoinPeerTube
PeerTube | F-Droid - Free and Open Source Android App Repository
Go to the git page to get version 1.0 the F-Droid link is 0.6
https://framagit.org/framasoft/peertube/mobile-application/-/releases
Via @linuxgram
#PeerTube
π12β€8π1
Snap Safe
The camera that doesnβt rat you out.
Snap Safe is an #Android #camera app that keeps every pixelβand every byte of dataβexactly where it belongs: on YOUR device.
Key Features:
β’ ZeroβLeak Design β The manifest skips android.permission.INTERNET; nothing leaves your device.
β’ Fully Encrypted β Shots are written to encrypted, appβprivate storage.
β’ Metadata ScrubβAβDub β EXIF and other identifiers are wiped the instant you hit Share.
β’ PINβLocked Gallery β A separate PIN stands between curious thumbs and your photos.
β’ Secure Sharing β When you do share, we hand the file off via Android's native share sheetβno detours.
β’ Granular Location β Add coarse, fine, or zero location dataβyour call.
β’ 100% Open Source β Auditable code in plain sight.
β’ Poison Pill β Set a special PIN, that when entered, appears to work normally but actually deletes your existing
photos.
β’ Decoy Photos β Select innocuous decoy photos, these will be preserved when your Poison Pill is activated. That way
your Gallery is not suspiciously empty.
Why Snap Safe?
We capture photos locally, encrypt everything in private storage, let YOU decide if GPS tags are added (precision optional), and strip out tellβtale metadata automatically.
We NEVER phone home or talk to servers, slurp analytics or usage stats, sprinkle ads or trackers in the code, or read files outside our sandbox.
Privacy Policy: We collect nothing.
Newest version on github
https://github.com/SecureCamera/SecureCameraAndroid/releases/latest
https://f-droid.org/packages/com.darkrockstudios.app.securecamera/
Photos posted on F-droid page.
The camera that doesnβt rat you out.
Snap Safe is an #Android #camera app that keeps every pixelβand every byte of dataβexactly where it belongs: on YOUR device.
Key Features:
β’ ZeroβLeak Design β The manifest skips android.permission.INTERNET; nothing leaves your device.
β’ Fully Encrypted β Shots are written to encrypted, appβprivate storage.
β’ Metadata ScrubβAβDub β EXIF and other identifiers are wiped the instant you hit Share.
β’ PINβLocked Gallery β A separate PIN stands between curious thumbs and your photos.
β’ Secure Sharing β When you do share, we hand the file off via Android's native share sheetβno detours.
β’ Granular Location β Add coarse, fine, or zero location dataβyour call.
β’ 100% Open Source β Auditable code in plain sight.
β’ Poison Pill β Set a special PIN, that when entered, appears to work normally but actually deletes your existing
photos.
β’ Decoy Photos β Select innocuous decoy photos, these will be preserved when your Poison Pill is activated. That way
your Gallery is not suspiciously empty.
Why Snap Safe?
We capture photos locally, encrypt everything in private storage, let YOU decide if GPS tags are added (precision optional), and strip out tellβtale metadata automatically.
We NEVER phone home or talk to servers, slurp analytics or usage stats, sprinkle ads or trackers in the code, or read files outside our sandbox.
Privacy Policy: We collect nothing.
Newest version on github
https://github.com/SecureCamera/SecureCameraAndroid/releases/latest
https://f-droid.org/packages/com.darkrockstudios.app.securecamera/
Photos posted on F-droid page.
π20β€2π€2π1π1π1
A View on the Open-Source Video Editing Landscape
https://youtu.be/qEYGGqolEvs
https://media.ccc.de/v/lgm25-upstream-2025-83652-a-view-on-the-open-source-video-editing-landscape
Whether it is stitching together some travel footage or producing high-quality film content, there are many ways people want to work with the medium "video". Their needs for #video #editing solutions are diverse, and so is their budget.
Open-source video editing software seems great for beginners to get started at zero cost. What do you get and what do you have to give up on compared to the closed-source options? What does it even take to build software like this from scratch, technologically as well as mentally?
This talk takes a brief look at the free-to-use options for video editing on a desktop computer before switching the perspective to that of the developers and maintainers of such software. It offers insights into the struggles with technology, fundraising, self-motivation, and community dynamics, while also highlighting the rewarding moments and intriguing current and future developments.
Simran Spiller
https://pretalx.c3voc.de/lgm25-upstream-2025/talk/504479317/
#editor #lgm2025
https://youtu.be/qEYGGqolEvs
https://media.ccc.de/v/lgm25-upstream-2025-83652-a-view-on-the-open-source-video-editing-landscape
Whether it is stitching together some travel footage or producing high-quality film content, there are many ways people want to work with the medium "video". Their needs for #video #editing solutions are diverse, and so is their budget.
Open-source video editing software seems great for beginners to get started at zero cost. What do you get and what do you have to give up on compared to the closed-source options? What does it even take to build software like this from scratch, technologically as well as mentally?
This talk takes a brief look at the free-to-use options for video editing on a desktop computer before switching the perspective to that of the developers and maintainers of such software. It offers insights into the struggles with technology, fundraising, self-motivation, and community dynamics, while also highlighting the rewarding moments and intriguing current and future developments.
Simran Spiller
https://pretalx.c3voc.de/lgm25-upstream-2025/talk/504479317/
#editor #lgm2025
YouTube
LGM 2025 - A View on the Open-Source Video Editing Landscape
https://media.ccc.de/v/lgm25-upstream-2025-83652-a-view-on-the-open-source-video-editing-landscape
Whether it is stitching together some travel footage or producing high-quality film content, there are many ways people want to work with the medium "video".β¦
Whether it is stitching together some travel footage or producing high-quality film content, there are many ways people want to work with the medium "video".β¦
β€7π3π₯2
PeerTube v7.2.0
=> https://joinpeertube.org/
PeerTube is a free, decentralized and federated video platform developed as an alternative to other platforms that centralize our data and attention, such as YouTube, Dailymotion or Vimeo. π¬
Changelog:
=> https://github.com/Chocobozzz/PeerTube/releases/tag/v7.2.0
Via @dcntr
#PeerTube #ActivityPub
=> https://joinpeertube.org/
PeerTube is a free, decentralized and federated video platform developed as an alternative to other platforms that centralize our data and attention, such as YouTube, Dailymotion or Vimeo. π¬
Changelog:
=> https://github.com/Chocobozzz/PeerTube/releases/tag/v7.2.0
Via @dcntr
#PeerTube #ActivityPub
JoinPeerTube
What is PeerTube? | JoinPeerTube
A free software to take back control of your videos! With more than 600,000 hosted videos, viewed more than 70 millions times and 150,000 users, PeerTube is the decentralized free software alternative to videos platforms developed by Framasoft
β€19π3β‘2
Quiet v5.1.2
=> https://tryquiet.org/
Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central server or running one's own. In Quiet, all data syncs directly between a team's devices over Tor with no server required.
NOTE: #Quiet is not audited and should not be used when privacy and security are critical. It lacks basic features and probably won't replace your Slack or Discord yet. That said, it works surprisingly well and we use it daily as a Slack replacement.
=> https://github.com/TryQuiet/quiet/releases/tag/%40quiet/desktop%405.1.2
=> https://github.com/TryQuiet/quiet/releases/tag/%40quiet/mobile%405.1.2
via @dcntr
#Tor #IPFS
=> https://tryquiet.org/
Quiet is an alternative to team chat apps like Slack, Discord, and Element that does not require trusting a central server or running one's own. In Quiet, all data syncs directly between a team's devices over Tor with no server required.
NOTE: #Quiet is not audited and should not be used when privacy and security are critical. It lacks basic features and probably won't replace your Slack or Discord yet. That said, it works surprisingly well and we use it daily as a Slack replacement.
=> https://github.com/TryQuiet/quiet/releases/tag/%40quiet/desktop%405.1.2
=> https://github.com/TryQuiet/quiet/releases/tag/%40quiet/mobile%405.1.2
via @dcntr
#Tor #IPFS
π14β€9
Eppie β open protocol encrypted p2p email
=> https://eppie.io
=> https://github.com/Eppie-io
Eppie is a next-gen providerless email that allows its users to own their accounts, addresses and data. In addition to its own p2p network Eppie can communicate with other popular decentralized networks, like Ethereum, and is capable of interacting with conventional IMAP/SMTP email. It is beautiful and easy to use, just like a normal email client.
Features:
π Works on all platforms: Windows, MacOS, Linux, iOS, Android
πΆ Privacy-first: there's no such thing as optional encryption
π P2P messaging: without servers nobody's holding your hand anymore
π Identity manager: key management is a breeze
πΎ Decentralized backup: your data is safe and only yours
π€ Ultimate interoperability: Eppie can communicate with Ethereum, Bitcoin and more
π¬ IMAP/SMTP compatible: connect to Gmail, Microsoft Outlook etc.
π¦ Proton Mail Authentication: Eppie is the first native desktop client capable of that
π PGP encryption: stay safe even with conventional email
π€ Local AI agents
NOTE: the project is early in development, not all of the features are publicly availabe
via @dcntr
#email #p2p
=> https://eppie.io
=> https://github.com/Eppie-io
Eppie is a next-gen providerless email that allows its users to own their accounts, addresses and data. In addition to its own p2p network Eppie can communicate with other popular decentralized networks, like Ethereum, and is capable of interacting with conventional IMAP/SMTP email. It is beautiful and easy to use, just like a normal email client.
Features:
π Works on all platforms: Windows, MacOS, Linux, iOS, Android
πΆ Privacy-first: there's no such thing as optional encryption
π P2P messaging: without servers nobody's holding your hand anymore
π Identity manager: key management is a breeze
πΎ Decentralized backup: your data is safe and only yours
π€ Ultimate interoperability: Eppie can communicate with Ethereum, Bitcoin and more
π¬ IMAP/SMTP compatible: connect to Gmail, Microsoft Outlook etc.
π¦ Proton Mail Authentication: Eppie is the first native desktop client capable of that
π PGP encryption: stay safe even with conventional email
π€ Local AI agents
NOTE: the project is early in development, not all of the features are publicly availabe
via @dcntr
#email #p2p
eppie.io
Encrypted peer-to-peer independent email
π12β€5π1
Media is too big
VIEW IN TELEGRAM
The Stryker app is now FREE!
Packed with tools for Wi-Fi auditing, network scanning, and more β all from your Android device
πI tested all of its features: https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit
https://t.iss.one/strykerapp
https://github.com/Stryker-Defense-Inc/strykerapp/releases
@androidMalware
Packed with tools for Wi-Fi auditing, network scanning, and more β all from your Android device
πI tested all of its features: https://www.mobile-hacker.com/2025/06/12/stryker-app-goes-free-the-ultimate-mobile-pentesting-toolkit
https://t.iss.one/strykerapp
https://github.com/Stryker-Defense-Inc/strykerapp/releases
@androidMalware
β€8π₯4β€βπ₯1
Media is too big
VIEW IN TELEGRAM
Cryptographic Analysis of Delta Chat | UseNiX
Yuanming Song, Lenka MarekovΓ‘, and Kenneth G. Paterson, ETH Zurich - Nov 2024
We analyse the cryptographic protocols underlying Delta Chat, a decentralised messaging application which uses e-mail infrastructure for message delivery.
It provides end-to-end encryption by implementing the Autocrypt standard and the SecureJoin protocols, both making use of the OpenPGP standard. Delta Chat's adoption by categories of high-risk users such as journalists and activists, but also more generally users in regions affected by Internet censorship, makes it a target for powerful adversaries. Yet, the security of its protocols has not been studied to date. We describe five new attacks on Delta Chat in its own threat model, exploiting cross-protocol interactions between its implementation of SecureJoin and Autocrypt, as well as bugs in rPGP, its OpenPGP library. The findings have been disclosed to the Delta Chat team, who implemented fixes.
https://delta.chat/en/
#DeltaChat
Yuanming Song, Lenka MarekovΓ‘, and Kenneth G. Paterson, ETH Zurich - Nov 2024
We analyse the cryptographic protocols underlying Delta Chat, a decentralised messaging application which uses e-mail infrastructure for message delivery.
It provides end-to-end encryption by implementing the Autocrypt standard and the SecureJoin protocols, both making use of the OpenPGP standard. Delta Chat's adoption by categories of high-risk users such as journalists and activists, but also more generally users in regions affected by Internet censorship, makes it a target for powerful adversaries. Yet, the security of its protocols has not been studied to date. We describe five new attacks on Delta Chat in its own threat model, exploiting cross-protocol interactions between its implementation of SecureJoin and Autocrypt, as well as bugs in rPGP, its OpenPGP library. The findings have been disclosed to the Delta Chat team, who implemented fixes.
https://delta.chat/en/
#DeltaChat
π₯6π4β€3
The open-source mobile app Organic Maps is used by millions of people on both the Android and iOS platforms. In addition to featuring offline maps (generated from OpenStreetMap cartography) and turn-by-turn navigation, it also promises its users greater privacy than proprietary options. However, controversial decisions taken by the project's leaders, feelings of disenfranchisement among contributors, and even accusations of embezzlement have precipitated a divide in the community, leading to a new fork called CoMaps.
Hike, Bike, Drive Offline Navigate with Privacy | CoMaps
https://www.comaps.app/
#Navigation #Maps
Hike, Bike, Drive Offline Navigate with Privacy | CoMaps
https://www.comaps.app/
#Navigation #Maps
β€28π5
Pomozen β³
A modern, open-source Pomodoro timer designed to transform the way you work and study. Say goodbye to mental fatigue and hello to peak concentration with structured work intervals and smart breaks.
Why choose Pomozen?
β’ Track your progress with detailed statistics and custom labels for tasks.
β’ Gentle reminders ensure you never miss a focus or break period.
β’ Integrated hydration reminders keep you feeling your best.
β’ Fully customize your Pomodoro cyclesβfrom focus duration to break timesβto fit your unique rhythm.
Download Pomozen from IzzyOnDroid
Source code: Github
#Productivity #Focus #Timer
A modern, open-source Pomodoro timer designed to transform the way you work and study. Say goodbye to mental fatigue and hello to peak concentration with structured work intervals and smart breaks.
Why choose Pomozen?
β’ Track your progress with detailed statistics and custom labels for tasks.
β’ Gentle reminders ensure you never miss a focus or break period.
β’ Integrated hydration reminders keep you feeling your best.
β’ Fully customize your Pomodoro cyclesβfrom focus duration to break timesβto fit your unique rhythm.
Download Pomozen from IzzyOnDroid
Source code: Github
#Productivity #Focus #Timer
IzzyOnDroid Repo Browser
βPomozenβ β IzzyOnDroid F-Droid Repository
Pomodoro timer to boost productivity and focus
π8β€5π₯3π1π€1π1
Unboxing Elecrow ThinkNode M1 & M2 | #Meshtastic Setup, Field Test, Review & Off-Grid Comms Breakdown
https://rumble.com/v6v1uk1
In this video, I take you deep into the world of off-grid communication as I unbox and test two brand-new devices from Elecrow: the ThinkNode M1 and ThinkNode M2. These tools come pre-installed with Meshtastic firmware and are built for encrypted, decentralized communication β no SIM card, no Wi-Fi, and no cell towers required. Whether youβre prepping for a blackout, building a resilient mesh network, or just exploring survival tech, this video is packed with everything you need to know.
We start with a full unboxing of both devices, breaking down what makes each unique. The ThinkNode M1 is powered by the nRF52840 chip and includes a GPS module for location tracking, a 1.54β sunlight-readable EPD screen, and a 1200mAh battery built to last over 48 hours. Itβs rugged, outdoor-ready, and ideal for emergency kits or remote travel. In contrast, the ThinkNode M2 is lighter, smaller, and powered by the ESP32-S3 chip. It includes a 1.3β OLED display, Bluetooth support, a 1000mAh battery, and is better suited for modular integration or stealthy builds.
After the unboxing, I walk you through a step-by-step setup of each device using the Meshtastic mobile app. I show you how to configure them, pair with Bluetooth, and get your private mesh network up and running in minutes. From there, I run live tests to see how each device performs in real-world conditions and compare their features, form factor, and best use cases.
If youβre interested in off-grid privacy tools, these are two of the most beginner-friendly and capable devices out there right now. I also include a breakdown of which device might be better depending on your needsβwhether youβre building a neighborhood mesh or planning for emergency scenarios.
Make sure to check out the official product pages using the links below. These links track monthly performance, so I appreciate your support if you use them:
π ThinkNode M1:
https://www.elecrow.com/thinknode-m1-meshtastic-lora-signal-transceiver-powered-by-nrf52840-with-154-screen-support-gps.html?idd=5
π ThinkNode M2:
https://www.elecrow.com/thinknode-m2-meshtastic-lora-signal-transceiver-powered-by-esp32-s3-with-1-3-oled-display.html?idd=5
Elecrow is also running a giveaway where you can win LoRa modules or get PCB assembly sponsorship. Donβt miss this opportunity to level up your off-grid gear for free:
https://www.elecrow.com/blog/lora-modules-giveaway-and-pcb-assembly-sponsorship.html?idd=5
These tools are more than tech β they represent freedom. In a world where networks can go dark and censorship can silence, devices like these keep people connected, informed, and in control. With Meshtastic and LoRa, you are the signal. You are the network. And itβs all open source.
If you found this helpful, drop a comment, like the video, and subscribe for more content on off-grid tech, cybersecurity gadgets, and digital autonomy. Let me know which one youβd trust in your blackout bag β the rugged M1 or the sleek, portable M2.
βΈ»
π‘ Hashtags:
#LoRa #Meshtastic #ThinkNodeM1 #ThinkNodeM2 #Elecrow #OffGridCommunication #EmergencyComms #GridDown #PreppingGear #TechUnboxing #ESP32 #nRF52840 #SurvivalTech #MeshNetworking #DecentralizedComms #EncryptedMessaging #HamRadioAlternative #LongRangeRadio #DigitalFreedom #TacticalTech #CyberSecurity #LoRaWAN #MeshRadio #HackerTools #BlackoutReady #BugOutBag #PrivacyTech #RadioComms #DisasterPreparedness #MeshtasticSetup #FreedomThroughTech
https://rumble.com/v6v1uk1
In this video, I take you deep into the world of off-grid communication as I unbox and test two brand-new devices from Elecrow: the ThinkNode M1 and ThinkNode M2. These tools come pre-installed with Meshtastic firmware and are built for encrypted, decentralized communication β no SIM card, no Wi-Fi, and no cell towers required. Whether youβre prepping for a blackout, building a resilient mesh network, or just exploring survival tech, this video is packed with everything you need to know.
We start with a full unboxing of both devices, breaking down what makes each unique. The ThinkNode M1 is powered by the nRF52840 chip and includes a GPS module for location tracking, a 1.54β sunlight-readable EPD screen, and a 1200mAh battery built to last over 48 hours. Itβs rugged, outdoor-ready, and ideal for emergency kits or remote travel. In contrast, the ThinkNode M2 is lighter, smaller, and powered by the ESP32-S3 chip. It includes a 1.3β OLED display, Bluetooth support, a 1000mAh battery, and is better suited for modular integration or stealthy builds.
After the unboxing, I walk you through a step-by-step setup of each device using the Meshtastic mobile app. I show you how to configure them, pair with Bluetooth, and get your private mesh network up and running in minutes. From there, I run live tests to see how each device performs in real-world conditions and compare their features, form factor, and best use cases.
If youβre interested in off-grid privacy tools, these are two of the most beginner-friendly and capable devices out there right now. I also include a breakdown of which device might be better depending on your needsβwhether youβre building a neighborhood mesh or planning for emergency scenarios.
Make sure to check out the official product pages using the links below. These links track monthly performance, so I appreciate your support if you use them:
π ThinkNode M1:
https://www.elecrow.com/thinknode-m1-meshtastic-lora-signal-transceiver-powered-by-nrf52840-with-154-screen-support-gps.html?idd=5
π ThinkNode M2:
https://www.elecrow.com/thinknode-m2-meshtastic-lora-signal-transceiver-powered-by-esp32-s3-with-1-3-oled-display.html?idd=5
Elecrow is also running a giveaway where you can win LoRa modules or get PCB assembly sponsorship. Donβt miss this opportunity to level up your off-grid gear for free:
https://www.elecrow.com/blog/lora-modules-giveaway-and-pcb-assembly-sponsorship.html?idd=5
These tools are more than tech β they represent freedom. In a world where networks can go dark and censorship can silence, devices like these keep people connected, informed, and in control. With Meshtastic and LoRa, you are the signal. You are the network. And itβs all open source.
If you found this helpful, drop a comment, like the video, and subscribe for more content on off-grid tech, cybersecurity gadgets, and digital autonomy. Let me know which one youβd trust in your blackout bag β the rugged M1 or the sleek, portable M2.
βΈ»
π‘ Hashtags:
#LoRa #Meshtastic #ThinkNodeM1 #ThinkNodeM2 #Elecrow #OffGridCommunication #EmergencyComms #GridDown #PreppingGear #TechUnboxing #ESP32 #nRF52840 #SurvivalTech #MeshNetworking #DecentralizedComms #EncryptedMessaging #HamRadioAlternative #LongRangeRadio #DigitalFreedom #TacticalTech #CyberSecurity #LoRaWAN #MeshRadio #HackerTools #BlackoutReady #BugOutBag #PrivacyTech #RadioComms #DisasterPreparedness #MeshtasticSetup #FreedomThroughTech
Rumble
Unboxing Elecrow ThinkNode M1 & M2 | Meshtastic Setup, Field Test, Review & Off-Grid Comms Breakdown
In this video, I take you deep into the world of off-grid communication as I unbox and test two brand-new devices from Elecrow: the ThinkNode M1 and ThinkNode M2. These tools come pre-installed with M
π₯9π2π2β€1