Overview of all pages with the tag #Open Source, such as: 7ASecurity Completes Security Audit of Círculo| Guardian Project
Overview of all pages with the tag #Security, such as: IOCipher 1.0 community reboot| Guardian Project
Overview of all pages with the tag #Distribution, such as: Distribution in Depth: Mirrors as a Source of Resiliency| Guardian Project
Overview of all pages with the tag #Debian, such as: Debian over HTTPS| Guardian Project
Update: now you can do this with Tor Onion Services Many software update systems use code signing to ensure that only the correct software is downloaded and installed, and to prevent the code from being altered. This is an effective way to prevent the code from being modified, and because of that, software update systems often use plain, unencrypted HTTP connections for downloading code updates. That means that the metadata of what packages a machine has installed is available in plain text f...| Guardian Project
Overview of all pages with the tag #Android, such as: IOCipher 1.0 community reboot| Guardian Project
Overview of all pages with the tag #Tor, such as: Arti, next-gen Tor on mobile| Guardian Project
Overview of all pages with the tag #Privacy, such as: 7ASecurity Completes Security Audit of Círculo| Guardian Project
Overview of all pages with the tag #Metadata, such as: DEfO - Developing ECH for OpenSSL (round two)| Guardian Project
Overview of all pages with the tag #Fdroid, such as: A Look Back at 2024: F-Droid's Progress and What’s Coming in 2025| Guardian Project
Overview of all pages with the tag #F Droid, such as: A Look Back at 2024: F-Droid's Progress and What’s Coming in 2025| Guardian Project
Overview of all pages with the tag #Bazaar, such as: Building a Signing Server| Guardian Project
There is a new vulnerability in Debian’s apt that allows anything that can Man-in-the-Middle (MITM) your traffic to get root on your Debian/Ubuntu/etc boxes. Using encrypted connections for downloading updates, like HTTPS or Tor Onion Services, reduces this vulnerability to requiring root on the mirror server in order to exploit it. That is a drastic reduction in exposure. We have been pushing for this since 2014, and Debian, mirror operators, and others in the ecosystem have taken some big...| Guardian Project