BraveCherry
29 posts
BraveCherry
@cherry_brave
Old-school hackers, breaking the mold, Banner by Lewis Collard, published under Attribution license.
Earth Katılım Mart 2026
98 Takip Edilen4 Takipçiler
@TheHackersNews If I could afford a physical security key, I wouldn't be using two-factor authentication.
English
🔥 Google rolled out Device Bound Session Credentials (DBSC) in Chrome 146 (Windows).
It ties session cookies to a device using hardware keys, so stolen cookies can’t be reused without that device. Cookies expire quickly without validation.
🔗 Read → thehackernews.com/2026/04/google…
English
@session_app So how much Bitcoin are you guys planning to buy with this money?
English
Your donations have helped, and the Session Technology Foundation (STF) has received enough funding to support critical operations for 90 days.
This means that Session will remain available on the app stores and essential services (such as the file server and push notification server) will stay online until July 8.
For now, further development has been paused, so new features will not be released and emerging or existing bugs may not be immediately fixed. Most likely, there will be no new releases during this period.
Volunteers will continue to keep Session alive for as long as is feasible. However, without proper funding to put towards development, over time Session will fall behind alternatives on usability and (eventually) security.
We are extremely grateful to all the members of the community who have helped Session over the years by running nodes, onboarding their friends, and contributing to the foundation. Thank you to all who have worked with us to defend privacy for the last 8 years.
Currently, it is estimated that USD$1 million is needed to complete the launch and support Protocol v2 (PFS, post-quantum, secure device management) and Pro (ecosystem sustainability). Beyond this, it is hoped the project could stand on its own.
However, without this funding, the final day for Session is July 8. Although we must give this notice now, we will continue doing everything we can to secure more time for Session. If you or someone you know might be able to help, please connect.
getsession.org/donate
English
So how much Bitcoin are you guys planning to buy with this money?
Session@session_app
Your donations have helped, and the Session Technology Foundation (STF) has received enough funding to support critical operations for 90 days. This means that Session will remain available on the app stores and essential services (such as the file server and push notification server) will stay online until July 8. For now, further development has been paused, so new features will not be released and emerging or existing bugs may not be immediately fixed. Most likely, there will be no new releases during this period. Volunteers will continue to keep Session alive for as long as is feasible. However, without proper funding to put towards development, over time Session will fall behind alternatives on usability and (eventually) security. We are extremely grateful to all the members of the community who have helped Session over the years by running nodes, onboarding their friends, and contributing to the foundation. Thank you to all who have worked with us to defend privacy for the last 8 years. Currently, it is estimated that USD$1 million is needed to complete the launch and support Protocol v2 (PFS, post-quantum, secure device management) and Pro (ecosystem sustainability). Beyond this, it is hoped the project could stand on its own. However, without this funding, the final day for Session is July 8. Although we must give this notice now, we will continue doing everything we can to secure more time for Session. If you or someone you know might be able to help, please connect. getsession.org/donate
English
Since Telegram's contact info isn't secure, I'm still not using it; and considering its sketchy relationship with censors in certain countries, anyone who values their freedom should probably stay away from it.
English
How much fake liquor did this Durov drink again? Hurry back to your old Russian home and go to sleep.
Pavel Durov@durov
That’s why Telegram Secret Chats never show message content in push notifications. Since 2013, Secret Chats have remained the most secure usable way to communicate. US gov funded Signal has too many questionable dependencies on other US companies (AWS, MS, Intel SGX…)
English
@degenmate @durov @wavemsgs @liznilend Only the US can pull this off; they've got plenty of muscle and the means to do it.
English
@cherry_brave @durov @wavemsgs @liznilend If it is US that is issuer I have doubt China will give em anything.
English
That’s why Telegram Secret Chats never show message content in push notifications. Since 2013, Secret Chats have remained the most secure usable way to communicate. US gov funded Signal has too many questionable dependencies on other US companies (AWS, MS, Intel SGX…)
International Cyber Digest@IntCyberDigest
🚨 BREAKING: The FBI has successfully extracted deleted Signal messages from a suspect's iPhone via notification storage, the place where all your notifications are stored for up to one month. Notification storage stores data from all messaging apps, it's a big flaw in iOS. But there's a way to turn it off...
English
@TheLyrinthor That's a good idea, but I've decided to talk to my friends offline so they don't push back too much.
English
SimpleX is my favorite encrypted chat app, but unfortunately, not a single one of my friends uses it.
Lyrinthor @TheLyrinthor
@durov @Proton_Pass We understand your sacrifice in leaving VK and Russia. However, the issue with Signal message exposure is not the app itself—it’s the operating system. And currently, SimpleX is better than any other messaging app available.
English
@degenmate @durov @wavemsgs @liznilend I have no idea what you're talking about. WeChat keeps chat logs for up to a year, and during that time, any country can issue an investigation warrant to WeChat to review that content.
English
@durov @wavemsgs @liznilend So it comes down to one thing only again, want to be private in US use we chat, want to be private in Russia and China use Signal. 😁
English
@tirlarim What the hell are you mumbling about? You can be a piece of shit and nobody will care, but you can't tell others to shut up. If you can do better than them, then speak up; otherwise, there's no need to be a sarcastic prick.
English
English
While you could claim that everything is math without facing any pushback, saying everything is a file is incorrect; that's a user-space abstraction, not a hardware reality.
English
@DegenKing81 @manipulate Signal is under no obligation to inform you of any basic common sense regarding personal safety beyond chat security.
English
@manipulate If this was a known vulnerability how come signal hadn't alerted people earlier and told them to turn it off
English
Everyone’s screaming "Signal is broken" again because the FBI pulled deleted messages from an iPhone.
They were just sitting in Apple’s APNs notification cache from lock screen previews. Not a Signal vulnerability.
Turn previews off if you are worried.
English
BraveCherry retweetledi
"Telegram has never done this — and never will"
True. Telegram has never offered E2EE in groups or channels, and still refuses to enable it by default in DMs—while calling itself the secure alternative to WhatsApp.
It's like debating which cigarette brand is healthiest.
Pavel Durov@durov
WhatsApp’s “encryption” may be the biggest consumer fraud in history — deceiving billions of users. Despite its claims, it reads users’ messages and shares them with third parties. Telegram has never done this — and never will 🤝
English
BraveCherry retweetledi
@TutaPrivacy Software installation is not "Sideloading". The S-word is the proverbial bad name given to a dog in order to hang him.
English
So, if a software can directly read text messages, why would you need this? Is it really more secure? IDI.
GitHub Projects Community@GithubProjects
SMS Gateway turns your Android smartphone into an SMS gateway. It's a lightweight application that allows you to send SMS messages programmatically via an API or CLI tool and receive webhooks on incoming SMS. This makes it ideal for integrating SMS functionality into your own applications or services
English
How could Apple, with its supposedly most secure portable operating system like iOS, make such a small mistake? :D
International Cyber Digest@IntCyberDigest
🚨 BREAKING: The FBI has successfully extracted deleted Signal messages from a suspect's iPhone via notification storage, the place where all your notifications are stored for up to one month. Notification storage stores data from all messaging apps, it's a big flaw in iOS. But there's a way to turn it off...
English