Daily Linux & Open Source News - S01E208 - Encrypted services aren't all that safe, apparentrly
Added 2024-10-28 10:18:01 +0000 UTCHey everyone!
In this one, we have:
00:09 5 End 2 End Encrypted services are vulnerable
https://www.scworld.com/news/researchers-discover-flaws-in-5-end-to-end-encrypted-cloud-services
03:47 Bitwarden clears up licensing issues
https://www.phoronix.com/news/Bitwarden-Code-Cleared-Up
Have a great day!
Comments
Proper end to end encryption is not something easy to do, it has to be implemented properly and has to be audited regularly. Even then it's not guaranteed that data encrypted today will not be easily decrypted tomorrow if a data leak happens and the stolen data is kept for an indefinite amount of time.
UsernamesAreHard
2024-10-28 15:43:30 +0000 UTCI've read the Bitwarden github issues and think this "internal-sdk" thing is not a general SDK that is needed for compatible clients but the "internal-secretsmanager-devkit" with Secrets Manager being a commercial offering for businesses to store shared IT Devops credentials (thats what I took away from their website). This thing has a license that users think is incompatible with gpl. They seemed to have messed up by mixing this into the open-source clients.
Sebastian
2024-10-28 12:41:46 +0000 UTC
