Die Signatur-Problematik bei F-Droid ist offenbar noch immer nicht gelöst: "We find it concerning that F-Droid constantly chooses to move the goalposts and continues to rely on a fundamentally broken approach for certificate pinning, merely patching [15] known vulnerabilities without ever addressing the underlying cause."

https://github.com/obfusk/fdroid-fakesigner-poc?tab=readme-ov-file#update-2025-01-19

Are we losing the ability to #write (by hand!) - #TheGuardian #Handwriting #Calligraphy #Signature #tibiwangzi https://www.theguardian.com/news/2025/jan/21/signature-moves-are-we-losing-the-ability-to-write-by-hand?CMP=Share_AndroidApp_Other

Show HN: Signify – FOSS tool to generate Email signatures (HTML and PNG)
https://signify.difuse.io
#ycombinator #Signify #Email_Signature #Signature #Email #Difuse #Difuse_io

#Brazil #COP30[2025] #Signature #IndiginousAmazon

"Stand in Solidarity with Indigenous Leaders in Brazil!"

https://350.org/cop29-solidarity/?akid=430252.4749031.9eQT0z

#IndigenousPeople play a crucial role in finding #Solutions to the climate crisis rooted in justice, respect and care for our planet. They recognize that the time to act is now.
Next year, Brazil will host the UN’s climate talks, COP30 in the Brazilian Amazon. But its Indigenous leaders and communities are being sidelined from these critical discussions.
Right now, Indigenous leaders of Brazil are urging their government to give them a seat at the table as co-hosts of COP30.
Indigenous knowledge is the key to creating just climate policies and solutions to climate impacts. It is also crucial to protecting the Amazon rainforest. The Amazon plays an essential role in regulating the Earth’s climate by absorbing carbon dioxide.

Sign this petition to support the Indigenous The Answer Is Us campaign. Tell Brazil’s government to accept its Indigenous Peoples as co-hosts of COP30.

#StopBurningThings #StopEcoside
#ClimateBreakDown

After some #Thunderbird update, I've started to get notices about incorrect S/MIME signatures in emails which was previously marked as correct. The error message was obscure - something about an unknown issue.

No quick solution was found. After some time, I've tried again to figure out what is the problem, and this Czech article solved it: https://www.postsignum.cz/files/navody/thunderbird_smime/index.html

Shortly - Thunderbird dropped support of #SHA1 #checksum in #SMIME signatures and failed to provide any human-readable error message in that regard.

I believe it is a suboptimal behavior for a number of reasons:

1. I can't avoid getting emails from this source and can't make them upgrade their certificate, really. I have only a choice either to drop the signature check completely or rely on the substandard check. Obviously, in this situation I prefer rather to see the results of the check and probably some info that it is, actually, substandard.

2. Solving the problem needs to realize it first. An obscure error message is not too helpful.

3. Such incidents actually undermine the opinion about #cryptographic #signature check. If you see some error, your first though is not "it is probably a #MITM attack" but "probably something is broken in the signature check".

The possibility to fix everything is, however, good.

Signature Mix from the past days:

https://soundcloud.com/jb303/thoughtcontrol

https://www.mixcloud.com/lephisto/thought-control/