This article highlights how important it is to know your threat and not just bandy about some security words. Stardust, a period tracking app, said a bunch of bullshit about "end-to-end encryption".

The question was "could you turn over individuals' data to law enforcement if you were ordered to do so?" And they wrote a bunch of "crypto X, 256-bit Y, TLS Z, crypto crypto crypto". Which turned out (unsurprisingly) to be smokescreen and distraction. And the answer is "yes, we could turn your data over to law enforcement, and in our privacy policy we reserve the right to do so, even if we're doing it voluntarily instead of being compelled."

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.