https://volksverschluesselung.de/ , aber auch das ist nicht im trust store.
Gilt übrigens beides nicht als gesetzlich voll anerkannte "Qualifizierte Elektronische Signatur" (QES), aber für die meisten Anwendungen sollte es reichen.
progandy
joined 2 years ago
I had at least hoped for FastStream. (Essentially bidirectional SBC for good quality audio while using the microphone)
Auf dem Desktop kannst du behelfsweise einen anderen web client verwenden, z.B. https://alexandrite.app/feddit.de
Nod32 offers a commercial antivirus for that scenario as well. The consumer variant has been discontinued.
That depends on the depth of the review, e.g. verifying the submitter is a member of the project, the software name does not conflict with a well known name,...
At least this prevents impersonation of well-known publishers or their software. Maybe all changes to metadata like the description should require a manual review even for established packages.
Those getting the most recent software versions, so nothing that should be running in a server.
I think that was a precaution. The malicious build script ran during the build, but the backdoor itself was most likely not included in the resuling package as it checked for specific packaging systems.
So weit ich weiß, ist in der APK UnifiedPush-Support integriert. Das funktioniert aber nur, wenn ein Server angegeben ist, ansonsten wird der WebSocket als Fallback verwendet. Hast du überprüft, ob deine ntfy instanz die notifications bekommt?
Falls du nichts selbst hostest und jemand anderem mit der Bridge vertraust kenne ich zwei Anbieter
https://adminforge.de/tools/neue-services-mollysocket-und-proxigram/
https://yourdevice.ch/unsere-server-fuer-mehr-privatspaehre/
MollySocket never has any encryption key
MollySocket receives the credentials for a linked device and does not receive any encryption key. Which means:
- Someone with access to MollySocket database can't change the identity key, to impersonate users. See setKeys.
- Someone with access to MollySocket database may be able to use the credentials of linked devices to spam the Signal server and hit the rate limits. I haven't checked if this would temporarily block the account or just the linked device. (Availability risk)
- Someone with access to MollySocket database may be able to change some account field in a destructive way. For instance changing the account Name to something random. The cleartext will be random since these field are encrypted and require encryption keys to be properly encrypted.
Da steht doch auch
UnifiedPush
Molly-UP is a separate app based on Molly-FOSS. It incorporates the ability to receive notifications through a UnifiedPush provider.
Important
Molly-UP requires an instance of mollysocket to work with a UnifiedPush provider. This can be done on a machine you control.
If Molly-UP is set up as a secondary linked device, UnifiedPush notifications will not be available.
Ja, aber du musst mindestens die signal -> ntfy bridge (mollysocket) selber hosten
Da brauchst du vermutlich eine Chipkarte und passendem Leser wegen zertifizierter Hardware und Kopierschutz oder so wenn es wirklich eIDAS konform sein soll, aber das ist eben ein knapp dreistelliger Betrag für drei jahre.