When developing, always prioritize strong encryption for sensitive data both in transit and at rest. Don't forget about secure key management! 🔑 Protect user trust and comply with regulations. 📜 #PrivacyByDesign #Encryption

Security isn’t about storing data in a seemingly impenetrable virtual vault. It is about not storing any data at all.

#OffGrid #SecureMessaging #PrivacyByDesign

#TANGOProject #HorizonEurope #DataSpaces #PrivacyByDesign #DigitalSovereignty #GAIAx #SSI #AIethics

Zero Trust Login
How I Stopped Reading Your Data in my services

I build systems where not even the almighty admin (me) can read your data.
No backdoors. No db.users.find(). Just encrypted chaos. Beautiful, unreadable, untouchable chaos.

Security isn't magic, we are just scared to lose control.
If I'm debugging live prod data, I've already failed my architecture exam.

Many pretend to do the same using JWTs/JWKs. Cute. But let's be honest:
There's always someone with access. Production isn't a vault, it's just a cleaner sandbox.

Most systems cling to readable tokens, human friendly JSON, and debug services like a comfort blanket.
I don't.

Zero trust could work like this:

1. User signs up
➤ They give a password.
➤ I derive a unique key from that password.
➤ That key encrypts a randomly generated User Key.
➤ That User Key encrypts everything else (emails, usernames, secrets, hopes, dreams).

2. User logs in
➤ Same password = same derived key.
➤ That unlocks their User Key.
➤ That unlocks their encrypted data.
➤ Voilà. Magic. But not magic. Math.

3. Token generation
➤ It has no traceable info and All Session Data are encrypted with the backend-only key.
➤ It expires. Quickly.
➤ It is fingerprinted to the device/browser.
➤ You steal it? Good luck. Doesn’t work on your laptop, Dave.

👁️ Zero Visibility ≠ Zero Functionality
• 🔒 I can’t decrypt your data. Not even if I'm angry.
• 🛡️ Backend is stateless. Frontend is stateless. Token is everything.
• 👨‍💻 No user ID in memory. No session storage. No cookies.
• 🪪 You want access? Bring your password, WebAuthn, 2FA or other login methods.
• 🕵️ No OAuth weirdness, no redirect hell.
• 🧠 Works like OAuth, but with actual privacy. Not even a user ID is exposed
• ⚙️ Agnostic to used technologies - Cloud, OnPremise, SQL, NoSQL, doesn't matter.

Because security isn't magic. It's math, discipline, and just enough spite to not let anyone (including yourself) peek behind the curtain.

Until then, I'll be in the server room. Giggling at encrypted documents I can't read.

#ZeroTrust #Encryption #Security #Stateless #PrivacyByDesign #BackendOnlyAccess #NoRootForYou #Coding #Programming

Celebrating 7 years of GDPR! It's been a catalyst for change, but true privacy by design is an ongoing commitment, not a finished task.

See what GDPR means for passbolt in this article: http://linkedin.com/pulse/gdpr-turns-7-progress-complexity-privacy-design-passbolt-vtcae/

#GDPR #DataPrivacy #OpenSource #PrivacyByDesign #PasswordManager

OffGrid is fundamentally built to keep privacy paramount. What’s shared in OffGrid is for your eyes only, like a one-to-one conversation.

No screenshots. No screen recordings. No exceptions.

#OffGrid #SecureMessaging #PrivacyByDesign

Stop romanticizing and start collaborating: https://lnkd.in/ef2FyMuk

More than 70% of Europe’s cloud infrastructure is operated by non-European providers. Microsoft alone accounts for over 80% of business email in some EU member states. The result? Strategic dependencies in places we can’t afford them—especially in communication.

European sovereignty will only work if we act together.

We’re ready to contribute. Are you?

#DigitalSovereignty #EuropeanCloud #email #PrivacyByDesign

Other apps promise privacy, but silently keep one foot plugged into the grid — tracking, storing, watching.

OffGrid doesn’t just mute the noise. It cuts the cord. No tracking. No leaks. No traces. When you use OffGrid, you’re truly out.

#OffGrid #SecureMessaging #PrivacyByDesign

🔍 Vous cherchez une alternative open source à Postman ?
➡️ Testez Bruno, un client API local qui respecte votre vie privée, fonctionne sans cloud, et gère les JWT en toute simplicité.

J’ai fait une démo complète avec une API publique + une API sécurisée par token.

📺 Regardez ici : https://youtu.be/NSa6AYp8zA8

#DevTools #API #Bruno #Postman #OpenSource #PrivacyByDesign #JWT #RESTAPI

Digital security is as fundamental as air. OffGrid is for those who know it matters.

#OffGrid #SecureMessaging #PrivacyByDesign

Imagine sending real $SOL through a message.
No addresses. No app-switching. No tracking.
Secured by @solana Routed via @torproject Private. Encrypted. Decentralized.

This is Privora.
🌐 privora.netlify.app

#Privora #Web3 #Tor #Solana #CryptoMessenger #PrivacyByDesign

#teamdatenschutz #privacybydesign

RE: https://bsky.app/profile/did:plc:so5r7asbd26pmnnoerksklor/post/3lpp3orr5rs26

OffGrid doesn’t archive, it erases. What you say here, stays gone.

#OffGrid #SecureMessaging #PrivacyByDesign

Despite growing concerns, Dutch government organizations continue to rely on U.S. cloud providers for critical services—including email.

https://www.bnr.nl/nieuws/tech-innovatie/10574510/overheidsorganisaties-blijven-in-de-amerikaanse-cloud-ondanks-zorgen-in-de-tweede-kamer

This isn’t just a question of convenience. It’s a structural risk.

It’s time for our government to lead by example. Choose sovereignty. Choose European alternatives. Choose a digital infrastructure we actually control.

We offer sovereign email solutions. GDPR by design. Ready for NIS2.

#CloudIndependence #NIS2 #PrivacyByDesign

Strategy meetings. M&A plans. Executive decisions. Some conversations aren’t meant to leave the room.

OffGrid keeps it that way.

#OffGrid #BusinessPrivacy #SecureMessaging #PrivacyByDesign

Garante privacy, via libera alle misure adottate dall’Istat per tutela dei dati: Il Garante privacy si e’ espresso favorevolmente rispetto alle misure tecniche e organizzative adottate dell’Istituto nazionale di statistica (Istat) al fine...
#Federprivacy #rilevazionistatistiche #Garanteprotezionedatipersonali #pseudonimizzazionedati #privacybydesign http://dlvr.it/TKrf0t

Metadata is the invisible trail around your message – when it was sent, from where, on which device, to whom. It can reveal more than the message itself.
OffGrid strips it all.

#OffGrid #SecureMessaging #PrivacyByDesign #MetadataMatters

Many apps encrypt your data but still store your messages, metadata, contacts, and logs. This makes your data prone to theft and traceability.

OffGrid doesn’t store anything. Because security isn’t just encryption. It’s absence.

#OffGrid #SecureMessaging #PrivacyByDesign

New from me: Google’s Eroding Sandbox
Google just stepped away from plans to let users nuke third-party tracking cookies. However flawed the plan, it’s frustrating to see potential advances for users’ privacy essentially evaporate. #privacy #privacybydesign
<friend link>
https://medium.com/designing-for-privacy/googles-eroding-sandbox-c61f662f6bcb?sk=e38edd5e5574df9438d8a4223e9fabe3

OffGrid keeps nothing – by design. Secure communication which leaves no digital trace.

#OffGrid #SecureMessaging #PrivacyByDesign