Why only the pixel 10? What piece of hardware is the pixel 9 (one year old) missing?
It says starting with pixel 10, so I assume itll roll out to the others after some time
https://security.googleblog.com/2025/11/android-quick-share-...
Readit Newsbilal4hmed commented on Matrix Conference 2025 Highlights element.io/blog/the-matri... · Posted by u/Arathorn
It's exactly the same encryption tech, but a bit more trustworthy than signal.
can you expand on how its more trustworthy than signal?
bilal4hmed commented on Matrix Conference 2025 Highlights element.io/blog/the-matri... · Posted by u/Arathorn
Compared to Signal, where does element stand today in terms of privacy and encryption? Due to the decentralized nature they werent able to offer the same guarantees from what I remember
bilal4hmed commented on Signal Protocol and Post-Quantum Ratchets signal.org/blog/spqr/... · Posted by u/pluto_modadic
Sure.
In the standard practical analysis of quantum threats to cryptography, your adversary is "harvesting and then decrypting". Everybody agrees that no adversary can perform quantum cryptography today, but we agree (to agree) that they'll plausibly be able to at some point in the future. If you assume Signal is carrying messages that have to be kept secret many years into the future, you have to assume your adversary is just stockpiling Signal ciphertexts in a warehouse somewhere waiting so that 15 or 20 years from now they can decrypt them.
That's why you want PQ key agreement today: to protect against a future capability targeting a record of the past. (It's also why you don't care as much about PQ signatures, because we agree no adversary can time travel back and MITM, say, a TLS signature verification).
To understand the importance of a PQ ratchet, add one more capability to the adversary. In addition to holding on to ciphertexts for 15-20 years, assume they will eventually compromise a device, or find an implementation-specific flaw in cryptography code that they can exploit to extract key material. This is a very realistic threat model; in fact, it's of much more practical importance than the collapse of an entire cryptographic primitive.
You defend against that threat model with "forward secrecy" and "post-compromise security". You continually update your key, so the compromise of any one key doesn't allow an attacker to retrospectively decrypt, or to encrypt future messages.
For those defenses to hold against a "harvest and decrypt" attacker, the "ratchet" mechanism you use to keep re-keying your session also needs to be PQ secure. If it isn't, attackers will target the ratchet instead of the messages, and your system will lose its forward and post-compromise secrecy.
ah ok, thank you. Starting to make sense now
bilal4hmed commented on Signal Protocol and Post-Quantum Ratchets signal.org/blog/spqr/... · Posted by u/pluto_modadic
Their existing post quantum encryption didn't do post compromise security (PCS) against quantum attackers. This new one does.
I am excited to finally know what they mean by PCS after reading this article. It means that the session keys from their key agreement scheme (n ratchet) are generated new so an attacker doesn't get them again after a fairly specific sort of compromise. So from that I get that the off the record (OTR) protocol also has PCS. Which is a bit disappointing, I thought that they had come up with some new concept.
This key agreement doesn't happen that often. So a user isn't going to notice any slowness even if it was significantly slower.
thank you for the explanation
bilal4hmed commented on Signal Protocol and Post-Quantum Ratchets signal.org/blog/spqr/... · Posted by u/pluto_modadic
Im feeling pretty dumb even after reading the tldr. Can anyone who is well versed in this explain how this is better or safer? I read about the time, will it now be slower to send messages?
Yes, they basically got the ios native version to also run for macs [0]. The perks of apple silicon I guess. It is a bit ironic how going to ARM architecture initially was initially thought of a burden for developpers having to maintain both x86 and ARM versions, while as it turns out, for those who target both ios and macos it makes it easier.
I am not sure if the old electron-based whatsapp is still available, maybe the one from the website, vs the one from app store, is still electron?
[0] https://9to5mac.com/2024/09/04/whatsapp-discontinue-electron...
I downloaded it from here https://www.whatsapp.com/download/ and it was a dmg
vscodewhatsapp
spotify
slack
discord
figma
microsoft teams
postman
signal
chrome?
good luck!
vscode
signal
mullvad
balenaetcher
Im surprised whatsapp showed up for you, its not for me. I had thought whatsapp was a native app
bilal4hmed commented on Microsoft is officially sending employees back to the office businessinsider.com/micro... · Posted by u/alloyed
Can't tell if this affects Github employees as well? I was under impression that they don't actually have offices to “return to”.
Github is exempt and will be remote first
https://security.googleblog.com/2025/11/android-quick-share-...
To ensure a seamless experience for both Android and iOS users, Quick Share currently works with AirDrop's "Everyone for 10 minutes" mode. This feature does not use a workaround; the connection is direct and peer-to-peer, meaning your data is never routed through a server, shared content is never logged, and no extra data is shared. As with "Everyone for 10 minutes" mode on any device when you’re sharing between non-contacts, you can ensure you're sharing with the right person by confirming their device name on your screen with them in person.
This implementation using "Everyone for 10 minutes” mode is just the first step in seamless cross-platform sharing, and we welcome the opportunity to work with Apple to enable “Contacts Only” mode in the future.