ZF Engineering Update — April 6th - 19th Recent highlights from the engineering team include the Zebra 4.3.1 release, which patches four security vulnerabilities, we did a significant overhaul of how Zebra nodes are deployed on GCP, and…

New ZF Engineering Update:
🔒 Zebra 4.3.1: security patches
🏗️ Deployment infra overhauled
❄️ FROST: v3.0.0 incoming

Read the full update ↓
forum.zcashcommunity.com/t/zf-enginee...

GrapheneOS releases Official releases of GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

GrapheneOS version 2026042100 released:

grapheneos.org/releases#202...

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

discuss.grapheneos.org/d/34377-grap...

#GrapheneOS #privacy #security

WIRED (@wired.com) has gone ahead with publishing an extraordinarily inaccurate article about GrapheneOS. It presents a highly inaccurate history of the GrapheneOS project heavily based on fabrications from James Donaldson. WIRED failed to incorporate most of our responses to his inaccurate claims.

Did anyone try the Brave Origin thing?

support.brave.app/hc/en-us/art...

🚨 BREAKING: Vercel has been breached. A threat actor has listed their customers' data, source code, databases, and keys up for sale.

Vercel has also publicly disclosed they've identified a security incident involving unauthorized access to their internal systems.

Lovable hack... $5B company?! 🙄

xcancel.com/vxundergroun...

Mythos is Just the New Normal If you're surprised by Mythos, you need to rethink everything

Found interestong opinion on the model 'shock'

danielmiessler.com/blog/mythos-...

Reports indicate that Türkiye may soon only allow "authorised" VPNs in the country; the kind that log usage and hand it over to Turkish authorities, something which we'll never do.

Now we're observing a surge in signups originating in the region, double over the normal rate.

🚨🇫🇷 France's ANTS portal, the government system issuing IDs, passports, and driver's licenses, has been breached.

Up to 19 million French citizens may be affected. ANTS has confirmed the breach.

So, big DeFi projects are getting screwed just after social media started sharing that security industry is on fire with new AI models... Interesting

Wow

Zcash Ecosystem Digest | April 19th

🔸Zebra 4.3.1 + zcashd 6.12.1 Security Fixes
🔸Zcash Private Offramp via @looftaxyz!
🔸@FoundryServices Launches Zcash Block Explorer
🔸Crosslink Milestone 5 Successfully Concluded!

📅 Upcoming Event: Protocol Study Series April 21st, 11:00 EDT

t.co/C73tGPrQCV

Protocol Handler Registration in Chrome 146 and the Browser as OS Manifest-declared protocol handlers in Chrome 146? The web that's coming is built on keys, hashes, and verifiable data. Browsers need to meet it there.

Manifest-declared protocol handlers just landed (behind a flag) in Chrome 146 🎉 This is how ipfs:// or atproto:// can become first-class citizens of the browser!

The web that's coming is built on keys, hashes, and verifiable data. Browsers need to meet it there. ipfsfoundation.org/protocol-han...

Claude 🤝Persona

Damn, cowswap 😳

Age verification is coming for the internet — and it’s already raising red flags Legislative efforts to age-gate parts of the internet are gaining traction. Some experts warn of compliance complications and data security breaches.

“Why would we, ... in the name of protecting people, create a whole other legal mandate that requires the collection and storage of even more personally identifying information that would be subject to either data thieves or data breaches?” EFF’s @aaronmackey.bsky.social told @nbcnews.com.

1/ Security Disclosure: We've released zcashd v6.12.1, and the Zcash Foundation has released Zebra v4.3.1, addressing four vulnerabilities – including an Orchard action-encoding bug that could crash nodes and a related consensus-split issue between the two clients. [...]

I recently watched a few NDC and Devoxx talks and it is crazy. 4 months ago I still felt like it is overhyped scam, now it feels like amazing tool (and most people dont now how to utilize it, i use it wrong too, still learning)

The age of privacy in crypto started 12 years ago, with a little thing called Monero.

That humble beginning on a thread on the Bitcoin Talk forum was the start of a revolution, a world where real people could gain the real privacy they needed.

Thank you, Monero 🧡

Zebra 4.3.1: Critical Security Fixes, Dockerized Mining and CI Hardening - Zcash Foundation We are releasing Zebra 4.3.1 today. This release contains fixes for a number of vulnerabilities, and all node operators are strongly encouraged to upgrade immediately. In addition to the security…

Zebra 4.3.1 contains critical security fixes for a number of vulnerabilities. 🚨All node operators are strongly encouraged to upgrade immediately.

Additionally, it introduces a Dockerized mining setup, automated checkpoint management, and a number of CI hardening improvements. bit.ly/3QhxsF9

Meta did that with Oculus Go, too

Bricking as a Service

"Every internet-connected device you own can be bricked by the company that made it. Amazon is killing working Kindles on May 20. Google did it to Nest thermostats. Sonos did it to speakers. The hardware works fine."

xcancel.com/ReclaimTheNe...

Privacy is a human right.

Idk, lot of weird stuff around Signal, probably still the best encryption...

I used to follow xcancel.com/mysk_co

There were strange things like plain text keys, something with emoticon fetching (i think), phone number for signup, being searchable by default by phone...

btw. I still use Signal

Fuck Twitter...

We envision a world without mass financial surveillance, where law⁠-⁠abiding people can transact freely and privately, without fear that their data will be exploited, sold, or weaponized by criminals, corporations, or governments.

forum.zcashcommunity.com/t/thinking-b...

‼️🇪🇺 The EU's new Age Verification app was hacked with little to no effort.

When you set it up, the app asks you to create a PIN. But that PIN isn't actually tied to the identity data it's supposed to protect.

Notifications for deleted shouldn't remain in any OS notification database, and we've asked Apple to address this.

In the meantime, you can prevent any preview text from your Signal messages from appearing in your notifications.

Signal Settings > Notifications > Show “No Name or Content”

Privacy and security on computing devices need to become far stronger to protect people from pervasive violations of their rights. Users have their privacy pervasively violated by corporations, criminals and governments. There are endless privacy and security weaknesses in software with [...]

Don't... do nanoGPT, pay with ZEC or XMR

nano-gpt.com