TechLetters #109 - Alleged cyber operations of Ukraine. SHA1 is out. Japan to build cyber capabilities in 10 years. Some CTI firms refuse to call Ukraine war 'war'? AI racial discrimination.
Editorial
I wish you some great festive time, and end of the year! That was a pretty eventful year. This newsletter might be paused until somewhere in January 2023 (unless I finish the one Insights analysis in the next days, the previous was the realities of some new technologies on the battlefield). Still wondering about financing the play.
Anyway, have fun!
Security
Ukrainian cyberwarfare. For a change. Suspected Ukrainian cyberespionage group conducting (if UA) cyberwarfare operations, targeting Russia and Belarus. So, why would we call it be cyberwarfare? Because if it’s in context of conducting hostilities in context of an ongoing armed conflict, then it is!
NIST retired SHA1 hashing function. Just an old hashing function.
Some lessons learned from cyberwarfare in Ukraine. Interesting read but nothing out of ordinary. We know all of this, either prior to Ukraine war, or early during it. Some of the takeaways were also covered by me much earlier, including in my book. But it is highly weird that Kaspersky questions if the events in Ukraine was 'cyberwarfare'. Yes it was. But I understand that Russian companies must speak of 'special military operation' language. The Russian use of air force, likewise, was also warfare, and not recreation.
Japan's defence strategy considers cybersecurity. That "there are global security challenges such as increasing risks in the cyber domain, the development of information warfare including the spread of false information, and climate change", "Ministry of Defense and the Self-Defense Forces will cooperate with government-wide efforts in the field of cyber security, including active cyber defense", “In about 10 years from now, the SDF will establish a posture that will enable it to perform its missions while preserving its command and control capabilities, its ability to demonstrate its strength, and its operational base even under cyber-attack situations”
Privacy
Technology Policy
Russia considered to disconnect from Internet this year. Rate of cyberattacks increased significantly. “Cybersecurity exercises allow you to check how well, efficiently and safely key elements of the Internet work in the country: a registry of address and number resources, a national domain name system, a national certification center that issues TLS certificates, as well as public communication networks”.
The US U.S. Senate voted to ban TikTok. For federal employees, for now. However, this technology regulation file is constructed in extensible format. It is really simple to modify it to be extended to other applications. Just modify the “covered application” in S.1143(2)(a). Will the the use of this platform by politicians be embarrassing and compromising? There are also some talks (like the director of FCC) of a general ban.
Other
AI discrimination. Potentially important case: “Amsterdam University used software to prevent students from cheating during exams if they had to take them at home during coronavirus. A student with a dark skin color had problems logging in several times. She also experienced it a few times that she was no longer allowed to come to the questions. Then she had to log in again and again. The woman suspects that these problems are related to her skin color” (case)
When a company-vendor of implantable devises go bust, patients suffer. No maintanance, what happens with e.g. battery runs out? That is really costly to humans.
Fusion energy. Researchers at the Lawrence Livermore National Laboratory in California for the first time produced more energy in a fusion reaction than was used to ignite it, something called net energy gain. LLNL’s experiment surpassed the fusion threshold by delivering 2.05 megajoules (MJ) of energy to the target, resulting in 3.15 MJ of fusion energy output.
In case you feel it's worth it to forward this content further:
If you’d like to share: