TechLetters #116 - cyberwar in Ukraine; TikTok gets a hit in Europe; 2-year-old backdoor activated in cyberwar in Ukraine; #GDPR reform imminent; Privacy Sandbox field-tested; geopolitical censorship
Security
Analysis of cyberwar in Ukraine. With details of satellite internet provider KA-SAT compromise. A report. Presentation with details. It was a remote access (SSH) and firmware wipeout to cripple the modem.
EU institutions prohibit the use of TikTok by their employees. On corporate devices, or personal ones if official apps are installed. TikTok ban by the European Commission “… aims to protect the [European] Commission against cybersecurity threats and actions which may be exploited for cyberattacks against the corporate environment of the Commission”. European Council joined the movement on the same day.
Ukraine security services identified a cyber operation that was using a long-persistent backdoors. "webshell was created no later than 23.12.2021". So at least two-year-old backdoor. Unclear how it got there initially. But such long-held access is being used.
Privacy
European Commission to propose a reform GDPR reform. Well, an amendment. Specifically, enforcement rules to make it coherent and more effective. Expect smoother procedures, and bigger fines.
Privacy Sandbox demo. Some first public demonstration of a Privacy Sandbox 'privacy-preserving ad targeting infrastructure'. Interesting, that seem to be the future of online ads. Example bidding logic. For Topics API, the content categories are hard-coded. Looks ugly. So is the code quality at times. Google started to test-ship Privacy Sandbox core functionality. To the Chrome web browser.
Technology Policy
Geopolitically-motivated network censorship. Study measuring Russia’s network blockades for foreign users, and foreign sites blocking access for Russian users.
Other
Proposal for a Web API to enable web browsers letting web apps communicate to servers and devices using raw sockets. SSH, RDP protocols, printer, etc. all reachable. Sounds exciting for bypassing security boundaries.
Google reports a breakthrough in quantum error correction. First time that increasing the size of the computer had not also led to a rise in the error rate. Quantum decoherence is a critical factor limiting the usefulness of quantum computers. The rule currently is that the bigger the system, the less reliable it is (more qubits means more errors, and unreliable computation, making useful algorithms impossible to implement). Error rate in the reported demonstration is still too big, but this is something.
In case you feel it's worth it to forward this content further:
If you’d like to share: