Discover more from Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique
TechLetters #122 - UK Cyber Force. Spyware prescriptions in Europe. NONE risk of cyber terrorism. Progress in Private Information Retrieval.
UK released more data about how they use cyber capabilities in practice. Good for transparency! So, how to be a responsible cyber power? "Cyber operations offer particular advantages, depending on the circumstances. They provide an opportunity to reach adversaries irrespective of geography and without the need for individuals to be physically present". Indeed, low-risk activity! “National Cyber Force has been conducting “daily” hacking operations in support of overseas military deployments”. "covert operations against the IT networks or technology used by adversaries and employing techniques to make that technology function less effectively or cease to function altogether"
Spyware rules in Europe. The European Union is to present proposals for regulations&rules for the use of spyware/surveillance systems/software. Not everyone will be happy about it, including due to the content.
Zero risk of cyber terrorism. Oh:"The threat of cyber terrorism against Greenland is NONE. Militant extremists have limited intentions to launch cyber attacks whose effect is comparable to that of conventional terrorism. In addition, they lack the capabilities required for such attacks".
Cyberattack on MSI firmware producer. 1.5 TB of data, source code, BIOS utilities stolen. It's better not to install such things from "unofficial sources", and now it can be too easy... The point is that users may accidentally hack themselves. Not recommended.
Stealing cars with electronic bluetooth speakers. How to open a car without a key in 2 minutes (for educational purposes, and possibly theft demonstration)? For example, a Toyota RAV4 ... New attack. Here is a video of "opening" a car. As you can see, it's not too complicated.
Important result in practical Private Information Retrieval (PIR). It’s a protocol to learn about a secret in a way so that the remote database does not know what we asked for. This result is reporting a significant progress. It is actually mathematically/technically simple (compared to previous techniques).
In case you feel it's worth it to forward this content further:
If you’d like to share: