TechLetters #133 Digital Euro data protection woes. Apple confirms a surveillance operation disclosure by Kaspersky. Is a digital Red Cross emblem a good idea? Google to train AI on all public data
My privacy and data protection assessment of the Digital Euro proposal (a currency to be issued by European Central Bank). It is advertised as anonymous as cash, so:
With the "digital euro", payment service providers would log data such as:
the amount funded or defunded;
the identifier of the local storage device for offline digital euro payment;
the date and hour of the funding and defunding transaction;
the accounts numbers used for funding and defunding.
Security
Security vulnerability in DDR4 RAM of three major manufacturers. "attackers can induce and exploit the bitflips to take over a system or leak private or security-critical data". In other words, it is a technique of causing bit flips in the memory “cells” nearby.
Apple fixes iOS bugs. Indirectly confirming Kaspersky's release about Triangulation surveillance-malware operation. Update your systems. Oh and by the way, the vulnerability affected also the newest systems, not just iOS 15.7. Go figure.
Marking devices and servers with Red Cross/Crescent to signal that they must not be hacked. Using DNS or IP. To function, it must be backed by legal norms (update to Geneva Conventions), but also need to be actually honoured… It is unclear today if this is realistic. Actually, today it isn’t. “When someone types a URL (such as www.icrc.org) into a web browser, that name gets converted into an IP address. The domain name system (DNS) makes that conversion. A DNS-based emblem would add a visible label to the domain name (www.icrc.emblem) or would associate an attribute through a special record in the DNS (similar to email authentication mechanisms) to signify its status in a straightforward and easily accessible way.
An Internet Protocol (IP) address-based emblem would apply semantics to a site’s address to designate its protected status. This would build on an existing system that assigns IP addresses and would allow systems anywhere on the internet to see whether systems or communications are associated with a protected entity.”. There are plenty of issues about such proposals. Plenty.
Privacy
Google changes privacy policy to train its AI. “we may collect information that’s publicly available online or from other public sources to help train Google’s AI models and build products and features, like Translate, Bard and Cloud AI capabilities". (lnk)
Technology Policy
Other
First in history human subject trials with a drug designed with AI-assist. INS018_055, a drug for chronic obstructive pulmonary disease. There are more such companies, and drugs. No longer hypotheses. Clinical trials.
The previously-claimed quantum computer algorithm is not faster than non-quantum ones. Non-quantum computers turn out to solve the problem much better (faster, accurate) than the quantum claim. This is happening again. And will happen again. Perhaps big quantum computing claims should first be VERIFIED by the claimants...?
In case you feel it's worth it to forward this content further:
If you’d like to share: