Discover more from Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique
TechLetters #141 DON'T CALL IT A CYBERATTACK: radio electronic disruption of Poland railways. Post-quantum standards. Data scrapping not OK.
Security
Sabotage disrupting railways in Poland. Radio emission brings trains to a halt in several places. Who's behind unclear. Executing this sabotage is technically simple (I explain), though requires proximity. Solution: move to GSM-R
Post-quantum world. NSA reminds about the necessary preparations.
HTTPS Everywhere with Chrome. "Chrome will automatically upgrade all http:// navigations to https://, even when you click on a link that explicitly declares http://". That should fix broken redirects for certain servers. Perhaps I don't need to change configuration of my server, too? :-)
Privacy
Data scrapping is not fine. Data protection authorities of some non-EU countries (like Mexico, Australia, etc. — generally countries with weaker data protection rules than EU GDPR) oppose scrapping user data from social media/open internet, and process it seemlessly. This includes applications for AI training. Guidance is given, for example — rate-limit APIs.
Technology Policy
AI transparency in Switzerland. Swiss government is publishing a full list of government/state projects of administration where ML/DL/AI methods are in use.
Meta allows to turn OFF display of posts using recommender/AI algorithm. Applies to Instagram and Facebook. Finally! This is a requirement of the Digital Services Act / Digital Services Act. They also release AI-System cards. #DSA
In case you feel it's worth it to forward this content further: