TechLetters #141 DON'T CALL IT A CYBERATTACK: radio electronic disruption of Poland railways. Post-quantum standards. Data scrapping not OK.

Aug 28, 2023

Security

Sabotage disrupting railways in Poland. Radio emission brings trains to a halt in several places. Who's behind unclear. Executing this sabotage is technically simple (I explain), though requires proximity. Solution: move to GSM-R

Post-quantum world. NSA reminds about the necessary preparations.

HTTPS Everywhere with Chrome. "Chrome will automatically upgrade all http:// navigations to https://, even when you click on a link that explicitly declares http://". That should fix broken redirects for certain servers. Perhaps I don't need to change configuration of my server, too? :-)

Privacy

Data scrapping is not fine. Data protection authorities of some non-EU countries (like Mexico, Australia, etc. — generally countries with weaker data protection rules than EU GDPR) oppose scrapping user data from social media/open internet, and process it seemlessly. This includes applications for AI training. Guidance is given, for example — rate-limit APIs.

Technology Policy

AI transparency in Switzerland. Swiss government is publishing a full list of government/state projects of administration where ML/DL/AI methods are in use.

Meta allows to turn OFF display of posts using recommender/AI algorithm. Applies to Instagram and Facebook. Finally! This is a requirement of the Digital Services Act / Digital Services Act. They also release AI-System cards. #DSA

In case you feel it's worth it to forward this content further:

If you’d like to share…

Lukasz Olejnik on Cyber, Privacy and Tech Policy Critique

Discussion about this post