TechLetters #76 - Joining Ukraine's IT Army illegal? Post-quantum encryption weakness. Towards a passwordless world.
Security
Legality of IT Army of Ukraine. USA’s Rob Joyce highlighted that joining the activities of the Ukraine’s “IT Army” is illegal (and the initiative is counterproductive from cyber negotiations point of view?), for US citizens.
Post-quantum weakness. Israel’s IDF’s (the army) technical assessment of some post-quantum encryption systems proposed as a replacement for the ones we currently use. They say that these are much weaker than originally anticipated. It would be funny if the whole world accidentally transition to weaker encryption than that used today…?
Getting rid of passwords. A coalition of companies managing large digital ecosystems (Apple, Google, Microsoft) is joining forces to get us rid of the need to use so many passwords. Expect web standards that are implemented and supported by software/hardware.
Internet infrastructure and war. During the Russian war on Ukraine internet traffic from (Ukrainian) Kherson city has been diverted via Russian networks. Deliberately.. New dimension of war.
Privacy
Technology Policy
Proposal for European Health Data Spaces. It’s here. The goal is to provide health data for processing by doctors, companies, and other actors (including more control for patients?). But it is absolutely critical to uphold data protection, privacy, cybersecurity. I note that recitals speak of privacy - but it is never mentioned in the actual (binding law) articles, which is inconsistent at best. Furthermore, the requirement of data anonymisation may be difficult to deliver on technical grounds.
In case you feel it's worth it to forward this content further:
If you’d like to share: