TechLetters #96 GDPR can be enforced by anti-competition authorities, data leaks via glasses during videoconferencing, US army psychological operations detected, Year of Linux on desktop in Russia
Security
Facebook detected US-army psychological operations. Run on Facebook/Twitter. Some kind of investigation ongoing. Such findings that reach the public are rate.
Some hacker/hacktivist groups involvement are run or supported by professional cyber operators. Like groups from Russia: they apparently get data directly from Russian military intelligence cyber operators. So cyber/information operation. Be careful about reporting about such stuff. Many of reports of such hacktivists were taken out of proportions. Social media identified to be used by both Russia and Ukraine to influence domestic, but also international audience. No details are provided but I was also observing this since December/2021 at least (I wrote down an analysis)
Reflections in glasses may be leaking data during videoconferences. Screen reflected in glasses, then “additional information” visible during a videoconferencing. School-grade physics/optics sufficient to understand the exploit equations. Mitigation? Use a … front-facing lamp. Or face bluring “reduce reflections’ if the software allows it. Or use bad quality webcam. Or just be careful :-)
QUAD against ransomware. Block of Australia, India, Japan, United States speak out against cyberattacks, particularly ransomware. Ransomware as an issue of international security, and defence.
Privacy
Competition authorities can enforce GDPR Well, sort of. In a very important announcement, advocate-general of the European Court of Justice opines that anti-competition authorities can take into account data protection laws (GDPR) when doing their audits. This is not a final announcement. Also, no processes exist for such a collaboration with data protection authorities.
Technology Policy
The Russian ministry of digital affairs announces preferences for products based on open source (Linux). With procurement, etc. In practice, this may mean a complete shift of administration to open source systems, shift from Windows to Linux. With some tensions: “as a result some programs will have to be created virtually from scratch: “Including, for example, banking systems that have been written by Windows for twenty years … The developers, for their part, emphasize that 95% of computers and laptops in Russia run on Windows.”
Mozilla’s Five Walled Gardens report calls for several web browser engines to exist. Not only Google’s Blink or Apple’s WebKit. Mozilla has its own Gecko and that may be what is it about. But indeed, "competition in browsers and browser engines is needed to advance innovation, performance, speed, privacy, and security". (report)
Google's cybersecurity policy recommendations. A report: "disclosure and response to Log4Shell vulnerability underscored the need to better understand systemic dependencies" (of open source software). They use Ukraine cyberattacks as a PR lever. This recommendation is sound: “European leaders should consider adopting a “security impact assessment” mechanism for all new tech regulations in the EU. Just as the EU performs an assessment of the economic, social, and environmental impacts of new initiatives, the same level of diligence should be performed to ensure new policies do not undermine European citizens’ security and privacy”
Other
Rust programming language to be merged to Linux. Linux 6.1, so soon Android, toasters etc.
In case you feel it's worth it to forward this content further:
If you’d like to share: