5G security

Bruce Schneier’s essay on why 5G security will be an ongoing problem as a result of short-term benefits of companies and intelligence agencies over long-term societal safeguards.

5G security is just one of the many areas in which near-term corporate profits prevailed against broader social good. In a capitalist free market economy, the only solution is to regulate companies, and the United States has not shown any serious appetite for that.


Both criminal attacks and government cyber-operations will become more common and more damaging. Eventually, Washington will have do so something. That something will be difficult and expensive­let’s hope it won’t also be too late.

The old internet was designed to deal with unreliable connections and routes, but not to deal with adversarial network components…


Priviliged access to encrypted communication: why not.

Bruce Schneier on why it’s not a good idea to have “priviliged access” to eavesdropping on encrypted communication:

The basic problem is that a backdoor is a technical capability — a vulnerability — that is available to anyone who knows about it and has access to it. Surrounding that vulnerability is a procedural system that tries to limit access to that capability. Computers, especially internet-connected computers, are inherently hackable, limiting the effectiveness of any procedures. The best defense is to not have the vulnerability at all.

The examples of what we know has happened already illustrate why giving “the good guys” a backdoor will make us all less safe.

Source: Evaluating the GCHQ Exceptional Access Proposal


“Why today’s Aadhaar judgement matters for data justice”

Separating “citizen – government” and “consumer – supplier” relations: when the government’s system is based on monetizing the data with the private sector.

Today India’s supreme court issued a judgement on the constitutionality of Aadhaar, the world’s largest biometric database. Aadhaar is complicated, but here’s the gist: for nearly ten years, public welfare and administrative records have been feeding into a biometric database that had its roots in a private-sector company, Infosys.

Source: Why today’s Aadhaar judgement matters for data justice


It’s “Google Chrome” so Google decides on your privacy. The new Firefox, especially with multi-account containers, offers a great alternative.

Trust is not a renewable resource

If you didn’t respect my lack of consent on the biggest user-facing privacy option in Chrome (and didn’t even notify me that you had stopped respecting it!) why should I trust any other consent option you give me? What stops you from changing your mind on that option in a few months, when we’ve all stopped paying attention?

Source: Why I’m done with Chrome


Opsporingsdatabase CIOT nog altijd niet op orde

Elke dag moeten providers een deel van hun klantenadministratie uploaden naar een centrale database. We moeten erop vertrouwen dat de overheid daar dan netjes mee omgaat. Maar de jaarlijkse audits laten zien dat de minister nog altijd weinig op heeft met jouw privacy.

Zou een crimineel ermee wegkomen als hij zegt zich steeds beter aan de wet te houden? Waarom de minister dan wel?

Source: Opsporingsdatabase CIOT nog altijd niet op orde


Ten years in, nobody has come up with a use for blockchain

Another critical look on the blockchain and Bitcoin:

Each purported use case — from payments to legal documents, from escrow to voting systems—amounts to a set of contortions to add a distributed, encrypted, anonymous ledger where none was needed. What if there isn’t actually any use for a distributed ledger at all? What if, ten years after it was invented, the reason nobody has adopted a distributed ledger at scale is because nobody wants it?

Source: Ten years in, nobody has come up with a use for blockchain


Blockchain? It’s All Greek To Me… – Bozho’s tech blog

I’ve been skeptical for a while now about how everything seems to be solved by “blockchain”. Bozhidar Bozhanov seems to share many of my thoughts and wrote them up already:

I can’t see why it would be useful to abandon a centralized database that you can query in dozens of ways, test easily and scale trivially in favour of a clunky write-only, low-throughput, hard-to-debug privacy nightmare that is any public blockchain.

I can see how a pseudo-public blockchain can, for instance, be useful as a clearing-house mechanism between banks, but for now I’ll stick with a regular bank myself. They’re not perfect, but I think the time society has spent on regulating banks, and the service banks provide here in The Netherlands and Europe, still give me a lot more ease of use and peace of mind than the yahoo libertarianism of many blockchain advocates.

Source: Blockchain? It’s All Greek To Me… – Bozho’s tech blog


Dimensional Models: Now More Than Ever

Do new technologies and methods render the dimensional model obsolete? The top question from readers of this blog continues to be: “Is the dimensional model still relevant?” It is easy to understand why people ask this question: Our BI programs have expanded beyond data warehousing to include performance management, analytics, and governance functions.


As we move to treat information as a business asset, the dimensional model has become a critical success factor.

Source: Dimensional Models: Now More Than Ever


An open letter to the W3C Director, CEO, team and membership from the Electronic Frontier Foundation

There are these stories about how long it took for radio, tv, the internet to reach a certain influence on society (less and less, some would like to extrapolate that to the Singularity). There also should be stories about how long it took for each technology to reach corporate dominance over that technology, preventing it to serve social justice and progress…

Source: An open letter to the W3C Director, CEO, team and membership | Electronic Frontier Foundation


European datacenter is no solution, recent developments show

NextCloud’s blog has an overview of where things seem to go with US companies storing data on European servers. (Hint: “Trump”).

Many Software-as-a-Service companies from abroad are currently setting up European data centers, often together with European partners. With this, they hope to ease the growing European concerns around privacy, data protection and complying with existing and upcoming regulations like the EU General Data Protection Regulation (GDPR). But recent developments in US courts show this to be a risky proposition: the problem of privacy is far from resolved by ‘just’ putting data in Europe. For companies betting on Privacy Shield, using services from US companies directly or through an intermediary storing data in Europe, all this is very bad news.

Source: European datacenter is no solution, recent developments show – Nextcloud