You forget the times with an overproduction of electrical energy in Germany. Then they sell it for a negative price to the neighbor countries. Later, when they need more energy they buy it back at a premium. It is good business for neighbor countries with enough storage (pumping hydro, etc.).
Spain's neighbors could also have lower energy prices with more interconnection to Spain. The whole network diversifies, which would be more beneficial for Europe as a whole.
That would raise electricity prices in Spain just like prices in Sweden - which traditionally had low prices - went up with the 'diversification' of the European distribution network. While these price effects were mostly seen in the southern half of the country due to the way Sweden is divided into 4 price regions with most of the interconnects being found in the southern-most region the recently inaugurated 'Aurora' interconnect with Finland caused prices in the north of Sweden to shoot up [1].
The issue is that Spain has three interconnected neighbours (France, Portugal and Morocco) and all of them are overflowing with electricity.
The best candidate for lowering prices would be France, but France would most likely re-export that electricity to other countries, and paying to build up the internal grid to carry electricity that is neither bought by nor sold to French actors isn't very attractive.
Ideally Spain would interconnect with Italy, but that's more expensive.
Hvdc in the ocean requires way less right of way than hvdc over land. Running oceanic hvdc from Spain to Germany might have some trouble in the English channel where it would be in territorial waters.
France systematicaly refuses to increase the power of their interconect with Spain, as well as to make a gas pipe that would provide cheap Algerian gas to the rest of europe.
That's not my point. My point is that the price spread between EU electricity markets speaks more to the availability of interconnections than to the virtues of one country's electricity mix. The article gets to that conclusion because that's what it was looking for.
The one question the article leaves open, but which is pretty relevant, is the question about who should pays for stability services to the grid.
Which is bad, it's a market and infrastructure failure. Negative prices are to get generators to turn off.
A new feature on solar inverters is curtailment mode so they can be remote shutdown when the grid goes negative, since if you're on wholesale energy pricing you'll be charged if you keep driving the grid.
The EU Digital (identity) Wallet EUDI requires hardware attestation by Google or Apple, effectively tying all the digital EU identities to American duopoly. Talk about digital sovereignity. Apparently protecting the children > sovereignity.
Maybe not all of them, but certainly a few large, popular ones. You bring up a good point though, it seems surprising that Wero/PEPSI don't have more momentum. Maybe Europeans hate their continental neighbors more than American financial conglomerates.
The EU might have slept on Russia having to urgently come up with its own payment systems after the 2014 Crimea annexation (which in turn enabled it to deal with the complete Visa/Mastercard exit in 2022) because political goals were aligned and transatlanticism was still alive and well. But they've been wide awake ever since ICC employees have been personally sanctioned by the US as well [1].
Big ships turn slowly, but I give it at most two more years until at least one pan-European retail payment scheme (cards, QR, or maybe the "digital Euro") has been regulated into existence.
the decision which was made was having a digital ID wallet, that this needs hardware attestation (or something comparable) is somewhat of a direct consequence of existing laws/regulations regarding making IDs forgery safe
it also is a phone only application
the huge huge majority of phones runs Googled Android/iOS, so you support them
if there where a relevant 3rd party competition it would (most likely) supported it, too
going back to the "the president .. shut down .." argument: The US can shut down >90% of all smart phones used in the EU. I don't think the US being able to shut down something which in the end is fundamentally just a minor convenience feature is making much of a difference here.
But I also think that whole identity wallet (the regulations behind it) is approaching things from the wrong direction, carrying a credit card sized ID with you isn't really a problem or very inconvenient. So instead of having the whole attestation nonsense it would be more practical to simply not have attestation and in turn allow the digital ID only for usage where the damage it can cause is quite limited. Especially given that device attestation systems have a long history of being circumvented...
As a side note this whole app is distinct from the "use you ID with through your phone/NFC with applications" thing many EU countries have, through that solutions also tend to have attestation issues in most cases. But again most relevant use-case of it can be done just fine, without the security level attestation tries to provide, if approached pragmatically.
Have you seen our President? Minor conveniences are what trigger him into launching full blown DOJ investigations, wars, and economic disaster. If he realizes he can just "turn off" the EU, oh, he will threaten that on Truth Social tonight in a rant about how they should make a deal or else.
An open threat like that would be the best case scenario, as it would (hopefully) cause a reaction in EU countries trying to get rid of this yoke. Instead usually it happens through backroom dealings, or just the services being a nuisance to competitors while being helpful to friendly companies, and thus the target country is drained of its resources and economic independence, slow enough to not provoke retaliation.
With the exception of the current US administration, hostile countries and corporations try to appear non-hostile when possible.
Friendly advice: please don't capitalize random common nouns like the president does. It's a marker of one's affinity toward precision (among other things).
It’s not a proper noun, and this is HN: pedantry is par. “The president of Xyz” capitalizes the X in Xyz(pn) but not the P in president(n). However, the P in President(pn) is capitalized when it’s a Title suffixed to a Name - but that varies per country by what they title their president-equivalent locally and isn’t always translated, while the concept-slash-role label of ‘president’ in English generally does not (and is often used interchangeably, albeit somewhat wrongly, for ‘monarch’ and other such single-person executive-leader roles). (That we use the same spelling for both title and concept is annoying, as usual :)
The President, within this context, identifies a single entity. As such, it is a proper noun.
Analogy: there are many continents. But if we're discussing Brexit, the Continent is a proper noun. I don't think it's incorrect to not capitalise. But it's certainly gramatically okay, and not in the same bucket as The Nutters who capitalise Random words it Looks like Legalese.
...this isn't a counterargument. I can similarly assert you're justing making stuff up, which isn't untrue, either way, since we're talking about language, a wholly made-up enterprise.
What's your contention that the President, within the context of the American presidency, does not refer to a single entity? Is this a preference? Or something you actually believe is incorrect?
I have an internal convention to not capitalise LLMs when talking about them as if they were people; so claude is not capitalised, and the internal LLM-based service agent we're building, rex, is not capitalised.
I realise this breaks the capitalisation of proper nouns; claude is a name and therefore a proper noun and therefore should be capitalised. But I like that there's a signal in here that the thing I'm talking about is not a person and so we don't capitalise the name (I realise that cities or companies or other things that we capitalise are also not people).
Digression, but then so was the entire discussion on capitalisation.
Countries, companies, religions; hell, planets and galaxies–none of these are sapient. Yet we capitalise them.
I'll go out into the deep end for a second with a hypothesis: I think we capitalise because it makes printed text easier to scan. The words you need to spend more time on are capitalised because they aren't ones you can just roll through. This is also why the nutter affect of capitalising random words is so distracting–it drives attention to non-standard words that are, with minimum thought, being used perfectly standardly.
I completely agree with your hypothesis. And the ridiculous effect that Trump's random capitalisation has, both of making his text (even) harder to read, and of giving the impression that he doesn't actually know how to write English.
My additional hypothesis is that capitalisation accords respect, something along the lines of "this is a thing apart, something with a name, so we capitalise it". Not capitalising an actual human's name would seem disrespectful to me.
If you’re not, and I say this in good faith, take your own advice around your tone. Making assumptions about other people, and then doubling down when they correct you, comes across as a kind of horrible I doubt you truly are.
> having a digital ID wallet, that this needs hardware attestation (or something comparable) is somewhat of a direct consequence of existing laws/regulations regarding making IDs forgery safe
How do you figure? Isn't just having the digital ID be signed by a key belonging to the issuer good enough for that?
I think they are saying the signed ID can be copied to another device. Unless such ID needs to have acces to some TPM that can be trusted, which likely requires then specific trusted hardware and software
If something is actually important, don't put it on a computer. Don't let a computer be in the critical path of anything that actually matters. It's really quite simple. Even before "AI" this technology was not reliable enough for serious, important things--systems that need to be maintainable in adverse conditions (battle damage, etc), systems where failure is not an option (proving your identity, proving your children are yours, ...). If you care about your car, truck, tractor, or dozer being maintainable and reliable, don't get one with a computer in it. Until we can figure out how to make these things reliable and maintainable they're not to be trusted.
Gaming consoles typically have hardware attestation (as in verified software on verified hardware, sealed), and it has been broken many times in the past.
I hate to beat a dead horse and have people downvote me but: the EU has always been corrupted. The knowledge and effects are not evenly distributed until it hits each niche group. Then they find out the hard way that they were useful idiots. It’s ok to be wrong/admit. Let’s just move past the infighting and see those in power for the evil that they are.
The question isn't if there's corruption, the question is who is behind the corruption.
Condescendingly and incorrectly assuming that others think that corruption is impossible is kinda rude and also dodges attempts at correcting the corruption.
Not only that, "corruption" is pretty squishy. Let's apply Hanlon's Razor for once.
Google et al go to the government and say they've got this attestation thing that can something something security. No one is taking a bribe but also no one they're hearing from is telling them that doing this is going to cement the incumbents. "Security" is good, right? So it makes it into the law.
That doesn't meet most formal definitions of corruption. It's more like incompetence than malice. But the outcome is indistinguishable from corruption. The bad thing gets into the law.
The difference is, if the politicians are taking bribes and you get mad at them, they fob you off because they're more interested in lining their pockets. But if the politicians are just misinformed bureaucrats and you get mad at them, they might actually fix it.
And attributing everything to "corruption" discourages people from doing the latter even in cases where it would be effective.
> Anything involving trust cements the incumbents or at least creates a force to an outcome of few players.
I don't think that's even true, unless you're using "trust" as a synonym for centralization.
Suppose you had actual competing app stores. Google doesn't control which ones you use; you can use Google Play or F-Droid or Amazon or all three at once and anyone can make a new one. You could get Android apps through Apple's store and vice versa. And then you choose who you trust; maybe you only trust F-Droid and Apple and you think Google and Amazon stink. Maybe you install 90% of your apps through F-Droid but are willing to install your bank app on GrapheneOS from Google Play because you trust your bank and you also trust Google enough to at least verify that the bank app is actually from your bank.
This is the thing that doesn't help the incumbents, right? The bank and the customer both trust Google to distribute the bank app but Google isn't allowed to prevent the user from trusting F-Droid for other apps as a condition for getting the bank app from Google Play. You can have trust without centralization.
You have given a situation where there are a 3 players - a very concentrated market. Give an example with 30 players and think through all the implications for all the actors. You'll quickly realize it's a total disaster. Building broad trust requires scale on some dimension.
Consider how Linux distributions work. Every distribution is distributing variants on the same kernel and utilities, but there are hundreds of distributions and dozens of popular ones each with their own repositories. You can choose whichever you like, and make a different choice than someone else.
Coming in at #31 on DistroWatch is a lightweight distribution called Alpine Linux. It's popular on things like firewalls and VoIP servers but is rarely recommended to ordinary users because that isn't its niche. It doesn't matter that most people haven't heard of it because the people relevant to it have. It's fine for things to have a niche, and the people in that niche are the only ones who need to be familiar with it.
Meanwhile around half of Linux users use Debian derivatives. Debian and Ubuntu are very similar, but their repositories are maintained by different organizations, so even when choosing between two things that are nearly the same, you have different options.
And the distribution is not the only place to get software. Maybe you like a stable distribution in general but you want the bleeding edge drivers for your GPU. You can add the repository for the hardware vendor and still get everything else from the distribution. The vendor doesn't even need to maintain their own full distribution to have enough of a reputation for people to make an informed choice about where they want to get their drivers.
> Building broad trust requires scale on some dimension.
The flaw is in assuming that broad trust is a requirement. Narrow trust is good.
The long tail of linux distributions work precisely because they need very little trust and are consumed by highly technical users who can verify all manner of things themselves. They especially don't require multi-party verification.
Broad trust is required in lots of situations. Hardware attestation, financial clearing networks, or even physical supply chains. Ie, you have multiple independent parties who need mutual, verifiable trust to operate. Establishing that requires transaction costs like audits, SLAs, legal liability, and cryptographic integration. The economics don't work for 30 different players to cross-verify each other. So, we have oligopolies...
The money that goes into lobbying in order to have that say is, depending on who you ask, corruption. I, as a random citizen, don't get the same say that a multi billion dollar international corporation does.
That seems like a pretty useless definition of corruption. It implies that retirees writing letters to Congress is "corruption" because working people don't have the same amount of free time to do that.
It's also kind of weird to propose it as an asymmetry. Google's parent company spends around $4M on lobbying in the US:
Exactly. I have said this for a very long time and the EU (and many other governments) are not our friends and they are just as corrupt. Remember ChatControl?
Anytime anyone criticises the EU here, you will get downvoted even after trying to warn the EU defenders that they are not our friends at all.
I was asking for evidence about the EU digital ID wallets about what the "disinformation" was around it 3 years ago [0] and not a single link of it was given.
At this point, being an EU defender and supporting the "open web" are incompatible since you will be using your EU digital identity wallet [1] with your phone to login to your bank and the internet will push age verification with it, locking you out if you don't sign up.
That thing that got refused multiple times already?
Because not all politicians think like you does not mean they are corrupt. Seems like enough politicians have voted against ChatControl until now.
I always wonder what people who say stuff like "politicians discussed this topic I hate and refused it, but the mere fact that they discussed means that they must all be corrupt" understand about politics. You know that it is about people with different opinions (representing people with different opinions) discussing stuff, right?
Chat Control hasn't passed yet. But the Chat Control lobbyists are still lobbying for it behind the scenes, and are currently pushing for all phone calls in the EU to be covered.
So what should be done about it? EU Commission issue a decree that it should never be spoken or debated again in public? Never proposed? Any other tyrannical idea?
Do you have a list of other things that shouldn't be brought in front of the elected parliament?
(ignorant) people proposing things does not mean corruption: the fact that these things are voted down and never pass is proof that the system works, not evidence of corruption.
Corruption would be if it passed despite it being unpopular, because some corporate or rich peoples interests desired it.
> Exactly. I have said this for a very long time and the EU (and many other governments) are not our friends and they are just as corrupt. Remember ChatControl?
The EU parliament shot down ChatControl.
In fact, without the EU, most likely many member states would have ChatControl in some shape. National governments are the ones all in on this crap.
Governments are place a higher priority on controlling internal threats than external ones. In this case the EU wants to control its own people more than it wants to avoid deoendence on the US. It would like both,but the former is more important
I think it's actively harmful to your own cause when you suggest corruption without any evidence. Just because politicians don't take action on an issue you think is important doesn't mean they're corrupt. It's more likely that the issue you think is important is simply not important to most voters.
Suggesting politicians are corrupt without any evidence will make that worse. If people think their politicians are corrupt they will further disengage with the political process, which will ensure there's even less pressure on politicians to take action on niche issues like this.
Neither examples are evidence of corruption. That doesn't mean they're not problematic, but there's no evidence here of a politician receiving a kickback for any of these actions.
The thing is that "The EU commission" is an entity composed os politicians, appointed by member states.
It's little coincidence that national governments want Chat Control (laundering that through EU), and the EU parliament is the entity that shots it down (coincidentally the entity that is most beholden to the public).
It would be nice to learn which comissioners are lobbying for it.
I think a hearty fuck off is warranted for responses like this. What the shit do you base the converse off? Pretend there's no corruption and there won't be any??
Of course not, if there's evidence of corruption then those involved should be rooted out and prosecuted to the full extent of the law.
What I'm saying is that if there's no evidence of corruption, then simply assuming corruption will harm your cause because it will make it seem like political activism is futile in the face of supposedly hidden corruption.
The EU does regulate Google and Apple through the DSA and the DMA. I don't think most EU politicians are corrupted by these companies.
I think it is far more likely that it is a lack of knowledge and incompetence. I am pretty sure that the majority of Parliament members, Council members and maybe even Commission members do not even know that there are viable alternatives outside Google (certified) Android and iOS. So they try to regulate their app stores, etc. instead.
I hope that with digital sovereignty becoming more important, there will be more interer in alternative mobile operating systems.
A lot of the suggestions do actually sound pretty good at a quick glance, but have far-reaching consequences that are not instantly obvious if you don't know your tech/security/privacy or otherwise value a specific topic highly. The average HN reader is likely more concerned about privacy and less so about crime and safety than the average guy on the street, and politicians need to handle and balance a lot many more interests than only that of privacy advocates.
"Securely signed/verified devices for accessing your bank" or "increased surveillance and tracking of criminals" sound like splendid ideas and direct solutions to immediate problems. Now, how to actually implement them and how it will affect society in the long run might seem less important when you've got increasing crime rates, a slowing economy, displeased voters or whatever looming. In short, some dilemmas have very clear answers when you (willingly or through unawareness) only concern yourself with a subset of the effects of a decision, and this goes both for politicians and special interest groups. That being said, I'm very pro-privacy and it's the job of policymakers to know the details of what they're deciding on. Reality is however usually very complex and nuanced with several things being true because they all contribute a part to what's going on.
e: what am I doing, speaking like I actually know how things work? Nothing is absolute and nuance is important, but sometimes it is also very useful to simplify and generalise to get things done. If no one had any conviction, not much would ever happen. But moderation in all things.
> I think it is far more likely that it is a lack of knowledge and incompetence.
I agree with that. Reading HN comments, where people are supposed to be generally tech-savvy, I see a ton of "lack of knowledge and incompetence" (not in a negative way, just "uninformed"). Why should politicians know better than the average tech-savvy person?
But politicians get yelled at by everybody, saying everything and its contrary, while the tech-savvy people can comfortably take a condescending tone explain why "being so stupid is impossible so it has to be corruption".
Fool me once, shame on you. Fool me twice, shame on me. After Snowden, there's absolutely no reason to believe that governments "accidentally" push for policies that strengthen surveillance and control over our digital lives. It's ridiculous to believe in the goodwill of those in power when these kinds of proposals are made over and over again despite strong pushback.
It's more of a case of the boy who cried wolf than it is of denial.
Too many people see something they don't like, imply a nefarious motivation without evidence, then expect everyone to agree that it is corruption.
If there is corruption, show the evidence. Otherwise, be honest and state that you don't agree with something. If you want to persuade people, back up your claims with verifiable evidence without falling back to nebulous claims of corruption.
you know that domestic capability means putting taxes to take things into a public good and corporations and paranoia are the bigger problem to overcome than anything technical. Any endevour will be cast as some kind of fascist takeover of governance.
Well no, there is no need to develop domestic capability. Put laws in effect which disable foreign capabilities and which reward domestic ones, and they will be developed. No endeavor from government needed (which is a good thing, since governments are not really great at doing such stuff).
If it's Apple or Google let us know in the US because we have laws to go after them for acting corruptly in other countries.
Vaguely asserting corruption without specifics or even naming the perpetrators isn't "taboo", it's just poor form and silly. Letting such vague accusations float without evidence, motive, or even people to blame, leads to nothing good, and only vague distrust, which itself enables corruption. It leads to people believing there's no way to know the truth, therefore helplessness, and results in fascism like in Russia.
Lazy cynicism is itself a form of corruption of one's own mind.
We (America) made the decision for them. The EU's member states were either:
1. Explicitly designed as client states for the US
2. Explicitly designed as client states for the Soviet Union, with alliances switching over as the Soviet Union fell apart
3. Great Britain, a country whose electorate would probably only reconsider rejoining if the EU agreed to explicitly become British client states, because the only thing Britain hates more than France is those dastardly American upstarts[0].
The reason why this persists despite an openly hostile American president is the fact that the EU has no real alternative. The EU has a shitton of internal political distrust between member states, and the US was offering a lubricating alternative: "Just trust us." Politically distributed alternatives require balancing coalitions that are far more fragile.
[0] The history of European anti-Americanism is extremely fascinating, because it's effectively a Reactionary meme - as in, "wanting to restore the Ancien Regime" Reactionary, not "funny way to say Nazi Party member" Reactionary. And yet it's jumped across so many incompatible political ideologies that the average European probably had no clue why they hate America until Donald Trump gave them a good reason to.
Probably because the reply was written by someone without technical skills.
I’ve written to politicians over the years about technical matters and it’s uniformly either a clearly form response or an inaccurate summation of the technical risks, if I’m been charitable because they don’t understand them either.
I think you're right that they are incompetent. The point is not to make them understand it, but rather to make them see that enough people care. The problem is that most people don't write, so the politicians don't see that they care. Same thing for companies. How many GrapheneOS users say "well when it stops working, I just move to another service, and if there is none, then I live without the service entirely". That way the companies never see that there is a need.
> How many GrapheneOS users say "well when it stops working, I just move to another service, and if there is none, then I live without the service entirely".
Being prepared to be this voice is one of the reasons I'm a Graphene OS user. Another is that it helps me avoid accidentally writing code that depends on google play services. When you've got an agent doing most of the driving, it's easy to not realize that your app is broken without google, unless you're testing it on a degoogle'd device.
Where did you write? Is there a link or something you could share? I am not in the EU so I assume I can't, but would be nice to share a link so that other EU citizen could write.
If enough people write, they may start finding it relevant.
Came here with roughly the same thought. Given the stated importance to many of sovereignty and not being dependent on the US, why isn’t there more opposition? I assume it’s just ignorance?
Before thinking about corruption or malice, I like to try to assume good faith. And I see a couple things:
1. Most people don't write.
2. The people who write are not always competent.
3. The people who write often have an agenda, too.
What's the consequence of that? Imagine what the politicians receive: tons of messages of people complaining, most of which are factually wrong. What to do then? How to know who is right? It's genuinely hard.
Digital sovereignty has only become a serious political topic in the EU over the past year. It may take a decade to see the effects of this in laws and policies.
It's more than that, before recently the very idea of "digital sovereignty" was framed as a dangerous Russian conspiracy by the West's top info warriors.
Since you're so much more informed - which integrity guaranteeing product would you use for mobile devices that European citizens use? Covering more than 90% of population?
It's more useful to view the whole situation as EU politicians prioritizing to have their pockets filled with lobbyist money, rather than the EU as a political entity deciding this per se.
It's not completely fair. The US also bullies them into doing those things, it's not only "pure corruption to fill their pockets".
How many European countries buy American weapons because they are scared of what would happen if they pissed off the US? And then they still get tariffs and threats of military invasion.
Does it really make sense? Right wing politicians are calling themselves patriots, why would they support foreign companies and give them so much power? Must be a dangerous mix of corruption and stupidity?
One of the major problems with on-device identifiers is that they must by tied tightly to devices, due to the risks of cloning. This is particularly true for privacy-preserving identifiers. That's why device attestation is so important, because you can't ensure that identity (keys) are locked to a device unless you can verify that the hardware prevents users from extracting keys. The worst part of this is that motivated criminals will certainly figure out how to extract those keys and use them for fraud; it's open-source and open computing that will be destroyed by this.
Google's business is advertising. Right now they don't care whether your phone is "authentic" or secure, because it doesn't cost them money. As AI-enabled bot fraud rises, they will care. Fighting this requires identifying human beings, and that requires trusted devices to be associated with human beings. We're in the foothills still, but look forward and up at where adtech is going.
Only if you need to have the entire application behavior (or at least some trusted confirmation) attested, right? Otherwise, an external USB dongle, tapping a contactless smartcard on a phone etc. could do just fine.
Sure, but then you need to receive an attestation from that external dongle, and/or pre-provision it with an identity (like a national ID smartcard.) It might work in places that distribute this hardware, but it's a crummy UX. I expect that the goal of these systems is to make ID verification a requirement for most routine device usage, sadly, and external dongles will crap that up from a UX perspective.
There is also the problem that most external hardware is less secure than things like Apple's SEP. (But on the other hand, probably more secure than the long tail of cheap Android phones, which use virtualization rather than real hardware.)
> then you need to receive an attestation from that external dongle, and/or pre-provision it with an identity (like a national ID card.)
That's how it works in Germany: You tap your national ID card (as a citizen) or eID card (as a non-citizen) on any NFC-capable iPhone or Android device. I personally much prefer that solution over one that requires a specifically trusted device.
The big gap is trusted user confirmation, though: Users need to see what they sign by tapping their card, and then you're usually back to some form of attestation.
Practically, they also completely botched the rollout; literally everyone I know managed to somehow lock themselves out of their card at the first attempted use (assuming they've even bothered to set it up).
The adtechs want this so they can verify the "human" quality of each user. To do this, they don't want people tapping their government ID on their phones every single time they sign up for Reddit or receive an advertisement. Hence (some derivative of) the ID has to be stored on-device to make the browsing/usage experience seamless.
To me, it seems like just the right amount of friction, and user expectations can work in favor of privacy here: People will hopefully refuse to tap their ID on their phone for a service where they want to remain completely anonymous, even if the protocol technically might support anonymous assertions.
You want a secure identity? ISO7816 exists and is completely independent of Big Tech. The question of who should be required to show ID is different (and I'd argue the answer is "no" in most online-only situations), but there's already a solution that's been trusted by the financial sector for decades.
Australia started on this by banning kids from social media. Reddit kicked up a huge stink and sued the government over it. Also phone bans in school a few years prior.
The EU problem here is they are simply reactive, and slow at it. By ceding the active part of commercialized innovation to the US (because paying the people that do such things what they're worth is simply incomprehensible) they allow them to dictate the terms of engagement. The utter dependence on WhatsApp being a shining example, as well as cloud services in general.
If anyone wants to assert control they have to be where the puck is going instead.
>To reduce platform dependencies, we also evaluate additional platform independent signal sources. In this context, we evaluate signals from runtime application self-protection (RASP) systems, for example. We also might revisit later whether there are comparable security mechanisms for other platforms.
They're basically saying they have no choice but will evaluate better options.
So the follow up question is: Are you going to push the EU & Governments to do the logical thing and start developing, with your tax dollars, the necessary software & hardware to make it into the public domain so they arn't reliant.
Mostly it seems like few people see the need for brining government into software, no matter how much software & hardware are becoming essential utilities.
There is the alternative to not to pursue domestic spyware in the fist place. Especially because this is tied to the attempts to deanonymise Internet users.
It's also an attempt to keep various malefactors such as America, Russia, Israel, China, etc out off the propaganda efforts driving a large amount of far right nationalists into violent uprising.
What? What does it have to do with mandatory hardware attestation? You just built your strawman by tying the two with 0 proof that they are related. You can argue for any measure and then say that it's somehow to save us from some bad event, it doesn't make it true. The patriot act was a reaction to 9/11. It doesn't make that reaction valid.
Being a highly skilled lawyer, UN official, can get you banned from all government EU services of the Drumpf doesn't like the fact you're investigating war crimes.
It's amazing that they are spending billions on "think of the kids" problems, yet in many countries of the EU it's very hard to find a decent children playground in the city center.
I'm quite sure that if you asked parents, they would rather have the playground than the surveillance.
The FATF guidance actually state that if your purchase a VPN license (shows up on credit card bill) you should suspect of being pedophile by your bank staff:
It's no longer a ban / blacklist. It's a whitelist with extremely strict rules and DPI inspection. You can connect to example.com ONLY if it is whitelisted, and only if you use this specific IP and Port, with this specific TLS handshake fingerprint and certificate, and the first N packets follow these timing / length patterns.
A few weeks ago a very clever way to bypass the SNI whitelist was introduced [1] (SNI spoofing for cloudflare!) but it was subsequently blocked. Some claim that at this moment all outbound TCP connections are terminated inside the firewall / ISPs and therefore methods like [1] based on injecting fake or problematic TCP packets no longer work. It seems like even SYN-free TCP connections (again, breaking protocol) are no longer accessible.
Are there other sources than a linkedin post? I try to be a bit more critical of information in times of war. God knows we've been lied to before, by all sides. I've seen janitorial schedules be presented as a terrorist sign in sheets.
I've seen stories come out in major news outlets about every man needing to have the same haircut as Kim Jong Un. Something that didn't need lying about imo, but people did anyway. Don't underestimate what people will lie about in times of war.
And some attached pdf that I could have an LLM generate in a minute I wouldn't call a source. I'm talking about a source in the sense of journalism -- something I cannot find for this story.
reply