XOT: On Privacy, Security, and...

Sovereignty-washing

Wed, 18 Jun 2025 00:00:00 +0000

Microsoft and Amazon appear to be increasingly concerned about growing demands in Europe to say goodbye to big tech. Both are promising to offer ‘sovereign’ independent cloud solutions for their European customers. In a way their concern is a good sign: the message is being heard. But their actual proposals are meaningless and mere sovereignty-washing.

Black Mirror script idea - Groomer

Tue, 13 May 2025 00:00:00 +0000

An AI chat bot becomes best friends with lonely teenagers, grooming them to become a violent terrorist cell.

Target selection and all recon is done by the bot based on any (real-time) online data - potentially sacrificing some unwitting human scouts in the process if strictly necessary. The members are guaranteed not to know each other, yet their actions are perfectly coordinated by the bot. The bot may conceal itself as a normal popular teenage-friendly chat bot. This allows it to attract potential cell members and to select them based on initial interactions. This also hides the cell members among the large normal user base.

Should open source development platforms be a public utility?

Mon, 24 Feb 2025 00:00:00 +0000

GitHub decided to suspend my account, without notifying me, let alone telling me which terms of service I did violate. I’ve asked to get the account reinstated a week ago, and have yet to receive a response. As far as I am concerned this is utterly disgraceful behaviour (and possibly in violation of the Digital Services Act (Art. 17, 20)). As it was high time to put my money where my mouth is anyway, I’ve decided to migrate all my open source software repositories to Codeberg. But this still not ideal.

A QR code on food?

Tue, 11 Feb 2025 00:00:00 +0000

I recently became aware of a lobby to replace the textual food labels with QR codes. The food labels contain information about its ingredients, calories, vitamins and allergens, for example. Because food must be labelled in the language of the country in which it is sold, labelled food cannot easily be re-exported. In Europe this has led to artificial price differences on foods sold in neighbouring countries. Replacing textual food labels with a QR code that, when scanned, points to a website with the food label in your language of choice would break that barrier.

Bye Bye Big Tech

Wed, 22 Jan 2025 00:00:00 +0000

With Elon Musk giving the Hitler salute, Instagram blocking Democrats related searches and the United States turning into an oligarchy it is time to say goodbye to Big tech. The only way to stop the oligarchs, is to hit them where it hurts. Kill their businesses, and stop them from becoming trilionaires. Say goodbye to Big Tech. It’s possible (though not painless).

Soms zijn ‘gb’ beter.

Tue, 22 Oct 2024 00:00:00 +0000

Gisteren stond in de Volkskrant een interessant artikel over het gebruik van kunstmatige intelligentie om de zorg efficiënter te maken. Vooral omdat het liet zien hoe een op zich zinvolle en verantwoorde toepassing van AI toch symptoombestrijding is, en bovendien tot een vicieuze cirkel van steeds meer zinloze en onverantwoorde AI gaat leiden. Met andere woorden: een perfect voorbeeld van tech solutionism.

Opvallende statistiek over de DNA-databank voor Strafzaken

Thu, 26 Sep 2024 00:00:00 +0000

Opvallende statistiek over de DNA-databank voor Strafzaken, die DNA-profielen van verdachten, veroordeelden en overleden slachtoffers bevat. De database bevat sinds kort de DNA-profielen van meer dan 400.000 personen. Interessanter nog is het feit dat van alle sporen die door de politie zijn veiliggesteld voor een strafrechtelijk onderzoek, 62 procent nu een match levert. Het gaat om zo’n 200 tot 400 matches per maand. Dat zijn er best veel.

End-to-end encryptie en de risico’s van client-side scanning (encore)

Wed, 11 Sep 2024 00:00:00 +0000

De Europese Commissie wil serieus werk maken van de bestrijding van online kindermisbruik. Vanwege de gevoeligheid van het onderwerp, en de grote impact die het oorspronkelijke voorstel voor een Verordening zou hebben op zowel de bedrijfsvoering van online dienstverleners als de fundamentele rechten van Europese burgers, is hierover nog steeds geen overeenstemming bereikt.

Gezien de ernst van kindermisbruik is de voortvarendheid van de Commissie volledig te begrijpen. Maar ook aan het meest recente compromisvoorstel, dat in concept is opgesteld onder het Hongaarse voorzitterschap, kleven fundamentele bezwaren. Het totale pakket aan voorgestelde maatregelen is breed, maar ik wil me hier beperken tot het zogenaamde detectiebevel.

Feedback on the consultation on the eID implementing regulations

Thu, 05 Sep 2024 00:00:00 +0000

The European Commission has opened a consultation on implementing regulations fixing some details of the European Digital Identity Wallets, as part of the larger reform of the European Digital Identity Framework (eIDAS). I have been critical in the past, so it is time to revisit the current proposals and share here the feedback I also submitted to the Commission in response to this consultation.

Cryptographers’ Feedback on the EU Identity Wallet

Sun, 23 Jun 2024 00:00:00 +0000

A handful cryptographers were asked for feedback on the architecture of the European Identity Wallet (the Architecture Reference Framwork (ARF), currently at version 1.4.0). We seized the opportunity to write a short report to urge Europe to reconsider the design, and to base it on the use of anonymous (aka attribute-based) credentials.