In a rare show of sanity, the Swiss Data Protection Officer has severely restricted the use of international cloud services – particularly hyperscalers like AWS, Google, or Microsoft – for Swiss federal authorities!

heise online

Switzerland: Data Protection Officers Recommend Broad Cloud Ban for Authorities

According to the Data Protection Conference, federal offices may only use US hyperscalers like AWS, Google, or Microsoft to a limited extent.

#security #privacy #cloud #politics #digitalsovereignty #bigtech #google #aws #microsoft #azure #amazon #switzerland

Sorry, I don't want to share my opinion on the matter, just posting to be on this thread which has the potential to achieve legendary divisiveness status 😂 Kidding apart, one argument I didn't see discussed which is potentially against hybrids, at least for encryption, is the possibility of better kleptographic attacks: 📄.pdf The idea is that you can design a circuit that uses e.g. ECDH to embed kleptographic data on ML-KEM public keys. In a pure ML-KEM hardware implementation, this would be easy to spot, because of the conspicuous amount of EC-related circuitry that shouldn't be there. But with a hybrid, that's much more difficult to spot. DISCLAIMER: I AM NOT ARGUING FOR HYBRID VS NON-HYBRID, JUST REPORTING THE FACT, FOR THE LOVE OF GOD PLEASE DO NOT JUMP AT MY THROAT.

The results of the 2025 elections for the president and board members at the International Association for Cryptologic Research (IACR) have been botched because the results of the super-secure cryptographic e-voting system cannot be retrived due to the "accidental loss" of a decryption key.

IACR News item: 21 November 2025

While human mistakes happen, this accident comes under very troubling circumstances. Why an e-voting system of an association like IACR does not support t-out-of-n threshold decryption? Why is a system where a single party can collude to invalidate the vote considered acceptable? Wouldn't be wiser to freeze to the date of November 20th the eligibility status for voting instead of "calling to arms" IACR members who had previously decided to opt out from Helios emails? Does the identity of some of the candidates to Director represent a problem for IACR? #iacr #crypto #cryptography #politics #evoting

WTF IACR? Conspiracy intensifies... #iacr #helios #crypto #cryptography #politics #conspiracy

Interesting take from Christopher Butler on " What AI is Really For".

What AI is Really For - Christopher Butler

After three years of immersion in AI, I have come to a relatively simple conclusion: it’s a useful technology that is very likely overhyped to the

The best case scenario is that AI is just not as valuable [...] The worst case scenario is that the people with the most money at stake in AI know it’s not what they say it is. The observation is that, while the AI bubble might burst, the multibillion deals for building datacenters will hand over ownership of energy infrastructure, land and water to a few individuals. Forever. The value of AI can drop to nothing, but owning the land and the flow of water through it won’t. #ai #ml #capitalism #politics #dystopia #technocracy

Here's another thing I didn't need today: "Digital Omnibus". EU antitrust chief Henna Virkkunen will present to the EU Commission on November 19th a series of amendments to European data protection guardrails, which would substantially weaken GDPR and other privacy protections, and explicitly allow large AI companies unlimited access to the data of EU citizens and even to their digital devices. This is done in order to "placate US industry" (yes, seriously), and proposed through a stealthy "fast-track procedure", which we know of only because some media outlets obtained a leaked draft of the proposal.

Tommaso Gagliardoni's Homepage

"Digital Omnibus" is not a catchy term, we need something better. I propose "Digital Omnirape". Here are some scary quotes: According to the plans, Google, Meta Platforms, OpenAI and other tech companies may be allowed to use Europeans' personal data to train their AI models based on legitimate interest. In addition, companies may be exempted from the ban on processing special categories of personal data [religious or political beliefs, ethnicity, sexual preferences, or health data]. Companies can now remotely access personal data on your device for [...] "legitimate interest". Consequently, it would be a possible reading of the law that companies such as Google can use data from any Android apps to train it's [sic] Gemini AI. One massive change (on German demand) is to limit the use of data subject rights (like access to data, rectification or deletion) to "data protection purposes" only. Conversely, this means that if an employee uses an access request in a labor dispute over unpaid hours – for example, to obtain a record of the hours they have worked – the employer could reject it as "abusive". The same would be true for journalists or researchers. #digitalomnibus #digitalomnirape #omnirape #eu #politics #gdpr #privacy #ai #google #meta #facebook #openai #ml #lobbying

You will be SHOCKED to know that a NONZERO number of Italian politicians replied to the letters I sent by post last month last month to speak up against ChatControl!

Tommaso Gagliardoni's Homepage

#chatcontrol #privacy #eu #italy #politics

Great article by F-Droid on "What We Talk About When We Talk About Sideloading".

What We Talk About When We Talk About Sideloading | F-Droid - Free and Open Source Android App Repository

We recently published a blog post with our reaction to the new Google Developer Program and how it impacts your freedom to use the devices that you...

A few excerpts: It bears reminding that “sideload” is a made-up term. Putting software on your computer is simply called “installing” [...] the term “sideload” was coined to insinuate that there is something dark and sinister about the proces You, the consumer, purchased your Android device believing in Google’s promise that it was an open computing platform and that you could run whatever software you choose on it. Instead, starting next year, they will be non-consensually pushing an update to your operating system that irrevocably blocks this right and leaves you at the mercy of their judgement over what software you are permitted to trust. You, the state, are ceding the rights of your citizens and your own digital sovereignty to a company with a track record of complying with the extrajudicial demands of authoritarian regimes #google #android #aosp #security #privacy #enshittification #bigtech #opensource #politics #fdroid