#privacyengineering — Public Fediverse posts

Policy shift with technical implications.
The European Parliament endorsed an opinion proposing:
• Social media ban under 13
• Parental consent under 16
• Privacy-preserving age assurance mechanisms
• Expanded regulation under the Digital Fairness Act

Security and engineering considerations:
Zero-knowledge proof-based age verification?
On-device age estimation vs centralized ID checks?

Data minimization vs compliance logging requirements?

AI-driven manipulation detection standards?
Age verification at EU scale introduces non-trivial architectural challenges - particularly around privacy-by-design and cross-border enforcement.

From a security architecture perspective:
Can platforms implement robust age controls without increasing identity exposure risks?
Engage below.

Source: https://therecord.media/eu-lawmakers-propose-youth-under-16-social-media-parental-consent

Follow @technadu for cybersecurity, AI governance, and digital compliance analysis.
Repost to inform the security community.

#Infosec #AgeVerification #PrivacyEngineering #DigitalPolicy #EURegulation #AIgovernance #PlatformSecurity #DataMinimization #CyberCompliance #OnlineSafety

Policy shift with technical implications.
The European Parliament endorsed an opinion proposing:
• Social media ban under 13
• Parental consent under 16
• Privacy-preserving age assurance mechanisms
• Expanded regulation under the Digital Fairness Act

Security and engineering considerations:
Zero-knowledge proof-based age verification?
On-device age estimation vs centralized ID checks?

Data minimization vs compliance logging requirements?

AI-driven manipulation detection standards?
Age verification at EU scale introduces non-trivial architectural challenges - particularly around privacy-by-design and cross-border enforcement.

From a security architecture perspective:
Can platforms implement robust age controls without increasing identity exposure risks?
Engage below.

Source: https://therecord.media/eu-lawmakers-propose-youth-under-16-social-media-parental-consent

Follow @technadu for cybersecurity, AI governance, and digital compliance analysis.
Repost to inform the security community.

#Infosec #AgeVerification #PrivacyEngineering #DigitalPolicy #EURegulation #AIgovernance #PlatformSecurity #DataMinimization #CyberCompliance #OnlineSafety

Policy shift with technical implications.
The European Parliament endorsed an opinion proposing:
• Social media ban under 13
• Parental consent under 16
• Privacy-preserving age assurance mechanisms
• Expanded regulation under the Digital Fairness Act

Security and engineering considerations:
Zero-knowledge proof-based age verification?
On-device age estimation vs centralized ID checks?

Data minimization vs compliance logging requirements?

AI-driven manipulation detection standards?
Age verification at EU scale introduces non-trivial architectural challenges - particularly around privacy-by-design and cross-border enforcement.

From a security architecture perspective:
Can platforms implement robust age controls without increasing identity exposure risks?
Engage below.

Source: https://therecord.media/eu-lawmakers-propose-youth-under-16-social-media-parental-consent

Follow @technadu for cybersecurity, AI governance, and digital compliance analysis.
Repost to inform the security community.

#Infosec #AgeVerification #PrivacyEngineering #DigitalPolicy #EURegulation #AIgovernance #PlatformSecurity #DataMinimization #CyberCompliance #OnlineSafety

Policy shift with technical implications.
The European Parliament endorsed an opinion proposing:
• Social media ban under 13
• Parental consent under 16
• Privacy-preserving age assurance mechanisms
• Expanded regulation under the Digital Fairness Act

Security and engineering considerations:
Zero-knowledge proof-based age verification?
On-device age estimation vs centralized ID checks?

Data minimization vs compliance logging requirements?

AI-driven manipulation detection standards?
Age verification at EU scale introduces non-trivial architectural challenges - particularly around privacy-by-design and cross-border enforcement.

From a security architecture perspective:
Can platforms implement robust age controls without increasing identity exposure risks?
Engage below.

Source: https://therecord.media/eu-lawmakers-propose-youth-under-16-social-media-parental-consent

Follow @technadu for cybersecurity, AI governance, and digital compliance analysis.
Repost to inform the security community.

#Infosec #AgeVerification #PrivacyEngineering #DigitalPolicy #EURegulation #AIgovernance #PlatformSecurity #DataMinimization #CyberCompliance #OnlineSafety

IoT privacy compliance development.
Samsung will revise ACR data practices after legal action by the Texas Attorney General.

Key elements:
• Real-time viewing habit collection under scrutiny
• Enhanced disclosure & consent flow promised
• Emphasis on consumer transparency
• Broader regulatory pressure on smart device telemetry

ACR data monetization highlights a persistent tension:
Device intelligence vs user autonomy
Advertising revenue vs explicit consent
Convenience vs continuous telemetry
As regulatory enforcement increases, IoT vendors may face stricter consent design expectations.
Question for security & privacy professionals:
Should connected consumer devices require periodic re-consent for telemetry collection?

Source: https://therecord.media/samsung-updates-acr-privacy-practices-texas

Engage below.
Follow TechNadu for privacy law, IoT security, and compliance updates.
Repost to broaden awareness.

#Infosec #PrivacyEngineering #ACR #IoTSecurity #DataGovernance #ConsumerPrivacy #RegulatoryCompliance #SmartDevices #CyberLaw #SecurityAwareness #DigitalRights

IoT privacy compliance development.
Samsung will revise ACR data practices after legal action by the Texas Attorney General.

Key elements:
• Real-time viewing habit collection under scrutiny
• Enhanced disclosure & consent flow promised
• Emphasis on consumer transparency
• Broader regulatory pressure on smart device telemetry

ACR data monetization highlights a persistent tension:
Device intelligence vs user autonomy
Advertising revenue vs explicit consent
Convenience vs continuous telemetry
As regulatory enforcement increases, IoT vendors may face stricter consent design expectations.
Question for security & privacy professionals:
Should connected consumer devices require periodic re-consent for telemetry collection?

Source: https://therecord.media/samsung-updates-acr-privacy-practices-texas

Engage below.
Follow TechNadu for privacy law, IoT security, and compliance updates.
Repost to broaden awareness.

#Infosec #PrivacyEngineering #ACR #IoTSecurity #DataGovernance #ConsumerPrivacy #RegulatoryCompliance #SmartDevices #CyberLaw #SecurityAwareness #DigitalRights

IoT privacy compliance development.
Samsung will revise ACR data practices after legal action by the Texas Attorney General.

Key elements:
• Real-time viewing habit collection under scrutiny
• Enhanced disclosure & consent flow promised
• Emphasis on consumer transparency
• Broader regulatory pressure on smart device telemetry

ACR data monetization highlights a persistent tension:
Device intelligence vs user autonomy
Advertising revenue vs explicit consent
Convenience vs continuous telemetry
As regulatory enforcement increases, IoT vendors may face stricter consent design expectations.
Question for security & privacy professionals:
Should connected consumer devices require periodic re-consent for telemetry collection?

Source: https://therecord.media/samsung-updates-acr-privacy-practices-texas

Engage below.
Follow TechNadu for privacy law, IoT security, and compliance updates.
Repost to broaden awareness.

#Infosec #PrivacyEngineering #ACR #IoTSecurity #DataGovernance #ConsumerPrivacy #RegulatoryCompliance #SmartDevices #CyberLaw #SecurityAwareness #DigitalRights

IoT privacy compliance development.
Samsung will revise ACR data practices after legal action by the Texas Attorney General.

Key elements:
• Real-time viewing habit collection under scrutiny
• Enhanced disclosure & consent flow promised
• Emphasis on consumer transparency
• Broader regulatory pressure on smart device telemetry

ACR data monetization highlights a persistent tension:
Device intelligence vs user autonomy
Advertising revenue vs explicit consent
Convenience vs continuous telemetry
As regulatory enforcement increases, IoT vendors may face stricter consent design expectations.
Question for security & privacy professionals:
Should connected consumer devices require periodic re-consent for telemetry collection?

Source: https://therecord.media/samsung-updates-acr-privacy-practices-texas

Engage below.
Follow TechNadu for privacy law, IoT security, and compliance updates.
Repost to broaden awareness.

#Infosec #PrivacyEngineering #ACR #IoTSecurity #DataGovernance #ConsumerPrivacy #RegulatoryCompliance #SmartDevices #CyberLaw #SecurityAwareness #DigitalRights

Regulatory Enforcement Brief:
Entity: Reddit
Regulator: Information Commissioner's Office
Penalty: £14.47M
Issue: Inadequate age assurance mechanisms
Findings:
• Over-reliance on self-declared age
• Alleged unlawful processing of children’s data
• Lack of early DPIA (Data Protection Impact Assessment)
• Enforcement under Age Appropriate Design Code
Core tension:
Privacy-by-minimization vs. identity-based compliance controls.
Expect broader enforcement trends targeting platforms relying solely on self-attestation models.
Source: https://therecord.media/reddit-children-age-checks-uk-ico-fine

Follow @technadu for regulatory intelligence.
Add your compliance or security insights below.

#Infosec #DataProtection #ICO #Reddit #PrivacyEngineering #Compliance #CyberLaw #AgeVerification #ChildSafety #RiskManagement #DigitalGovernance #SecurityNews

Regulatory Enforcement Brief:
Entity: Reddit
Regulator: Information Commissioner's Office
Penalty: £14.47M
Issue: Inadequate age assurance mechanisms
Findings:
• Over-reliance on self-declared age
• Alleged unlawful processing of children’s data
• Lack of early DPIA (Data Protection Impact Assessment)
• Enforcement under Age Appropriate Design Code
Core tension:
Privacy-by-minimization vs. identity-based compliance controls.
Expect broader enforcement trends targeting platforms relying solely on self-attestation models.
Source: https://therecord.media/reddit-children-age-checks-uk-ico-fine

Follow @technadu for regulatory intelligence.
Add your compliance or security insights below.

#Infosec #DataProtection #ICO #Reddit #PrivacyEngineering #Compliance #CyberLaw #AgeVerification #ChildSafety #RiskManagement #DigitalGovernance #SecurityNews

Regulatory Enforcement Brief:
Entity: Reddit
Regulator: Information Commissioner's Office
Penalty: £14.47M
Issue: Inadequate age assurance mechanisms
Findings:
• Over-reliance on self-declared age
• Alleged unlawful processing of children’s data
• Lack of early DPIA (Data Protection Impact Assessment)
• Enforcement under Age Appropriate Design Code
Core tension:
Privacy-by-minimization vs. identity-based compliance controls.
Expect broader enforcement trends targeting platforms relying solely on self-attestation models.
Source: https://therecord.media/reddit-children-age-checks-uk-ico-fine

Follow @technadu for regulatory intelligence.
Add your compliance or security insights below.

#Infosec #DataProtection #ICO #Reddit #PrivacyEngineering #Compliance #CyberLaw #AgeVerification #ChildSafety #RiskManagement #DigitalGovernance #SecurityNews

Regulatory Enforcement Brief:
Entity: Reddit
Regulator: Information Commissioner's Office
Penalty: £14.47M
Issue: Inadequate age assurance mechanisms
Findings:
• Over-reliance on self-declared age
• Alleged unlawful processing of children’s data
• Lack of early DPIA (Data Protection Impact Assessment)
• Enforcement under Age Appropriate Design Code
Core tension:
Privacy-by-minimization vs. identity-based compliance controls.
Expect broader enforcement trends targeting platforms relying solely on self-attestation models.
Source: https://therecord.media/reddit-children-age-checks-uk-ico-fine

Follow @technadu for regulatory intelligence.
Add your compliance or security insights below.

#Infosec #DataProtection #ICO #Reddit #PrivacyEngineering #Compliance #CyberLaw #AgeVerification #ChildSafety #RiskManagement #DigitalGovernance #SecurityNews

Incident Overview:
Victim: Odido
Threat Actor: ShinyHunters (alleged)
Impact: 6.2M customers confirmed
Claimed Records: ~21M

Vector: Customer contact system access
Exposed data (varies per user):
• PII, contact details
• IBANs
• Limited ID metadata

Denied exposure:
• Passwords
• Billing data
• SSNs
ShinyHunters’ known TTPs include vishing, SSO hijack, OAuth device code abuse, targeting platforms tied to Microsoft, Google, and Okta.
Identity remains the breach multiplier.
Source: https://www.bleepingcomputer.com/news/security/shinyhunters-extortion-gang-claims-odido-breach-affecting-millions/

Follow TechNadu for threat-focused reporting,
Add your technical insights below.

#Infosec #ThreatIntel #DataBreach #ShinyHunters #Odido #IAM #SSO #MFA #CyberExtortion #PrivacyEngineering #SecurityOperations

Mullvad Campaign Blocked in UK Amid Surveillance Debate
Mullvad VPN says its “And Then?” campaign criticizing UK surveillance measures was rejected from TV broadcast.

The debate intersects with:
• The Online Safety Act
• Proposed VPN identity verification
• Client-side scanning discussions
• Expanded regulatory oversight

Security implications:
• Increased compliance pressure on privacy tools
• Regulatory scrutiny of encryption services
• Chilling effects on anti-surveillance advocacy
Is this a policy enforcement issue - or a warning sign for privacy discourse?

Source: https://mullvad.net/en/and-then/uk

Engage below.
Follow @technadu for analysis on encryption policy and digital governance.

#Infosec #EncryptionPolicy #MassSurveillance #VPN #CyberLaw #DigitalRights #PrivacyEngineering #ThreatModeling #UKPolicy #SecurityDebate

Mullvad Campaign Blocked in UK Amid Surveillance Debate
Mullvad VPN says its “And Then?” campaign criticizing UK surveillance measures was rejected from TV broadcast.

The debate intersects with:
• The Online Safety Act
• Proposed VPN identity verification
• Client-side scanning discussions
• Expanded regulatory oversight

Security implications:
• Increased compliance pressure on privacy tools
• Regulatory scrutiny of encryption services
• Chilling effects on anti-surveillance advocacy
Is this a policy enforcement issue - or a warning sign for privacy discourse?

Source: https://mullvad.net/en/and-then/uk

Engage below.
Follow @technadu for analysis on encryption policy and digital governance.

#Infosec #EncryptionPolicy #MassSurveillance #VPN #CyberLaw #DigitalRights #PrivacyEngineering #ThreatModeling #UKPolicy #SecurityDebate

Mullvad Campaign Blocked in UK Amid Surveillance Debate
Mullvad VPN says its “And Then?” campaign criticizing UK surveillance measures was rejected from TV broadcast.

The debate intersects with:
• The Online Safety Act
• Proposed VPN identity verification
• Client-side scanning discussions
• Expanded regulatory oversight

Security implications:
• Increased compliance pressure on privacy tools
• Regulatory scrutiny of encryption services
• Chilling effects on anti-surveillance advocacy
Is this a policy enforcement issue - or a warning sign for privacy discourse?

Source: https://mullvad.net/en/and-then/uk

Engage below.
Follow @technadu for analysis on encryption policy and digital governance.

#Infosec #EncryptionPolicy #MassSurveillance #VPN #CyberLaw #DigitalRights #PrivacyEngineering #ThreatModeling #UKPolicy #SecurityDebate

Mullvad Campaign Blocked in UK Amid Surveillance Debate
Mullvad VPN says its “And Then?” campaign criticizing UK surveillance measures was rejected from TV broadcast.

The debate intersects with:
• The Online Safety Act
• Proposed VPN identity verification
• Client-side scanning discussions
• Expanded regulatory oversight

Security implications:
• Increased compliance pressure on privacy tools
• Regulatory scrutiny of encryption services
• Chilling effects on anti-surveillance advocacy
Is this a policy enforcement issue - or a warning sign for privacy discourse?

Source: https://mullvad.net/en/and-then/uk

Engage below.
Follow @technadu for analysis on encryption policy and digital governance.

#Infosec #EncryptionPolicy #MassSurveillance #VPN #CyberLaw #DigitalRights #PrivacyEngineering #ThreatModeling #UKPolicy #SecurityDebate

Mullvad Campaign Blocked in UK Amid Surveillance Debate
Mullvad VPN says its “And Then?” campaign criticizing UK surveillance measures was rejected from TV broadcast.

The debate intersects with:
• The Online Safety Act
• Proposed VPN identity verification
• Client-side scanning discussions
• Expanded regulatory oversight

Security implications:
• Increased compliance pressure on privacy tools
• Regulatory scrutiny of encryption services
• Chilling effects on anti-surveillance advocacy
Is this a policy enforcement issue - or a warning sign for privacy discourse?

Source: https://mullvad.net/en/and-then/uk

Engage below.
Follow @technadu for analysis on encryption policy and digital governance.

#Infosec #EncryptionPolicy #MassSurveillance #VPN #CyberLaw #DigitalRights #PrivacyEngineering #ThreatModeling #UKPolicy #SecurityDebate

The UK is moving toward mandatory proactive detection of nonconsensual intimate images.

Under proposals backed by Keir Starmer, platforms must:
• Remove flagged content within 48 hours
• Prevent reuploads using hash matching
• Deploy proactive detection “at source”
• Face fines up to 10% of global revenue

Regulator Ofcom is accelerating its decision on requiring technical enforcement mechanisms.
Technical considerations:
- Hash collision and false-positive risks
- Cross-platform hash database coordination
- Encryption vs scanning tradeoffs
- Abuse-report automation workflows
- AI-generated image detection accuracy
Is mandatory proactive scanning the future of online content governance?

Source: https://therecord.media/united-kingdom-noncensual-images-fines

Drop your technical analysis below.

Follow @technadu for advanced cybersecurity and policy reporting.

#Infosec #DetectionEngineering #AIsecurity #HashMatching #ContentModeration #DigitalForensics #CyberPolicy #OnlineSafety #DeepfakeDetection #PrivacyEngineering #ThreatModeling #SecurityArchitecture

The UK is moving toward mandatory proactive detection of nonconsensual intimate images.

Under proposals backed by Keir Starmer, platforms must:
• Remove flagged content within 48 hours
• Prevent reuploads using hash matching
• Deploy proactive detection “at source”
• Face fines up to 10% of global revenue

Regulator Ofcom is accelerating its decision on requiring technical enforcement mechanisms.
Technical considerations:
- Hash collision and false-positive risks
- Cross-platform hash database coordination
- Encryption vs scanning tradeoffs
- Abuse-report automation workflows
- AI-generated image detection accuracy
Is mandatory proactive scanning the future of online content governance?

Source: https://therecord.media/united-kingdom-noncensual-images-fines

Drop your technical analysis below.

Follow @technadu for advanced cybersecurity and policy reporting.

#Infosec #DetectionEngineering #AIsecurity #HashMatching #ContentModeration #DigitalForensics #CyberPolicy #OnlineSafety #DeepfakeDetection #PrivacyEngineering #ThreatModeling #SecurityArchitecture

The UK is moving toward mandatory proactive detection of nonconsensual intimate images.

Under proposals backed by Keir Starmer, platforms must:
• Remove flagged content within 48 hours
• Prevent reuploads using hash matching
• Deploy proactive detection “at source”
• Face fines up to 10% of global revenue

Regulator Ofcom is accelerating its decision on requiring technical enforcement mechanisms.
Technical considerations:
- Hash collision and false-positive risks
- Cross-platform hash database coordination
- Encryption vs scanning tradeoffs
- Abuse-report automation workflows
- AI-generated image detection accuracy
Is mandatory proactive scanning the future of online content governance?

Source: https://therecord.media/united-kingdom-noncensual-images-fines

Drop your technical analysis below.

Follow @technadu for advanced cybersecurity and policy reporting.

#Infosec #DetectionEngineering #AIsecurity #HashMatching #ContentModeration #DigitalForensics #CyberPolicy #OnlineSafety #DeepfakeDetection #PrivacyEngineering #ThreatModeling #SecurityArchitecture

The UK is moving toward mandatory proactive detection of nonconsensual intimate images.

Under proposals backed by Keir Starmer, platforms must:
• Remove flagged content within 48 hours
• Prevent reuploads using hash matching
• Deploy proactive detection “at source”
• Face fines up to 10% of global revenue

Regulator Ofcom is accelerating its decision on requiring technical enforcement mechanisms.
Technical considerations:
- Hash collision and false-positive risks
- Cross-platform hash database coordination
- Encryption vs scanning tradeoffs
- Abuse-report automation workflows
- AI-generated image detection accuracy
Is mandatory proactive scanning the future of online content governance?

Source: https://therecord.media/united-kingdom-noncensual-images-fines

Drop your technical analysis below.

Follow @technadu for advanced cybersecurity and policy reporting.

#Infosec #DetectionEngineering #AIsecurity #HashMatching #ContentModeration #DigitalForensics #CyberPolicy #OnlineSafety #DeepfakeDetection #PrivacyEngineering #ThreatModeling #SecurityArchitecture

Running code in the cloud usually means trusting the landlord not to peek.

At #FOSSASIA2026, Peter Membrey (ExpressVPN) is releasing an open source framework for Secure GPU Workloads in Enclaves.

It allows you to cryptographically verify the hardware and treat the cloud provider as an adversary. Confidential Computing is now available to everyone, not just the hyperscalers.

https://rolandturner.com/The%20cloud%20provider%20is%20the%20adversary/ @fossasia

#ConfidentialComputing #GPU #PrivacyEngineering #TrustNoOne #OpenSource #FOSSASIA

Bitwarden introduces “Cupid Vault” — a 2-user shared Organization vault available on the free plan.

Security considerations:
• End-to-end encryption
• Vault isolation from personal storage
• Fingerprint phrase verification (anti-ATMIT enrollment control)
• Bidirectional sharing
• Revocable access

Limitations: 2 users, 2 collections. No RBAC granularity (reserved for paid tiers).

Question for practitioners:
Is secure shared vault architecture preferable to federated identity or delegated access models for small trust groups?

Source: https://www.bleepingcomputer.com/news/security/bitwarden-introduces-cupid-vault-for-secure-password-sharing/

Join the discussion below.
Follow @technadu for actionable security insights.

#InfoSec #PasswordManagement #ZeroTrust #Encryption #AccessControl #CyberDefense #Authentication #SecurityArchitecture #BlueTeam #PrivacyEngineering

SegurCaixa Adeslas disclosed a breach affecting personal identity and banking data of policyholders in Spain’s Extremadura region.

Health data and billing platforms were reportedly not accessed, and no fraud has been observed so far.

The incident reinforces the importance of secure data retention, breach containment, and clear post-incident communication to reduce secondary risks like phishing and impersonation.

How do you assess disclosure quality in incidents like this?

Source: https://www.hoy.es/extremadura/segurcaixa-adeslas-informa-clientes-extremenos-robo-datos-20260121131037-nt.html

Share insights and follow @technadu for objective InfoSec coverage.

#InfoSec #DataProtection #BreachDisclosure #CyberRisk #PrivacyEngineering #SecurityOperations

Even small behaviors can leak data.
Whonix protects against behavioral fingerprinting with mouse movement anonymization.

#Whonix #FingerprintResistance #PrivacyEngineering #CyberSecurity #AnonymityTools

Gen Digital researchers have disclosed GhostPairing, a technique that leverages WhatsApp’s multi-device functionality via social engineering to enable persistent, low-noise access to user communications.

The case highlights how legitimate features can become attack surfaces when paired with deception rather than technical exploitation.

Open discussion: how can platforms mitigate abuse of trusted workflows without degrading user experience?

Follow TechNadu for objective threat analysis and security research updates.

Source: https://www.techrepublic.com/article/news-whatsapp-ghostpairing/

#InfoSec #ThreatResearch #SocialEngineering #MessagingSecurity #PrivacyEngineering #CyberRisk

Complaints filed in Europe allege cross-app data tracking involving sensitive personal data categories protected under GDPR, raising questions about consent, transparency, and third-party data brokers.

While no regulatory findings have been issued yet, the case highlights ongoing challenges in enforcing privacy-by-design principles across complex app ecosystems.

How should organizations better operationalize GDPR transparency and data access rights?

Share your insights and follow TechNadu for responsible InfoSec and privacy reporting.

#InfoSec #PrivacyEngineering #GDPRCompliance #DataGovernance #AdTech #UserConsent #TechNadu

Cure53 audit confirms NordVPN’s security posture is continuously tested.
https://www.technadu.com/nordvpn-security-audit-shows-ongoing-independent-review/615642/

• No critical vulns across apps or infrastructure
• High-severity findings fixed and re-verified
• Annual independent audits since 2018

#VPNsecurity #Infosec #SecurityAudit #PrivacyEngineering

Cure53 audit confirms NordVPN’s security posture is continuously tested.
https://www.technadu.com/nordvpn-security-audit-shows-ongoing-independent-review/615642/

• No critical vulns across apps or infrastructure
• High-severity findings fixed and re-verified
• Annual independent audits since 2018

#VPNsecurity #Infosec #SecurityAudit #PrivacyEngineering

Cure53 audit confirms NordVPN’s security posture is continuously tested.
https://www.technadu.com/nordvpn-security-audit-shows-ongoing-independent-review/615642/

• No critical vulns across apps or infrastructure
• High-severity findings fixed and re-verified
• Annual independent audits since 2018

#VPNsecurity #Infosec #SecurityAudit #PrivacyEngineering

Für Dr. Aleksandra Sowa ist klar: Privacy-Enhancing Technologies (#PET) sind ein Wettbewerbsvorteil. Trotzdem fehlt es nach wie vor an Wissen und Forschung zur konkreten Umsetzung in realen Anwendungskontexten. Zentrales Stichwort: #PrivacyEngineering.

Diese Punkte brachte die Forscherin und Vertreterin der GI-Fachgruppe PET heute morgen beim Strategiegipfel Cybersecurity ein.

Mehr über die Aktivitäten der Fachgruppe gibts hier: https://fg-pet.gi.de/

#Privacy #WirSindInformatik

Think of online anonymity as being one person in a vast crowd. Every piece of personal information you reveal reduces the size of that crowd, the group of people you could plausibly be. For example, revealing your gender cuts the number of potential identities roughly in half.

One way to regain some anonymity is through deliberate disinformation. Suppose you share \(n\) independent yes/no facts about yourself, but intentionally flip \(k\) of them (without the attacker knowing which). In that case, you increase the number of identities consistent with your answers by a factor of \(C(n,k)\).

#OnlinePrivacy #DigitalAnonymity #InformationSecurity #CyberAwareness #PrivacyMatters #DigitalFootprint #DataProtection #InformationTheory #Anonymity #PrivacyEngineering #DataAnonymization #Disinformation #Combinatorics #SecurityResearch #ThinkBeforeYouShare #OnlineIdentity #PrivacyByDesign #DigitalEthics #ProtectYourData #InternetSafety #Privacy #CyberSecurity #Infosec #DataPrivacy #OnlineSafety #SecurityMindset