https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/

So, it turns out the German implementation of eIDAS (electronic ID wallet for e.g. age attestation) will require an Apple/Google account to function

Absolutely pathetic

Ohne Google/Apple = Keine EUDI-Wallet

Die Wallet soll EU-Bürger*innen unabhängiger machen - doch sie vertraut blind den gleichen Tech-Giganten, die wir mit DMA & Datenschutzklagen bekämpfen.

Die Wallet prüft via Play Integrity (Android) & App Attest (iOS), ob euer Gerät sicher ist. Gerootet/Jailbroken? Kein Zugang. Veraltete Sicherheitsupdates? Blockiert.

Wie souverän ist eine digitale ID, wenn zwei US-Konzerne über ihre Nutzung bestimmen? Und was passiert, wenn Google/Apple die Attestierung einfach abschalten? Oder meinen Account sperren? Ich soll doch in der EUDI-Wallet zukünftig alles vom Personalausweis bis zum Mietvertrag speichern, wenn ich das recht verstanden habe.

via HackerNews

https://bmi.usercontent.opencode.de/eudi-wallet/wallet-development-documentation-public/latest/architecture-concept/06-mobile-devices/02-mdvm/#motivation

#DigitalSouveränität #eIDAS #EUDI #Privacy #BigTech

🎉 Congratulations, Martin! 🎉

Martin Heckel (@lunkw1ll) successfully defended his #PhD thesis “Real-World Rowhammer: Understanding and Addressing the Challenges to Rowhammer Attacks” yesterday. 🥳
We wish him the best in his future endeavors!

since that browsergate site about LinkedIn seems to be gaining traction I figure I should mention:

• yes, LinkedIn does do what's being claimed (though, it's that it probes for specific extensions you're running, using features in chrome's API - it doesn't "search your computer")
• it does seem to have been doing this since at least as far back as 2017, and there has been intermittent reporting on it over the years
• I'm fairly confident the copy on the site was generated by (or at least went through) an LLM, so idk that this site is the best way to spread the issue around

edit: and as someone else noted in the replies, looking through the list of extensions of scans for... they're pretty much all "AI"/scraper/automation plugins. so, should LinkedIn be doing this, or even able to do this in Chrome? no! but also, it does seem like the stuff they're scanning for is all extensions that shouldn't exist to begin with tbh

edit 2: please see this follow-up post which proves this is just a shitty campaign by people who made an addon called "Teamfluence" that got blocked by LinkedIn

Apparently #LinkedIn runs a silent browser scan on every #Chrome user who visits the site.

6.222 extensions.
~405 million users affected.
No consent, no disclosure, no mention in their privacy policy.

Read the full technical breakdown, legal analysis and searchable database of every scanned extension: https://browsergate.eu/

#BrowserGate #enshittification #microsoft

RE: https://infosec.exchange/@mttaggart/116320350237766467

It's so funny that no one even wants to own the word "ad" anymore. They're "tips." For your own good. Gotcha.