Mutual Contact Discovery

Messaging apps like Signal or WhatsApp offer a contact discovery service that allow you to discover which of the contacts in your address book are also a member. Depending on the implementation, this creates certain privacy risks. Even though Signal uses a protocol involving a trusted execution environment to mitigate the risk, an inherent risk of (one-sided) contact discovery remains: if someone (a patient, an ex) has your phone number in their address book, they will be notified when you join Signal. Not necessarily what you expect when joining a messaging service that focuses on privacy. This motivated me to study mutual contact discovery, where users of a messaging app can only discover each other when both have each other’s phone number in their address book.

Passkeys and eIDAS - the future of authentication.

Passkeys (soon available on Apple devices, and to be offered in the near future by Google and Microsoft as well) are a standard for more secure, passwordless, authentication. Great! Finally we will be able to get rid of these pesky passwords. But passkeys will also have consequences for eIDAS: the European identity wallet risks to be born in a world with a significant disadvantage.

Just A Simple Car. Nothing More. Because simple is the new smart.

Back when that still was thing, I used to buy the most basic HiFi equipment I could find: no frills, no EQ, no fance displays. Just an amplifier with an on/off button, a volume dial and input selector.

I was thinking about that yesterday when discussing connected cars. Ford believes the future of profitability for the company is all the data from its 100 million vehicles (and the people in them). And after the announcement that Mercedes will share road condition data with the Dutch government someone suggested that soon Mercedes will give away cars for free, because this will be profitable enough (I didn’t keep the link; if someone knows please send it to me).

And I was wondering. With all these electric cars becoming more and more complex, essentially turning into big supercomputers that happen to also have wheels: would’t there be a (niche) market for people like me that want just a car. Electric (of course). But nothing more. Not digital. With simple mechanical controls, manual locks, windows, shields. As simple, as basic, as possible. Hardly any computer or electronics inside. Something you can maintain with a screwdriver, instead of a logic analyser.

Because simple is the new smart.

(Unfortunately, such a simple car would probably also be much more expensive. At least, that used to be the case with HiFi and other electronics: the price was inversely proportional to the number of knobs, dials and displays.)

Kabinetsbeleid digitalisering - solide basis, met helaas wat blinde vlekken.

Een paar dagen geleden stuurde het kabinet een kamerbrief met daarin de hoofdlijnen voor haar beleid voor digitalisering. Vorige week was ik zeer kritisch over de “European Declaration on Digital Rights and Principles for the Digital Decade”, dus ik hield mijn hart vast. Gelukkig bieden de in de brief geschetste beleidskaders een goede basis, met helaas wat blinde vlekken. Maar goed, misschien is het zicht op die punten nog wat te verbeteren ;-)

The European Declaration on Digital Rights puts people in the firing line of the digital transformation.

On January 26 this year the European Commission proposed a European Declaration on Digital Rights and Principles for the Digital Decade to guide the digital transformation in the EU. The aim is to ensure Europe will benefit from such a transformation (in terms of quality of life, innovation, economic growth and sustainability) while protecting European values and the fundamental rights of European citizens. I am not convinced by the actual guidance offered though: it puts responsibility solely on the individual, and completely ignores systemic risks. This is not sufficient.