Daily Archives: November 28, 2025

Canadian data order risks blowing a hole in EU sovereignty

Posted on by

A Canadian court has ordered French cloud provider OVHcloud to hand over customer data stored in Europe, potentially undermining the provider’s claims about digital sovereignty protections.

According to documents seen by The Register, the Royal Canadian Mounted Police (RCMP) issued a Production Order in April 2024 demanding subscriber and account data linked to four IP addresses on OVH servers in France, the UK, and Australia as part of a criminal investigation.

OVH has a Canadian arm, which was the jumping-off point for the courts, but OVH Group is a French company, so the data in France should be protected from prying eyes. Or perhaps not.

Rather than using established Mutual Legal Assistance Treaties (MLAT) between Canada and France, the RCMP sought direct disclosure through OVH’s Canadian subsidiary.

This puts OVH in an impossible position. French law prohibits such data sharing outside official treaties, with penalties up to €90,000 and six months imprisonment. But refusing the Canadian order risks contempt of court charges.

[…]

Under Trump 2.0, economic and geopolitical relations between Europe and the US have become increasingly volatile, something Microsoft acknowledged in April.

Against this backdrop, concerns about the US CLOUD Act are growing. Through the legislation, US authorities can request – via warrant or subpoena – access to data hosted by US corporations regardless of where in the world that data is stored. Hyperscalers claim they have received no such requests with respect to European customers, but the risk remains and European cloud providers have used this as a sales tactic by insisting digital information they hold is protected.

In the OVH case, if Canadian authorities are able to force access to data held on European servers rather than navigate official channels (for example, international treaties), the implications could be severe.

[…]

Earlier this week, GrapheneOS announced it no longer had active servers in France and was in the process of leaving OVH.

The privacy-focused mobile outfit said, “France isn’t a safe country for open source privacy projects. They expect backdoors in encryption and for device access too. Secure devices and services are not going to be allowed. We don’t feel safe using OVH for even a static website with servers in Canada/US via their Canada/US subsidiaries.”

In August, an OVH legal representative crowed over the admission by Microsoft that it could not guarantee data sovereignty.

It would be deeply ironic if OVH were unable to guarantee the same thing because the company has a subsidiary in Canada.

[…]

Source: Canadian data order risks blowing a hole in EU sovereignty • The Register

Asahi admits ransomware may have spilled data on 2M people

Posted on by

Asahi has finally done the sums on September’s ransomware attack in Japan, conceding the crooks may have helped themselves to personal data tied to almost 2 million people.

Back on September 29, Asahi disclosed a “system failure caused by a cyberattack” that knocked out ordering, shipping, and call center systems across its Japanese operations. Days later, the attack was claimed by the Qilin ransomware crew, which reckons it stole some 27 GB of internal files – including employee records, contracts, financial documents, and other sensitive assets.

Fast forward to November 27, Asahi has finally posted a full breakdown of who and what might be affected. The tally includes 1.525 million people who contacted its customer service centers, 114,000 external contacts who received condolence or congratulatory telegrams, 107,000 current or former employees, and 168,000 of their family members. The exposed data includes names, addresses, phone numbers, email addresses, and in some cases date of birth and gender – but credit card information is not on the list.

Asahi notes that the exposed data was limited to systems managed in Japan, and none has yet been published. The company also pledges to notify individuals whose data is confirmed to have been compromised – but with nearly two million people in scope, that’s a mammoth mailing list.

In its latest update, Asahi said attackers entered via compromised network equipment at a Group datacenter facility in Japan and deployed ransomware on the same day, encrypting data on multiple live servers and some connected PCs.

[…]

Source: Asahi admits ransomware may have spilled data on 2M people • The Register

The dangers of collecting too much data

FCC: US emergency broadcast system hacked to send offensive content instead of beeps

Posted on by

Malicious intruders have hijacked US radio gear to turn emergency broadcast tones into a profanity-laced alarm system.

That’s according to the latest warning issued by the Federal Communications Commission (FCC), which has flagged a “recent string of cyber intrusions” that diverted studio-to-transmitter links (STLs) so attackers could replace legitimate programming with their own audio – complete with the signature “Attention Signal” tone of the domestic Emergency Alert System (EAS).

According to the alert, the intrusions exploited unsecured broadcasting equipment, notably devices manufactured by Swiss firm Barix, which were reconfigured to stream attacker-controlled audio instead of station output. That stream included either real or simulated EAS alert tones, followed by obscene language or other offensive content.

Stations in Texas and Virginia have already reported incidents, including one during a live sports broadcast and another on a public radio affiliate’s backup stream.

The HTX Media radio station in Houston confirmed it had fallen victim to hijackers in a post on Facebook, saying: “We’ve received multiple reports that 97.5 FM (ESPN Houston) has been hijacked and is currently broadcasting explicit and highly offensive content… The station appears to be looping a repeated audio stream that includes an Emergency Alert System (EAS) tone before playing an extremely vulgar track.”

[…]

Source: FCC: US radio gear hijacked for bogus alerts and bad words • The Register

A universal physical law for how objects shatter

Posted on by

A dropped plate, a smashed sugar cube and a broken drinking glass all seem to follow the same law of physics when it comes to how many fragments of a given size they will shatter into.

For several decades, researchers have known that there is something universal about the process of fragmentation, when an object breaks into many parts when dropped or smashed. If you counted how many fragments existed at each possible size and made a graph of that distribution, it would have the same shape regardless of the object that shattered. Emmanuel Villermaux at Aix-Marseille University in France has now derived an equation that explains that shape, effectively formulating a universal law for how objects break.

Instead of focusing on the details of how cracks appear in an object before it fragments, he took a more zoomed-out approach. Villermaux considered all possible sets of fragments that an object can shatter into. Some sets would include highly specific outcomes, like a vase shattering into four equal pieces. He picked out the most probable set, the one with the highest entropy, which captured breakages that were messy and irregular. This is similar to the way many laws concerning large ensembles of particles were derived in the 19th century, he says. Additionally, Villermaux used a law of physics that describes changes in the total density of fragments when the object is shattering, which he and his colleagues had previously found.

Together, these two ingredients let him derive a simple equation predicting how many fragments of each size a breaking object should produce. To see how well it worked, Villermaux compared it with a whole slew of past experiments with shattering glass bars, dry spaghetti, plates, ceramic tubes and even plastic fragments in the ocean and waves breaking on choppy seas. Across the board, the way fragmentation showed up in each of these scenarios followed his new law, capturing the ubiquitous graph shape that researchers had seen before.

[…]

Source: Physicists have worked out a universal law for how objects shatter | New Scientist

That didn’t take long: A few days after Chat Control, European Parliament implements Age Verification on Social Media, 16+

Posted on by

On Wednesday, MEPs adopted a non-legislative report by 483 votes in favour, 92 against and with 86 abstentions, expressing deep concern over the physical and mental health risks minors face online and calling for stronger protection against the manipulative strategies that can increase addiction and that are detrimental to children’s ability to concentrate and engage healthily with online content.


Minimum age for social media platforms

To help parents manage their children’s digital presence and ensure age-appropriate online engagement, Parliament proposes a harmonised EU digital minimum age of 16 for access to social media, video-sharing platforms and AI companions, while allowing 13- to 16-year-olds access with parental consent.

Expressing support for the Commission’s work to develop an EU age verification app and the European digital identity (eID) wallet, MEPs insist that age assurance systems must be accurate and preserve minors’ privacy. Such systems do not relieve platforms of their responsibility to ensure their products are safe and age-appropriate by design, they add.

To incentivise better compliance with the EU’s Digital Services Act (DSA) and other relevant laws, MEPs suggest senior managers could be made personally liable in cases of serious and persistent non-compliance, with particular respect to protection of minors and age verification.

[…]

According to the 2025 Eurobarometer, over 90% of Europeans believe action to protect children online is a matter of urgency, not least in relation to social media’s negative impact on mental health (93%), cyberbullying (92%) and the need for effective ways to restrict access to age-inappropriate content (92%).

Member states are starting to take action and responding with measures such as age limits and verification systems.

Source: Children should be at least 16 to access social media, say MEPs | News | European Parliament

Expect to see manadatory surveillance on social media (whatever they define that to be) soon as it is clearly “risky”.

The problem is real, but age verification is not the way to solve the problem. Rather, it will make it much, much worse as well as adding new problems entirely.

See also: https://www.linkielist.com/?s=age+verification&submit=Search

See also: Europen Council decides to implement Mass Surveillance and Age Verification through law protecting children from online abuse

Welcome to a new fascist thought controlled Europe, heralded by Denmark.