Mattis van 't Schip

In Dutch news today: "Companies needed to prepare for attacks from Russia".

https://nos.nl/artikel/2588076-bedrijven-moeten-zich-beter-voorbereiden-op-aanvallen-uit-rusland

Happy to see a lot of references to the need for increased supply chain cybersecurity, especially in critical sectors. In […]

Attending #PLSCE today and tomorrow. Read lots of great work - looking forward to the discussions!

https://codetiger.github.io/blog/the-day-my-smart-vacuum-turned-against-me/

In which the author discovers that the manufacturer retains access to their smart vacuum - and may have remotely disabled it after they blocked the vacuum's data uploads.

Members of the far-right PVV party in the Netherlands create Facebook fan pages for their party and share AI-generated racist images on it in wake of the upcoming Dutch general elections.

One of the prompts (translated):
"Make a hyperrealistic photo of a cute, innocent blond woman walking on […]

Verhandlungen zu „Chatkontrolle“ vorerst gescheitert

🇪🇺 EU diplomats discussed #ChatControl today. Result: No majority, so the vote planned for next week will be called off. https://orf.at/stories/3407810/
A huge success in our fight for freedom!🎉💪
Next goal: No suspicionless scanning, not even on a voluntary basis!

This is Week 6 of my "Radboud against Microsoft" protest. I added a few links to mentions of the protest in the media. Thank you, everyone who joined the protest. #GazaGenocide, #Microsoft, #NoAzureForApartheid

https://www.cs.ru.nl/~hiemstra/radboud-against-microsoft/

Who could possibly have foreseen that having random web apps collect copious personal information in order to check for user age could create a golden trove for hackers?

https://www.theguardian.com/games/2025/oct/07/discord-data-breach-proof-of-age-id-leaked

A map of Europe titled "Help Stop #ChatControl!" shows countries color-coded by their government's stance on Chat Control in 2025. The legend indicates: green for "Not in Favour," blue for "Undecided," and red for "In Favour." Countries in favour (red) are: Bulgaria, Croatia, Cyprus, Denmark, France, Hungary, Ireland, Lithuania, Malta, Portugal, Spain, and Sweden. Countries not in favour (green) are: Austria, Czechia, Estonia, Finland, Luxembourg, Netherlands, Poland, Slovakia and Slovenia. Countries undecided (blue) are: Belgium, Germany, Greece, Italy, Latvia, Romania. The map includes the text "Is your government opposing it yet?" and a call to action at the bottom: "Act now! www.chatcontrol.eu".

🇪🇺🚨 HUGE NEWS: #ChatControl vote reportedly to be postponed (unconfirmed)! 🎉 Our protests are working! https://x.com/SeppTyvaert/status/1973788987442803023

But it's just a delay. Many governments are still undecided. ⏰ Tell YOURS to join the resistance […]

[Original post on digitalcourage.social]

Cyberattack on Beer Giant Asahi Disrupts Production

Another supply chain halted due to its cybersecurity problems. Please stop, I can only add so many examples to my dissertation!

https://www.securityweek.com/cyberattack-on-beer-giant-asahi-disrupts-production/

Wat ik toch in alle verkiezingsprogramma's nog steeds mis, is een verbod op de constante terreur van Sky Radio en Radio 10 in, wat lijkt, elke ruimte buiten mijn voordeur. Enorm gemis!

Definition of a supply chain attack by ENISA is found in their Threat Landscape of Supply Chain Attacks: https://www.enisa.europa.eu/publications/threat-landscape-for-supply-chain-attacks

This is a very legal-semantic question, but is this airport attack actually a supply chain attack? If we use the definition from ENISA, a supply chain attack is twofold: attack a supplier and then attack the assets of a main target in the same chain. SolarWinds is a classic example.

Did the […]

Wanted to spy on my dog, ended up spying on TP-Link

https://kennedn.com/blog/posts/tapo/

"The whole thing feels like it was cobbled together by a consortium of couch-cryptographers. But then again, it was the cheapest indoor camera on amazon, so what did I expect?"

Always enjoy reading these types of blog posts.

These are just hype statements, of course. Really wonder what follows in terms of actual policy. Especially given the fact that the EU itself posted here that we should listen to the State of Europe address on the wonderful European companies YouTube, X, LinkedIn, or Facebook.

#EuropeanTech […]

President Von der Leyen's State of Europe address really again confirms the EU's push for independence (in tech/economic security/supply chains/etc.):

- This must be Europe's Independence Moment. [...] To take control over the technologies [...] that will fuel our economies."
- On E-cars: "E […]

A map of Europe titled "Help Stop #ChatControl!" shows countries color-coded by their government's stance on Chat Control in 2025. The legend indicates: green for "Not in favour," blue for "Undecided/Unclear," and red for "In favour." Countries in favour (red) are: Bulgaria, Croatia, Cyprus, Denmark, France, Hungary, Ireland, Italy, Latvia, Lithuania, Malta, Portugal, and Spain. Countries not in favour (green) are: Austria, Belgium, Czech Republic, Finland, Germany, Luxembourg, Netherlands, Poland and Slovakia. Countries undecided or unclear (blue) are: Estonia, Greece, Slovenia, Romania, and Sweden (in favour, but subject to approval by Parliament). The map includes the text "Is your government opposing it yet?" and a call to action at the bottom: "Act now! www.chatcontrol.eu".

🇪🇺YES: Germany is not supporting the EU's #ChatControl bill as proposed!
The blocking minority needed to stop this illegal mass surveillance plan seems secured (for now). ✅

Opposition now also from LU🇱🇺 & SK🇸🇰!

#KeepUpTheFight https://fightchatcontrol.eu

Really wonder when the first repository supply chain attack happens that is not solved within hours. I feel like we see stories like this almost on a monthly basis now...

I can imagine that supply chain security will become more and more connected to digital sovereignty efforts […]

Presenting next week at #Gikii2025. Really excited, first time Gikii attendance! Hearing great things!

Title: Left in the dark, literally: the inevitable demise of the Internet of Things and the protection of the consumer

Presenting with colleagues Tim de Jonge and Frederik Zuiderveen […]

"Sideloading" is the rentseeker word for "being able to run software of your choosing on a computing device you purchased". There is no reasonable case for an operating system developer having a say over what programs you run on your hardware.

#Android #Google

The front page of a report from the European Commission, titled "The usage of Linux and Open Source: a study on the possible usage of Linux and Open Source on the PC within the Commission environment. Final report"

Following a #FreedomOfInformation request, I can reveal that in 2005 — almost two decades ago — the #EuropeanCommission trialled the deployment of an Open Source stack (#Linux desktops with #OpenOffice) and that trial was mostly successful.

Here is the […]

[Original post on eupolicy.social]

#seems_legit

The public consultation for the new EU surveillance law is going exactly as expected: people are NOT having it. This proposal is part of the ProtectEU, you know, Chat Control reincarnated.

4300+ comments and counting. None of them supportive, it seems.

"Impact assessment on retention of data […]

Apparently, if you have facebook or Instagram installed on your phone, #Meta was able to track your browsing habits and link them to your real identity even if you never logged in on the web, used incognito mode or a VPN. I hope Meta gets hit with every fine in the book […]

An extremely welcome initiative from the 🇪🇺 #eu:

🔋Phone Batteries must retain 80% capacity after 800 cycles.

📱Phone makers must provide 5 years of updates,

🪛 are banned from discriminating against repair shops,

🔧 and must provide parts for 7 years after EOL

#EUpol #sustainability #tech […]

If you are in/around Edinburgh: I am presenting my PhD project at a RAD Lab Talk at the University of Edinburgh on 11 June! Should be applicable for all those working with/interested in IoT devices, law & technology, cybersecurity, etc. etc.

Title: Supply Chain Cybersecurity and the Law — […]