The EU's Pursuit of Digital Sovereignty

00:00

once again Europe proves that their

00:02

governments are Oho very based when it

00:05

comes to open-source software the other

00:08

day I read about how Switzerland is

00:10

going to start to require all of the

00:13

software that is used within their

00:15

federal government to be open source and

00:19

this post reminded me about the German

00:21

state of shellwick Holstein which I'm

00:24

sure I totally pronounced wrong but

00:27

hopefully we'll get a correction in the

00:28

comments section from every single

00:30

German on the internet since of course

00:32

Germany was mentioned but anyway this

00:35

state also began a similar project where

00:38

earlier this year they started migrating

00:42

30,000 PCS that are being used in

00:45

different areas of the government from

00:48

Microsoft Office and Microsoft Windows

00:51

to Libre office and ganu Linux they're

00:56

also going to be using nexcloud to

00:59

replace their dependence on Microsoft

01:01

SharePoint and open Exchange in tandem

01:05

with Thunderbird to get away from using

01:08

Microsoft Exchange and Outlook there's

01:11

also plans in place to use or develop an

01:16

open-source replacement for active

01:18

directory and an open-source telepan

01:21

solution I really hope they do end up

01:24

developing some new software I mean

01:26

imagine your tax dollars going towards

01:29

develop in something that you could

01:31

actually use yourself instead of your

01:34

tax money just indirectly increasing

01:37

Microsoft's market cap to the point that

01:39

Microsoft is worth almost 34s of your

01:42

entire country's GDP now in the post

01:45

that was made about this migration to

01:48

the German Minister's homepage the

01:51

decision is being described as in favor

01:55

of Independence

01:56

sustainability and security and it's

02:00

also being described as the first step

02:04

towards complete digital sovereignty of

02:08

the country and further steps are going

02:10

to follow digital sovereignty is really

02:13

something that more people and more

02:16

governments should be aiming for

02:18

especially in lie of the crowd strike

02:21

bug that caused 8.5 million computers in

02:25

counting around the world to crash that

02:28

incident simp simply came from so many

02:32

corporations trusting a third party to

02:35

do their information security for them

02:38

by installing a security appliance that

02:41

hooked into the kernel of the Windows

02:43

operating system and when that security

02:46

Appliance failed the whole konel went

02:48

with it but the Windows operating system

02:51

itself can also be seen as a third-party

02:55

tool that so many governments and people

02:58

are relying on only Microsoft really

03:01

knows the inner workings of windows at a

03:03

source code level and even then I'm not

03:06

fully convinced that they know what's

03:08

going on either just read some of the

03:10

support posts on Microsoft's website to

03:12

get an idea of what they know but even

03:15

if Microsoft was a more competent

03:18

company and windows was a less awful OS

03:22

it still doesn't make much sense for any

03:25

government much less the Swiss or German

03:28

government to put their trust in it I

03:31

mean maybe the use of Windows here in

03:33

the United States isn't perceived as

03:35

badly by people since Microsoft is a US

03:38

company and I guess our government could

03:41

retaliate against Microsoft much more

03:43

easily if they did do something

03:45

malicious but even if Uncle Sam hung

03:49

Microsoft Executives high for treason in

03:52

this hypothetical scenario it still

03:55

wouldn't undo all of the damage that was

03:57

done and of course even with open-

04:00

Source software there needs to be

04:02

auditing done to the software that's

04:04

used in order to avoid another XZ Fiasco

04:07

from happening and if the government is

04:10

participating in this security auditing

04:12

which by the way would be the best way

04:14

for them to actually increase the

04:16

digital security of their people instead

04:19

of just trying to pass laws that ban

04:21

encryption under the guise that it's for

04:23

their own protection uh that would be a

04:26

huge benefit to the governments the

04:29

corporations

04:30

and to the people who are using this

04:32

software the world over I'm really glad

04:35

that more countries are at least

04:37

starting to go down the open source

04:40

route it's also a really excellent

04:43

contingency plan if you think about it

04:46

in case a big tech company just decides

04:48

to not comply with the new European Tech

04:51

laws because imagine being in a

04:54

situation where you work for a European

04:57

government and you're trying to tell

04:58

Microsoft to pay a fine and then your

05:02

very next request is for them to give

05:04

you some tech support with your Exchange

05:06

Server that's having problems you know I

05:09

really hope more countries follow suit

05:11

with this and since there is a huge

05:13

shift in software that's taking place in

05:17

Germany and Switzerland along with plans

05:19

to potentially develop some new

05:21

open-source software I'm sure that these

05:24

changes are also going to bring in new

05:27

local tech jobs in Germany Switzerland

05:31

and elsewhere that goes open source and

05:34

I'd also Imagine a lot more money could

05:37

be saved by the country by not buying

05:41

licenses from Microsoft for Windows and

05:44

all their other products or having to

05:46

rely on local Microsoft establishments

05:50

in Germany for support which I'm sure

05:52

the results of those local

05:54

establishments is money trickling its

05:56

way up to Microsoft in America for the

06:00

most part but one thing these European

06:02

governments need to be very careful

06:04

about is who exactly they are hiring so

06:09

I read this other bit of tech news today

06:11

about how a company called No

06:15

before discovered that one of their

06:17

newly hired remote workers was actually

06:21

a North Korean hacker apparently the

06:25

remote employee tried to load malware

06:28

onto his company issued Mac with a

06:30

Raspberry Pi and no before was able to

06:33

detect this attempted breach via the Max

06:37

on board security software the company's

06:40

security team then contacted the

06:42

employee to figure out what was going on

06:45

how on Earth did you manage to get your

06:48

company issued Mac hacked on day one and

06:51

the employee just tried to play it off

06:54

by saying that he was troubleshooting

06:55

speed issues on his router and that that

06:58

might have been the source of these

07:00

security alerts they got but the

07:02

security team wasn't buying the BS they

07:04

tried to get the employee on a call so

07:06

that he could better explain what's

07:07

going on the employee said he was

07:09

unavailable and about 20 minutes later

07:12

the employee just stopped responding

07:14

altogether which prompted the security

07:16

team to quarantine his laptop now when I

07:20

first heard about this I was really

07:23

intrigued and curious about the

07:25

logistics so it turns out North Korea

07:29

has thousands of people that they train

07:32

to infiltrate companies in governments

07:36

in this way by becoming a remote

07:38

employee and the whole time they're

07:40

working there they're sending their

07:42

paychecks or at least most of their

07:44

paychecks to the North Korean government

07:46

so I guess these companies are

07:48

unknowingly funding the North Korean

07:49

government and the hackers are also

07:54

physically in North Korea most of the

07:56

time what they do is they VPN into what

08:00

no before is calling an IT mule laptop

08:03

farm and these Farms are located in the

08:06

US or other friendly regions this is

08:09

where the laptop originally gets sent to

08:11

and it's probably also where these

08:13

hackers are claiming is their place of

08:15

residents and while the legit employees

08:18

are working in the mornings here in

08:21

America these North Korean hackers are

08:24

working a night shift in North Korea to

08:27

make it appear like they really are at

08:30

the laptop Farm in that time zone doing

08:33

legit work but here's the real kicker

08:37

the hacker in this case used a stolen

08:40

us-based identity in order to get the

08:44

job and the hacker used an AI face swap

08:48

tool to put their face on the body of

08:52

this stock image of a white guy wearing

08:55

a suit now obviously hindsight is 2020

09:00

you know it's easy for me to sit here

09:02

and say that this guy's neck doesn't

09:05

quite match his face and that's a bit of

09:07

a red flag right there or to point out

09:10

that even if you run the fake picture in

09:14

yandex's reverse image search you get

09:17

results for the original stock image

09:20

because they're both very very similar

09:23

and when you look at the stock image and

09:25

the face swap one that the hacker put on

09:27

their application side by side

09:30

it immediately becomes apparent that

09:32

there's some Shenanigans taking place

09:35

but the HR team at no before conducted

09:39

four separate video conference

09:42

interviews with this hacker in order to

09:45

confirmed their identity and they still

09:47

hired him it's very tricky to catch this

09:51

kind of infiltration with remote

09:53

employees and it's really only going to

09:55

get harder as AI Tech gets better in

09:58

fact I would bet that if the North

10:01

Koreans would have used an AI generated

10:04

photo for the face swap from a site like

10:07

this person does not exist.com instead

10:10

of a very common very generic stock

10:13

photo then they would have even defeated

10:16

my reverse image search check Europe is

10:19

slowly walking down the long road of

10:22

free and open-source software towards

10:25

true digital sovereignty and I hope they

10:28

avoid the many detours that point back

10:31

to the cyberpunk dystopia along the way

10:34

if you enjoyed this video please like

10:36

and share it to hack the algorithm and

10:38

check out my online store base. win

10:41

where you can get awesome merch like the

10:42

come and find it or little Damon

10:44

t-shirts and save 10% storewide when you

10:48

pay in Monero XMR at checkout have a

10:51

great rest of your day