EU digital sovereignty project Gaia-X hands out ID tech contracts

Swiss, German and Indian companies ready the blockchain for Self-Sovereign Identity

The Gaia-X project has awarded work to a consortium including Vereign and DAASI International that takes it one step closer to realising Self Sovereign Identity technology.

A goal of Gaia-X is to reduce the dependency of European companies and governments on US technology providers via a federated European data infrastructure.

Just four months ago, French cloud hosting outfit Scaleway decided to leave the consortium, claiming: "Gaia-X as a construct is only reinforcing the status quo, which is that dominating players will keep dominating."

However, this week's award does not mention the likes of Microsoft or Amazon at all. Instead it is a German (DAASI International) and a Swiss (Vereign) firm that will be popping the code in GitLab for a personal credential manager, organisational credential manager and a trust services API. The first fruits are expected within six months and interested parties are encouraged to get involved during the development phase.

The work falls under the Gaia-X sub-project Gaia-X Federation Services (GXFS) and is aimed at strengthening the digital sovereignty of European users. And wouldn't you know it, it involves a blockchain and, with a certain inevitability, a digital wallet belonging to the user that contains the digital keys for service authentication.

"A decentralised identity is supposed to allow users more self-determination in regards to identity data by putting the user in charge of the storage and transfer of their data," said both Vereign and DAASI.

Vereign, whose name comes from "Verified" and "Sovereign", has form in the arena of verifiable credentials for emails. DAASI is a more than 20-year veteran in IT services, including identity management, access control and directory services for both public and private organisations.

Development, Vereign said, would begin this month and vowed that "basic code" would be available to the community via GitLab within six months. "Any progress will be publicly accessible," it added.

Interestingly, Vereign's and DAASI's statements on the matter fail to mention a third player in the Gaia-X SSI project: Pune-based AyanWorks. While dependency on US tech giants might be frowned upon, at least from a cloud perspective, it seems there is no problem with going elsewhere for one's sovereign identity technology needs. ®

Send us news

Yandex CEO Arkady Volozh resigns after being added to EU sanctions list

Russia's top tech CEO accused of material support to Moscow

Updated Arkady Volozh, CEO of Russia's biggest internet company Yandex, has resigned after being added to the European Union's list of individuals sanctioned as part of its response to the illegal invasion of Ukraine.

Yandex is an analogue of Google, having started as a search engine and then added numerous productivity, cloud, and social services. The company has since expanded into ride-sharing and e-commerce.

The European Union (EU) last Friday named Volozh and many others as part of its sixth round of sanctions against Russia.

Continue reading

ZTE intros 'cloud laptop' that draws just five watts of power

The catch: It hooks up to desktop-as-a-service and runs Android – so while it looks like a laptop ...

Chinese telecom equipment maker ZTE has announced what it claims is the first "cloud laptop" – an Android-powered device that the consumes just five watts and links to its cloud desktop-as-a-service.

Announced this week at the partially state-owned company's 2022 Cloud Network Ecosystem Summit, the machine – model W600D – measures 325mm × 215mm × 14 mm, weighs 1.1kg and includes a 14-inch HD display, full-size keyboard, HD camera, and Bluetooth and Wi-Fi connectivity. An unspecified eight-core processors drives it, and a 40.42 watt-hour battery is claimed to last for eight hours.

It seems the primary purpose of this thing is to access a cloud-hosted remote desktop in which you do all or most of your work. ZTE claimed its home-grown RAP protocol ensures these remote desktops will be usable even on connections of a mere 128Kbit/sec, or with latency of 300ms and packet loss of six percent. That's quite a brag.

Continue reading

Now Amazon debuts an AI programming assistant – CodeWhisperer

Did they get GitHub Copilot to write it?

Amazon at its re:Mars conference in Las Vegas on Thursday announced a preview of an automated programming assistance tool called CodeWhisperer.

Available to those who have obtained an invitation through the AWS IDE Toolkit, a plugin for code editors to assist with writing AWS applications, CodeWhisperer is Amazon's answer to GitHub Copilot, an AI (machine learning-based) code generation extension that entered general availability earlier this week.

In a blog post, Jeff Barr, chief evangelist for AWS, said the goal of CodeWhisperer is to make software developers more productive.

Continue reading

NSO claims 'more than 5' EU states use Pegasus spyware

And it's like, what ... 12, 13,000 total targets a year max, exec says

NSO Group told European lawmakers this week that "under 50" customers use its notorious Pegasus spyware, though these customers include "more than five" European Union member states.

The surveillance-ware maker's General Counsel Chaim Gelfand refused to answer specific questions about the company's customers during a European Parliament committee meeting on Thursday. 

Instead, he frequently repeated the company line that NSO exclusively sells its spyware to government agencies — not private companies or individuals — and only "for the purpose of preventing and investigating terrorism and other serious crimes."

Continue reading

'Universal processor' company Tachyum joins European HPC think tank

Still no closer to releasing timeline for its '128 exaflops' AI super, though – and no one's tested the chips yet

Tachyum, the outfit aiming to develop a "universal processor" for HPC and artificial intelligence workloads, has joined the European Technology Platform for High Performance Computing (ETP4HPC), a think-tank promoting European HPC research and innovation.

The Slovakian company put out an FPGA prototype last year, which we noted at the time is still a long way away from proving the company's bold claims.

The "Prodigy" chipmaker said it had been accepted as an associated SME member of ETP4HPC, an industry-led non-profit association set up to drive the economic and societal benefits of HPC for European science and industry. The organization counts Intel, HPE, Dell, Atos and Arm among its many members.

Continue reading

Oracle shrinks on-prem cloud offering in both size and cost

Now we can squeeze required boxes into a smaller datacenter footprint, says Big Red

Oracle has slimmed down its on-prem fully managed cloud offer to a smaller datacenter footprint for a sixth of the budget.

Snappily dubbed OCI Dedicated Region Cloud@Customer, the service was launched in 2020 and promised to run a private cloud inside a customer's datacenter, or one run by a third party. Paid for "as-a-service," the concept promised customers the flexibility of moving workloads seamlessly between the on-prem system and Oracle's public cloud for a $6 million annual fee and a minimum commitment of three years.

Big Red has now slashed the fee for a scaled-down version of its on-prem cloud to $1 million a year for a minimum period of four years.

Continue reading

Mega's unbreakable encryption proves to be anything but

Boffins devise five attacks to expose private files

Mega, the New Zealand-based file-sharing biz co-founded a decade ago by Kim Dotcom, promotes its "privacy by design" and user-controlled encryption keys to claim that data stored on Mega's servers can only be accessed by customers, even if its main system is taken over by law enforcement or others.

The design of the service, however, falls short of that promise thanks to poorly implemented encryption. Cryptography experts at ETH Zurich in Switzerland on Tuesday published a paper describing five possible attacks that can compromise the confidentiality of users' files.

The paper [PDF], titled "Mega: Malleable Encryption Goes Awry," by ETH cryptography researchers Matilda Backendal and Miro Haller, and computer science professor Kenneth Paterson, identifies "significant shortcomings in Mega’s cryptographic architecture" that allow Mega, or those able to mount a TLS MITM attack on Mega's client software, to access user files.

Continue reading

Lenovo, Barcelona Supercomputing Center sign joint research deal

Collab to 'generate significant returns' for Europe in science, tech, economy

Lenovo has inked an agreement with Spain's Barcelona Supercomputing Center for research and development work in various areas of supercomputer technology.

The move will see Lenovo invest $7 million over three years into priority sectors in high-performance computing (HPC) for Spain and the EU.

The agreement was signed this week at the Barcelona Supercomputing Center-National Supercomputing Center (BSC-CNS), and will see Lenovo and the BSC-CNS try to advance the use of supercomputers in precision medicine, the design and development of open-source European chips, and developing more sustainable supercomputers and datacenters.

Continue reading

HashiCorp tool sniffs out configuration drift

OK, which of those engineers tweaked the settings? When infrastructure shifts away from state defined by original code

HashiConf HashiCorp has kicked off its Amsterdam conference with a raft of product announcements, including a worthwhile look into infrastructure drift and a private beta for HCP Waypoint.

The first, currently in public beta, is called Drift Detection for Terraform Cloud, and is designed to keep an eye on the state of an organization's infrastructure and notify when changes occur.

Drift Detection is a useful thing, although an organization would be forgiven for thinking that buying into the infrastructure-as-code world of Terraform should mean everything should remain in the state it was when defined.

Continue reading

End of the road for biz living off free G Suite legacy edition

Firms accustomed to freebies miffed that web giant's largess doesn't last

After offering free G Suite apps for more than a decade, Google next week plans to discontinue its legacy service – which hasn't been offered to new customers since 2012 – and force business users to transition to a paid subscription for the service's successor, Google Workspace.

"For businesses, the G Suite legacy free edition will no longer be available after June 27, 2022," Google explains in its support document. "Your account will be automatically transitioned to a paid Google Workspace subscription where we continue to deliver new capabilities to help businesses transform the way they work."

Small business owners who have relied on the G Suite legacy free edition aren't thrilled that they will have to pay for Workspace or migrate to a rival like Microsoft, which happens to be actively encouraging defectors. As noted by The New York Times on Monday, the approaching deadline has elicited complaints from small firms that bet on Google's cloud productivity apps in the 2006-2012 period and have enjoyed the lack of billing since then.

Continue reading