– The characteristics of the Vitale card on mobile specified. The “apCV” application, which has already been tested in several departments, should be generalized in 2023. In the Official Gazette of December 28, a decree was published regarding “inter-regime electronic means of identification referred to in article L. 161-31 and L 161 -33 of the Social Security Act”. As indicated by the Cnil requested for an opinion (also published in the process), this text defines “the characteristics, the procedures for issuing, using and deactivating the means of electronic identification of policyholders and professionals and health institutions” . One of the most sensitive issues around biometric data (including video recognition) for identity verification. The CNIL wants the use of this process to be limited. It also details the retention period of this biometric data (96 hours). It should also be noted that The CNIL will be aware of the app’s security methods, the use of two-factor authentication for the healthcare staff, the hosting of the data processing with a qualified right service provider SecNumCloud and transfer of data outside the European Union.
– Huawei remains strong in 2022. Despite the US sanctions, the Chinese group predicts improved results for the year 2022. It shared some figures such as the revenue that should reach 91.53 billion dollars, a small increase compared to 2021. This result is, nevertheless, far from the 2019 record of revenues of 122 billion dollars. Network and cloud activities contribute to the good results of the overall results. Huawei is now turning to other sectors such as electric cars and renewable energy.
– Google Home in spy mode. Matt Kunze, a security researcher, pocketed a nearly $110,000 bounty for finding a flaw in Google’s mini cabinet. With this bug, he was able to install a hidden account that was able to remotely control the device and of course spy on chats. The vulnerability was discovered at the end of 2021, but the researcher waited almost a year before revealing the technical elements of his hack. He put on GitHub, three PoC that exploited this breach.