28 Mar 2024
Feisty Duck’s Cryptography & Security Newsletter is a periodic dispatch bringing you commentary and news surrounding cryptography, security, privacy, SSL/TLS, and PKI. It's designed to keep you informed about the latest developments in this space. Enjoyed every month by more than 50,000 subscribers. Written by Ivan Ristić and Robert Thornton.
Originally conceived in 2022, the European Union’s Digital Markets Act (DMA) entered into force on March 7, 2024. The first six designated gatekeepers—dominant companies in key digital markets—must now comply with their obligations. From now on, Apple, Alphabet, Meta, Amazon, Microsoft, and ByteDance will be under close scrutiny designed to prevent them from abusing their platforms.
The scrutiny is certain; it took only eighteen days for the European Commission to start noncompliance investigations against Alphabet, Apple, and Meta. Amazon is also being scrutinized.
Several of these gatekeepers recently made announcements designed to increase compliance with the DMA and make them smaller targets. Amazon, for example, announced that it will waive the bandwidth charges incurred by customers leaving AWS. Meta specifically cited the DMA when it announced its WhatsApp and Messenger interoperability programs. Google announced its compliance efforts via a blog post, and so did and ByteDance.
Apple’s changes, announced in January, were met with criticism that they make things worse, rather than better, that these measures are designed to make the company technically compliant while making it difficult to impossible for developers to use their DMA rights. There was also a lot of drama surrounding Apple’s decision to kill off web apps in the EU, a decision the company later reversed. Apple is now in the hot seat in two locations: on March 21, the US Department of Justice filed an antitrust lawsuit against the company.
This subscription is just for the newsletter; we won't send you anything else.
Here are some things that caught our attention since the previous newsletter:
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 2,000 students who have benefited from more than a decade of deep TLS and PKI expertise.