An anonymous reader quotes a report from Heise: Pay securely with an Android smartphone, completely without Google services: This is the plan being developed by the newly founded industry consortium led by the German Volla Systeme GmbH. It is an open-source alternative to Google Play Integrity. This proprietary interface decides on Android smartphones with Google Play services whether banking, government, or wallet apps are allowed to run on a smartphone. Obstacles and tips for paying with an Android smartphone without official Google services have been highlighted by c't in a comprehensive article. The European industry consortium now wants to address some problems mentioned. To this end, the group, which includes Murena, which develops the hardened custom ROM /e/OS, Iode from France, and Apostrophy (Dot) from Switzerland, in addition to Volla, is developing a so-called "UnifiedAttestation" for Google-free mobile operating systems, primarily based on the Android Open-Source Project (AOSP). According to Volla, a European manufacturer and a leading manufacturer from Asia, as well as European foundations such as the German UBports Foundation, have also expressed interest in supporting it. Furthermore, developers and publishers of government apps from Scandinavia are examining the use of the new procedure as "first movers." In its announcement, Volla explains that Google provides app developers with an interface called Play Integrity, which checks whether an app is running on a device with specific security requirements. This primarily affects applications from "sensitive areas such as identity verification, banking, or digital wallets -- including apps from governments and public administrations". The company criticizes that the certification is exclusively offered for Google's own proprietary "Stock Android" but not for Android versions without Google services, such as /e/OS or similar custom ROMs. "Since this is closely intertwined with Google services and Google data centers, a structural dependency arises -- and for alternative operating systems, a de facto exclusion criterion," the company states. From the consortium's perspective, this also leads to a "security paradox," because "the check of trustworthiness is carried out by precisely that entity whose ecosystem is to be avoided at the same time". The UnifiedAttestation system is built around three main components: an "operating system service" that apps can call to check whether the device's OS meets required security standards, a decentralized validation service that verifies the OS certificate on a device without relying on a single central authority, and an open test suite used to evaluate and certify that a particular operating system works securely on a specific device model. "We don't want to centralize trust, but organize it transparently and publicly verifiable. When companies check competitors' products, we can strengthen that trust," says Dr. Jorg Wurzer, CEO of Volla Systeme GmbH and initiator of the consortium. The goal is to increase digital sovereignty and break free from the control of any one, single U.S. company, he says.

Read more of this story at Slashdot.

An anonymous reader shares a report: The European Parliament has disabled AI features on the work devices of lawmakers and their staff over cybersecurity and data protection concerns, according to an internal email seen by POLITICO. The chamber emailed its members on Monday to say it had disabled "built-in artificial intelligence features" on corporate tablets after its IT department assessed it couldn't guarantee the security of the tools' data. "Some of these features use cloud services to carry out tasks that could be handled locally, sending data off the device," the Parliament's e-MEP tech support desk said in the email. "As these features continue to evolve and become available on more devices, the full extent of data shared with service providers is still being assessed. Until this is fully clarified, it is considered safer to keep such features disabled."

Read more of this story at Slashdot.

Europe risks undermining its own competitiveness drive by restricting access to foreign technology, Google's president of global affairs and chief legal officer Kent Walker told the Financial Times, as Brussels accelerates efforts to reduce reliance on U.S. tech giants. Walker said the EU faces a "competitive paradox" as it seeks to spur growth while restricting the technologies needed to achieve that goal. He warned against erecting walls that make it harder to use some of the best technology in the world, especially as it advances quickly. EU leaders gathered Thursday for a summit in Belgium focused on increasing European competitiveness in a more volatile global economy. Europe's digital sovereignty push gained momentum in recent months, driven by fears that President Donald Trump's foreign policy could force a tech decoupling.

Read more of this story at Slashdot.

The European Commission is preparing to trial a communications platform built on Matrix, the open source messaging protocol already used by the French government, German healthcare providers and European armed forces, as a sovereign backup to Microsoft Teams. Signal currently serves as the backup tool but has proven too inflexible for an organization the Commission's size, it said. The Matrix-based solution could also eventually connect the Commission to other EU bodies like the Parliament.

Read more of this story at Slashdot.

The EU "has switched on parts of its homegrown secure satellite communications network for the first time," reports Bloomberg, calling it part of a €10.6 billion push to "wean itself off US support amid growing tensions." SpaceNews notes the new government program GOVSATCOM pools capacity from eight already on-oribit satellites from France, Spain, Italy, Greece and Luxembourg — both national and commercial. And they cite this prediction by EU Defense and Space Commissioner Andrius Kubilius. The program could expand by 2027. "All member states can now have access to sovereign satellite communications — military and government, secure and resilient, built in Europe, operated in Europe, and under European control," [Kubilius said during his opening remarks at the European Space Conference]... Beginning in 2029, GOVSATCOM is expected to integrate with the 290 satellites in the Infrastructure for Resilience, Interconnectivity and Security by Satellite constellation, known as IRIS2, and be fully operational... "The goal is connectivity and security for all of Europe — guaranteed access for all member states and full European control."

Read more of this story at Slashdot.