We've had #offshoring... then #reshoring (the return of functions previously offshored) & now we have 'friendshoring' - the location of #supplychain nodes in politically friendly countries (allies).
As firms try to shift supply chains (or at least diversify them) to minimise geopolitical #risk we can expect to see the reinforcement of economic blocs in parallel to alliance-formations.
Whether this will raise costs (as European Central Bank warns) & (re)stoke #inflation remains to be seen
Just downloading some updates and checking #SHA hashes, like you do. Insofar as people actually bother, I wonder how many people just look at the first few digits and the last few digits and call it a day. Which raises a question: has anyone ever explored the idea of hash "partial" collisions in a crypto context? I.e. if the first and last 8 hex digits are the same, but the middle could differ. Might be a useful thing for some attackers trying to deposit nasty things in public repositories. #Malware#HashCollisions#Cryptography#Software#InfoSec#SupplyChain
Während die #EU vermutlich noch jahrzehntelang sich in missglückte Cloud-Versuche verheddert (#GAIAX) und zögerlich mit vernünftigen und raschen Schritten in Richtung eigener #Hardware-Entwicklung dahindümpelt, machen die Chinesen schon längst Nägel mit Köpfen, wenn auch noch nicht auf Niveau der USA:
meanwhile in Central America, the #elnino weather system has caused significant draughts & as a result has limited the capacity of the #panama ship canal... watch out for the associated #supplychain disruption as shipments are slowed or re-directed.
Already shipping rates are rising as vessels are tied up in long queues to get through the canal.... the Q. is, if & when this feed through into consumer prices?
Or has the move to 'reshoring' lessened Europe's exposure to such disruption?
We continue to see #malware#python packages published to #pypi. Over the last few days we've been tracking a series of #software packages purporting to help with internationalization.
Google Pixel 8 gets 7 years of guaranteed software updates (Security Fixes + Feature Drops)
What kept them from working eWaste and obsolescence problem apparently were supply chain issues because someone downstream does not want to support their perfectly working hardware with new software
Google Pixel 8 gets 7 years of guaranteed software updates (Security Fixes + Feature Drops)
What kept them from working eWaste and obsolescence problem apparently were supply chain issues because someone downstream does not want to support their perfectly working hardware with new software
🌲 How compliant is your supply chain with the new EU Deforestation Regulation?
In this #DigitalSupplyChain episode LiveEO Co-CEO Sven Przywarra sheds light on its implications for business continuity, and more!
If & this is a big if, the causes of #inflation in the Uk are now in part the pressure brought by #workers finally getting nearer to catching up with the drop in their real #wages caused by inflation, the BoE may find they are the boys (and girls) who cried wolf.
When inflation was being imported through the #energycrisis, #supplychain issues & the continuing cost impact of #Brexit, they blamed #wages (wrongly), but now wages may be partly contributing to #inflation, no-one will believe them!
At the far end (for many goods) in #China, there is currently ongoing #deflation in factory gate prices;
But, at least presently, it would seem that #profits at various stages in supply chains (as well as regulatory costs inc. #taxes), are swallowing up any extra margin(s) that might be caused by such deflation.
So, it real wages are lagging #inflation, taxes are stable & its not the Chinese suppliers, whose pushing up prices?
Long the exemplar of continued European industrial success, the impact of increased #energy costs alongside disruptions of the #supplychain & #workers availability prompted by #Covid have led to increasing gloom & pessimism across Germany's #manufacturing sector.
As one Mittlestand owner put it (to the FT): 'I don’t want to talk ill of Germany, but it feels like everything is a bit tired here'!
Perhaps the economic pendulum is once again swinging against the country?
New update for Security Developer-in-Residence. Lots of news on "Truststore" 🥳 Overall, bit of a shorter weekly update for last week from all the background work and holidays.
Certainly #Tesla has made massive inroads into the high-end market (& has plans for the lower-cost range) as have other brands, but overall China's lead currently looks to continue for some time.
If you wanted a demonstration of how long-term industrial strategy & policy focus work, this would be it!
Reading this new #NIST#SupplyChain doc and it has a vicious circle/egg problem. Lots of tooling will need to be built that consumes open source upstream that... won't do these things until tooling is built. There's one way to crack that cycle, of course—money. Almost certainly will be an example of (un?)funded mandates in Tidelift's ONCD RFI response.