92 is half of 99

News from KW45.2025

First week of November is through, time for the news review, the Wews of the week 02.11-09.11.2025 (KW 45-2025). As always, my nine articles, prepared with a little opinion and one or the other link. Have fun!

E-recipe 2026 | EU spyware | TrueNAS 25.10 | RAM, SSD, HDD | Data leakage | Bitlocker | Vodafone peering | Cisco attacks | ChatGPT leaks data

Article 1

Is there a threat of digital chaos? Tens of thousands of practices will soon have to return to the paper recipe

Due to an imminent change in encryption technology, the Federal Association of Statutory Health Insurance Physicians (KBV) Alerts and warns of an Massive setback in the digitalization of healthcare.

The problem: By the end of 2025, the old RSA-2048 encryption under the Telematics Infrastructure (TI) through the more modern Elliptic Curve Cryptography (ECC) replaced. This is a Requirement of the Federal Network Agency (BNetzA).

The bottleneck: According to KBV and Gematik, 50,000 Electronic Health Professional Cards (eHBA) for doctors and pharmacists as well as numerous practice cards, card terminals and connectors not yet exchanged. Despite the high level of operation at the providers, the complete exchange can probably not be completed by the turn of the year. Making it harder to come Reports on production and application problems in the case of individual service providers.

The danger: If the deadline is not extended, Tens of thousands of practices As of January 2026, the TI will no longer be actively used. As a result, important digital processes such as exhibiting E-recipes, electronic incapacity for work certificates (eAUs) and electronic medical letters would no longer be possible. The doctors would have to switch to analogous procedures – i.e. back to the Paper recipe.

The demand: KBV sent a letter to BNetzA and Extension of deadline requested. The RSA-based eHBAs would have to continue to be approved for qualified electronic signatures for a transitional period, ideally until mid-2026, in order to avoid digital chaos and serious consequences for patient care. So far, however, the Gematik maintains the original roadmap and refers to safety requirements.

Article 2

The dark side of promotion: Brussels grants funding to spyware manufacturers

In a disturbing development, the European Commission publicly acknowledges that: Substantial EU funds companies that manufacture surveillance software (so-called spyware). After Research by Follow the Money These funds came from EU programmes such as the European Defence Fund and from national governments in Italy and Spain.

The core of the problem:

  • The Commission confirmed that significant amounts from various EU programmes, including research projects and innovation funds, were used indirectly or directly to finance companies active in the production of surveillance technology.
  • This revelation is in the context of reports of the misuse of such spyware in some EU Member States and beyond to spy on Journalists, oppositionists and civil rights activists was used.

The reaction from Brussels:

  • In direct response to the criticism and internal revelations, the EU Commission announced that it would take immediate action.
  • She wants them Stop funding and terminate all contracts with spyware manufacturers that have a "serious professional misconduct" guilty.

The Affair raises serious questions about the EU's internal audit mechanisms and how funds intended to support research and innovation could be channelled into technology that Fundamental rights and democracy in Europe at risk.

Article 3

TrueNAS 25.10 ‘Goldeye’: High-speed storage and a turbo for the infrastructure!

The storage specialist iXsystems has TrueNAS 25.10 ‘Goldeye’ Released the second pure GNU/Linux-based version of its popular NAS operating system, delivering impressive speed and feature updates.

The highlight: NVMe-oF for super-fast network connectivity

The most notable innovation is support for NVMe-oF (NVMe over Fabrics). This protocol standard extends the extremely high performance and low latency of NVMe SSDs beyond the local PCIe network into distributed storage architectures.

  • What does that mean? It allows TrueNAS to directly access very large and fast NVMe arrays on the network, comparable to iSCSI, but with the speed of NVMe.
  • RDMA advantage: Enterprise customers can use ‘turbo mode’ with RDMA-enabled network cards. This direct memory access bypasses the CPU and the kernel, resulting in extremely low latencies and maximum data throughput.
  • Community edition: The free version supports NVMe-oF over the standard network protocol TCP/IP (NVMe-oF/TCP), which means slightly higher latencies, but works with all conventional network cards.

More speed and efficiency under the hood

However, TrueNAS 25.10 brings other significant improvements:

Latest OpenZFS: The version will be with OpenZFS 2.3.4 delivered. Revised algorithms for storage pool allocation ensure better data distribution to the drives. The result: Faster writes and more consistent performance, especially under load.

Faster API: The old REST API was created by a Versioned TrueNAS API on the basis of JSON-RPC 2.0 via WebSocket replaced. This allows for significantly faster and more responsive communication and this is also an advantage for the web interface and integrations such as Kubernetes, VMware vSphere and Proxmox VE.

    Other important innovations

    • VM improvements: Support for Secure boot and the simplified import/export of disk images (QCOW2, VMDK, etc.) make working with virtual machines easier. Enterprise customers also receive HA failover for KVM-based VMs.
    • Risk profiles for updates: The new update system allows users to choose between different risk profiles (Early adopter, general, mission critical) to better control the balance between stability and latest features.
    • Optimized surface: The web interface has been designed with an More intuitive iSCSI wizards, an advanced apps YAML editor and faster-responsive system statistics made more user-friendly.

    Conclusion: TrueNAS 25.10 is a mandatory update for anyone in the world of storage after maximum speed and better performance search. The integration of NVMe-oF makes TrueNAS an even more powerful tool in modern, scalable data centers.

    Article 4

    Rising costs for PC: RAM prices are skyrocketing!

    The fears of market observers have now become a reality in Europe: The selling prices for Memory (RAM), SSD and also HDD Rise noticeably.

    • Price increase: Both DDR5 as well as DDR4 memory modules In recent weeks, there have been drastic price increases. For example, a 16 GB DDR5-5600 bar now costs significantly more than in the summer.
    • Main cause: The AI boom: The enormous demand for high-performance storage such as HBM (High Bandwidth Memory) and LPDDR5X for AI servers, the three dominant chip manufacturers (Samsung, SK Hynix, Micron) are switching production capacities.
    • Follow-up: The availability Standard DDR4 and DDR5 chips for normal PCs and notebooks are falling, driving up prices.
    • Prospects: See market observers No imminent relaxation on the storage market as long as the AI boom continues.

    Detailed analysis and further background: Do you want to know exactly why the AI hype affects desktop PC prices and what about SSDs and hard drives? Read all the details in the detailed blog entry:

    Why RAM, SSDs and hard drives are getting expensive again – The background

    Article 5

    Giant data leak alarm: 1.3 billion new passwords at HIBP

    The operator of the popular security service Have I Been Pwned (HIBP), Troy Hunt, has a massive supplement to the password database announced: 1.3 billion unique passwords have been added to the collection.

    • Origin of data: The passwords come from the so-called “synthient” collection, the openly accessible data, often from Infostealer attacks – aggregated. Infostealers are Trojans that record and forward access data during the login process.
    • Massive scope: The collection contains a total of around 2 billion unique email addresses and now 1.3 billion passwords. Of which: 625 million passwords unknown in the HIBP database.
    • The risk: Credential stuffing: Attackers use such huge password collections for so-called Credential stuffingattacks. They test the stolen combinations on other services, as many users use the same passwords multiple times.
    • Relevance: The analysis of the data shows that the collection is both current as well as very old passwords that have not been used for a long time contains. Despite their age, these old passwords can be successful on services that haven't been updated in years.

    Security check: Users can on a special HIBP website check if their email address or passwords used have appeared in a data leak and should immediately change critical passwords in case of doubt.

    Article 6

    Be careful after the patch day: Windows updates can trigger BitLocker

    Microsoft has A well-known problem with them October Patchday Windows Security Updates conceded, This can be annoying for some users.

    • The problem: After the updates have been installed (published on or after 14 October 2025, e.g. KB5066835), the reboot of the PC may result in the BitLocker Recovery It starts.
    • Devices concerned: The problem is a priority, according to Microsoft. Intel-based devices who performs the function Connected standby support.
    • Systems concerned: All supported client operating systems are affected (Windows 10 22H2 and Windows 11 versions 22H2, 23H2, 24H2 and 25H2).
    • Solution (one-off): After entering the BitLocker recovery key, the device restarts normally and should not display any further prompts.
    • Remedy for admins: Microsoft offers a Known Issues Rollback (KIR), a type of partial uninstallation of the updates that admins can request through Microsoft support.

    Important for users: Make sure that you have the BitLocker Recovery Key Have it handy or that it is stored in your Microsoft account.

    Especially with home versions, BitLocker is often active unnoticed, and without the key, the Loss of access to the encrypted data.

    Article 7

    Network policy: Vodafone leaves public Internet node

    In a landmark decision, Vodafone Germany is withdrawing from public peering at central Internet nodes such as DE-CIX.

    The strategy: Vodafone terminates the direct, mostly cost-neutral data exchange with many smaller network operators.

    The new partner: The entire public peering will instead be transferred to the Berlin provider. Inter.link outsourced and accounted for by it.

    Consequence: In doing so, Vodafone aims to provide access to its network. monetize. Experts see the danger of higher latencies and bottlenecks for end customers as traffic is now being redirected.

    Vodafone leaves public Internet nodes: End of Public Peering in Germany

    In this far-reaching strategic decision, Vodafone Germany withdraws from the Public peering at central Internet nodes such as the DE-CIX (Frankfurt) back.

    What is peering? Peering is the direct and mostly cost-neutral exchange of data between different network operators (ISPs) at neutral Internet nodes. This is the basis for a fast and efficient data flow on the Internet.

    The withdrawal: Vodafone ends the so-called Public peering – the merger with many small and medium-sized network operators.

    The new way: Instead, Vodafone stores the entire public peering to the Berlin IP transit and peering provider Inter.link Now he becomes an exclusive partner. Inter.link will take over and bill the data exchange for Vodafone.

    Impact:

    Monetisation: Vodafone is thus following a trend that is already being followed by other major providers (such as Deutsche Telekom): Access to your own network monetized Instead of exchanging data on an equal and cost-neutral basis.

    Customers: Experts fear that this strategy will potentially disrupt the Internet for end customers. slower or unreliable This could be done because the data no longer takes the direct, optimized route via the central nodes, but is instead routed via an intermediary, which can lead to higher latencies or bottlenecks.

    Private peering remains: The direct, fee-based mergers (Private peering), in particular with hyperscalers such as Google, Amazon or Microsoft, Vodafone continues.

    This step marks a significant change in the way a large German telecommunications provider handles data traffic on the Internet.

    My position on this: Vodafone's Peering Decision Is a Dangerous Precedent for Net Neutrality

    Vodafone's decision to end public peering at nodes like the DE-CIX and instead handle all traffic through its exclusive partner Inter.link is, in my view, extremely problematic and a clear step away from the principles of a free and open Internet.

    Concerns are not only justified, they reflect the greatest danger What this strategic change entails: the Monetization of data flow at the expense of users and smaller content providers.

    The logic behind the step: Money and Power

    You got it right: The main motivation is the neutral, cost-neutral exchange of data through a Commercial model to replace.

    • Aim for the big ones (hyperscalers): First and foremost, Vodafone (like Telekom before) targets the major traffic generators (YouTube, Netflix, Meta). By ending public peering, they are forcing these giants to enter into more expensive private peering agreements or to use Inter.link’s new commercial tariffs.
    • Attention: The traffic of hyperscalers has often been handled by private lines before, but the decision increases the pressure on them to pay for every data exchange.

    The danger for business customers and private server operators (maybe also your situation?)

    Worry as the operator of your own server, which is on FTTH upload is instructed, are also absolutely accurate. This is the aspect of the decision that Net neutrality The most threatened in Germany:

    • New entry barrier: With Inter.link as an intermediate layer, a new Commercial bottleneck. Vodafone or Inter.link could now introduce tariffs that treat any telecom, O2 or 1&1 user accessing your server as ‘foreign’ traffic.
    • Cost accounting (game server): Worrying that we will suddenly Map download traffic Paying because the majority of players are not on the Vodafone network is real. What is still a hobby server today could become an unexpected cost factor tomorrow.
    • SME example (instruction videos): The example with the instructional videos for small and medium-sized enterprises (SMEs) is also perfect. A company that deliberately relies on an on-premise server to retain data sovereignty or avoid advertising could over time find that the supposedly cheap upload via the booked FTTH line through the now collected peering fees massively more expensive will.

    Conclusion on the danger: ‘You don’t have to, but you can.’ That is the point. The Technical possibility is now created. Whether Vodafone actually uses this power to ask small business customers or server operators to check out is still open. However, the whole structure aims to: each Traffic exchange with other networks price to give.

    Overall impact: The end of neutrality?

    A neutral Internet node like the DE-CIX is a place where all networks are treated equally. Vodafone breaks with this principle.

    • Data path control: Vodafone can now control which way the traffic takes. If Inter.link's connection to another network is not optimal (or deliberately throttled to promote private peering sales), The quality suffers the end customer.
    • Analogous to Telecom: Deutsche Telekom has raised criticism in the past with similar commercial peering strategies. Vodafone follows this example, whereby the German network infrastructure as a whole Commercially oriented and potentially less efficient will.

    Personal assessment: From the user's point of view, this decision is a regression. It undermines the principle of equal internet access and opens the door to higher costs and poorer service quality, especially for innovative small businesses and private server operators who have so far been able to rely on the fair infrastructure of public peering.

    Article 8

    Critical alarm at Cisco: New attacks on thousands of vulnerable firewalls

    Despite patches that have been available for weeks, there is an acute security risk with Cisco firewalls. Attackers have found new methods, to exploit the known vulnerabilities.

    The problem: Three critical vulnerabilities in the Cisco ASA and FTD Firewalls have been known since the end of September, But thousands of devices worldwide are still not updated.

    Specifically, there are three security gaps:
    CVE-2025-20333 | CVE-2025-20363 | CVE-2025-20362

    New ways of attack: Cisco had to update its warning, Attackers have discovered new variants to exploit two of the three vulnerabilities.

    The consequences of the attacks: The new cyberattacks are aimed at the VPN component firewalls and can lead to an unexpected restart of the devices – which is a Denial-of-Service (DoS)-Situation and affects network stability.

    Affected in Germany: The latest figures from the Shadowserver Foundation show a terrifying inertia: More than 1,100 Cisco firewalls in Germany They are still publicly accessible and therefore vulnerable. The admins haven't patched even half of the affected devices since the beginning of October. ⁇

    Urgent recommendation: Become an IT manager emphatically prompted to install the available security updates immediately. The main gaps allow authenticated (or sometimes even unregistered) attackers to: any code firewalls, so the risk is ‘critical’ is classified.

    Article 9

    Data protection faux pas: Did private ChatGPT prompts appear in Google Search Console?

    One Disturbing report by tech analysts suggests that the AI manufacturer OpenAI may private ChatGPT prompts unprotected forwarded to Google search.

    The discovery: Experts found in the Google Search Console (GSC) of website operators search queries that were not as usual short, but as complete, partly very personal ChatGPT prompts were formulated.

    The suspected error: It is believed that a bug in ChatGPT caused the model to Total, often long prompt as a search query to Google, instead of breaking it down into short, relevant keywords. Normally, this process would not appear in the GSC, indicating direct and unprotected forwarding.

    The response of OpenAI: OpenAI did not directly confirm the problem, But he said he was aware of it and "temporary errors" fixed the issue concerning the forwarding of searches for ‘a very small number’ of queries.

    The consequence: If the prompts had actually been forwarded in this way, they would not only have landed on Google, but also in the GSC entries of various website operators that were relevant to the search query. This underlines once again that users No sensitive information should enter in AI tools.

    Finally, let's get back to a security tip from Sun-Tsu for this week: ‘He whose heart and mind are prepared will win.’

    Meaning: Training and awareness-raising of employees (the ‘human element’) is the basis for any defence. Even the best technology fails when people act carelessly.

    Stephan
    |
    | | | | | | |
    to the top | homepage | to search