June so far:
🇬🇧 UK announced ID checks at device level.
🇨🇦 Canada announced it's joining the social media ban.
🇮🇳 India banned Telegram.
🇪🇺 EU claimed its age verification cannot be bypassed by VPN.
🏛️ Council of Europe breached. 297 GB gone.
Italy said none of this will work.
So far Italy is the only one that's right.
MICROSOFT IGNORED HIM. NOW YOUR PC PAYS FOR IT
One researcher reported a critical Defender vulnerability privately. Microsoft dismissed it. So he published it - then dropped 2 more in 13 days.
The latest is called RedSun. It's unpatched. It works 100% reliably on Windows 10, 11 and Server right now.
It doesn't bypass your antivirus. It uses your antivirus as a weapon.
Defender tries to restore a flagged file - the exploit redirects that write into C:\Windows\System32. No admin. No popup. SYSTEM access in seconds.
-> BlueHammer - patched
-> UnDefend - breaks Defender updates forever
-> RedSun - unpatched, public PoC on GitHub
His message to Microsoft: "I was not bluffing. And I'm doing it again."
RCE is reportedly next. That one needs zero physical access.
Hacking the #EU#AgeVerification app in under 2 minutes.
During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory.
1. It shouldn't be encrypted at all - that's a really poor design.
2. It's not cryptographically tied to the vault which contains the identity data.
So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app.
After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid.
Other issues:
1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying.
2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step.
Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.
I spoke to Anthropic’s AI agent Claude about AI collecting massive amounts of personal data and how that information is being used to violate our privacy rights.
What an AI agent says about the dangers of AI is shocking and should wake us up.
GrapheneOS will remain usable by anyone around the world without requiring personal information, identification or an account. GrapheneOS and our services will remain available internationally. If GrapheneOS devices can't be sold in a region due to their regulations, so be it.
Announcement: our TEE/ZK/MPC privacy email service is will be called Iron Mail.
Our current estimate for a release date is start of Q3 2026 (roughly a 4 month development time).
If you read the article below, and comment we'll award you with a perk (read on).
A lot of people boldly claim "SMTP is old, therefore privacy is impossible". That's fair, if you say it with an open mind. What is also true is that multi-party computation and zero-knowledge proofs have come a long way, and so has TEEs.
By utilizing a novel stack of these technologies (a stack we call IRON), we can ensure that even if served with a subpeona, we cannot capture data while at rest, while in transit (both inbound and outbound), this includes metadata.
We will have free options that give you up to 1 GB of storage, as many folders as you need. Pinned mails, and so much more.
While I can't go fully into detail on the exact mechanisms of how the IRON stack works yet to achieve in-platform privacy soundness, you'll be getting it near launch to verify for yourself exactly how we make sure that you can still receive, send and store emails with no option to for the service provider (us), to read your emails. Period.
Iron Mail is developed for everyone to use. We'll be doing a public ceremony to get rid of so called "toxic waste" (generating a CRS which anyone who's verified can participate in) as the entire service relies on zero-knowledge proofs that every user can verify for their email dispatch that:
1) inbound is decrypted within a TEE edge server.
2) the plaintext was directly sent to an MPC council.
3) mail routing and attribution was done correctly.
4) SMTP-specific things such as DKIM verification.
5) outbound is jointly broadcast through MPC collaboration with the final email not being visible to the service provider.
All zero-knowledge circuits will be released, after they've been audited by several parties, you can audit them yourself. This means, there is no uncertainty on whether we have hidden log infrastructure, since that would be either a) tampering with the process, which would invalidate the proof chain or b) be outright impossible once it's being processed by the MPC committee.
Setting expectations
1. Referrals
On referrals. We will have them. If we sponsor influencers, they will not be given a script, they can give their honest opinion. We will only be giving sponsorships to niche technical channels who actually knows what they're vouching for. Ironmail is mostly meant to be deployed for institutional and governmental security.
Running a permanent free service for the public is purely in the interest of promoting good opsec and giving people access to a new innovation in a space where there hasn't been much for years now, despite annual earnings in excess of $100M+ (for Proton Privacy in 2024, per Zoominfo).
We might also give referral code to tech enthusiasts who write blogs or has an audience, as these are the people who can accurately assess the veracity of the claims made. This has remained our biggest issue with companies like Proton: the marketing.
We've seen them be subversive or sometimes, what can easily be suspected to be, intentionally misleading.
2. Defending users
Based out of Delaware, US., jurisdictionally, we'll stand up for every subpoena, and we will always carry an up-to-date warrant canary in the footer of the website that we urge you to check (or setup an automated curl for), to ensure the company is still in our control.
Signing up will be through 3 options:
1. A proof of work puzzle that takes between 5-10 minutes to solve on most processors.
2. An SMS message (after which that number is marked "used", but is not associated with your email).
3. By using @onflowxyz, zero-knowledge based proof of uniqueness using an ICAO 9303 document (i.e. a passport, or ID card, none of the info is transmitted to us, only a zero-knowledge proof, which is merely a mathematical proof of the validity of information, not any of the actual information).
Any request for user info, be it IP address, email, contents of email, phone number, name or setting up future snooping is impossible within the IRON protocol. But again, we always urge you to check the warrant canary.
Accessing the Site
We will offer both a web UI and a fork of Thunderbird to access the Ironmail. We will also have endpoints setup for TOR and I2P (though experiences may be slightly degraded in terms of smoothness due to JS blocking) if you do not want your ISP to know you're using privacy-respecting services.
Users can sign up on a VPN (we suggest Mullvad), on TOR or via I2P.
You can pay via credit card where we give you the option to pay via credit/debit card (but, it is not recurring, and all payment data is deleted after 20 days), you can decide if you want to renew.
You can also pay using cryptocurrency, including Monero and Zcash shielded transactions.
We want to keep as little information about you as possible. We do not store which transaction hash was associated with your purchase after the sufficient number of verifications.
Pricing
The service, as mentioned, is meant for governmental and institutional usage in private deployments, however for our public-facing site, which can also be used by organizations of any size, the pricing will be similar to that of Proton, simply due to a much larger computational overhead than something like Proton (MPC and TEE isn't cheap in overhead, neither is ZK).
The service is 100% free for everyone who doesn't wish to use an extended feature set, and comes with half a gigabyte of storage by for the free tier.
Political affilations
We are not aligned with any party or ideology as a company, and our team rarely if ever discusses politics, we discuss privacy.
Launch
Due to the complex nature of the engineering the protocol to be production confident, then the auditing process, as well as stress testing, fuzzing and vulnerability testing along the way, combined with a UX we hope can rival the best, launch is set to be in approximately 4-5 months.
The Prize
Thank you for reading this. I've garnered a ton of support personally from a privacy-conscious crowd for talking about privacy pretty much everyday, from interesting papers to Proton to zero-knowledge and whatever else is on my mind.
Sam Bent makes amazing videos, and apparently also, amazing blog posts (and hopefully he'll also make a video on the blog post he made).
If you share what you liked most about his article, and why privacy-preserving emails matter to you we will reserve a handle for you, plus give you 2 months of the Enthusiast tier for free (use your own domains, more storage, aliases and unlimited email addresses).
There is no upfront cost, we will simply send a code for you to enter once you sign up, which will also verify that you're trying to register the handle you reserved (some handles go quickly like first names, short words, etc.).
Thank you
For continuing the fight for privacy. We hope you're excited about the innovation we're trying to bring to this sector that has been very good at twisting words, using unclear marketing, only speaking up when caught and generally has tarnished the word 'privacy' for the average person in what they should expect.
The more services LARP as true privacy-oriented services, that then turn out to be something different in highly publicized events, hurts the reputation of everyone else trying to build for privacy.
And finally, good article Sam. Keep writing these.
🚨 Google wants to force every Android developer to register with them, even if you never touch the Play Store. We signed the open letter opposing this alongside EFF, Proton, F-Droid, Tor Project, and 30+ others. Android's openness is non-negotiable.
https://t.co/vzlPdOc5Sa
The Pentagon is about to give an American AI company the Huawei treatment.
Not because it’s Chinese. Not because it’s a spy risk.
Because it refuses to let the military use its AI for mass surveillance of Americans and fully autonomous weapons.
This morning, Defense Secretary Pete Hegseth summoned Anthropic CEO Dario Amodei to the Pentagon. A senior Defense official told Axios: “This is not a friendly meeting. This is a sh*t-or-get-off-the-pot meeting.”
Here’s what’s actually happening:
Claude is the only AI model running inside the Pentagon’s classified systems. The most capable model for sensitive defense and intelligence work. It was used in the Maduro raid in January through Palantir, the first confirmed use of a commercial AI in a classified military operation.
Now the Pentagon wants all restrictions removed. “All lawful purposes.” Including capabilities that would let the military continuously monitor the social media posts, voter registration, concealed carry permits, and demonstration records of every American citizen using AI at scale.
Anthropic said no to two things: mass surveillance of Americans and fully autonomous weaponry.
The Pentagon’s response: threatening to designate Anthropic a “supply chain risk.”
That designation is reserved for foreign adversaries. The last company to receive it was Huawei. It would force every defense contractor in America to certify they don’t use Claude in their workflows. Given that 8 of the Fortune 10 use Claude, this would cascade through the entire defense industrial base.
A senior Pentagon official told Axios: “It will be an enormous pain in the ass to disentangle, and we are going to make sure they pay a price for forcing our hand like this.”
Another official: “The problem with Dario is, with him, it’s ideological. We know who we’re dealing with.”
Meanwhile: OpenAI, Google, and xAI have already agreed to remove their safeguards for military use. OpenAI deployed ChatGPT to all 3 million DoD personnel through GenAI. mil. xAI holds a separate $200M contract backed by Musk’s political proximity to the administration.
Anthropic is the only one that said no.
Think about what’s being asked. The company whose own safety chief resigned two weeks ago warning “the world is in peril.” The company that just published a report showing its most advanced model “knowingly assisted with chemical weapons research” in testing. That company is being punished for refusing to hand the U.S. military unrestricted access to that same technology.
The Pentagon admits competing models “are just behind” for classified work. They need Claude. But they’re willing to blow up the relationship rather than accept two restrictions that protect American citizens from their own government.
This is the most important story in AI right now and almost nobody is framing it correctly.
It’s not about one $200M contract. It’s about whether the U.S. military can compel a private company to remove safety restrictions on technology its own developers have demonstrated is dangerous, under threat of receiving the same designation as a Chinese national security threat.
Dario Amodei walks into that meeting this morning with $380 billion in enterprise value, $14 billion in revenue, and a principle that may cost him both.
Full institutional analysis on my Substack.
https://t.co/AEv8EMPdsZ
Last quarter I rolled out Microsoft Copilot to 4,000 employees.
$30 per seat per month.
$1.4 million annually.
I called it "digital transformation."
The board loved that phrase.
They approved it in eleven minutes.
No one asked what it would actually do.
Including me.
I told everyone it would "10x productivity."
That's not a real number.
But it sounds like one.
HR asked how we'd measure the 10x.
I said we'd "leverage analytics dashboards."
They stopped asking.
Three months later I checked the usage reports.
47 people had opened it.
12 had used it more than once.
One of them was me.
I used it to summarize an email I could have read in 30 seconds.
It took 45 seconds.
Plus the time it took to fix the hallucinations.
But I called it a "pilot success."
Success means the pilot didn't visibly fail.
The CFO asked about ROI.
I showed him a graph.
The graph went up and to the right.
It measured "AI enablement."
I made that metric up.
He nodded approvingly.
We're "AI-enabled" now.
I don't know what that means.
But it's in our investor deck.
A senior developer asked why we didn't use Claude or ChatGPT.
I said we needed "enterprise-grade security."
He asked what that meant.
I said "compliance."
He asked which compliance.
I said "all of them."
He looked skeptical.
I scheduled him for a "career development conversation."
He stopped asking questions.
Microsoft sent a case study team.
They wanted to feature us as a success story.
I told them we "saved 40,000 hours."
I calculated that number by multiplying employees by a number I made up.
They didn't verify it.
They never do.
Now we're on Microsoft's website.
"Global enterprise achieves 40,000 hours of productivity gains with Copilot."
The CEO shared it on LinkedIn.
He got 3,000 likes.
He's never used Copilot.
None of the executives have.
We have an exemption.
"Strategic focus requires minimal digital distraction."
I wrote that policy.
The licenses renew next month.
I'm requesting an expansion.
5,000 more seats.
We haven't used the first 4,000.
But this time we'll "drive adoption."
Adoption means mandatory training.
Training means a 45-minute webinar no one watches.
But completion will be tracked.
Completion is a metric.
Metrics go in dashboards.
Dashboards go in board presentations.
Board presentations get me promoted.
I'll be SVP by Q3.
I still don't know what Copilot does.
But I know what it's for.
It's for showing we're "investing in AI."
Investment means spending.
Spending means commitment.
Commitment means we're serious about the future.
The future is whatever I say it is.
As long as the graph goes up and to the right.
‼️ BREAKING: Researchers have uncovered secret AI surveillance projects linked to KYC provider Persona and OpenAI, sending user data to the US government.
Code references include intelligence program codenames "Project SHADOW" and "Project LEGION."
Analysis of source code revealed OpenAI's user verification systems includes biometric tracking, facial scanning, political screening, and intelligence reporting.
Researchers also discovered ONYX on Persona's government server — matching ICE's $4.2M AI surveillance tool — which scrapes social media and the dark web, builds digital footprints, tracks emotional sentiment, assigns risk scores across 300+ platforms and 28B+ data points, and flags individuals for "violent tendencies."
None of it was hidden. It was all internet-facing.
The UK has announced plans to fast-track legislation requiring “age verification for VPN use”. The correct term, however, is not age verification but identity verification.
A law like this would require everyone to identify themselves in order to use a VPN. This would pose a risk to whistleblowers, violate human rights, and represent yet another step toward an authoritarian society.
Edward Snowden, in a 2015 video interview with The Guardian from Moscow:
"When you say 'I don't care about the right to privacy because I have nothing to hide,' that's no different than saying 'I don't care about freedom of speech because I have nothing to say.'"
"Simply because you are following the law, doesn't mean that you'll be exempt from governmental interference in your private life."
The EU Council appear ready to approve Chat Control. This must be stopped. To highlight the corruption behind the proposal, Mullvad VPN now present "And Then?"
The backstory: https://t.co/rwbbh0DoKH