Imagine a VPN that does not know your name.
Does not know your email.
Does not know your IP address.
Has no logs of when you connected, where you went, or how much data you used.
Sweden has one. It has cost 5 euros a month since 2009.
It is called Mullvad. Swedish for "mole." 7,215 stars on GitHub. GPL-3.0. Written in Rust.
NordVPN wants your email. ExpressVPN wants your email. Surfshark wants your email. Mullvad asks for nothing.
When you sign up, the website generates a random account number. No name. No email. No phone. No password. The number is the entire identity.
Five euros a month. The price has not changed since March 2009.
You can pay with a credit card. Or with crypto. Or you can write your account number on a piece of paper, put it in an envelope with a 5-euro bill, and mail it to a post office box in Gothenburg. They add credits to your account and shred the envelope.
Then there is the part where the police came.
In February 2023, German authorities asked Sweden to investigate a Mullvad user. On April 18, six officers from the National Operations Department drove to Mullvad's office in Gothenburg with a search warrant.
Mullvad explained that there was no data. No connection logs. No DNS logs. No IP logs. No timestamps. The servers run from RAM. They forget everything on every reboot.
The prosecutor told the police to leave. They left.
It was the first time in the company's history that a government tried.
Mullvad was founded in 2009 by Fredrik Strömberg and Daniel Berntsson. Founder-owned. No venture capital. Audited by Cure53, the German cybersecurity firm, multiple times since 2018.
They also built the Mullvad Browser with the Tor Project. Free. Open source.
A VPN that does not know who you are is the only kind that can keep a secret.
(Link in the comments)
A defence contractor has figured out how to track you without ever needing your name, face, or numberplate.
The product, SignalTrace, instead listens to the devices you're carrying, and their sensor clips onto existing cameras your city has likely already got mounted.
1/12
Linux users who uninstalled Windows to escape Microsoft and choose freedom with Linux may not have escaped yet.
Microsoft holds the cryptographic key that allows every major Linux distro to boot on modern hardware. Ubuntu. Fedora. Debian. All of them. Without Microsoft's signature your Linux machine does not start.
And that key expires in 4 days. June 27, 2026.
Here is what is actually happening.
When Secure Boot was introduced in 2012, Microsoft became the certificate authority for the entire PC boot ecosystem. Every Linux bootloader on the planet has to be signed by Microsoft to run on any UEFI machine with Secure Boot enabled.
Your existing Linux install will still boot after June 27. That is the good news.
The bad news is everything going forward.
→ Any new shim binary after June 27 cannot be signed with the old key anymore
→ If your firmware never gets the new 2023 Microsoft certificates, fresh distro installs will fail to boot
→ Older laptops, smaller vendor hardware and embedded devices that never receive firmware updates are now in permanent limbo
→ Dell, HP and Lenovo have pushed updates. Smaller vendors have not. Nobody knows how many devices fall through the cracks.
The fix for most people is one command: sudo fwupdmgr update
But the bigger story here is the one nobody is talking about.
The Linux community spent years arguing about freedom and independence from Microsoft. The entire time Microsoft had a key that every Linux machine on earth depended on to start.
That is not a conspiracy. That is just how Secure Boot was designed.
Run the update. Then think about what it means.
Full details here:
https://t.co/Vn7A4TPjrC
French first, English below 👇
🇪🇺 Staan, la première API de recherche européenne est désormais disponible en libre-service 🇪🇺
Staan est l'API de recherche 100% européenne co-construite avec @ecosia à travers la joint-venture européenne European Search Perspective. Staan connecte les applications d'IA au web en les alimentant avec des millions de documents et de contenus web dans un cadre juridique respectueux des données et des utilisateurs.
À partir d'aujourd'hui, Staan permet à n'importe quel développeur d'obtenir sa clé API et de commencer à alimenter ses assistants, copilotes et agents IA en quelques minutes.
Pendant que les solutions américaines restreignent leurs API de recherche et leurs modèles de LLM, une seconde voie européenne et souveraine s'organise. ✊
Switch to Europe. Now.
⸻
🇪🇺 Staan, the first European search API, is now available as a self-service 🇪🇺
Staan is the 100% European search API co-built with Ecosia through the European joint venture European Search Perspective. Staan connects AI applications to the web by feeding them with millions of web documents and content within a legal framework that respects data and users.
Starting today, Staan allows any developer to get their API key and start powering their assistants, copilots and AI agents in minutes.
While American solutions are restricting their search APIs and LLM models, a second European and sovereign path is taking shape. ✊
Switch to Europe. Now.
[APK] One UI 8.5 Weather app now works on any Samsung & Android (non-Samsung) devices running Android 12/One UI 4 or above. This APK is extracted from the Galaxy Store update in a S26 Series device, so this app is not cloned and root isn't required. Simply install the APK as you all do, try it yourself right now!
[APKs] One UI 8.5 Call Screen, Call Settings, Capture, Contacts, Editor, Keyboard, My Files, Modes & Routines now work on older One UI devices. These apps are extracted from the Galaxy Store updates in the S26 Series. These also include the new 3D icons, features and UI changes.
‼️🇪🇺 BREAKING: Europol ran a shadow IT system stuffed with more than 2 petabytes of sensitive data on people who were never even suspected of a crime, and part of the data was kept outside of formal oversight...
This lands as the European Commission prepares to expand Europol's mandate and double its budget.
"They protect the law while breaking it," according to a former Europol senior official.
A joint investigation by Solomon, Correctiv, and Computer Weekly uncovered that Europol operated for years outside its own legal limits, with no functioning audit logs, no access controls, and admin rights handed out by the dozen.
They call the system the Computer Forensic Network, or CFN. Built in 2012 to triage forensic data, it became Europol's primary analytical platform. By 2019, the CFN held at least 2 petabytes of operational data, roughly 420 times the size of Europol's official non-forensic database. Drewer, the data protection officer, found that 99% of Europol's data sat in the CFN, processed without basic data protection or security safeguards.
The 2019 internal security assessment listed 32 separate failures. Among them:
- Ineffective assignment of security roles
- Insufficient management of privileged access rights
- Unrestricted software installation
- Lack of password management
- Lack of administrative usage logs
- Insufficient event logging and monitoring
- Insufficient network access control
Independent experts who reviewed the findings called the volume of admin accounts a textbook breach of confidentiality and an open door for both rogue insiders and external attackers. Logs could be modified or deleted by anyone with admin rights, meaning data tampering and unauthorised access could not be reliably traced.
Then there is the Pressure Cooker. A separate clandestine environment run by Europol's Internet Referral Unit, used to pull open-source data without ICT involvement and outside formal oversight. Internal staff flagged it as an "irregular situation" in October 2022. The EU's privacy watchdog, the EDPS, says it was never told about it during the original 2019 investigation.
After almost a decade of negotiation, the EDPS closed its monitoring of the CFN in February 2026. 15 of 150 recommendations remained unimplemented, including ones the watchdog flagged as concerning "issues of particular importance," covering core security safeguards.