Technology

Archive link

Finally!

Proton is beginning to shift its physical infrastructure out of Switzerland, fearing a fresh bout of government snooping baked into the country's updated surveillance laws.

The company has confirmed that Lumo, its newly launched AI chatbot positioned as a privacy-friendly ChatGPT rival, is the first to move. Servers for the product are now being housed in Germany, with Norway also in the frame for future operations. This comes amid serious grumbling about amendments to the country’s existing surveillance ordinance, which would force VPNs and messaging apps to identify users and store their data for up to six months.

Proton has been vocal about its opposition since May. In a statement roton’s head of anti-abuse and account security Eamonn Maguire said: “Because of legal uncertainty around Swiss government proposals to introduce mass surveillance, proposals that have been outlawed in the EU, Proton is moving most of its physical infrastructure out of Switzerland. Lumo will be the first product to move."

Well, fuck. "You can keep your Nazi gold to yourself, but we need your LLM interactions."

Recently, OpenAI ChatGPT users were shocked – shocked, I tell you! – to discover that their searches were appearing in Google search. You morons! What do you think AI chatbots are doing? Doing all your homework for free or a mere $20 a month? I think not!

When you ask an AI chatbot for an answer, whether it's about the role of tariffs in decreasing prices (spoiler: tariffs increase them,); whether your girlfriend is really that into you; or, my particular favorite, "How to Use a Microwave Without Summoning Satan," OpenAI records your questions. And, until recently, Google kept the records for anyone who is search savvy to find them.

It's not like OpenAI didn't tell you that if you shared your queries with other people or saved them for later use, it wasn't copying them down and making them potentially searchable. The company explicitly said this was happening.

The warning read: "When users clicked 'Share,' they were given the option to 'Make this chat discoverable.' Under that, in smaller text, was the explanation that you were allowing it to be 'shown in web searches'."

Well, of course.

A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people's personal computers, spy on their local chats, and even control the models the victim's app talks to, in extreme cases by serving poisoned models.

GitLab's Security Operations senior manager Chris Moberly found and reported the flaw in Ollama Desktop v0.10.0 to the project's maintainers on July 31. According to Moberly, the team fixed the issue within hours and released the patched software in v0.10.1 — so make sure you've applied the update because Moberly on Tuesday published a technical writeup about the attack along with proof-of-concept exploit code.

"Exploiting this in the wild would be trivial," Moberly told The Register. "There is a little bit of work to build the proper attack infrastructure and to get the interception service working, but it's something an LLM could write pretty easily."

This makes me less enthusiastic about local models. I mean, nothing on the internet is inherently secure and the patch came quickly, but local LLMs being hackable in the first place opens a new can of worms.

cross-posted from: https://programming.dev/post/35948067

Necoru_cat post on X/Twitter, Translated from Japanese.

Source.

cross-posted from: https://programming.dev/post/35889767

Comments

• Hackernews.

Text

BYRNE & STORM, P.C.

ATTORNEYS-AT-LAW

Re: Statement Regarding Ofcom's Reported Provisional Notice - 4chan Community Support LLC

Byrne & Storm, P.C. ( @ByrneStorm ) and Coleman Law, P.C. ( @RonColeman ) represent 4chan Community Support LLC ("4chan").

According to press reports, the U.K. Office of Communications ("Ofcom") has issued a provisional notice under the Online Safety Act alleging a contravention by 4chan and indicating an intention to impose a penalty of £20,000, plus daily penalties thereafter.

4chan is a United States company, incorporated in Delaware, with no establishment, assets, or operations in the United Kingdom. Any attempt to impose or enforce a penalty against 4chan will be resisted in U.S. federal court.

American businesses do not surrender their First Amendment rights because a foreign bureaucrat sends them an e-mail. Under settled principles of U.S. law, American courts will not enforce foreign penal fines or censorship codes.

If necessary, we will seek appropriate relief in U.S. federal court to confirm these principles.

United States federal authorities have been briefed on this matter.

The Prime Minister, Sir Keir Starmer, was reportedly warned by the White House to cease targeting Americans with U.K. censorship codes (according to reporting in the Telegraph on July 30th).

Despite these warnings, Ofcom continues its illegal campaign of harassment against American technology firms. A political solution to this matter is urgently required and that solution must come from the highest levels of American government.

We call on the Trump Administration to invoke all diplomatic and legal levers available to the United States to protect American companies from extraterritorial censorship mandates.

Our client reserves all rights.

• Source;
• Ofcom.

Great. Now Facebook wants an AI Epstein 🙁

Honestly... I can't think of a single good thing Zuckerberg has ever brought to the world.

MicroSD cards are tiny but slow; the M.2 storage sticks in your PC are blazing fast but bigger and fully enclosed. Now, a new type of SSD out of China could be the best of both worlds — and it’s already set to appear in two cutting-edge gaming portables.

Chinese storage manufacturer Biwin is calling it the “Mini SSD,” though another manufacturer refers to it as the “1517”; it measures just 15mm x 17mm x 1.4mm thick, smaller than a U.S. penny and just slightly larger than MicroSD. Despite that, it offers maximum sequential read speeds of 3,700 megabytes per second (or 3,400MB/s writes) over a PCIe 4x2 connection, and offers 512GB, 1TB and 2TB capacities.

I suspect this will go over about as well as Samsung's UFS cards.

So, now we have yet another competing standard for removable storage.

As of June 2025, over 1,400 veterans of Israeli intelligence are now working in U.S. tech—with 900 of those coming from Unit 8200 alone. That number comes from a database of people who publicly identify themselves as being both former Israeli intelligence officers and holding a job in U.S. tech on their LinkedIn profiles.

The database was assembled by an independent researcher, who is remaining anonymous for personal security and has dubbed the database the “Eagle Mission” influence network. The 1,400 people are self-identified veterans or active reserve members of Unit 8200, Israeli military intelligence, and the IDF Cyber Defense Directorate working in senior and mid-level engineering and security roles at major U.S. tech firms with offices in Israel, the U.S., and Europe. Drop Site crosschecked many of the records in the database for accuracy.

“This does not mean that every person who served in Unit 8200 is an Israeli spy looking to send classified data back to Tel Aviv,” the researcher emphasized. “But it does create a serious vulnerability. No other country has this kind of access to the American tech sector. We obsess over Chinese involvement in the tech industry and worry about corporate espionage, but Israeli penetration rarely gets mentioned.”

The global tech giant Microsoft is one of the most prominent employers of Unit 8200 alumni, employing roughly 250 veterans of the unit, alongside other major multinational companies including Nvidia, Meta, Google, Intel, and Apple, many of whom employ dozens of individuals drawn from the unit. Microsoft was recently revealed to have closely collaborated with Unit 8200 leadership on the creation of cloud services intended to store millions of private communications of Palestinians living under military occupation in the West Bank and Gaza. Microsoft declined to comment.