Any suggestions on the best country to setup a vps vpn? Thinking of countries policy on censorship and Internet control as well as reasonable connection speeds.

From my understanding, an EU Council position doesn't necessarily mean the legislation will be adopted? This really feels like it'll be the time when it'll be adopted. The worst timeline.

cross-posted from: https://hexbear.net/post/5696151

On 9 July, Austrian parliamentarians passed a highly controversial bill legalising the deployment of state-sponsored spyware, known as the Federal Trojan (Bundestrojaner), to enable the interception of encrypted communications.

The Bundestrojaner bill would give law enforcement agencies the power to install malware on private devices (such as smartphones or laptops) to monitor encrypted messaging applications.

It would do so by amending several laws, including: the State Security and Intelligence Service Act; the Security Police Act; the Telecommunications Act;the Federal Administrative Court Act; and the Judges’ and Public Prosecutors’ Service Act.

The plan sparked widespread concern among privacy advocates, cybersecurity experts, and numerous civil society organisations.

The day before the vote more than 50 organisations, including Statewatch, wrote to legislators.

A joint letter (pdf) called on them to “vote against this dangerous instrument of state surveillance and against a historic step backwards for IT security in the information society.”

Legislators in Austria’s lower parliamentary house, the National Council, voted in favour of the bill, 105 to 71.

The interior minister Gerhard Karner, described it as a “special day for security.” Support for the bill came from the governing parties – the conservative Austrian People’s Party (ÖVP), the Social Democratic Party (SPÖ), and most members of the liberal NEOS party.

Two NEOS MPs, Stephanie Krisper and Nikolaus Scherak, broke ranks to vote against the measure, alongside the Greens and the far-right Freedom Party of Austria (FPÖ).

On 17 July, the Federal Council – the upper house of the legislature – voted by 40 to 19 not to object to the bill, completing the parliamentary process.

The bill now awaits unanimous approval from the governments of Austria’s nine states before it can become, a constitutional requirement triggered by the inclusion of certain provisions on the administrative judiciary.

Nevertheless, opposition parties and civil society organisations have said they will file legal challenges against the measures.

Government officials insist that the spyware will be restricted to targeting messaging apps and that broader system-wide searches will not be permitted.

However, technical experts have repeatedly warned that such limitations are practically unenforceable in real-world applications.

Spyware with the capability to intercept encrypted communications inevitably provides access to a wide array of personal information stored on the device, including photos, files, emails, contacts, and location data.

Critics note that this effectively bypasses all existing security protections, raising serious questions about the proportionality, necessity, and legality of such intrusive surveillance powers.

The current legislation includes some procedural safeguards, in an attempt to respond to critiques of previous state trojan proposals.

These include an extension of the review period for the Legal Protection Commissioner (from two weeks to three months), and transferring the authority to approve spyware deployment from a single judge to a panel of judges at the Federal Administrative Court.

However, the Legal Protection Commissioner is part of the Ministry of the Interior – the very same ministry that authorises and deploys the spyware – raising significant concerns about impartiality and conflicts of interest.

Furthermore, the intelligence agencies themselves conduct the mandatory trustworthiness assessments for the Commissioner and their deputies, further undermining the potential for effective and independent scrutiny of surveillance activities.

The bill was approved in the National Council despite extensive opposition from a broad range of civil society groups, professional bodies, and public institutions – including bar associations, universities, municipalities, press freedom advocates, and medical organisations.

Following the vote, civil society organisations describing the law as institutionalising state hacking by deliberately exploiting software vulnerabilities.

In a joint statement, they said that the government should be working to close these gaps to protect citizens from cyber threats.

The Bundestrojaner has a long and contentious legislative history in Austria. Initial attempts to introduce similar surveillance powers date back to 2016, but they were repeatedly rejected or delayed due to sustained criticism and concerns about privacy violations.

In 2019, Austria’s constitutional court struck down an earlier version of the law, ruling that surveillance of encrypted communications constituted a serious breach of fundamental privacy rights protected under the constitution.

Hello folks! So I joined a new company and am debating if I want to carry two phones around- work and personal. However I am concerned what the org can see/access on the phone (Samsung Galaxy)

In order to access my email/calendar I need to setup an Android Work profile. Some basic searches online indicated that the organization can only see/access/control things on the work profile and nothing beyond.

Looking at said work profile I only see installed basic apps like gmail, calendar, contacts. No other management or control apps like Workspace One or a work specific VPN are being forced. I have worked at other organizations that required those, and I instantly opted for dedicated Work phone- as those give up a TON of control to the org no questions asked.

Very aware both Samsung and anything Google are privacy concerns in general, I do what I can on this device to limit it.

My question here is mostly privacy for what my org can see/access beyond the android work profile. The only overlap in apps I can see is for texting- the work profile seems to share the same SMS app as primary profile. AKA I worked in IT, I know how creepy some of us can be LOL- if they are able to log texts, calls, non-work email...ect I would like to know if possible.

Any thoughts or information the community can share? Thanks!

Edit: I should note I read the Google articles specificly on this and they are pretty clear. Just not sure how much I can trust them... https://support.google.com/work/android/answer/7502354#zippy=%2Ci-own-my-device

https://support.google.com/work/android/answer/6191949?hl=en

Important note: im not from the US so any Google devices are out of the picture given they keep threatening/putting on/off tariffs and some countries are bound to retaliate (which is fair), yes i know there are used ones being sold for cheaper but its still a no from me

Just occurred to me that the humble microwave should be a fairly effective Faraday cage, certainly for the microwave spectrum, anyone know how good it is for the relevant communication frequencies?

https://www.nytimes.com/2025/07/09/us/politics/james-comey-secret-service.html?unlocked_article_code=1.VE8.w55f.rrC8gPirU8SX

According to a motion the Electronic Frontier Foundation filed in Sacramento Superior Court last week, Nguyen and Decker are only two of more than 33,000 Sacramento-area people who have been flagged to the sheriff’s department by the Sacramento Municipal Utility District, the electricity provider for the region. SMUD called the customers out for using what it and department investigators said were suspiciously high amounts of electricity indicative of illegal cannabis farming.

Not referring to Google Docs, for that there's cryptee which is pretty great but they don't have either of those two (Forms and/or Spreadsheets)

I've been using Librewolf for more than an year now, and Im using Mullvad Browser (MB) only for log into my e-mail and stuff more personal like that. Since Mullvad gives some very good filters about privacy, i'm using MB for these purposes.

However, i been thinking if i should use Mullvad Browser as my main daily driver browser. However, i need to use a dark mode/reader, since i like to have eyes and for me is super uncomfortable not using a dark mode.

I'm using the dark reader on librewolf, and i know this is make me more finger printable , but i cannot use a browser without a dark mode.

My question is if, either with a dark mode/reader on mullvad browser, this is better than librewolf in terms of privacy and security. Mullvad is more quick than librewolf in update terms , for which i search it. And other thing i know i can do, is create multiple profiles on mullvad and librewolf, to compartmentalize the things i visit / search... (for example, one profile only to check my emails, one for normal browsing, and so on.... )

and btw , on ubuntu, which is the better way in terms of security and privacy, to install the mullvad browser? via .deb ? snap? flatpak?

ty in advance

archive.today: https://archive.fo/e4y9t

I think it'd be an interesting insight for you, folks. The article as presented in russian news media Kommersant via automatic translation:

The State Duma has proposed to impose fines for searching for illegal content

On July 17, the State Duma plans to consider in the second reading amendments establishing criminal and administrative liability for a number of violations in the field of communications and information - from the organization of uncontrolled VPN networks to the transfer of SIM cards to third parties. The most resonant in them was the novelty on fines for citizens for the deliberate search for extremist materials, including using means to bypass blocking. Proving the fact of such a search may be problematic, experts say.

Initially, the bills tightening regulation of the Russian segment of the Internet concerned other issues - the activities of forwarders and foreign officials, but by the second reading, amendments were proposed to establish a number of new provisions of the Administrative and Criminal Codes of the Russian Federation. In particular, this concerns the criminalization of the transfer of Internet resource accounts and the provision of VPN access not controlled by Roskomnadzor, the recognition of the use of means to bypass blocking as an aggravating circumstance in the commission of crimes, the prosecution of companies and individuals for participating in the exchange of SIM cards and providing them to third parties, etc.

The most resonant amendment was the one on administrative liability for “searching for obviously extremist materials and gaining access to them,” including using VPN services (Article 13.53 of the Code of Administrative Offenses).

If the bill is adopted, citizens will face a fine of 3,000 to 5,000 rubles. In the document, extremist materials are those included in the relevant list of the Ministry of Justice, as well as those that meet this definition in accordance with federal law. In addition, if the amendments are adopted, advertising of “software and hardware for access to information resources with restricted access,” that is, VPN services, will be prohibited (Part 18 of Article 14.3 of the Code of Administrative Offenses of the Russian Federation). Citizens will face a fine of 50,000 to 80,000 rubles, officials - from 80,000 to 150,000 rubles, and legal entities - from 200,000 to 500,000 rubles.

A high-ranking source familiar with the development of the project explained to Kommersant that the amendments establish liability only for the deliberate search for and actual access to obviously extremist materials, “that is, to such materials that are clearly included by a corresponding court decision in the list of extremist materials published by the Russian Ministry of Justice, which he cannot help but know about.” “Visiting the personal pages of citizens, including those with a ‘dubious reputation’, is not regulated or limited by these amendments in any way,” the source assured Kommersant.

However, the initiative has already raised questions from the head of the "Safe Internet League" Ekaterina Mizulina, who came to the conclusion that she will no longer be able to pass on data on extremist communities to the police, since to do so she needs to "purposefully monitor such content." "And the activities of the Ministry of Internal Affairs employees on monitoring may also be recognized as illegal," Ms. Mizulina was indignant. She recalled that the list of extremist materials contains 5.5 thousand items - from "violent content with videos of migrant murders" to memes and tracks of foreign agents, and wondered whether every citizen should familiarize themselves with it: "How will they establish intent in searching for such materials?" The activist was answered in absentia by the deputy head of the State Duma Committee on Information Policy Oleg Matveychev, who allowed that an exception could be made for security forces who are looking for illegal content.

Ekaterina Mizulina’s concerns are shared by experts.

“It’s not very clear what kind of behavior the legislator expects from the user,” says Comply partner Maxim Ali. “It’s hard to imagine that an elderly citizen knows about the Ministry of Justice registry, will find it, and will check the material they are looking for in it before each search query.”

According to him, it is also not entirely clear how access to prohibited content will be proven: "I clicked on a prohibited link, but it is blocked. The moment of the request will be recorded, but if the page does not load, this should not be a violation."

Based on the design of the new administrative composition, it will be necessary to prove that a specific user, firstly, carried out a search, secondly, that the information sought is prohibited, thirdly, that he knew about it, says lawyer Andrei Grivtsov: "It is only possible to know in advance if there is evidence that you are familiar with the list of extremist materials." However, practice is moving towards a consistent reduction in the standards of proof, the lawyer notes. "It can be assumed that in practice they will hold people accountable if they simply find a search query on a phone regarding something extremist or a tab with open material," says Mr. Grivtsov.

Yuri Mirzoev, CEO of the law firm Mitra, does not rule out that complaints, user behavior analysis, monitoring of their requests through providers, as well as data from IT companies, may be used to detect the fact of searching for extremist content. According to Vasily Stepanenko, CEO of the cloud provider Nubes, the amendments are intended to make the user understand that their search queries may be revealed by both the prohibited resource itself and the VPN service they used to bypass blocking: “And thus reduce the desire to use them.”

They propose:

\1. Legal liability for sharing sim cards (and internet accounts) with third parties. In the system they built, where those are usually directly linked to internal passport, they became used as one of the major way to ID you and to log into any service, including government ones. Therefore they kinda locked themselves in the thinking framework where phone number IS identity, like SSN, in spite of them being sold like candies just 10 years before. And although they would have a hard time controlling it now, they roll out ways to punish at least those, sim-farms they'd find while following other crimes.

This, btw, got my normie peers pretty distressed because most of us gave dumb phones to our elderly with SIMs registered to us, not them. I'm sure that these cases wouldn't be targeted at all, but as many laws there does have this unnerving blanket nature you can persecute everyone with it.

\2. VPN ads are everywhere, and although they are for now in the gray, you'd be surprised how deep the untold divide lays: a lot of people either do have a free VPN or\and a subscription or feel proud they don't need it because local content is all they need. Suuuure. As proposed there, using them WHILE doing something questionable may factor into deciding ypur actions were intentional.

\3. Searching for the extremist content. This one is not well formulated, and that's the goal. While we have a list of extremist materials that is rather strict and sober, includes stuff like white pride, isis, other propaganda, we also have laws that promotes LGBTQ+ media as extremism, there are previously popular artists that are called extremists for their lack of enthusiasm in our war efforts. There's no solid explanation what of these are counted as extremism and how this would be decided if there was your intent to look for them - not even access, copy or distribute - but just search it. Yet, I see the monopoly of Yandex, our Google, being very handy at persecuting thought crimes against the Motherland.

P.S.: The notion I'd put there - Russia is a good, useful example of how privacy and the rule of the law (and logic) can be eradicated, the one europeans should be aware of when their own lawmakers try to pass e2ee ban or something similar.

Google is quietly rolling out its Gemini AI tool as the default assistant on Android, even on devices where users never explicitly enabled it. In many cases, Gemini replaces Google Assistant by default, making it increasingly challenging to disable fully.

This deep integration means Gemini can still be active in the background, accessing your apps, system features, and personal info.

Here's what Gemini can access:

Gmail 
Google Calendar 
Google Drive & Docs 
Maps, Keep, Tasks
Messages, Phone, and even WhatsApp

Even more concerning:

Your data is used to train Google’s AI.
Human reviewers may see your chats.
Data can be shared with 3rd parties.
As of July 2025, Gemini stays connected to apps even when activity tracking is turned off.

🛑 You can’t fully disable Gemini, but you can limit it:

How to limit Gemini on Android:

Turn off activity tracking
Revoke permissions
Uninstall it (if possible)

Further options, if you’re privacy-conscious:

Reduce your reliance on Google services or fully de-Google
Consider a privacy-first OS like GrapheneOS or CalyxOS

⚠️ Google is making Gemini the default assistant for all Android devices by the end of 2025.

Choose privacy over AI surveillance.

If you want tools that respect your data, ensure you use encrypted email, a private calendar, and a secure cloud, with no AI training or human review.