A group of activists gathered outside the Prairieland Detention Center near Dallas last July 4 with fireworks and plans to mount more than a polite protest.

They were there for less than an hour before things took a turn: A police officer was wounded by a gunshot.

Only one member of the group is accused of pulling a trigger, but 19 people went to jail on state and federal charges. Attorney General Pam Bondi labeled the defendants terrorists, and FBI Director Kash Patel bragged that it was the first time alleged antifa activists had been hit with terror charges.

Months later, the Trump administration recycled the label to smear Renee Good and Alex Pretti, Minneapolis residents who were shot and killed by federal immigration agents. They were supposedly dangerous left-wing agitators, in Pretti's case legally carrying what the government said was a "dangerous gun." The videos of Good and Pretti's killings disproved the administration's lies.

Unlike the Minneapolis shootings, the full events at Prairieland were not caught on video. Instead, a jury in federal court will hear evidence against nine defendants at a trial starting next week, which will serve as the first major courtroom test of the Trump administration's push to label left-wing activists as domestic terrorists.

"I wonder how they are going to make it stick when their attempts at framing Alex Pretti didn't work."

Court hearings in the case have taken place under heavy security, with police caravans whisking defendants to and from an Art Deco courthouse in downtown Fort Worth, Texas. Inside the courtroom, straight-backed officers maintain a perimeter.

The odds once looked long for the Prairieland group given the conservative jury pool and the seven defendants who pleaded guilty before trial, including several who are cooperating with the prosecution. The protests, crackdowns, and killings in Minneapolis, however, may have shifted perceptions of what happened seven months earlier in Texas.

"When they were crafting this indictment, they came up with that there is such a thing as a 'north Texas antifa cell,'" said Xavier de Janon, a lawyer representing one defendant in state court. "I wonder how they are going to make it stick when their attempts at framing Alex Pretti didn't work, fell flat on its face."

Jurors in the Prairieland case will be faced with key questions about protest in the Trump era. Are guns at protests a precaution or a provocation? Can the government succeed in using First Amendment-protected literature, such as anarchist zines, to win convictions? And how far can activists go when they believe their country is sliding into fascism?

Making Noise

Federal investigators and a support committee for the defendants offered starkly different takes on the purpose of the late-night gathering at the Prairieland Detention Center in Alvarado, Texas.

For the feds, it was a planned ambush of law enforcement staged with guns, black garb, and bad intentions. Prosecutors described the defendants as "nine North Texas Antifa Cell operatives." Supporters of the defendants say the protest was an attempt to conduct a noise demonstration, of the sort that have since become common outside U.S. Immigration and Customs Enforcement buildings in places like Chicago and Minneapolis.

Related "Antifa" Protesters Charged With Terrorism for Constitutionally Protected Activity

The Prairieland facility, which was built to hold 700 people, housed over 1,000 by the spring of 2025. The privately operated detention center was in the news again this week, when the family of a Palestinian woman detained there since last year on alleged visa violations said she had been hospitalized after weeks of deteriorating health.

On July 4 last year, a larger group of protesters had staged a traditional demonstration of the conditions inside the lockup. That night, a group of people who had conferred on an encrypted chat app arrived outside the detention center.

Around 10:37 p.m., the fireworks started flying, according to the testimony of an FBI agent at a pretrial hearing. Some of the group of a dozen or so slashed tires on cars in the parking lot near the detention center and sprayed "ICE Pig" on one car.

Guards called 911. Local police showed up. Within minutes, an Alvarado police officer who answered the call had been shot in the neck.

The U.S. attorney's office alleges that the shooter was Benjamin Song, a former Marine Corps reservist who was a fixture in local left-wing organizations such as the Socialist Rifle Association and Food Not Bombs.

At a preliminary hearing in September, prosecutors painted a dramatic picture of the shooting: Minutes after police arrived, Song allegedly shouted "get to the rifles" and let loose with an AR-15 that had a modified, binary trigger designed to fire at a fast rate.

At the same hearing, however, defense attorneys poked holes in the government's narrative that the shooting had been planned.

Prosecutors' case that the group wanted to commit violence depends heavily on messages that members of the group allegedly sent through the encrypted messaging app, Signal, or at an in-person "gear check" before the action.

"I'm not getting arrested," Song allegedly said at one point.

Defense attorneys objected to the idea that such ominous-sounding statements were proof that the group planned an attack.

Read our complete coverage

Chilling Dissent

Under questioning from a defense attorney, an FBI agent acknowledged that no one had talked about killing police that night in the Signal group. Meanwhile, in addition to guns and black clothes, the protesters brought bullhorns.

One defense attorney asked an FBI agent on the case whether the group's members might have thought they needed guns for self-defense from police.

"A person peacefully protesting, I would say there's no risk to be killed by law enforcement," said the agent, Clark Wiethorn.

When asked whether he would acknowledge that at least some of the protesters had no plans to commit violence, the agent pushed back.

"I would say every person out there had the knowledge of the risk of violence," Wiethorn said.

While the government has portrayed the group as a disciplined team of antifa attackers, the messages show members of the group squabbling.

"All this stuff was kind of ad hoc," said Patrick McLain, the attorney for defendant Zachary Evetts. "When I'm reading these texts, they were just all over the place, and they're getting into stupid arguments with each other."

Casting a Wide Dragnet

Song, the former Marine accused of shooting the officer, managed to escape a massive police response that night. According to testimony at a pretrial hearing, they hid in brush for 24 hours before supporters whisked them away.

Shawn Smith, an assistant U.S. attorney, said at the hearing that the fact that so many people were willing to help Song "speaks to the kind of personality of Mr. Song and what he can motivate." At another point, he likened Song to a cult leader.

In the weeks that followed, investigators arrested and charged people with far looser connections to the action at Prairieland.

One of them was Dario Sanchez, a soft-spoken teacher who lives in a Dallas suburb. He was at home on the morning of July 15 when officers ripped open his door and tossed flashbangs to gain entrance.

In an interview with the Intercept, Sanchez said he was taken away in handcuffs. Law enforcement attempted to question him in a car, warning him that he faced decades in prison if he did not cooperate. Sanchez said he told his interrogators that he knew nothing about the July 4 protest - but that did not stop them from arresting him.

The allegations, Sanchez would later learn, centered on the claim that he purposefully booted a defendant accused of helping Song out of a Discord group chat operated by the Socialist Rifle Association.

Sanchez was arrested twice more, once when he was rearrested on a new charge, and another time on an alleged probation violation.

He faces only state charges in Johnson County, Texas, and he plans to take his case to a trial that has been set for April, after the federal proceeding is over.

Law enforcement has delved deep into messages among the protesters that night that appear to show allegiance to antifascism.

To boost their case against the defendants, the government has secured the services of a witness who works at a right-wing think tank, the Center for Security Policy, that was founded by Islamophobic conspiracy theorist Frank Gaffney.

Related The Feds Want to Make It Illegal to Even Possess an Anarchist Zine

Prosecutors also highlighted the pamphlets and zines that two of the defendants were publishing from a garage printing press, and the membership of some defendants in a local leftist reading group, the Emma Goldman Book Club.

The titles the government spotlighted at the September hearing include "Safer in the Front," "Our Enemies in Yellow," and "Why Anarchy."

One defendant faces charges solely for ferrying such materials from one residence to another at the request of his wife, which advocates say essentially criminalizes the possession of materials protected by free speech.

"I think what they're going to be poring through in those things is any writings in there that advocate violence or harm, and somehow they are going to try to stretch that out," McLain said. "They are really stretching."

Judging by the Signal messages obtained by the government, many of the Prairieland defendants self-consciously distanced themselves from more mainstream protesters. Still, the case could have implications beyond the Dallas-Fort Worth anarchist and socialist scenes - even though at the September court hearing, a prosecutor appeared to express surprise at schisms on the left.

"They actually don't like these liberal protesters who are out there just holding signs?" Shawn Smith, the prosecutor, asked the FBI agent, who agreed with him.

"These people can't imagine that someone would care about someone else."

The Trump administration cited Prairieland as part of a supposed wave of antifascist terrorism backed or encouraged by nonprofits and Democrats. In his National Security Presidential Memorandum-7, or NSPM-7, issued in September, Trump cited both the assassination of Charlie Kirk and the Prairieland action as proof of a wave of organized political violence from the left.

"A new law enforcement strategy that investigates all participants in these criminal and terroristic conspiracies — including the organized structures, networks, entities, organizations, funding sources, and predicate actions behind them — is required," Trump said.

Although many of the Prairieland defendants had already been arrested by the time of NSPM-7 was issued, it was only in October that the government obtained its first indictment charging some of them with material support of terrorism.

Sanchez believes prosecutors have pursued the case so aggressively because of a "weird antifa delusion."

"These people can't imagine that someone would care about someone else, really," Sanchez said. "Why the hell would a bunch of people show up to protest outside an ICE detention center? Why would anyone care about these people? They can't fathom that people would have that amount of empathy, and so in their minds, they have to cook up the idea that this has to be some kind of weird conspiracy."

The post Texas "Antifa Cell" Terror Trial Takes on Tough Questions About Guns at Protests Against ICE appeared first on The Intercept.

Has the OS also jumped the shark?

Microsoft's Raymond Chen has revealed an unexpected use for the company's lawyers: securing permission from the cast of Happy Days so a Weezer music video could ship on the Windows 95 CD.…

Mullvad, a virtual private network (VPN) named after the Swedish word for "mole," is often recognized as one of the best VPNs for privacy. I put it on my best VPN list for exactly that reason. I've got huge respect for the extra lengths Mullvad goes to in order to ensure its user's privacy.

To give you a preview, Mullvad is one of the few VPNs — other than my normal privacy recommendation, Proton VPN — that lets users pay entirely in cash. But even Proton VPN asks for an email address to make an account and uses a few marketing cookies on its own website. Mullvad represents every account as a randomly generated 16-digit code and uses no marketing cookies whatsoever.

That's just one example of how Mullvad goes beyond the call of duty to keep users private. But while privacy is the most important aspect of a VPN alongside security, it's not the only thing that matters. For this review, I set out to investigate whether Mullvad pairs its rights-protecting bonafides with versatile, convenient and enjoyable VPN apps. Using our rigorous VPN testing procedure, I'll rate Mullvad in 11 areas. You can find a summary of my results in the table below, skip to the sections that matter most to you or just read my final advice in the conclusion.

Editor's note (2/11/26): We've overhauled our VPN coverage to provide more detailed, actionable buying advice. Going forward, we'll continue to update both our best VPN list and individual reviews (like this one) as circumstances change. Most recently, we added official scores to all of our VPN reviews. Check out how we test VPNs to learn more about the new standards we're using.

Findings at a glance

Category

Notes

Installation and UI

All apps share roughly the same user interface

Apps are responsive and easy to navigate, with no design choices that would threaten beginners

Lack of "fastest server" button is an issue

Browser extension is only available on Firefox and still in beta

Speed

Reasonably good average latency

Reduces download speeds by 26 percent and upload speeds by 17 percent

Speed declines are consistent and chartable

All speed metrics are quite good on nearby servers

Security

Only uses WireGuard protocol

No IP address leaks, even when switching servers

Packet test showed successful encryption

Pricing

Always costs 5 Euro per month, though prices outside Europe depend on exchange rates

No auto-renewal — membership lasts until money runs out

Can pay using cash or by purchasing scratch-off vouchers on Amazon

14 day money-back guarantee, except on cash payments

Bundles

Only app besides the VPN is the free Mullvad Browser, which removes the tracking habits of typical web browsers

Allows several smaller VPNs to use its servers in their networks

Privacy policy

No vague lines or loopholes in privacy policy

Only saves account numbers and expiration dates for each user

Uses an extremely limited range of cookies with no marketing trackers

Has undergone a total of 17 audits of different aspects of its service

Swedish police demanded customer information in 2023; Mullvad couldn't comply because the data wasn't logged

Virtual location change

Unblocked Netflix 13 out of 15 times

When it failed, virtual location was still changed

Server network

90 locations in 50 countries, majority in North America and Europe

No virtual servers whatsoever

Features

DAITA conceals traffic patterns that might let an AI identify what sites you visit

Uses quantum-resistant encryption on WireGuard

Can choose your own multihop entry and exit points

Several options for getting around nation-level firewalls

Can block ads, trackers, malware and other unwanted content using predetermined DNS block lists

Supports IPv6 traffic

Kill switch and stronger lockdown mode

Split tunneling by app

Customer support

Help center includes useful filters to find the topic

Well-written articles with good internal linking

No live chat support, but staff answers emails quickly

Can view app logs at any time

Background check

Founded in 2009 in Sweden; still owned and operated by initial founders

User account numbers were exposed in a 2023 incident, but Mullvad quickly closed the leak

Installing, configuring and using Mullvad

Let's start by examining how Mullvad feels as a piece of software. In this section, I'll be testing its desktop apps for Windows and Mac, its mobile apps for Android and iOS and its browser extension for Firefox. To start with the installation process, Mullvad downloads and installs in a snap on mobile. On desktop, installation requires a few more steps than is typical, but the app guides you quickly through everything.

Across the board, my only serious complaint is that there's no option for automatically choosing the fastest server. You can usually assume that the nearest one to you will be the fastest, but there's always the chance of an unusual server overload. It's a bizarre oversight for an app that otherwise goes out of its way to be usable.

Windows

Mullvad's Windows app has a slim UI that uses space efficiently without being too cramped. It doesn't give you a lot of information, such as live speed tests or data in transit, but I've mostly found that to be needless filler on VPN apps.

Mullvad on Windows. Sam Chapman for Engadget

Speaking of needless filler, the map may be a little bigger than it needs to be, but maps on VPN clients aren't just about teaching you geography — they do a lot to make the apps more welcoming to casual users who might not otherwise fire up security software. In fact, Mullvad's UI is admirably beginner-friendly, befitting its focus on privacy for everybody rather than just the tech-savvy.

All the settings are accessed by clicking the gear in the top-right. Here, you can turn on DAITA (Mullvad's defense against AI traffic scanning), activate multihop and control Mullvad's other features. There are also some quality-of-life features for the UI itself, such as whether it remains pinned to the taskbar or operates as a standalone window. Some options, especially under the VPN settings tab, are a bit technical, but don't need to be touched for a good experience.

Mac

Mullvad's macOS app is quite similar to its Windows app, both in terms of the interface and the features offered. The big difference used to be that macOS lacked split tunneling, but that's been added in a recent update. The only serious distinction now is that the Mac client can't be unpinned from the taskbar, which is just a little bothersome.

Mullvad on Mac. Sam Chapman for Engadget

Other than that, you'll find every setting you need under the gear, just like on Windows. Similarly, connections to VPN servers happen quickly, and selecting locations from the menu is very straightforward. While connected on either app, you can click the circular arrow by your location to swap to another server in the same location — highly convenient if you're trying to unblock Netflix.

Android

Mullvad's Android app has the same nearly-perfect design approach as all its other apps. The main page has nothing on it but the connect/disconnect button, the choice of server locations, a map and the buttons for your account information and preferences. Those preferences are a manageable set of options that are almost all managed with simple on-off switches. It's all highly responsive and annoyance-free.

Mullvad on Android. Sam Chapman for Engadget iOS

Mullvad's iOS app looks very similar to its apps on every other platform. The front page is kept simple, with large controls in the foreground and a map taking up most of the space. Everything else is located in the menu accessed through the gear icon at top right. Neither mobile app has the options for toggling the UI itself that the desktop apps have, but it's mostly free of quality-of-life problems to start with.

Mullvad on iPhone. Sam Chapman for Engadget Browser extensions

Mullvad's browser extension is only compatible with Firefox. You can't actually connect to the VPN through this extension. Its main functions are to tell you whether you're connected to a Mullvad server and to connect to a SOCKS5 proxy in a Mullvad location. If you do this while connected to Mullvad through the desktop app, you'll get a second layer of protection, similar to the multi-hop feature.

The Firefox extension is a rare misfire for Mullvad — perhaps fair, since it's still in beta. Its only real feature is something that the desktop app already does perfectly well, and it looks like a software malfunction to boot. However, given Mullvad's track record, I'm confident they'll figure out what to do with it in time.

Mullvad speed test

A VPN almost always slows browsing speeds and increases latencies. It's unavoidable, given the extra steps a VPN protocol adds to the process of getting online. The trick is to find VPNs that keep the slowdown to a minimum, using a combination of regular maintenance, good planning and smart load balancing.

For this test, I used speedtest.net to check how six of Mullvad's server locations influenced three key speed metrics. Ping measures latency, the time in milliseconds (ms) that one data packet needs to travel between a client device and an ISP. Download speed measures the amount of data in Megabits that a web browser can download in one second. Upload speed tracks how much data can be uploaded in a second. We're looking for low latencies and high download and upload speeds.

Server location

Ping (ms)

Increase factor

Download speed (Mbps)

Percentage drop

Upload speed (Mbps)

Percentage drop

Portland, USA (unprotected)

15

—

58.96

—

5.85

—

Seattle, USA (fastest location)

23

1.5x

55.07

6.6

5.51

5.8

Montreal, Canada

165

11.0x

44.28

24.9

4.62

21.0

Fortaleza, Brazil

307

20.5x

40.96

30.5

4.65

20.5

Prague, Czechia

368

24.5x

43.17

26.8

5.47

6.5

Lagos, Nigeria

528

35.2x

37.41

36.6

4.61

21.2

Bangkok, Thailand

473

31.5x

39.76

32.6

4.13

29.4

Average

311

20.7x

43.44

26.3

4.83

17.4

I'll start with the bad news: the tests didn't exactly make Mullvad look like a speed demon. Its speeds have gone up and down in the years I've been using it, and right now they appear to be on the downswing. If you use locations all around Mullvad's server network, you can expect your download speeds to decrease by about 26 percent and your upload speeds to decline by 17 percent.

However, it's important to put those numbers in perspective. First, Mullvad's numbers aren't markedly worse than the ones I got when testing CyberGhost. Its speeds are average, but by definition, most things are average. Its average worldwide latency is actually better than Surfshark, the current champion of download and upload speeds.

Speed-testing a Mullvad server in Los Angeles. Sam Chapman for Engadget

It's also nice that Mullvad's speed drops follow a predictable curve. Lots of VPNs have unexpectedly sharp declines in certain locations, frequently in Africa. By contrast, Mullvad's speed decreases pretty much as a direct function of how far from the server you are. This not only makes speed drops easier to plan around, but also means you can expect very good speeds on nearby servers.

This property of being fastest on servers near the user is another sign of Mullvad's focus on its core privacy mission. If anonymity is your main reason for using a VPN, it doesn't matter what your IP address is, so long as it's not your real one. Using a nearby Mullvad server should guarantee you an internet connection that's both fast and private.

Mullvad security test

To be secure, a VPN has to check two critical boxes. It must provide you with a secondary IP address without leaking your real one, and it must encrypt your communications with its servers so your activity can't be traced. In the sections below, I'll see whether Mullvad meets those requirements.

VPN protocols

VPNs use protocols to mediate between end devices, ISPs and their own servers. The first step is to ensure that the service you're considering uses protocols that have expert confidence. Mullvad has kindly made this step easy for me by using only WireGuard on all its apps, with no OpenVPN, IKEv2 or in-house unique protocols.

There's no question that WireGuard is a solid protocol. It uses the ChaCha20 stream cipher for symmetric encryption and Poly1305 for authentication, both uncrackable with current technology. Mullvad has even added its own fix for WireGuard's one flaw, its need to save static IP addresses — the Mullvad implementation is set up to delete the IP address if it goes 10 minutes without being used.

Even so, it's unfortunate to lose the ability to change protocols, which is one of the most common steps for troubleshooting a VPN connection. I understand Mullvad's reasoning for cutting out OpenVPN (it claims the cryptography isn't strong enough) but don't agree. It's one of this provider's few unforced errors.

Leak test

There's a straightforward test to determine if your VPN is leaking. Load up any website that shows your IP address — I personally use ipleak.net — and see what IP and location it reveals without your VPN active. Then activate the VPN and refresh the page. If you see your real IP address anywhere, your VPN is leaking.

Testing Mullvad for IP leaks. Sam Chapman for Engadget

I ran that test on five Mullvad servers. Each time, the website showed me the IP address of the VPN server, concealing my real one. To keep things simple, I ran the initial tests with IPv6 blocked via the Mullvad client. When I turned it on and tried again, the IPv6 traffic didn't leak any more than the IPv4 did. I also saw no signs of WebRTC leaks. Unless you set up a custom DNS server, Mullvad also uses its own DNS, which remains entirely within the VPN tunnel.

I had one more leak test to try. Frequently, VPNs are leak-proof when maintaining a connection to one server but drop encryption when switching between servers. That problem is why I ultimately couldn't recommend Norton VPN. Luckily for me, Mullvad has a button that lets you shuffle to another server in the same location, so I used that to see if it stayed leak-proof.

Mullvad doesn't leak your IP even while changing servers. Sam Chapman for Engadget

As you can see in the screenshot, Mullvad jumped seamlessly from one server to another without showing my real location in-between. On a practical level, that's enough for me to declare Mullvad leak-proof.

Encryption test

For one final experiment, I used the WireShark packet sniffer to see whether the data Mullvad sent from my computer to my ISP was encrypted. After capturing a few packets, I was gratified to see that they were totally unreadable to interlopers. Most established VPNs pass this test, but it's still important for due diligence.

How much does Mullvad cost?

Mullvad's pricing structure is one of the most unusual things about it. This is normally the section where I untangle 47 different Pro+ and Business- accounts that are all sold at three different durations. Mullvad couldn't be further from that. It costs 5 Euro a month — that's it. Each 5-Euro subscription can be used on five devices at once.

It manages payments through a system inspired by parking meters. When you sign up for Mullvad, you'll buy as much time as you want. That time will count down until it expires, unless you top it up with more 5-Euro payments. If you run out of money, Mullvad won't charge you a new subscription fee because you didn't tell it not to. It'll just stop working until you pay again. Every payment also comes with a 14-day money-back guarantee, except for payments made in cash.

The Mullvad account dashboard. Sam Chapman for Engadget

The only real complexity in the process is that Mullvad always figures out its prices in Euro, so outside the EU, the cost per month is affected by exchange rates. If you happen to live in a country where the government's economic policy shuttles between capricious and arbitrary, you might want to grab a few months in advance.

The other most interesting thing about Mullvad's pricing is the options you can use to pay. For maximum privacy, you can pay with cash using the payment token you'll find on your account page. Note that this is not the same as your account number. To find it, log into your dashboard on Mullvad.net, click Add time to your account in the left-hand bar, then click the button labeled Cash and scroll down. Make your cash payment by writing the token on an envelope and mailing it to Sweden (full instructions here).

Unredacted, in case any hackers out there want to buy me some more time. Sam Chapman for Engadget

You can also get untraceable Mullvad vouchers by paying cash at participating retail locations. Most of them are in Europe, but you can order them from Amazon. While your payment to Amazon won't be private, the voucher can't be linked directly to your VPN account, since the actual number is hidden behind a scratch-off panel. It's actually pretty ingenious.

Of course, you can also pay using any of the normal methods, including credit cards, cryptocurrency and bank wires (though not PayPal). But the more private methods are always there for people who need them.

Mullvad side apps and bundles

Mullvad is that rare VPN that's still content to be a VPN and not an all-inclusive security suite. No shade to NordVPN or Surfshark, whose extra features are generally quite good, but it's nice to see at least one of the top providers staying focused.

Although Mullvad doesn't have any partners that sell their products alongside its VPN, it does have several partnerships with other VPNs who use its network as the basis for their own products. MalwareBytes Privacy VPN, Mozilla VPN, Tailscale and Obscura can all be considered Mullvad side apps if you squint.

Mullvad Browser

Mullvad's only product other than the VPN is Mullvad Browser, which is free to download and works on Windows, macOS and Linux. Mullvad Browser works in the background, blocking common methods of browser fingerprinting that can be used to deduce your identity even when you have a VPN running.

For example, it automatically reports your time zone as UTC, disguises personal preferences like font and window size, scrambles information sent by APIs and conceals your browser version and computer operating system. It's also in private mode by default, which doesn't hide what your ISP sees but is useful for concealing your activity from other people that might use your computer.

Close-reading Mullvad's privacy policy

Since privacy is Mullvad's main selling point, this section is even more important than usual. Loopholes in the privacy policy of the privacy VPN would be deeply ironic. Fortunately, Mullvad's privacy policy backs up its high-flying rhetoric. It's a short, pointed and readable document with no problems I could discern. Mullvad has no parent company or subsidiary it might use as a loophole, and no clauses in its policy are left open to interpretation. It's a masterpiece of the privacy-policy genre.

The document is actually three policies: a privacy policy, a no-logging policy and a cookie policy. The privacy policy lists all the times Mullvad might collect data about a user. That's exactly two situations — using financial information to process payments (which will be entirely anonymous if you use cash or a voucher) and using your email address to track support tickets you open. That's it.

The no-logging policy is a bit longer, but mostly because it's explaining exactly how Mullvad manages to run a VPN service with so little information on individual users. For each account, it stores a number and an expiration date, plus public keys and tunnel addresses if you're using WireGuard (deleted at most 10 minutes after your session ends). Everything else is completely anonymized. Mullvad even claims that its 500,000 or so user accounts could have been created by the same user 500,000 times, which I suppose is one way to spend 2.5 million Euro.

The cookie policy is the shortest because Mullvad uses exactly five cookies. One saves your login status in your browser, one saves your language preferences, one protects its site from being used in a specific kind of forgery hack and the other two are for handling Stripe payments.

Independent privacy audits

Mullvad corroborates its privacy policy with regular audits of various aspects of its service. Currently, there are 17 audits listed on its website, including four infrastructure audits by Cure53. All of its apps have been separately audited and found to be solid. It has been a couple of years since the last full infrastructure audit in 2024, but given how many other targeted reviews Mullvad has gone through since then, it's hard to be too upset about the pause.

In 2023, Mullvad achieved the holy grail of VPN privacy: being ordered by subpoena to turn over customer information and not being able to comply because that information didn't exist. Nothing compares to a VPN's privacy being tested in the wild like this.

Can Mullvad change your virtual location?

Sometimes, a VPN appears to be working, but still reveals your real location to websites. Netflix is a useful proxy for this. To unblock a streaming site like Netflix, a VPN needs to change your virtual location while not appearing to do so — if Netflix sees any hint of VPN traffic, you'll get blocked with the hated proxy error. I used five different locations to check whether Mullvad is up to the streaming task.

Server location

Unblocked Netflix?

Changed content?

Vancouver, Canada

3/3

3/3

Gothenberg, Sweden

2/3

2/3

Istanbul, Turkey

3/3

3/3

Johannesburg, South Africa

3/3

3/3

Singapore, Singapore

2/3

2/3

Mullvad did well for streaming, but it didn't manage a perfect score like its fellow anti-establishment VPN Windscribe did. Two of the 15 servers I tested failed to unblock Netflix, one in Singapore and one in Mullvad's hometown of Gothenburg. I also had trouble logging into Netflix while connected to a Vancouver server, though that server did unblock the site consistently once I got inside.

Mullvad's servers all tricked Netflix into believing my new location. Sam Chapman for Engadget

In Mullvad's defense, no location failed more than once. It's completely possible to get good streaming performance out of this VPN; you just have to be willing to click the server refresh button a few times. Privacy is still the main use case for Mullvad, but it's fine for streaming too.

Investigating Mullvad's server network

Mullvad has 90 server locations in 50 countries and territories. Unusually for a VPN, users can choose between all 590 of its total servers, including several in each location. There's even a list on its website that shows you the status of every server.

Mullvad does not use virtual server locations, so every server is physically located in the place where it claims to be. Here's how they're distributed.

Region

Countries with servers

Total server locations

North America

3

25

South America

5

6

Europe

29

41

Africa

2

2

Middle East

2

2

Asia

7

8

Oceania

2

6

Total

50

90

Over half the countries with servers are in Europe and over two-thirds of the cities with servers are in either Europe or North America. That lopsided network is a limitation of Mullvad's refusal to use virtual server locations, since its real servers have to be concentrated in nations developed enough to host data centers. With an all-real network, it's easier to tell which servers will give you the fastest performance, but you can't simulate as much of the world as you can with larger services like ExpressVPN.

The good news is that there's at least two real server locations on every continent. Mullvad has a surprisingly robust presence in South America and two bare-metal servers in Africa, which is more than some other VPNs have. In the end, though, the best application of Mullvad is to protect the online privacy of users in North America, Europe and eastern Asia.

Extra features of Mullvad

Most of Mullvad's features are augmentations to the VPN itself, rather than side options that do other things. Some of them are bread-and-butter, like the kill switch and split tunneling, but a few you won't find anywhere else. Note beforehand that Mullvad does not support port forwarding, so if you depend on that for your torrenting, try another VPN.

DAITA AI defenses

Mullvad's most novel feature is a recent one. DAITA, which stands for Defense against AI-guided Traffic Analysis, can be toggled on and off in the Mullvad app. According to Mullvad, certain patterns in how browsers communicate with websites can be analyzed by AI to reveal the truth behind encrypted internet history. DAITA hides those packets by filling communications with background noise so the AI won't know what's real.

Mullvad's anti-AI settings. Sam Chapman for Engadget

DAITA is a laudably forward-looking feature, but as Mullvad itself admits, it will make your browsing speeds slower and drain your battery. I recommend only using it for activities you really want to hide.

Quantum resistance

Mullvad's desktop apps establish quantum-proof WireGuard tunnels by default. Quantum computing isn't yet a threat to WireGuard, but it may become dangerous in the future, so Mullvad is getting ahead of the problem (along with a few other services like NordVPN). When quantum resistance is active, Mullvad encapsulates its keys using the current standard mechanism, ML-KEM.

Anti-censorship

If you find yourself in a country where government censorship makes it hard to access the internet, Mullvad has options that might help. These anti-censorship features can be used to get around firewalls that block visible VPN traffic. You have several options, including changing your WireGuard port, randomizing your port number, disguising your VPN traffic as an ordinary HTTPS connection or using an obfuscated Shadowsocks proxy.

Mullvad's anti-censorship involves more features than most VPNs have in this area. This makes it a bit less user-friendly, but a lot more likely to work. If you're new to getting around censorship, Mullvad's help center has a helpful page about using its anti-censor settings.

Multihop

Many VPNs offer a double-hop connection that routes your traffic through two servers instead of one, adding a redundant layer of encryption in case one server malfunctions. Mullvad pulls ahead of the competition (except Surfshark, which also does this) by allowing you to choose your entry and exit servers. When you activate the multihop option and open the server list, you'll be prompted to pick two locations instead of one.

Mullvad's server list with multihop enabled. Sam Chapman for Engadget

This means you can select an entry server that's close to you and an exit server in any country whose location you want to spoof, letting you fine-tune your own performance. It's way nicer than being railroaded into certain paths.

DNS content blockers

Mullvad includes six blocklists that can keep you or your family members from looking at unwanted content: ads, trackers, malware, gambling, adult content and social media. These lists can't be customized like Windscribe's R.O.B.E.R.T. blocks can, so you're limited to just turning them on and off.

IPv6 support

The internet is gradually transitioning from the old IPv4 standard over to IPv6, which will allow many more addresses to be shared out. Mullvad is one of a few VPNs looking ahead to the IPv6 era. You can leave it to block all IPv6 traffic, but if you do need IPv6 for any reason, you can enable it while still being connected to a Mullvad server.

Kill switch and lockdown mode

Mullvad comes with two features that protect against unexpectedly losing your VPN defenses. The first is a kill switch, a common VPN option that cuts off internet access if the VPN tunnel ever fails. This simple measure helps guard against accidental leaks.

Lockdown mode is the stronger option. While it's active, you will be unable to get on the internet unless you connect to a Mullvad server first. This will remain true if you turn the connection off yourself and even if you quit the app.

Split tunneling

Split tunneling is available on Mullvad's apps for every system except iOS. It lets you send some apps outside the VPN tunnel so they get online with your normal IP address. It's helpful if you have some apps that don't work with the VPN active — this is common with online banking, as an example. Another common application is to protect a torrenting client in the background while using your browser unprotected for better speeds.

Mullvad customer support options

Mullvad makes two forms of support available in the app. You can report a problem by going to Settings -> Support -> Report a problem, typing your question (requested to be in either English or Swedish, though they'd probably be able to read a question run through Google Translate) and optionally providing your email. You can also view the app's logs at any time, which can be useful to help a technician diagnose your problem.

If you'd rather search for a solution at your own pace, you can go to that same page and click FAQs and Guides instead. This opens the help center in a browser.

Mullvad's help center, including the dropdown filter menus. Sam Chapman for Engadget

I love Mullvad's approach to laying out its FAQs. Instead of crowding topics into five or six categories and making you guess whether your problem falls under setup, usage or troubleshooting, Mullvad gives you a set of dropdown filters to narrow down the articles which might relate to your problem.

By the time you've named which device, OS and protocol you're dealing with, you won't have many articles left to sift through. There is an annoying tendency for certain sets of filters to reduce the number of surfaced links to zero, but for those cases, there's a search bar that also works well.

The articles themselves are good enough that I referred to them several times while writing this review. Some of them are a bit overlong, but they're diligent about including both internal and external links to get you where you're going fast.

Live support experience

This is normally where I cover how it feels to get live chat support from the VPN I'm reviewing. However, Mullvad doesn't have live chat support. That's unfortunate, although it's still better than Windscribe's approach of forcing you to banter with a sarcastic robot. Instead, I sent a question via email to Mullvad's support team, and got a response within 24 hours.

Mullvad background check

Mullvad was founded in 2009 in Sweden. It's still owned and operated by its original founders. According to a detailed timeline on its website, its 16-year history has been as uneventful as any user could ask for, with not much changing except updates to stay on the technological leading edge. The only controversy mentioned in Mullvad's own materials is the 2023 police raid of its headquarters, which (as I covered in the privacy section) only makes them look better.

So as not to take Mullvad at its word, I scoured the last 16 years of news items and user reports to search for any other blemishes on its record. Based on that research, I found no reason to doubt Mullvad's honesty about its location, owners or team.

I found just one leak that wasn't noted on Mullvad's own site. In 2023, a security research group called ZATAZ alleged that it found anonymized information on Mullvad users saved on an Internet Archive page, including account numbers (linked article is in French). According to ZATAZ, Mullvad contacted the Archive and got the page deleted.

To my mind, the only mistake Mullvad made in response to the ZATAZ allegations was not making a public statement about the incident. I can see why they didn't think it was a big deal, since even logging into someone else's Mullvad account wouldn't show you their browsing history, but it's always better to communicate about these things.

Final verdict

Mullvad is a VPN that knows what it wants to be and achieves that goal with flying colors. It's not trying to be an everything app — it does privacy and does it well. That's not to say it has nothing going on outside the VPN itself, as its DNS blockers, AI defenses and split tunneling all work smoothly. But if you want a VPN that's not ashamed to be a VPN, Mullvad is the right choice.

Of course, it has its own compromises. It's solidly in the middle of the speed pack and occasionally trips up when unblocking streaming sites. The lack of any protocols other than WireGuard grates on me a bit, since it reduces the user's options for troubleshooting. With all that said, those are minor hiccups on a VPN that does such a thorough job keeping you anonymous online.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/vpn/mullvad-vpn-review-near-total-privacy-with-a-few-sacrifices-130000056.html?src=rss

200,000-strong union says spy-tech firm's ICE work undermines patient trust

British doctors are being urged to pull back from the NHS Federated Data Platform (FDP) after their union called on members to stop non-clinical use of the Palantir-built system.…

Attackers using social engineering to exploit business processes, rather than tunnelling in via tech

Exclusive When fraudsters go after people's paychecks, "every employee on earth becomes a target," according to Binary Defense security sleuth John Dwyer.…

Mac faithful aghast at helpful wallet-emptying suggestions

Apple fanbois are realizing what the Creator Studio subscription means for its productivity apps, and many are unhappy with the direction of travel.…

US members of Congress who viewed the latest Epstein files unredacted have accused the US department of justice (DOJ) of covering up for billionaires and exposing victims. US lawmakers are entitled to view the original files under US legislation on the investigation.

The same legislation says that federal officials can only redact to protect the identity of victims and explicitly excludes protecting others. However, the DOJ has obscured many names of Epstein associates and perpetrators.

Epstein cover-up

Representative Jamie Raskin, ranking member of the congressional judiciary committee, said that the DOJ is "in a cover-up mode". He added that the chaotic and illegal nature of the redactions is either "spectacular incompetence" or, more likely, deliberate illegality:

I went over there, and I was able to determine, at least I believe, that there were tons of completely unnecessary redactions, in addition to the failure to redact the names of victims, and so that was troubling to us.

They violated that precept [of redacting only to protect victims] by releasing the names of a lot of victims, which is either spectacular incompetence and sloppiness on their part, or, as a lot of the survivors believe, a deliberate threat to other survivors who are thinking about coming forward, that they need to be careful because they can be exposed and have their personal information dragged through the mud as well.

I saw the names of lots of people, who were redacted for mysterious or baffling or inscrutable reasons.

Lawyers have said US law is unclear whether it's legal to reveal the redacted names. However, Raskin's Democrat colleague Ro Khanna used his congressional privilege to read out the powerful names he had seen:

Raskin also named Victoria's Secret founder Les Wexner, as a wealthy figure whose name had been blacked out. He added that he was going to demand that Trump's attorney general Pam Bondi will correct the redactions when she testifies to his committee on Wednesday 11 February:

We're going to start by posing questions directly to attorney general Bondi about the process that produced such flawed results, and that has created such mystery. But also, we want to get a commitment from the Department of Justice to clean it up as quickly as possible, and to get them to release the millions of other documents that are still out there.

The DOJ has released only about half of the Epstein files. It has admitted that it is withholding the worst, and that this includes footage of rapes, torture and murder of helpless victims.

For more on the the Epstein Files, please read the Canary's article on how the media circus around Epstein is erasing the experiences of victims and survivors.

Featured image via YouTube screenshot/Forbes Breaking News

By Skwawkbox

Handwritten notes made in prison by serial child-rapist Jeffrey Epstein show him writing "jail out = 10". It may well indicate that Epstein expected to be out of prison on the 10th day of a month, which is, of course, the day he allegedly died. Or, it could be the ramblings of a predatory child rapist who was becoming increasingly unhinged.

Epstein's handwritten notes: clues or ramblings?

Epstein's 'death' has now been cast into doubt by evidence found in the latest release of US government files. Prosecutors prepared an announcement of his supposed suicide a day before it happened. A subpoena revealed that an anonymous message board post describing Epstein's removal from prison - posted before his 'death' was announced - had been written by a prison guard on duty that night.

The latest discovery will only fuel suspicions that Epstein is still alive.

File EFTA00134596 and its adjacent release EFTA00134597 contain notes scribbled on a yellow pad in Epstein's spidery handwriting. While much of it is either coded or difficult to read, much also is not.

One of the pages, alongside sketches that may show containers or building layouts, has clear mentions of:

• Israel
• Jet - US prop
• Guards
• govt clear
• Niger/Nigeria
• Visa
• Red notice (a request to law enforcement worldwide to locate and provisionally arrest a person pending extradition, surrender, or similar legal action).
• Gangsters
• Banks
• Computer
• Tourist
• Gaza
• Muslim

Along with several names:

But the other is briefer. Shown upside down in the file, when rotated it shows, among initials:

• JAIL OUT = 10

What all of this means when put together is unclear - but it could be that Epstein was laying out his train of thought around some kind of plan. Or, it could be the desperate and deranged scribblings of a man who, even then, did not care about his victims - only himself. All of this will only add to speculation the child rapist's death was not all that it seemed.

For more on the the Epstein Files, please read our article on how the media circus around Epstein is erasing the experiences of victims and survivors here.

Featured image via the Canary

By Skwawkbox

US politician Ilhan Omar has burned Donald Trump so hard that it was felt by an ancestor in the small town of Kallstadt in Germany's Rhineland in 1608.

Omar has often clashed with Trump. Proudly Muslim, left-wing, and Somali, the firebrand Minnesota democrat embodies everything Trump and his goons despise. She has never been cowed before The Mighty Hairpiece and today was no exception.

Omar was commenting on a new Fox interview in which Trump was once again putting the boot into Somali-Americans - including Omar specifically. The president has often singled out the group to whip up hatred in his second term.

Trump told Fox News:

Somalia has come in here — what they've done to our country, these people — they've come into our country, and what they've done with that fake congresswoman. She's so bad.

Trump: "Somalia has come in here — what they've done to our country, these people — they've come into our country, and what they've done with that fake congresswoman. She's so bad." pic.twitter.com/SX5idZqV3R

— Aaron Rupar (@atrupar) February 10, 2026

Omar spotted the clip and noted:

The leader of the Pedophile Protection Party is trying to deflect attention from his name being all over the Epstein files. At least in Somalia they execute pedophiles not elect them.

The leader of the Pedophile Protection Party is trying to deflect attention from his name being all over the Epstein files.

At least in Somalia they execute pedophiles not elect them. https://t.co/xC3Ype3zXI

— Ilhan Omar (@IlhanMN) February 10, 2026

Trump is under pressure over the small matter of his name cropping up literally thousands of times in the Department of Justice's (DOJ) Epstein files.

In case you've been cut off in a mineshaft for a few months, Trump's long association with the dead child-rapist Jeffrey Epstein is causing him no end of bother.

He's also been framing Somali people as some sort of enemy within, not least in Minnesota where his paramilitary goons have executed two people this year.

Ilhan's fun day out gathering Trump together

What follows is simply series of GIFs because no words can describe how hard this went:

"At least in Somalia they execute pedophiles not elect them." https://t.co/smDgJahPTF pic.twitter.com/yEmoPu01o2

— TTCA - The Musical (@Brosnan_in_1997) February 11, 2026

Also this one:

GET THEMMMMMM https://t.co/yjuCYAaPIU pic.twitter.com/yz1ozGLDQV

—

For families living with neurodegenerative disease, the hardest part is not always the diagnosis. It is the slow erosion that follows: memory fading, personality shifting, independence shrinking. It unfolds quietly. First, forgotten appointments. Then repeated questions. Then moments when a familiar face no longer feels familiar. The illness does not isolate itself to one body. It rearranges the lives around it. Partners become caregivers. Children become decision-makers. Conversations grow shorter. Patience grows thinner. Guilt creeps in, for being tired, for wishing things were easier, for missing the person who is still physically there. Neurodegeneration is rarely a single patient story.…

This story continues at The Next Web

Toyota has unveiled the 2027 Highlander, the first fully electric version of the vehicle and the automaker's fourth EV in the US. It's also the company's first EV assembled in the country and the first electric model with three rows of seats. The automaker already sells the electric C-HR crossover and the electric bZ SUV in the US. While the 2027 Highlander resembles its predecessors, its lines look sharper and it has broader fenders. In addition, it features flush door handles similar to Tesla's, which were designed for aerodynamics but which China recently banned out of safety concerns.

The new Highlander will be available in several varieties, specifically in Limited and XLE (Executive Luxury Edition) grades with either front-wheel or all-wheel drive configuration. If you get the Limited edition all-wheel drive with a 95.8 kWh battery, you can get a range of 320 miles on a single charge, based on Toyota's estimates. Take note that range estimates by manufacturers and the EPA could be different from each other. It would be more accurate to compare EPA ranges between vehicles across brands, because they were determined using the agency's testing methodologies.

The 2027 Highlander in XLE front wheel drive configuration with a 77 kWh battery has a manufacturer-estimated range of 287 miles. Meanwhile, the all-wheel drive XLE variant comes with either a 77 kWh battery that can power it for 270 miles or a 95.8 kWh battery that has an estimated range of 320 miles, similar to the Limited edition vehicle. The all-wheel drive variants have a total maximum power output of 338 horsepower, whereas the front-wheel models have a power output of 221 hp.

All the EV's versions can seat seven, with the third row being able to fold flat if you need it for cargo. They come with heated front seats, but you can also get ventilated and heated second row seats for an additional fee. Toyota will start selling the 2027 Highlander in late 2026, with some regions getting it early next year. The automaker says it will announce pricing for the EV model closer to its release date.

This article originally appeared on Engadget at https://www.engadget.com/transportation/evs/the-2027-toyota-highlander-is-fully-electric-and-has-a-320-mile-range-115828463.html?src=rss

Judge agrees with Virtzilla's argument that the case should be heard in the US, not Germany

VMware appears to have secured an early procedural win in the case it brought against German industrial giant Siemens over its alleged use of unlicensed software.…

With his newfound focus on the Moon, Elon musk is making some wild new plans. In an xAI meeting with employees, Musk said the company needed to build an AI satellite factory on the moon with a gigantic catapult to launch them into space, according to audio heard by The New York Times. 

All of that would be part of the billionaire's plans to create a massive orbiting AI "data center" that uses satellites powered by the sun and kept cool by the vacuum of space (a bad plan, some experts say). Any satellites launched from the Moon would presumably orbit the Moon as well, though Musk didn't provide any additional details. 

"You have to go to the moon" in order to build the required AI capabilities, Musk told employees. "It's difficult to imagine what an intelligence of that scale would think about, but it's going to be incredibly exciting to see it happen." 

Such a catapult would certainly need to be powerful — though the Moon has only one-sixth the gravity of Earth, the minimum escape velocity required for orbit is still around 3,800 MPH or five times the speed of sound. That's currently possible with electromagnetic railguns that launch projectiles at speeds up to Mach 8.8, though any satellite launched by such a device would need to withstand acceleration forces around 10,000 g or more. 

It's fun to think about it, but there are a few tiny steps required first. That starts with orbiting the Moon and eventually landing on the surface. Then you'd need to build a colony, followed by a factory, all of which would require a large number of manned and unmanned expeditions. As a reminder, we haven't been to the moon for over 50 years and none of the colony or factory stuff has ever been done.  

Early last year Musk said in a post on X that SpaceX would be going "straight to Mars" and that "the Moon is a distraction." However, the CEO apparently shifted his near-term priorities to building a "self-growing city on the Moon" because it's a more achievable target. In a post on X, Musk said the company could complete this in less than 10 years, while doing the same on Mars would take over 20 years.

Any estimates from Musk himself certainly need to be treated skeptically, though. Elon once said in 2017 that SpaceX would send cargo missions to Mars by 2022 aboard a rocket that's still being tested in 2026.

This article originally appeared on Engadget at https://www.engadget.com/science/space/elon-musks-latest-scheme-is-a-satellite-catapult-on-the-moon-113403143.html?src=rss

The Saudis have castigated 'heir to the throne' William for his Epstein-linked uncle during his visit to Saudi Arabia this week. Saudi Arabia is an absolute monarchy with an appalling human rights record, but it is still able to look down on the UK and US establishment's cosiness with murderous paedophiles.

Saudi media challenged the royal in Riyadh, with a reporter demanding to know whether the Windsors have "done enough around the Andrew and Epstein issue". He ignored the question and walked off. That'll be a 'no', then.

The US justice department's latest, intentionally-chaotic release of Epstein files show further disturbing images of Andrew with anonymised girls. They also show Andrew leaking confidential information and Epstein trafficking another young woman to the UK for him. Mountbatten-Windsor paid now-deceased Epstein victim Virginia Giuffre around £12m in an out-of-court settlement. This was funded by the monarchy and therefore by UK taxpayers.

Mountbatten-Windsor was stripped of all titles in December 2025. The public has repeatedly challenged his brother Charles in recent weeks for his failure to take more serious action against him. Charles has now said he will 'support' the police investigation.

It remains to be seen how exactly the royal family intends to make any sort of amends to the victims and survivors shoved into the spotlight during this debacle.

Featured image via FCDO

By Skwawkbox

The Canary has revealed how during a 12-month period, water companies leached £22.4m from customers' Universal Credit via the Department for Work and Pensions (DWP).

However, in obtaining the figure, we also discovered that the DWP has no record of what each company has been seizing from welfare claimants. When already vulnerable benefits claimants are in debt to water companies, the DWP will then allow these privatised water companies to deduct benefits from desperate claimants.

Apparently it needs saying: water is not a luxury

DWP doesn't know the scale of water companies' Universal Credit deductions

The Canary submitted freedom of information (FOI) requests to the department for regional and parliamentary constituency data on water deductions. In order to comply with the request, it appeared that the DWP had to collate this data from its records. In other words, until the Canary queried the proportion of third party deductions the water industry had made, it was not information the DWP had already calculated.

What's more, through a series of further FOIs, the DWP admitted to the Canary that it doesn't know how much each water company has deducted individually.

The DWP said that this was because:

data on deduction requests from specific organisations or the date a deduction request was made is not readily available for Universal Credit.

As such, it told the Canary that to "explore the available datasets" and "collate the relevant data" would take it over the cost limits in the FOI Act. But the admission ultimately underscored how the DWP has made no efforts to assess the scale of individual companies clawing back aggressive arrears through the benefits system.

What water companies took £22.4m in Universal Credit?

The Canary also attempted to find out how this divided up for water versus sewerage services. But in response to a further FOI, the DWP said that:

The Universal Credit deductions data does not state the name of a water company owed money, or reason for the debt, and as the water arrears data is not broken down, we cannot determine whether any deduction is for water supply or sewerage.

Unfortunately, outside official statistics, it's really difficult to get a read on individual water company deductions.

The first reason for this is that water supplier coverage overlaps in some constituencies. So, while we can use obtainable data showing coverage by constituency, companies don't actually always supply water services to all postcodes within these electoral boundaries.

It's also not the case constituencies always have the same sewerage providers to their water suppliers. In other words, the deduction could come from either company administering these services. That further complicates calculating what each company is deducting.

However, under the Universal Credit priority order, the water supplier makes deductions first for any arrears. The company providing wastewater services can only start taking deductions once the water debt is cleared.

Because it comes first in the order of priority, it's probable that the lion's share of these deductions is for water supply services. Ultimately though, it's not possible to establish from the data available how much is for water, and how much for sewerage arrears.

Water companies won't say, naturally

The Canary contacted 13 of the largest water and sewerage companies. We asked them directly to provide figures on their Universal Credit deductions. Predictably, not a single company offered this information. By and large, despite a few initially responding that they would look into this, water firms ignored our query. Only two companies eventually came back to confirm that they were not willing to supply these figures.

A spokesperson for Pennon Group, South West Water's parent company, responded saying that:

The information you have requested is commercially sensitive but all Universal Credit deductions are managed in line with DWP guidelines.

Meanwhile, Dwr Cymru came back with a similar dismissal:

We're unable to provide specific figures for Universal Credit deductions received by Dŵr Cymru for 2024 and 2025 as this information is commercially sensitive.

However, we can confirm that deductions are managed in line with the Department for Work and Pensions (DWP) guidelines, including the Fair Repayment Rate and deduction cap changes, which aim to ensure affordability for customers.

Our focus remains on supporting customers in financial difficulty with affordable payment arrangements.

In both instances then, water firms leaned on the claim it's "commercially sensitive" information to refuse the data.

In reality, it's nonsense for them to suggest this. For one, water companies already publish data about their 'bad debt'. As just one example, they will include financial information on County Court Judgements (CCJ) against their customers in annual reports.

More likely, firms fear the reputational fallout of the public learning just how much they're hammering their poorest customers.

The DWP should turn its attention to the real fraudsters

The Labour government continues to justify brutal disability benefit cuts and dystopian surveillance with nonsense rhetoric around the so-called 'benefits bill'. Yet, the DWP couldn't put figures to the welfare it's funnelling into the pockets of privatised water firms.

Perhaps it's time the DWP turned its attention to the corporate criminal water corporations draining the welfare system for profits they neither need, nor deserve.

Featured image via the author

By Hannah Sharland

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor

Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be abused to achieve remote code execution (RCE).…

Report warns skills shortages and grid bottlenecks threaten to stall region's capacity push

Only 20 percent of datacenters are considered AI-ready across Europe and the Middle East, despite the growing demand for infrastructure to accelerate AI processing.…

We stand at one of history's most exhilarating crossroads. Artificial intelligence is rewriting the rules of work, business, and human potential at breathtaking speed. The very capabilities that make us most human, our creativity, our imagination, our ability to dream up what doesn't yet exist, are becoming our most valuable assets. This is not a story about humans versus machines. It's a story about human potential unleashed. It's about a future where technology handles the tedious so we can focus on the transcendent. Where the dreamers, the questioners, the bold thinkers who color outside the lines are not just welcomed,…

This story continues at The Next Web

Breaking a big hard problem up into smaller ones? That'll never catch on

FOSDEM 2026 Isaac Freund's River compositor brings a little old-fashioned modularity and customizability to the brave new Wayland world.…

Apple's MacBooks don't need much help out of the box, but the right accessories can make a noticeable difference in how you use them day to day. Whether that means adding more ports, creating a cleaner desk setup or making your laptop easier to travel with, there's a growing ecosystem of gear designed to fill in the gaps Apple leaves behind. A good accessory should feel like an extension of your MacBook, not a workaround.

The picks below are meant to work smoothly with macOS and today's USB-C-only reality, whether you're using a lightweight MacBook Air or a higher-end MacBook Pro. From practical essentials to quality-of-life upgrades, these accessories are meant to help you get more done without adding unnecessary bulk or friction.

Best MacBook accessories for 2026 Best MacBook webcam accessories

Best MacBook docking stations and hubs

Best MacBook charging gear

Best MacBook keyboards and mice

Best MacBook stands

This article originally appeared on Engadget at https://www.engadget.com/computing/accessories/best-macbook-accessories-150014737.html?src=rss

If launching it was crazy in 1999, then what's trying to use it today?

FOSDEM 2026 Michal Pleban knows his old kit inside out, and his talk on the CIDCO MailStation was one of the most interesting of FOSDEM for us - as well as the funniest.…

UK government grilled over progress made to prevent a second life-threatening leak

Legacy IT issues are hampering key technical measures designed to prevent highly sensitive data leaks, UK government officials say.…

Smart plugs aren't the most complicated smart home device — they really just turn stuff off and on — but they do make life a little easier. Since using smart plugs, I've grown accustomed to having the living room lamps click on just before sunset and go off when I say goodnight to Alexa or the Google Assistant/Gemini (Siri can turn off a few of my lights, but isn't compatible with all of them). Most smart home device makers have a plug or two in their lineups, but finding one that's compatible with your chosen ecosystem, that's easy to set up and reliably connects can involve a little trial and error. That's why we tried more than a dozen models to find the best smart plugs you can buy right now..

Best smart plugs for 2026

The best outdoor smart plugs for 2026

Most people will likely use outdoor plugs for two things: patio lighting and holiday string lights. The devices are designed for the outdoors with a weatherproof protection rating of IP64 or higher, which means they're impervious to dust and can handle splashing water from rain and sprinklers. They have a longer Wi-Fi range than indoor plugs, for obvious reasons, and many have dual outlets, with individual control over each one.

Setup is the same as for indoor plugs: you'll use your phone to help the plug find your Wi-Fi using its companion app. The only tricky part is getting your phone within Bluetooth range of the plug (which it uses to initialize setup) and in Wi-Fi range at the same time. I had to awkwardly stand at a triangulated point in the middle of my driveway to get things communicating properly. Once set up, the plugs will communicate using your router for voice and app control and your phone needn't be anywhere near the plug.

Best uses for a smart plug

Before you buy one, it helps to know how a smart plug works best. They are designed for things that have an on/off switch, making them great for doing things like turning regular ol' lamps into smart lights. If you want a fan to move some air around before you get home, a smart plug can help. You can load a basic coffee maker with grounds and water the night before and wake up to a fresh pot in the morning. And instead of an air purifier running all day, you could set it to just run when you're away.

But gadgets that need to be programmed further, or require a stand-by mode, aren't ideal. If you want to control built-in lights, you'll need a smart light switch, which are more involved than smart plugs as they can involve in-wall installation. Smart bulbs are also an option for automation, and we have an entire guide devoted to those.

Some smart plugs can even monitor how much energy they use and display those figures within their companion app. That might not be much use on its own, as lamps with LED light bulbs consume very little energy, but it could help you keep tabs on your overall energy consumption.

What to consider when buying a smart plug Setup and use

Adding a smart plug to your home is relatively simple. You'll use the manufacturer's app to initially connect, after which you can add the plug to a compatible smart home ecosystem so you can use voice control and other features. Both the brand's app and your smart home app will let you name the plug, set schedules and program "routines" which provide automation for multiple smart devices at once. But as you can guess, a manufacturer's app only lets you control products from that brand. If you want whole-home automation, operating, say, a plug from TP-Link's Kasa, a smart bulb from Philips Hue, a smart thermostat from Honeywell and a camera from Arlo without switching apps, you'll need to use a smart home platform, which means you'll need to consider compatibility.

Compatibility

Smart home devices connect through wireless protocols, often using more than one to communicate with your phone, smart speaker, router and in some cases, one another. The majority of smart plugs use Wi-Fi, but some have recently incorporated Matter, a relatively new wireless standard intended to solve integration issues between different brands and manufacturers, while also improving security and reliability.

More of these smart plugs are coming to market and, for now, most Matter devices work via Wi-Fi, Bluetooth and a low-power mesh network called Thread. Matter requires a controller that stays at home, like a hub or smart speaker, to manage things when you're out and about.

As for Bluetooth, most plugs, including all Matter plugs, use the short-range protocol to get the device set up for the first time. Some can continue to run on Bluetooth in the absence of another option, but the connection isn't as reliable and you won't be able to control the plug when you're away from home, or perhaps even just on the other side of the apartment.

Because Matter is relatively new, it may be easier to consider the manufacturer's system you'd use the most. There are four major "branded" smart home platforms: Amazon's Alexa, Google Home, Apple's HomeKit and Samsung's SmartThings. The first two work with the widest range of brands and are compatible with both iOS and Android devices. HomeKit not only limits app access to Apple devices, but it's also compatible with fewer plugs. You can also turn to open-source software like Home Assistant or go with the larger functionality of IFTTT if you want to, say, have your lights turn off when your Uber arrives. For the purposes of our testing, we stuck with the four big players. Nearly every plug we looked at clearly stated which platforms it works with, both on the packaging and retail product pages.

Of course, there's no rule that says you have to stick with one home assistant. You might have an Echo Dot in the basement, a HomePod in the living room and a Google Nest Mini in the kitchen, each controlling any compatible devices. My kid has a great time telling Alexa to turn on a light then asking Google's Gemini to turn it back off.

Photo by Amy Skorheim / Engadget Hubs and smart plugs

All of our top picks recommended here don't require a hub and connect directly to your home's Wi-Fi router. That means if you already have wireless internet and a smartphone or tablet, you can quite literally plug and play. The exception is Apple's HomeKit. If you want to pair up a compatible plug with that platform, you'll need a HomePod speaker, Apple TV or an iPad that stays in your home to enable remote control when you're away.

Some smart plugs require a hub regardless of which platform you use. For our guide, we focused on the simplicity (and lower cost) of options that work on their own, but hub-dependent devices may make sense in certain situations. Some companies, like Aqara and Lutron for example, make a vast range of smart home products, adding automatic shades, window sensors, smart locks and air quality monitors to the more traditional cameras and plugs. If you're going all-in on one brand and plan to get a plethora of connected devices, a hub can keep your Wi-Fi network from getting too crowded and provide a more seamless setup with reliable connectivity. Zigbee devices use their own protocol (different from Wi-Fi or Bluetooth) and also requires a hub. 

Sharing

Once a plug is set up with your platform and voice assistant of choice, anyone can control the plug just by talking. If someone else wants to control things with their phone, things get more complicated. Google makes it easiest, allowing you to invite another person just by tapping the + button within the Home app. Whomever you invite will have full access to your connected devices - including cameras - so this is only for people you trust the most.

HomeKit makes it similarly easy to grant app access to someone else, but as with most things Apple, it only works for other iOS users. Amazon only allows you to share access to your Echo, not your connected home devices.

Many smart plug manufacturers allow you to share control through their app by inviting another person via email. But this only grants access to devices of that brand. Hopefully as Matter expands, multi-admin features will become more widespread.

If you get a new Wi-Fi network

Most people will wirelessly connect their smart plugs to their home's Wi-Fi router. Matter, Z-Wave, Thread and other smart home protocols can work over local networks, but for most setups, the signals telling your plugs what to do will be dispatched through your router. If you happen to get a new one (like I did when it became clear my very basic gateway could not handle the number of smart home devices being tested) you'll need to take a few steps to get everything reconnected.

Depending on the brand, the steps may simply involve using the plug's companion app to update your credentials (network name and password). Or it will require deleting the device in the companion app, doing a factory reset (typically by pressing the onboard button for 10 seconds) and setting up the plug like it's brand new. GE Sync and Emporia plugs allow for a credentials update via their apps, others, like TP-Link Kasa and Meross plugs require deletion and a factory reset to get along with your new network. Amazon's smart plug updates automatically after updating the associated Echo device.

How we tested the best smart plugs

Before I decided which smart plugs to test, we considered brands Engadget staffers have had the best experiences with, both in review capacity and personally. We also checked out other online reviews. I then looked at factors like price, compatibility and relative popularity. Then, I tested about a dozen plugs using their companion apps and the four major smart home ecosystems. With lamps, lights, heaters, fans and more plugged into them, I set schedules, create routines, use voice control and generally live with the devices to evaluate them. I and continue to test good candidates as new models hit the market. 

Other smart plugs we tested Eve Energy Strip

The Eve Energy Strip only works with HomeKit and it's a bit more expensive than our pick for a smart strip. But it's an exceedingly attractive device complete with an aluminum frame and easy-to-read LED buttons. Those act as both indicators and manual switches for each of the three, individually controlled and nicely spaced plugs. Setup happens through the HomeKit app but after that, you can control the plug (and curiously, many other smart home devices active in your HomeKit profile) through the Eve Energy app. Here, you'll be able to create schedules and automations as well as monitor the plug's energy usage.

Meross Matter plug (MSS115)

I wasn't able to test the Meross Matter plug fully. It requires Wi-Fi splitting, a process that's certainly possible for the average consumer, but more involved than it should be, considering the more than dozen other plugs I've tested don't require such a step. The plug itself also blocked the other outlet. Meross has an updated version of the Matter device on the way, one that looks to solve both issues and we'll update this guide accordingly once we've had a chance to test it.

Roku Smart Plug

Roku's smart home gear is basically Wyze equipment with an app and packaging that are more purple. The Roku smart plug performed just fine with both compatible voice assistants (Alexa and Gemini). The companion app doesn't offer scheduling that revolves around the timing of the sunset in your area, but the plugs go for less than $10 each and if you've got a Roku TV or streaming device set up and want to keep everything on-brand, it could be a fit.

Aquara Smart Plug

The Aqara plug requires an Aqara hub. In tests, the connectivity was solid and the companion app allowed for useful if/then automations that can rope in other Aqara devices like locks, window shades, cameras and more. The plug also worked well with voice assistants from Amazon, Google and Apple. As a stand-alone plug, however, it's tough to recommend the nearly $100 combo to anyone who isn't planning to get a complete Aqara smart home setup.

Smart plug FAQs What are the disadvantages of a smart plug?

While they're great when everything is working properly, smart plugs can be frustrating, adding a layer of complication to the simple act of turning on a light, if something goes wrong. For example: If your Wi-Fi goes out, your smart plug won't work. If the smart plug loses its connection to your router, it won't work. If you change your Wi-Fi password or provider, you'll have to re-program your smart plugs. If you forget what you named a particular plug during setup, you may be faced with an irritating conversation with your voice assistant. The best way to avoid some of those problems is to get a plug that works reliably, which is one of the features we considered for this guide.

How much power does a smart plug draw?

Smart plugs don't draw much more power than whatever you're plugging into them. True, they remain on standby to await instructions from your smart assistant or other controller, so they're always using a small amount of power. But if, for example, you set a light to automatically turn off at night, and that light would otherwise stay on unnecessarily, the smart plug will save far more energy than the watt or two extra that it draws.

Do smart plugs use Bluetooth?

Some smart plugs use Bluetooth to connect to your phone during setup. After that, most connect to your home's Wi-Fi network.

What appliances should not be plugged into a smart plug?

Common sense will help you determine what not to plug in. Obviously anything dangerous like power tools should not be plugged into a smart plug. Appliances that require supervision, such as space heaters and curling irons, shouldn't be set to turn on automatically if no one will be around. You also shouldn't bother with anything that needs further programming. Simple on/off appliances like lamps and fans work best.

This article originally appeared on Engadget at https://www.engadget.com/home/smart-home/best-smart-plug-131542429.html?src=rss

The Chocolate Factory isn't showing ads in Gemini, but AI Mode is fair game

As OpenAI walks the advertising tightrope to balance revenue gains against credibility and safety, ad kingpin Google is roaring ahead to use AI to improve its advertising products.…

EFF is against age gating and age verification mandates, and we hope we'll win in getting existing ones overturned and new ones prevented. But mandates are already in effect, and every day many people are asked to verify their age across the web, despite prominent cases of sensitive data getting leaked in the process.

At some point, you may have been faced with the decision yourself: should I continue to use this service if I have to verify my age? And if so, how can I do that with the least risk to my personal information? This is our guide to navigating those decisions, with information on what questions to ask about the age verification options you're presented with, and answers to those questions for some of the top most popular social media sites. Even though there's no way to implement mandated age gates in a way that fully protects speech and privacy rights, our goal here is to help you minimize the infringement of your rights as you manage this awful situation.

Follow the Data

Since we know that leaks happen despite the best efforts of software engineers, we generally recommend submitting the absolute least amount of data possible. Unfortunately, that's not going to be possible for everyone. Even facial age estimation solutions where pictures of your face never leave your device, offering some protection against data leakage, are not a good option for all users: facial age estimation works less well for people of color, trans and nonbinary people, and people with disabilities. There are some systems that use fancy cryptography so that a digital ID saved to your device won't tell the website anything more than if you meet the age requirement, but access to that digital ID isn't available to everyone or for all platforms. You may also not want to register for a digital ID and save it to your phone, if you don't want to take the chance of all the information on it being exposed upon request of an over-zealous verifier, or you simply don't want to be a part of a digital ID system

If you're given the option of selecting a verification method and are deciding which to use, we recommend considering the following questions for each process allowed by each vendor:

• Data: What info does each method require?
• Access: Who can see the data during the course of the verification process?
• Retention: Who will hold onto that data after the verification process, and for how long?
• Audits: How sure are we that the stated claims will happen in practice? For example, are there external audits confirming that data is not accidentally leaked to another site along the way? Ideally these will be in-depth, security-focused audits by specialized auditors like NCC Group or Trail of Bits, instead of audits that merely certify adherence to standards. 
• Visibility: Who will be aware that you're attempting to verify your age, and will they know which platform you're trying to verify for?

We attempt to provide answers to these questions below. To begin, there are two major factors to consider when answering these questions: the tools each platform uses, and the overall system those tools are part of.

In general, most platforms offer age estimation options like face scans as a first line of age assurance. These vary in intrusiveness, but their main problem is inaccuracy, particularly for marginalized users. Third-party age verification vendors Private ID and k-ID offer on-device facial age estimation, but another common vendor, Yoti, sends the image to their servers during age checks by some of the biggest platforms. This risks leaking the images themselves, and also the fact that you're using that particular website, to the third party. 

Then, there's the document-based verification services, which require you to submit a hard identifier like a government-issued ID. This method thus requires you to prove both your age and your identity. A platform can do this in-house through a designated dataflow, or by sending that data to a third party. We've already seen examples of how this can fail. For example, Discord routed users' ID data through its general customer service workflow so that a third-party vendor could perform manual review of verification appeals. No one involved ever deleted users' data, so when the system was breached, Discord had to apologize for the catastrophic disclosure of nearly 70,000 photos of users' ID documents. Overly long retention periods expose documents to risk of breaches and historical data requests. Some document verifiers have retention periods that are needlessly long. This is the case with Incode, which provides ID verification for Tiktok. Incode holds onto images forever by default, though TikTok should automatically start the deletion process on your behalf.

Some platforms offer alternatives, like proving that you own a credit card, or asking for your email to check if it appears in databases associated with adulthood (like home mortgage databases). These tend to involve less risk when it comes to the sensitivity of the data itself, especially since credit cards can be replaced, but in general still undermine anonymity and pseudonymity and pose a risk of tracking your online activity. We'd prefer to see more assurances across the board about how information is handled.

Each site offers users a menu of age assurance options to choose from. We've chosen to present these options in the rough order that we expect most people to prefer. Jump directly to a platform to learn more about its age checks:

• Meta - Facebook, Instagram, WhatsApp, Messenger, Threads
• Google - Gmail, YouTube
• TikTok
• Everywhere Else

Meta - Facebook, Instagram, WhatsApp, Messenger, Threads Inferred Age

If Meta can guess your age, you may never even see an age verification screen. Meta, which runs Facebook, Threads, Instagram, Messenger, and WhatsApp, first tries to use information you've posted to guess your age, like looking at "Happy birthday!" messages. It's a creepy reminder that they already have quite a lot of information about you.

If Meta cannot guess your age, or if Meta infers you're too young, it will next ask you to verify your age using either facial age estimation, or by uploading your photo ID. 

Face Scan

If you choose to use facial age estimation, you'll be sent to Yoti, a third-party verification service. Your photo will be uploaded to their servers during this process. Yoti claims that "as soon as an age has been estimated, the facial image is immediately and permanently deleted." Though it's not as good as not having that data in the first place, Yoti's security measures include a bug bounty program and annual penetration testing. Researchers from Mint Secure found that Yoti's app and website are filled with trackers, so the fact that you're verifying your age could be not only shared to Yoti, but leaked to third-party data brokers as well. 

You may not want to use this option if you're worried about third parties potentially being able to know you're trying to verify your age with Meta. You also might not want to use this if you're worried about a current picture of your face accidentally leaking—for example, if elements in the background of your selfie might reveal your current location. On the other hand, if you consider a selfie to be less sensitive than a photograph of your ID, this option might be better. If you do choose (or are forced to) use the face check system, be sure to snap your selfie without anything you'd be concerned with identifying your location or embarrassing you in the background in case the image leaks.

Upload ID

If Yoti's age estimation decides your face looks too young, or if you opt out of facial age estimation, your next recourse is to send Meta a photo of your ID. Meta sends that photo to Yoti to verify the ID. Meta says it will hold onto that ID image for 30 days, then delete it. Meanwhile, Yoti claims it will delete the image immediately after verification. Of course, bugs and process oversights exist, such as accidentally replicating information in logs or support queues, but at least they have stated processes. Your ID contains sensitive information such as your full legal name and home address. Using this option not only runs the (hopefully small, but never nonexistent) risk of that data getting leaked through errors or hacking, but it also lets Meta see the information needed to tie your profile to your identity—which you may not want. If you don't want Meta to know your name and where you live, or rely on both Meta and Yoti to keep to their deletion promises, this option may not be right for you.

Google - Gmail, YouTube  Inferred Age

If Google can guess your age, you may never even see an age verification screen. Your Google account is typically connected to your YouTube account, so if (like mine) your YouTube account is old enough to vote, you may not need to verify your Google account at all. Google first uses information it already knows to try to guess your age, like how long you've had the account and your YouTube viewing habits. It's yet another creepy reminder of how much information these corporations have on you, but at least in this case they aren't likely to ask for even more identifying data.

If Google cannot guess your age, or decides you're too young, Google will next ask you to verify your age. You'll be given a variety of options for how to do so, with availability that will depend on your location and your age.

Google's methods to assure your age include ID verification, facial age estimation, verification by proxy, and digital ID. To prove you're over 18, you may be able to use facial age estimation, give Google your credit card information, or tell a third-party provider your email address.

Face Scan

If you choose to use facial age estimation, you'll be sent to a website run by Private ID, a third-party verification service. The website will load Private ID's verifier within the page—this means that your selfie will be checked without any images leaving your device. If the system decides you're over 18, it will let Google know that, and only that. Of course, no technology is perfect—should Private ID be mandated to target you specifically, there's nothing to stop it from sending down code that does in fact upload your image, and you probably won't notice. But unless your threat model includes being specifically targeted by a state actor or Private ID, that's unlikely to be something you need to worry about. For most people, no one else will see your image during this process. Private ID will, however, be told that your device is trying to verify your age with Google and Google will still find out if Private ID thinks that you're under 18.

If Private ID's age estimation decides your face looks too young, you may next be able to decide if you'd rather let Google verify your age by giving it your credit card information, photo ID, or digital ID, or by letting Google send your email address to a third-party verifier.

Email Usage

If you choose to provide your email address, Google sends it on to a company called VerifyMy. VerifyMy will use your email address to see if you've done things like get a mortgage or paid for utilities using that email address. If you use Gmail as your email provider, this may be a privacy-protective option with respect to Google, as Google will then already know the email address associated with the account. But it does tell VerifyMy and its third-party partners that the person behind this email address is looking to verify their age, which you may not want them to know. VerifyMy uses "proprietary algorithms and external data sources" that involve sending your email address to "trusted third parties, such as data aggregators." It claims to "ensure that such third parties are contractually bound to meet these requirements," but you'll have to trust it on that one—we haven't seen any mention of who those parties are, so you'll have no way to check up on their practices and security. On the bright side, VerifyMy and its partners do claim to delete your information as soon as the check is completed.

Credit Card Verification

If you choose to let Google use your credit card information, you'll be asked to set up a Google Payments account. Note that debit cards won't be accepted, since it's much easier for many debit cards to be issued to people under 18. Google will then charge a small amount to the card, and refund it once it goes through. If you choose this method, you'll have to tell Google your credit card info, but the fact that it's done through Google Payments (their regular card-processing system) means that at least your credit card information won't be sitting around in some unsecured system. Even if your credit card information happens to accidentally be leaked, this is a relatively low-risk option, since credit cards come with solid fraud protection. If your credit card info gets leaked, you should easily be able to dispute fraudulent charges and replace the card.

Digital ID

If the option is available to you, you may be able to use your digital ID to verify your age with Google. In some regions, you'll be given the option to use your digital ID. In some cases, it's possible to only reveal your age information when you use a digital ID. If you're given that choice, it can be a good privacy-preserving option. Depending on the implementation, there's a chance that the verification step will "phone home" to the ID provider (usually a government) to let them know the service asked for your age. It's a complicated and varied topic that you can learn more about by visiting EFF's page on digital identity.

Upload ID

Should none of these options work for you, your final recourse is to send Google a photo of your ID. Here, you'll be asked to take a photo of an acceptable ID and send it to Google. Though the help page only states that your ID "will be stored securely," the verification process page says ID "will be deleted after your date of birth is successfully verified." Acceptable IDs vary by country, but are generally government-issued photo IDs. We like that it's deleted immediately, though we have questions about what Google means when it says your ID will be used to "improve [its] verification services for Google products and protect against fraud and abuse." No system is perfect, and we can only hope that Google schedules outside audits regularly.

TikTok Inferred Age

If TikTok can guess your age, you may never even see an age verification notification. TikTok first tries to use information you've posted to estimate your age, looking through your videos and photos to analyze your face and listen to your voice. By uploading any videos, TikTok believes you've given it consent to try to guess how old you look and sound.

If TikTok decides you're too young, appeal to revoke their age decision before the deadline passes. If TikTok cannot guess your age, or decides you're too young, it will automatically revoke your access based on age—including either restricting features or deleting your account. To get your access and account back, you'll have a limited amount of time to verify your age. As soon as you see the notification that your account is restricted, you'll want to act fast because in some places you'll have as little as 23 days before the deadline passes.

When you get that notification, you're given various options to verify your age based on your location.

Face Scan

If you're given the option to use facial age estimation, you'll be sent to Yoti, a third-party verification service. Your photo will be uploaded to their servers during this process. Yoti claims that "as soon as an age has been estimated, the facial image is immediately and permanently deleted." Though it's not as good as not having that data in the first place, Yoti's security measures include a bug bounty program and annual penetration testing. However, researchers from Mint Secure found that Yoti's app and website are filled with trackers, so the fact that you're verifying your age could be leaked not only to Yoti, but to third-party data brokers as well.

You may not want to use this option if you're worried about third parties potentially being able to know you're trying to verify your age with TikTok. You also might not want to use this if you're worried about a current picture of your face accidentally leaking—for example, if elements in the background of your selfie might reveal your current location. On the other hand, if you consider a selfie to be less sensitive than a photograph of your ID or your credit card information, this option might be better. If you do choose (or are forced to) use the face check system, be sure to snap your selfie without anything you'd be concerned with identifying your location or embarrassing you in the background in case the image leaks.

Credit Card Verification

If you have a credit card in your name, TikTok will accept that as proof that you're over 18. Note that debit cards won't be accepted, since it's much easier for many debit cards to be issued to people under 18. TikTok will charge a small amount to the credit card, and refund it once it goes through. It's unclear if this goes through their regular payment process, or if your credit card information will be sent through and stored in a separate, less secure system. Luckily, these days credit cards come with solid fraud protection, so if your credit card gets leaked, you should easily be able to dispute fraudulent charges and replace the card. That said, we'd rather TikTok provide assurances that the information will be processed securely.

Credit Card Verification of a Parent or Guardian

Sometimes, if you're between 13 and 17, you'll be given the option to let your parent or guardian confirm your age. You'll tell TikTok their email address, and TikTok will send your parent or guardian an email asking them (a) to confirm your date of birth, and (b) to verify their own age by proving that they own a valid credit card. This option doesn't always seem to be offered, and in the one case we could find, it's possible that TikTok never followed up with the parent. So it's unclear how or if TikTok verifies that the adult whose email you provide is your parent or guardian. If you want to use credit card verification but you're not old enough to have a credit card, and you're ok with letting an adult know you use TikTok, this option may be reasonable to try.

Photo with a Random Adult?

Bizarrely, if you're between 13 and 17, TikTok claims to offer the option to take a photo with literally any random adult to confirm your age. Its help page says that any trusted adult over 25 can be chosen, as long as they're holding a piece of paper with the code on it that TikTok provides. It also mentions that a third-party provider is used here, but doesn't say which one. We haven't found any evidence of this verification method being offered. Please do let us know if you've used this method to verify your age on TikTok!

Photo ID and Face Comparison

If you aren't offered or have failed the other options, you'll have to verify your age by submitting a copy of your ID and matching photo of your face. You'll be sent to Incode, a third-party verification service. In a disappointing failure to meet the industry standard, Incode itself doesn't automatically delete the data you give it once the process is complete, but TikTok does claim to "start the process to delete the information you submitted," which should include telling Incode to delete your data once the process is done. If you want to be sure, you can ask Incode to delete that data yourself. Incode tells TikTok that you met the age threshold without providing your exact date of birth, but then TikTok wants to know the exact date anyway, so it'll ask for your date of birth even after your age has been verified.

TikTok itself might not see your actual ID depending on its implementation choices, but Incode will. Your ID contains sensitive information such as your full legal name and home address. Using this option not only runs the (hopefully small, but never nonexistent) risk of that data getting accidentally leaked through errors or hacking. If you don't want TikTok or Incode to know your name, what you look like, and where you live—or if you don't want to rely on both TikTok and Incode to keep to their deletion promises—then this option may not be right for you.

Everywhere Else

We've covered the major providers here, but age verification is unfortunately being required of many other services that you might use as well. While the providers and processes may vary, the same general principles will apply. If you're trying to choose what information to provide to continue to use a service, consider the "follow the data" questions mentioned above, and try to find out how the company will store and process the data you give it. The less sensitive information, the fewer people have access to it, and the more quickly it will be deleted, the better. You may even come to recognize popular names in the age verification industry: Spotify and OnlyFans use Yoti (just like Meta and Tiktok), Quora and Discord use k-ID, and so on. 

Unfortunately, it should be clear by now that none of the age verification options are perfect in terms of protecting information, providing access to everyone, and safely handling sensitive data. That's just one of the reasons that EFF is against age-gating mandates, and is working to stop and overturn them across the United States and around the world.

Republished from the EFF's Deeplinks blog.

Because AI won't only run in Big Tech's giant GPU garages, and won't tolerate slow connections

The Open Compute Project (OCP) wants to develop specs for distributed datacenters and has decided the all-optical Innovative Optical and Wireless Network (IOWN) stack can make them possible.…

Just change the name to CAIsco already, Chuck

Cisco is on track to deliver its unified management tool Cloud Control later in 2026, but while its users wait for that moment it's pumping out plenty more agentic tools to manage their networks - and make sure agents behave.…

Border Patrol commander Greg Bovino has been sent back to the border after making himself the Nazi scum face of the Trump administration's brutal efforts to purge this country of as many non-white people as possible.

Bovino made it clear what team he really wanted to play for before Trump was even sworn in for the second time. After Trump's election win (but before Trump actually took office), Bovino self-authorized an expansive anti-migrant operation without bothering to check in with DHS leadership to make sure he was cleared to do this.

Trump is always capable of recognizing opportunistic thugs whose dark hearts are as corroded as his own. Bovino was swiftly elevated to an unappointed position as the nominal head of Trump's many inland invasions of cities run by the opposing political party. Bovino embraced the role of shitheel thug, leading directly to court orders that attempted to restrain his brutal actions. Bovino appeared willing to ignore most court orders he was hit with, increasing his brutality and his public contempt of not only court orders, but the judges themselves, who he insulted during public statements to journalists.

After two murders in three weeks, the Trump administration started to realize it has lost the "hearts and minds" battle with most US citizens and residents. While ICE operations continue to be indistinguishable from kidnapping and the DHS is still ambushing migrants attempting to follow the terms of their supervised release agreements, Bovino has become the now-unacceptable personification of the administration's bigoted war on migrants.

Bovino has been sent back down to the minors, so to speak. He's been removed from high-profile surges in Chicago and Minneapolis and remanded to his former patrol area, which is much, much closer to the US border where there's nearly no immigration activity happening thanks to the ongoing war on migrants.

Insubordination is fine as long as it doesn't create friction Trump may have to eventually deal with. Bovino, however, is just as incapable of picking his battles as the president himself. Too many cocks spoil the broth, as the saying (almost) goes.

Thanks to a leaked email shared with NBC, we now know more about Bovino's resistance to anyone anywhere who attempted to tell him what to do.

Bovino wanted to conduct large-scale immigration sweeps during an operation in Chicago in September, but the acting director of Immigration and Customs Enforcement, Todd Lyons, told him the focus was to conduct "targeted operations," arresting only of people known to federal agents ahead of time for their violations of immigration law or other laws, according to the correspondence.

"Mr. Lyons seemed intent that CBP conduct targeted operations for at least two weeks before transitioning to full scale immigration enforcement," Bovino wrote in an email to Department of Homeland Security leaders in Washington, referring to Customs and Border Protection, which oversees Border Patrol agents. "I declined his suggestion. We ended the conversation shortly thereafter."

Keep in mind that Bovino is a Border Patrol commander who was working nowhere near the border. Also, keep in mind that ICE is the lead agency in any immigration enforcement efforts because… well, it's in the name: Immigration and Customs Enforcement. This is Bovino not only giving the finger to the chain of command, but also insisting his agency (along with the CBP) take the lead in Midwestern apprehensions, despite neither agency having much in the terms of training for inland operations.

Speaking of chain of command, the commander of an agency that's a component of the DHS made it clear he believed he didn't have to answer to the DHS either, as Leigh Kimmons reports in their article for the Daily Beast:

The email also revealed a rather bizarre chain of command, with Bovino saying he reported to Noem's aide, Corey Lewandowski, and appearing to defy Lyons' authority. "Mr. Lyons said he was in charge, and I corrected him saying I report to Corey Lewandowski," Bovino reportedly said of the unpaid special government employee.

This email makes one thing perfectly clear: Bovino appeared to believe he answered to no one. And he would only "report" to people he felt wouldn't push back against his confrontational, rights-violating efforts. This probably would have never been a problem, but Bovino consistently crossed lines that even Trump's high-level sycophantic bigots were hesitant to cross.

And now he's the one who is experiencing the "find out" part that usually follows the "fucking around." He's been sidelined, perhaps permanently. Acting ICE director Todd Lyons is the new face of Trump's inland invasions. Kristi Noem herself seems to be on the list of potential cuts, should the administration continue its on-again, off-again pivot to a less outwardly racist agenda when it comes to immigration enforcement.

But I'm not here to damn with faint praise or even damn with faint damnation. I hope Bovino's last years as a Border Patrol commander are as terrible as his haircut. I hope Todd Lyons veers so far to the middle that Trump shitcans him. I hope Noem is on the path to private sector employment, tainted with the scarlet "T" that means any future version of MAGA won't even bother to check in with her now that the only people she can make miserable are her own children. Adios, Bovino. Sleep badly.

The Department for Work and Pensions' most senior civil servant has resigned. Peter Schofield has faced furious criticism since the true scale of the carers' allowance scandal was brought to light. However, the decision is said to be due to personal reasons, rather than taking responsibility for the DWP's failures.

A catalogue of failures from the DWP

In November 2025, an independent review found that the scandal was in no way the carers' fault. Instead, it placed the blame squarely at the feet of the DWP. The review said longstanding systemic issues within the department, unlawful internal guidance and poor design and communication were to blame.

The review found that many carers ended up in thousands of pounds of debt. Some also contemplated suicide due to the distress of being expected to pay back their overpayments.

You'd think, in light of the review, that the DWP would show a tiny bit of remorse. But another senior official in the department came under fire when he blamed carers for failing to report changes.

In an internal blog post, Neil Couling said:

Incidentally, what has been missed in all the [media] coverage is that this error (and hands up we made it and we will put it right) affects only a relatively small number of cases and wasn't the cause of the original complaint. Because at the heart of the overpayment issues in CA is a failure to report changes of circumstances

This is despite the government taking responsibility. In a statement read by Baroness Sherlock, Stephen Timms said

The Review finds that some carers could not have known that they were building up overpayments because it was not clear how their earnings would affect their entitlement, and this lack of clarity was due to issues with operational guidance. The Government accepts this and we will act to put it right.

Schofield hauled before the committee

In January 2026, Schofield was forced to answer to the Work and Pensions committee for the department's crimes, as well as Couling's disgusting comments. Chair of the committee Debbie Abrahams asked him how the DWP could justify not making any changes and the department's attitude towards carers.

His response was a masterclass in bluster, culminating in

We were making a difference

Schofield was also taken to task by disabled MP Steve Darling, who accused him of basically talking rubbish:

You've given me a lot of blancmange that I'm finding difficult to nail to the ceiling what clear evidence of management change is there and I'm concerned that you're not able to give me any.

What a coincidence

Whilst neither the DWP or Schofield mentioned the carers allowance scandal in their statements, it feels like a pretty big coincidence

In a message to colleagues, Schofield said

My decision to leave the department is not one I have taken lightly. It has been an absolute privilege to serve, first as director general, finance and then as your permanent secretary.

He said one of his highlights was

the massive achievement of completing the rollout of Universal Credit for our working age customers

He continued that this

paved the way for our transformation journey - and our continued focus on doing things better for our customers and colleagues - providing support in better and more effective ways

I'm not sure I would class something that left thousands of vulnerable claimants at the mercy of cruel sanctions as a success, but then I'm not a DWP ghoul.

It's also another absolutely huge coincidence that this was announced whilst the press is distracted by Keir Starmer's premiership imploding.

Campaigners must keep the pressure on DWP

Schofield will remain in his role until July, which means there's still plenty of time for him to be held accountable. His leaving also shouldn't see the end of pressure on the government for justice for the victims of the carers' scandal.

We need to fight harder than ever to ensure the department and his predecessor to take responsibility.

Featured image via the Canary

By Rachel Charlton-Dailey

The Jewish Anti-Zionist Action group has disrupted Nigel Farage's so-called 'Reform Jewish Alliance' launch. Jews for fascism, who'da thought?

A statement on the group's social media says that:

As well as picketing outside the Central Synagogue, which was hosting the event, we also infiltrated and disrupted from inside, reminding Farage and all in attendance what Reform actually stands for:

Racism, Islamophobia, antisemitism, queerphobia, and xenophobic anti-immigration policies that would have seen Jewish refugees, many of which were our own family, prevented from entering the UK last century.

We will not stand by whilst fascists are welcomed into our community and places of worship.

'Claude DXT's container falls noticeably short of what is expected from a sandbox'

LayerX, a security company based in Tel Aviv, says it has identified a zero-click remote code execution vulnerability in Claude Desktop Extensions that can be triggered by processing a Google Calendar entry.…

Great time to be a liquid cooling startup

GPUs are so hot right now - literally and metaphorically - that they're driving mergers and acquisitions in the datacenter cooling industry.…

An invoice featured in the latest batch of Epstein files, reveals that Jeffrey ordered 330 gallons of concentrated sulphuric acid to be delivered to his paedophile island in 2018. The order was placed on the same day the FBI opened a new child-trafficking case against him:

Other documents in the latest US government release suggest that Epstein used sulphuric acid for water treatment. However, the acid has also notoriously been used by criminal gangs to dissolve bodies. Orders for large quantities of acid would, of course, need a pretext.

The US justice department (DOJ) has admitted that evidence is it still withholding includes footage of torture, rape and murder. Many victims of Epstein and his twisted circle have never been found. Files in the DOJ release even accuse Epstein and his guests of eating some victims.

Featured image via the Canary

By Skwawkbox

The final election phase to decide Your Party's collective leadership has begun. And for many, it has become a race to determine how much member empowerment and control there will be. As one candidate for Yorkshire & The Humber told the Canary:

This party and its growth and its development shouldn't be down to what a few people—who have found themselves at the top of it before any democratic structure's been put in place—think it should be like.

'Open Your Party up to the hundreds of thousands of people who need it'

Chris Saltmarsh is on the Grassroots Left slate in the Central Executive Committee (CEC) elections. And while he called this slate "really diverse," he described how everyone participating broadly shares:

A political vision and understanding for what we want the party to be.

That centres around "maximum member democracy".

Saltmarsh explained why this is so important for him, saying:

Most people have seen the [Your Party founding] process and thought: 'oh, this doesn't feel like a welcoming space where I can come and express my politics and learn and develop and contribute to building this project. It feels like a space where I have to come and pick a side in a factional feud and I'm expected to care about this very detailed and, probably to most people, irrelevant stuff.'

I think people don't want to be involved in a party where it appears that it's the source for people to litigate these personal feuds. And I think they don't want to be involved in a party where it doesn't feel like they have any say.

Statistics seem to back that up. Because while around 800,000 people initially expressed interest, only about 1% actually became full members who participated in the votes at the Your Party's founding conference. Something that deterred hundreds of thousands of people. And for many, it's clear what that was.

Saltmarsh called for an open, inclusive culture going forwards, stressing:

We should open this up to the hundreds of thousands of people who have a stake in this party existing. If I want the party to be eco-socialist… then it's not for me or anyone else to say that that absolutely has to be the case. What we need is a genuine democratic structure so that we can organise around those ideas openly and transparently.

Reflecting on the challenges that Your Party has faced and the possible election results, he said:

For all the demotivation that people might have, this is an incredibly important moment. And I would just plead that people - even if it's just voting - do get involved and do participate in this. Because I think what the British left looks like in 1, 5, 10, 20 years really could be quite different, depending on how this election goes.

Whatever the outcome, though, he believes there is democracy in Your Party and there will still be space for people with differing views to make their cases.

Your Party or the Greens?

Saltmarsh previously co-founded Labour for a Green New Deal. And because he believes climate politics is 'a question of justice, inequality and oppression', he thinks it's important to bring:

an environmental or climate perspective into left spaces, but also a kind of socialist politics into climate spaces

The wealthiest 10% of people in the world have been responsible for the overwhelming majority of global warming. And while richer countries do the most damage, the poorest countries suffer the most as a result of climate breakdown.

Saltmarsh isn't in the Green Party, however, because he thinks an explicitly socialist mass organisation on the left is necessary. And while the Greens are already "up and running" and have a leader in Zack Polanski who's "clearly very skilled at communicating", he said:

A cynical interpretation would be, it's like a really good Instagram account.

While asserting that communication is definitely important, he also thinks Your Party is about taking "a longer view" than just elections. Its mission, he stressed, is to:

build in communities, to organise hundreds or thousands of socialists in any given town and city, not just to win elections when that's expedient but also to coordinate campaigns, to raise consciousness, to build socialism through social infrastructure.

That means building a "collective political life" in communities, with things like:

socialist schools, where members and supporters come along and learn about socialism

And it means having a party where, from the beginning, members agree on a socialist, anti-imperialist platform.

"An incredibly important moment"

Saltmarsh isn't the only person who thinks the CEC elections are "an incredibly important moment". Because the Canary has interviewed a range of candidates who want a member-led party that breaks with top-down, personality-driven politics.

Candidates have emphasised the importance of transparency, accountability, and a collective leadership that focuses on solidarity, bringing people together, and empowering as many people as possible. This message has shone through from everyone who's spoken to us.

There absolutely have been questions surrounding accountability and transparency during the founding phase of Your Party. And whether you think this messy start was avoidable or unavoidable, countless members and candidates want that to change, and hope the CEC elections will help to overcome these challenges.

If you're a Your Party member and you want to vote:

1. You need to log in on the top right of the party's website.
2. On the Your Party Members Area page that will pop up after logging in, you will see "EVENTS" on the right hand side. Below this, you will see "VOTES AND ELECTIONS", and two options: "CEC Election - Public Office Holders" and "CEC Election - [the name of your local section of the party]".
3. If you click on each of those 'CEC Election' links, you'll be able to see the candidates and their statements. You then need to put a number next to all the candidates you want to support (1 being your favourite, 2 your second favourite, and so on).

Featured image via the Canary

By The Canary

Recently, Rory Stewart argued that western politicians are "impoverished" on their lofty annual salaries of £93,904, attempting to excuse their corruption.

He ignored the generous expenses MPs claim from taxpayers, and critics have condemned what they view as a blatantly self-interested attempt to provide political cover for corruption. Since then, the Canary has spoken with Andrew Feinstein for his take on corruption in the UK government, the disgraced Mandelson, and his response to Rory Stewart.

Feinstein is a former ANC member alongside Nelson Mandela and has built his career fighting corruption linked to the global arms trade. He also challenged UK prime minister Keir Starmer in the Holborn and St Pancras constituency during the 2024 general election. His experience gives him a unique perspective on corruption.

And unsurprisingly, Feinstein was far from impressed at Rory Stewart's desperate defence.

An existential moment in human history

Recent revelations involving Mandelson and public figures connected to the convicted paedophile Jeffrey Epstein have exposed a sprawling web of corruption among powerful men. This elite group of politicians and royal family members have used women and girls, trading them around the world to serve their nefarious, self-interested agendas. Their actions reveal a disturbing pattern of exploitation at the highest levels of power. The extent of their abuse continues to outrage the global public.

Rory Stewart's remarks compound the damage, showing disregard for the severe harms ordinary people suffer.

Here's Rory Stewart describing MPs as being on "low incomes".

Their basic annual salary is £93,904, putting them in the top 5% of earners.

There's a nuanced debate to be had about MPs' pay, but describing them as "low income" is an insult to those who really are. pic.twitter.com/2qE8fYn1sJ

— James Hanson (@jhansonradio) February 4, 2026

Andrew Feinstein — 'From the belly of the corrupted beast'

Our own Joe Glenton recently gave his take on Rory Stewart's desperate attempt to defend the indefensible, writing:

The average wage in the UK seems to be about £30,000. The mathematical geniuses among us will notice that that is…. quite a lot less than what MPs get paid.

It's almost like Roderick James Nugent "Rory" Stewart - a humble Oxford educated one-time tutor to the future king of England, former army officer, and imperial governor of a province of Iraq - hasn't got a fucking clue what he is talking about.

When we put Rory's defence of 'impoverished MPs' to Feinstein, he responded with:

So that tells you everything you need to know about Rory Stewart, whose podcast, of course, is co-hosted by a war criminal in Alastair Campbell, who enabled Tony Blair's extreme war profiteering and lied in order to get Britain into the invasion of Iraq. So I take that comment as coming from the belly of the corrupted beast.

To think that a political class, an MP, earning £94,000 a year before expenses, and as we all know, claim ridiculous expenses, is frankly an appalling insult to the vast majority of people in Britain. And if that's what he thinks is impoverishment, then he needs to get his head out of the sand or out of the fancy restaurant he spends his life in and actually understand how many people in Britain are living right now.

Because in Rory Stewart and Alastair Campbell's Britain, we have more billionaires than at any time in this country's history, while more families are having to use food banks to feed themselves than at any time since the end of the Second World War. And if he thinks the solution to that is to pay our mendacious, mediocre, corrupted politicians more money, then he's even more stupid than I thought he was.

But at the same time, it's important to say that I've experienced a totally corrupted political class in apartheid South Africa. And South Africa again now, 30 odd years after our democracy, has another corrupted political class running it. But we still managed to defeat the system of apartheid. We didn't get rid of any of the economic problems. But simply by dint of the fact that we managed to defeat the apartheid state, it makes me think that enough committed people within a country around the world can bring fundamental political change.

We also asked Feinstein for his perspective on the importance of radical honesty and transparency in government. Referring to known war criminals and the recently exposed shadiness of Mandelson and co, he said:

Absolutely. I think we, just as responsible citizens, have a duty to expose the lies of our leaders, remembering that we elected them, that they exist because of the money that we pay to the state, and they're ingratiating themselves and their billionaire friends and corporate donors. And I like the idea of radical truth, because if we are truthful about our political systems, we would have to admit that they are not fit for purpose and require fundamental change.

I mean in Britain as we speak, we have someone [Mandelson] who is and has been for decades incredibly powerful and influential in our politics. Not only being close friends with a convicted pedophile and sex trafficker but actually giving information to this person that is then used in this web of influence and deceit.

And all the while, we are participating in conflict and often causing conflict around the world from which again, the same elites profit. And the corollary of that is that our own democratic space is closing so rapidly because it's the only way you can maintain such a totally corrupted system is if you reduce democracy, you reduce civil rights.

And the companies that are central to these conflicts now, the AI companies, the big tech companies, are exactly the same companies who are central to the erosion of our democracies, are central to the authoritarianism that is becoming a part of our daily lives in the US and Britain and in much of Europe. And so, by being aware of what we're doing in the rest of the world, we're also becoming aware of what is being done to us by our own leaders. We're at an existential moment in human history. And if we don't inform ourselves and challenge our political and economic elite who have become one and the same thing, we're effectively consigning our countries to despotism. So that's really the scale of the moment we're in.

The agency to decide how our world is organised

Finally, Feinstein finished with a rallying cry to voters and activists across the country:

And I think that's what we need to do. We need to realise that one of the things that the sort of late era neoliberal capitalism does is it intentionally stifles our imaginations and our creativity to make us believe there is no alternative. As Margaret Thatcher famously and evilly said, to believe that this is the only way the world can be organised. And it's not. We have the agency to decide how our world should be organised and we need to take that agency.

Referring to his upcoming book set for release in Autumn this year, he added:

And this book [Making a Killing] is an attempt to give people the information and to propose some of the ways in which we can take agency about something that is destroying our societies and our politics. And I'm always reminded when people feel very depressed and defeated, which of course I sometimes do too, I'm always reminded of what Nelson Mandela said when he was asked how he retained hope in an apartheid prison and in very dark and depressing days.

And he [Mandela] said, because anything is always impossible only until it's done.

And I think we have the ability, we have the brains amongst us ordinary people to change the world profoundly and fundamentally. And I hope that this book will be a very small contribution towards that.

Rory Stewart and his neoliberal ilk can consider themselves 'told' after this brilliant takedown from a man who makes fighting corruption his day job.

Featured image via the Canary

By Maddison Wheeldon

After kicking off CES 2026 with its "First Look" event, Samsung is ready to announce the first of what should be several new Galaxy smartphones this year. The company is officially hosting a Galaxy Unpacked event on February 25 at 1PM ET, where it'll introduce the Galaxy S26 series and updates to Galaxy AI.

Leaks that have trickled out ahead of the event suggest that the Galaxy S26, S26+ and S26 Ultra will feature a new Snapdragon 8 Elite Gen 5 chip, and could come with more RAM and storage. Only the Galaxy S26 Ultra is expected to include major hardware changes, though, with an updated camera system, and possibly proper support for Qi2 charging. Alongside new smartphones, Samsung is also expected to introduce the Galaxy Buds 4 and 4 Pro, which will reportedly feature a new design, support for head gestures and an Ultra Wideband chip so they're easier to find using Google Find Hub.

As in previous years, Samsung has an optional deal for anyone who wants to lock in a discount before the company's new smartphones and accessories are announced. If you reserve Samsung's new devices now, you can receive a $30 credit and be entered to win a $5,000 Samsung.com gift card. When you do pre-order, the company also claims that it'll offer up to an additional $900 in savings if you trade-in a device or $150 off even without a trade-in if you pre-order through Samsung.com.

Engadget will have coverage of everything Samsung announces at Galaxy Unpacked right here, but if you want to watch along, you can catch the company's livestream of the event on Samsung's YouTube channel, the Samsung Newsroom page or at Samsung.com.

This article originally appeared on Engadget at https://www.engadget.com/mobile/smartphones/samsungs-galaxy-s26-unpacked-event-is-on-february-25-230000375.html?src=rss

The National Labor Review Board (NLRB) has dropped a case accusing SpaceX of illegally firing eight employees who criticized the company's CEO Elon Musk, The New York Times. The employees were originally fired in 2022 after circulating a letter that referenced reports of Musk's sexual misconduct and called the executive "a frequent source of distraction and embarrassment." The NLRB filed a complaint claiming the firing was illegal in 2024.

Originally, SpaceX's opposition to the NLRB's case was that the agency is unconstitutional, The New York Times writes. Complaints about the NLRB's independence and power are not uncommon. Amazon has previously claimed that the board's structure "violates the separation of powers," a critique the company has made even more recently about the Consumer Product Safety Commission. The NLRB dismissed its SpaceX case following an even more unusual line of argument, though: that regulating SpaceX actually fell under the jurisdiction of the National Mediation Board, the government agency that handles mediation in the airline and railway industries.

Because the company will technically let anyone book a space flight with it, and it operates under a license from the Federal Aviation Administration, SpaceX's lawyers argue it should be treated like an airline. According to The New York Times, the National Mediation Board issued a decision affirming that logic in January, and not long after, the NLRB dismissed its SpaceX case using the same line of thinking.

Elon Musk and his companies maintain a close relationship with the Trump administration. Musk spent over $250 million to help re-elect President Donald Trump, and he briefly served as a special government employee overseeing budget cuts and layoffs across various government bodies as part of the Department of Government Efficiency. The NLRB gave up its own authority to regulate, rather than it being stripped of funding or employees, but the decision still fits a larger pattern of independent agencies being disempowered during the second Trump administration.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/the-nlrb-just-gave-up-on-spacex-workers-who-claim-they-were-illegally-fired-215332847.html?src=rss

Support us on Patreon »

In the last few years, the Supreme Court has been paying a lot more attention to the internet than it ever has before, and the cases keep on coming. This is already having a big impact on how the internet functions, and it doesn't look likely to stop any time soon. Given all that, this week our own Cathy Gellis joins the podcast for a discussion all about the past, present, and future of SCOTUS and the internet.

You can also download this episode directly in MP3 format.

Follow the Techdirt Podcast on Soundcloud, subscribe via Apple Podcasts or Spotify, or grab the RSS feed. You can also keep up with all the latest episodes right here on Techdirt.

Roses are red, violets are blue ... now get patching

What better way to say I love you than with an update? Attackers exploited a whopping six Microsoft bugs as zero-days prior to Redmond releasing software fixes on February's Patch Tuesday.…

A leading academic on social security has slammed a new anti-benefit fraud advert released by communities minister Gordon Lyons. A brief glimpse of the fear-mongering crap can be seen here. The ad features a searchlight seeking out dishonest claimants, with a dramatic voiceover declaring:

Benefit fraudsters are being identified, caught, and prosecuted.

Ciara Fitzpatrick, who is a senior lecturer in law at Ulster University (UU), specialises in the study of social security. Speaking on X, she denounced:

…a tax-payer funded ad campaign against benefit fraud despite stats released today suggesting that allegations have increased by 40% since the publication of the names of those convicted.

She asked the reasonable question of:

…why spend thousands on an ad campaign [?] In my view, it's an appalling use of funds.

Her first point is in reference to a move in 2025 by the Democratic Unionist Party's (DUP) Lyons to restart the practice of naming those convicted of benefit fraud. This coincided with Lyons ramping up rhetoric. He urged people to tout on their neighbours if they suspect wrongdoing.

Fraud panic is an attempt to distract from inequality

Of course, these moves have a clear dual ideological purpose. Firstly, publicising names of those convicted, then starting a song and dance about it, inflates the size of benefit fraud in the public imagination.

In reality it constitutes a mere 2.5% of total benefit spending. There are far fewer cases resulting in prosecution. This is a more solid indicator of actual guilt. Furthermore, this directs people away from looking at much more serious cases of defrauding the public purse. For example, tax evasion is a major issue.

Not to mention diverting people from taking a critical look at capitalism itself. Our entire economic system is one big theft scheme. It is based around bosses stealing a hefty chunk of the value workers produce every day.

Secondly, asking the average taxpayer to grass up their next door neighbour is a convenient way of undermining class solidarity. See the person beside you as a potential enemy, we're told, rather than the actual enemies faced by the vast majority. These enemies include employers who overwork and underpay us. They also include landlords who steal half our pay check, and politicians that do the bidding of both the above.

People Before Profit's (PBP) Gerry Carroll made a similar point, saying in response to Lyons:

This is a tried and tested DUP tactic; to whip up fear and suspicion in local communities and turn neighbour against neighbour, in order to distract from the party's own political failures on tackling poverty, the housing crisis and widening inequality.

Lyons made a speech in Stormont coinciding with the ad's release, and boasting about the results of his change in tack:

In an early and visible sign of my intent, last year I reintroduced the departmental practice of naming those who were found guilty in the courts. Since doing so, my department has seen anonymous fraud referrals from members of the public rise to 9,857 at the end of [Jan 2026] compared with the total year end figure of 6,353 for 2024/25. It is clear that as a result of my leadership on these issues, benefit fraud is now clearly on the public agenda.

To the annoyance, I'm sure, of some in this chamber, I will keep highlighting the issue and keep it as a priority for the department.

Lyons has been demanding an increase in the department's £16.7 million budget for tackling fraud and error in the benefits system. He claimed discussions had been ongoing with Westminster. The aim was that a portion of money recovered would be kept by Stormont. This indicates that Starmer's stingy regime is encouraging the DUP approach.

Money for increased clampdown, but not to relieve poverty

Mark Durkan of the Social Democratic and Labour Party (SDLP) asked what was actually being done to help people, rather than seeking further forms of punishment. He said:

While some people do abuse the system, this system itself abuses people. Tens of thousands of genuine claimants struggle with a complex, slow and punitive system where genuine mistakes can lead to sanctions, and now sack cloth and ashes too.

How much of that £16.7 million has been spent chasing fraudsters and how much has been spent to reduce the stress and suffering caused by a system that creates errors and hardship?

A reminder that, as an example of current benefits available, Jobseeker's Allowance in the Six Counties is a pitiful £72.90 per week for those under 25, and £92.05 for those 25 or over. Despite how we are dishonestly told migrants flock to Britain for its generous benefits system, it in fact lags far behind the rest of Europe. UU's Fitzpatrick also flagged how those on benefits are facing the prospect of discretionary support being gutted. This is leaving the most desperate fully exposed.

Online, commenters contrasted the DUP's keenness to clamp down on benefits cheats with their lax approach to the massive fraud that took place under the Renewable Heat Incentive (RHI) scheme. That debacle saw half a billion lost, often into the pockets of big agricultural players. The DUP ignored whistleblowers drawing attention to the money being stolen.

Nobody wants benefit fraud, but we are seeing unprecedented levels of society's wealth hoarded by the top 0.1%. Rather than a focus on reclaiming relative pennies in an already ungenerous benefits system, the emphasis should be on taking back the billions hoarded by those at the very top.

Featured image via the Canary

By Robert Freeman

You'd think that Blairites would be wary of ex-military personnel. After all, Tony Blair unites most War on Terror veterans on one thing only: a deep contempt for Tony Blair. But this isn't the whole picture when it comes to Labour.

In recent days, ex-special forces soldier-turned-defence minister Alistair Carns has been touted a possible replacement for Keir Starmer. Starmer is currently hanging on to power by a thread after revelations about Peter Mandelson's friendship with serial child-rapist Jeffrey Epstein.

Someone has even reportedly registered a webpage for Carns' leadership bid, according to the centrist New Statesman. The paper describes Carns as a "dark horse", adding that:

Supporters believe that his background as a colonel in the Royal Marines will help Labour win back support it has lost under Starmer.

And this is the key point. It is Carns' background as a colonel in the Royal Marines that makes him a good shout. Not his commitment to democracy, or ethics in public life, or his values. He may have all of these, but Carns is appealing to some on the basis of his military credentials. That reveals something important which well-meaning socialists may miss about the nature of the Labour Party…

Labour party's military fetish

Carns' main draw is the nonsensical view that a former military man could sort out Britain's political mess.

If I even need to say it again, there is nothing about military service which guarantees someone will be a good MP. At least no more than someone being a good nurse, or binman, or, God forbid, journalist.

I mean…have we already forgotten about Johnny Mercer? And let's not forget the track record of the British military in Iraq — an abject failure and a stain on Blair and new Labour.

But weird soldier fetishism isn't new and often rears its head. I first noticed it with Labour security minister Dan Jarvis, a former Parachute Regiment officer who served in Afghanistan.

Jarvis' military credentials were routinely flaunted as if they qualified him to lead the country — even during the Corbyn days. And almost always by people, including journalists, who'd never worn a uniform.

Now there are all kinds of explanations for this. I enjoy the lowbrow ones. For example, Blairites are basically fantasist dweebs who read too many Andy McNab books. Or perhaps the authoritarian nature of the military appeals to their own Stalinist leanings. Or it could be a residual sense of our own imperial history that makes some  yearn for the power and status which accompanied those times.

These might all be true in part. But I also think that soldier-worshipping holds up a mirror to the Labour Party. It reminds me of a passage in Richard Seymour's book 'Corbyn: The Strange Rebirth of Radical Politics' (2016).

Seymour asked, at a time when Labour's future was being fought over, if the Labour Party is Marxist (we can laugh now)? Or is it, as Tony Blair said at the time, built on some sort of dusty English Methodism.

Seymour's answer is that it was neither:

What seems to have more enduring significance for the distinctive shape and trajectory of the Labour Party is its origins in Victorian Liberalism.

This offers a far better explanation of why the party is so in love with militarism and war. It's because the party is still operating on Windows 1870.

Seymour goes on:

In fact, whatever else changed about the Labour Party in this era, one of its abiding attributes was to be the priority it accorded to the interests of the 'nation', and the deference it accorded to extant constitutional arrangements and military commitments.

He adds that:

Those Labour MPs who, today, find simply unthinkable the break-up of the United Kingdom, the repudiation of Trident, and the end of the 'special relationship' with the United States, are in fact authentic legatees of their party's traditions.

The truth is, Starmer and his allies, are right in their assessment that the Labour Party — a militarist party of capital and empire — is theirs by right. And with this in mind, why wouldn't centrists get excited about Carns as a candidate?

While it might seem a little out of date, that book is worth picking up ten years on. Because it leaves you in no doubt that the Labour Party was never ours to begin with. And, in all honesty, given it is wedded to empire to the degree that it is, why the hell would you even want it anyway?

Featured image via the Canary

By Joe Glenton

Robert Jenrick has blamed the Tories for extortionate house prices, despite being a former Tory Housing Secretary who only recently defected to Reform.

The two old parties made housing unaffordable.

Reform is now the home for aspirational young people.

Simon has the real world experience to break the cycle of broken promises. https://t.co/bETQLedo3k

— Robert Jenrick (@RobertJenrick) February 9, 2026

Jenrick served as Housing Secretary for over two years during the previous Conservative government. And his track record as a Tory minister cannot be ignored.

During that time, he fast-tracked a £1bn development for a porn baron.

Oh dear Bobbie Boy.

You were a literal housing minister for two years under the Tories. You remember them?

One of the 'two old parties'.

Remember? You fast tracked a £1 Billion development for a porn baron. https://t.co/kDI1LltnKm

— Don McGowan (@donmcgowan) February 9, 2026

He also came under fire over the allocation of the £3.6bn Towns Fund. The Public Accounts Committee ruled that this was "not impartial". The fund was set up to help financially challenged towns, but a panel found it was heavily skewed towards Tory constituencies. Jenrick's own received £25m in funding.

Useless bastard who failed miserably in a disgraceful government, switched parties and says 'vote for me' because he fucked up so badly in his previous job.

Utter cunt. He thinks we're fucking stupid. https://t.co/pkFkqmmDPT

— Lord Monsieur Prepuce

This photograph shows undated pictures provided by the U.S. Department of Justice on Jan. 30, 2026 as part of the Jeffrey Epstein files. Photo: Photo by Martin Bureau/AFP via Getty Images

With each successive trove of documents from the Epstein files the Department of Justice releases, we're treated to rare insight into how our ruling class behaves in private, and how connected many of them were to the late sex trafficker. 

The list of elites who maintained close relationships with Epstein is long and includes prominent politicians, media figures, academics, and business leaders. In contrast, the list of people who have faced any meaningful consequences, at least in the United States, is so far quite short. Recently, Brad Karp, a top Democratic Party fundraising "bundler," was removed as chair of the white-shoe law firm Paul Weiss after his extensive ties to Epstein were revealed. Peter Attia, the celebrity doctor and a new hire at Bari Weiss' CBS News, resigned from a protein bar company after emails showed him making dirty jokes with Epstein. The economist Larry Summers was deemed toxic after a previous DOJ disclosure, and despite his intention to continue teaching, was put on leave by Harvard and unceremoniously dropped by numerous institutions. So far, that's about the extent of it.

To be very explicit, this lack of serious consequences is a choice that powerful people in the United States are making. Meanwhile, in the United Kingdom, Prince Andrew is prince no more, reduced to merely Andrew Mountbatten-Windsor after King Charles removed all of his remaining royal titles; the former CEO of Barclays has been barred from the finance industry; the British ambassador to the United States, Peter Mandelson, has been forced out; Morgan McSweeney, Prime Minister Keir Starmer's chief of staff and a Mandelson protege, was forced to resign under pressure; and Starmer risks losing his post over the Mandelson appointment. In Slovakia, the national security adviser to the prime minister has resigned. Accountability, if you care to enforce it, is in fact possible.

But on this side of the pond, elites have moved to protect powerful people with Epstein connections (themselves included). Donald Trump is the most obvious example; for any other president, the relationship between the two men would have been a fast track to impeachment. The documents also reveal how many powerful people maintained relationships with Epstein years after he was convicted of soliciting a minor for prostitution in 2008: Among them are former presidential adviser and current podcast bro Steve Bannon, Trump's Commerce Secretary Howard Lutnick, Tesla et al. CEO and "MechaHitler" progenitor Elon Musk, LinkedIn co-founder Reid Hoffman, Palantir co-founder Peter Thiel, and Microsoft co-founder Bill Gates. Extensive redactions to the documents by the Justice Department have slow-walked matters even further, but on Tuesday, Rep. Ro Khanna took aim by reading off the names of "six wealthy, powerful men that the DOJ hid for no apparent reason" on the floor of Congress.

If there's to be any measure of accountability, the powerful people who palled around with Epstein, asked his advice, or otherwise provided cover for him need to be cast out of polite society forever.

To make matters worse, many figures who appear in the files have reacted to the ongoing Epstein disclosures in ways that merit aggressive eyebrow raising. After the threat of being held in contempt of Congress, former President Bill Clinton, who for years had a close relationship with Epstein, and former Secretary of State Hillary Clinton have finally, under pressure, agreed to testify before the House Oversight Committee. The Clintons resisted subpoenas, even calling them "invalid and legally unenforceable," until a bipartisan majority of the House Oversight Committee voted to move the measure to hold them in contempt to the full House. Before that inflection point, they apparently expected Democrats to close ranks around them, as they always have in the past. Republican maneuvering aside, the presumption that noncompliance with a legitimate subpoena from Congress is somehow permissible, or even noble, reflects the air of impunity that ruling elites have toward basic functions of the rule of law.

But make no mistake: If there's to be any measure of real accountability, the powerful people who palled around with Epstein, asked his advice, or otherwise provided cover for him need to be cast out of polite society forever.

Beyond being packed with salacious gossip and more than enough material for months more of investigative journalism, the newly released documents are striking in how they reveal elites' widespread casual disdain for us commoners. Perhaps more than anything, the Epstein files are jarring for how transparently they communicate that members of our elite believe that norms, consequences, and even laws don't apply to them. There seems to be no end to the number of emails from powerful people seeking out Epstein's advice for how to handle controversies ranging from sexual assault allegations to formal human resources investigations to media scrutiny. (Former Arizona State University professor Lawrence Krauss is probably the clearest example; as Grace Panetta wrote for The 19th, "Krauss turned to Epstein for public relations advice and strategy, sent him possible cross-examination questions for his accusers, forwarded an article on the dos and don'ts for apologizing, and fielded Epstein's edits and feedback on draft statements.") 

Not to put too fine a point on it, but it should absolutely be disqualifying to seek image management tips from someone like Epstein, particularly years after they pleaded guilty to soliciting sex from a minor. If you're running to a convicted child sex trafficker to plan your PR strategy, if you're chummily asking for his insights and making social plans, or if you are seeking advice on how to use professional leverage to induce a subordinate to have sex with you, then you are probably someone we should never hear from again.

It is worth being quite clear here: This does not mean everyone who makes any appearance at all in the files needs to be excised from public life. For instance, the political commentators Megan McArdle, Josh Barro, Ben Dreyfuss, and Ross Douthat recently recorded a podcast episode titled "We're All in the Epstein Files," which notes that they all are there because of tweets that a third party shared with Epstein, mostly via a newsletter sent out by Gregory Brown. That sort of thing is not the point. In order to actually clean house, we need to be clear where the dirt is. 

But there are many cases where influential figures were cavorting with Epstein for years, maintaining close relationships with a prominent sex trafficker, and often being creepy in the correspondence itself. In many more, the emails became damning in context. 

For example, the MIT Media Lab, an initiative heavily backed by billionaire Hoffman, accepted Epstein's donations for years after his conviction, including soliciting donations in 2016. Importantly, MIT Media Lab staff internally flagged Epstein's criminal history in 2013 — even sending a helpful link to his Wikipedia page — when Media Lab director Joichi Ito raised him as a prospective funder, according to a report commissioned by the university. Ito ignored those concerns, accepted Epstein's money, and remained in touch until well into 2019, including exchanging text messages in May, just three months before Epstein's death.

The new documents also show Ito attempted to arrange a meeting with himself, Hoffman, and Epstein during a 2016 conference, while promising to "drag interesting [p]eople over" from the conference to a nearby house. That awkwardness is compounded by the fact that the MIT Media Lab gave Epstein an appreciation gift even later in 2017. Ito, for his part, did resign from MIT, as well as from the boards of multiple foundations in 2019.

Or take prominent evolutionary biologist Robert Trivers, who continued to solicit funding from Epstein until at least 2017, based on a check from January and a thank you note from August of that year. Trivers, along with Ito, shows how Epstein was still influential in shaping our public discourse long after he became a publicly known sex offender. In a February 2017 email, Trivers even passed along a "small joke" about his association with Epstein being described as a "folly" and he a "fool" for continuing the relationship (an allusion to Trivers' book The Folly of Fools). Trivers also credited Epstein with coming up with the idea to branch out in order to land speaking gigs, which resulted in a speaking engagement in London.

The Epstein saga has been unfolding against the backdrop of eroding trust in institutions and elites. What it has taught the public so far is that elites were undeserving of our implicit trust in the first place and, more broadly, that their shared interests are only with one another. If we want to move back toward a healthy public sphere where people are able to believe in the system and their ability to shape it, we need to reform it to be worthy of that trust. That will require never again letting people lacking any concept of basic human decency set the terms of our public discourse, dictate our moral frameworks, wield the powers of our government, or serve as our leaders. We need to cast out the creeps — permanently.

The post Americans Want Accountability With the Epstein Files. Elites Couldn't Care Less appeared first on The Intercept.