Switching phones is always a gamble. You expect something new, something exciting – maybe even something better. And to be fair, the Galaxy S26 Ultra delivers on that promise in many ways. It is one of the most technically impressive smartphones available today, packing a 6.85-inch 2K LTPO AMOLED display with a 120Hz refresh rate, peak brightness reaching up to 2,600 nits, and Qualcomm’s Snapdragon 8 Elite Gen 5 chip, which offers roughly a 10–15% performance boost over its predecessor.

But after spending time with it, I found myself in a strange position. The more I appreciated what Samsung had built, the more I started missing my iPhone 17 Pro.

The Privacy Display has got some real trade-offs

The standout feature this year is easily Samsung’s Privacy Display. It uses pixel-level light control to restrict viewing angles, effectively making your screen unreadable from the sides. In theory, it’s brilliant. In practice, it’s genuinely useful – especially in public spaces like flights or metros where shoulder surfing is a real concern.

Samsung deserves credit here because this isn’t just software trickery. It’s hardware-driven innovation, and that’s increasingly rare in modern smartphones.

But the moment you turn it on, the compromises become clear. The display dims noticeably, color accuracy takes a slight hit, and the overall viewing experience feels constrained. This is particularly noticeable because the S26 Ultra’s panel is otherwise one of the brightest and most vibrant in the industry.

And that’s when the contrast hits you.

Apple doesn’t offer a privacy display. But it also doesn’t introduce features that degrade the core experience. The iPhone approach is slower, more conservative – but also more refined. You don’t get experimental features, but you also don’t deal with their trade-offs.

Camera improvements that don’t change the outcome

On paper, the S26 Ultra’s camera system sounds upgraded. The main sensor now features a wider f/1.4 aperture, while the telephoto sits at f/2.9, theoretically improving low-light performance. The phone retains its triple 50MP setup, including a periscope zoom lens.

In isolation, the results are excellent. Photos are sharp, bright, and social-media ready.

But compared to the S25 Ultra, the differences are minimal. In most real-world scenarios, you would struggle to tell which phone took which shot unless you were actively looking for it. Even benchmark comparisons and side-by-side tests suggest that the improvement is incremental rather than transformative.

Meanwhile, the iPhone continues to excel in areas that matter day to day – video consistency, color accuracy, and optimization for apps like Instagram and Snapchat. Apple’s computational photography may not always push boundaries, but it delivers predictability.

Samsung is innovating. Apple is refining. And more often than not, refinement wins in daily use.

Performance and AI: Powerful, but overwhelming

There is no denying the raw power of the S26 Ultra. The Snapdragon 8 Elite Gen 5 delivers top-tier performance, and the device handles everything – from gaming to multitasking – effortlessly. But the real focus this year is AI.

Samsung has packed the phone with features: AI image editing, generative fill, object insertion, writing assistants, real-time translation, and contextual suggestions through tools like Now Brief or Now Nudge. These features are technically impressive, but they come with limitations. AI-generated images often output at lower resolutions – which doesn’t match the phone’s native display. Editing images can reduce quality by up to 20–30%, making them less practical for long-term use.

More importantly, many of these tools feel optional rather than essential. They are features you try, not features you rely on.

And over time, that starts to feel exhausting.

The iPhone, by comparison, takes a different approach. It integrates AI more quietly, focusing on tasks that improve existing workflows rather than introducing entirely new ones. It does less – but it does it more consistently.

The irony of it all

The S26 Ultra didn’t make me dislike Android. It reminded me why I liked iOS.

Because while Samsung is experimenting with bold features – privacy displays, AI tools, camera tweaks – Apple is focusing on stability, consistency, and polish. And that difference becomes more noticeable the longer you use both. The features you admire aren’t always the ones you miss.

My final take

The Galaxy S26 Ultra is an exceptional device. It is powerful, innovative, and packed with features that push the boundaries of what a smartphone can do. But using it didn’t feel like an upgrade in my daily life. It felt like stepping into a different philosophy. And sometimes, that’s enough to make you realize that what you value isn’t innovation for its own sake – but how seamlessly everything fits together.

And in that regard, I found myself missing my iPhone 17 Pro more than I expected.

Hackers have targeted TrueConf conference servers in attacks that exploit a zero-day vulnerability, allowing them to execute arbitrary files on all connected endpoints.

The flaw is tracked as CVE-2026-3502 and received a medium severity score. It stems from a missing integrity check in the software’s update mechanism, which can be used to replace the legitimate update with a malicious variant.

TrueConf is a video conferencing platform that can run as a self-hosted server. Although it also supports cloud deployments, it is generally designed for closed, offline environments.

According to the vendor, more than 100,000 organizations transitioned to TrueConf during the COVID-19 pandemic for remote online business activities. Among TrueConf users are military forces, government agencies, oil and gas corporations, and air traffic management companies.

CheckPoint researchers have been tracking a campaign they track as TrueChaos that, since the beginning of the year, has exploited CVE-2026-3502 in zero-day attacks targeting government entities in Southeast Asia.

“An attacker who gains control of the on-premises TrueConf server can replace the expected update package with an arbitrary executable, presented as the current application version, and distribute it to all connected clients,” CheckPoint says.

“Because the client trusts the server-provided update without proper validation, the malicious file can be delivered and executed under the guise of a legitimate TrueConf update.”

The flaw affects TrueConf versions 8.1.0 through 8.5.2, and following CheckPoint’s report to the vendor, a fix was released in version 8.5.3 in March 2026.

“TrueChaos” operation

CheckPoint has moderate confidence in attributing the TrueChaos activity to a Chinese-nexus threat actor, based on tactics, techniques, and procedures (TTPs), the use of Alibaba Cloud and Tencent for hosting the command and control (C2) infrastructure, and victimology.

The attacks spread through a centrally managed government TrueConf server, impacting multiple agencies, pushing malicious files via fake updates to all connected TrueConf clients.

The infection chain includes DLL sideloading and the deployment of reconnaissance tools (tasklist, tracert), privilege escalation (UAC bypass via iscicpl.exe), and the establishment of persistence.

The researchers were unable to recover the final payload, but noted that network traffic pointed to Havoc C2 infrastructure, making it highly likely that the Havoc implant was used.

Havoc is an open-source C2 framework capable of executing commands, managing processes, manipulating Windows tokens, executing shellcode, and deploying additional payloads on compromised systems.

It has previously been used by the Chinese threat cluster ‘Amaranth Dragon’ in attacks with a similar targeting scope.

CheckPoint’s report shares indicators of compromise (IoCs) as well as multiple infection signals. Strong signs of a breach include the presence of poweriso.exe or 7z-x64.dll, and suspicious artifacts like %AppData%\Roaming\Adobe\update.7z or iscsiexe.dll.

Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other.

This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation.

Get Your Copy Now

Decentralized finance company Drift says it has suspended withdrawals and deposits after confirming a security incident. 

The crypto platform said in a post on X that it was “experiencing an active attack,” and that it was working to “contain the incident.”

Security researchers and public blockchain data suggest the losses could be significant. Blockchain security firm CertiK said on X that hackers may have stolen around $136 million, while crypto analytics firm Arkham put the figure at around $285 million stolen.

If confirmed, this would make the Drift hack the largest crypto theft of the year, according to the Rekt leaderboard, a site that tracks crypto thefts by size.

It’s not clear who is behind the attack, and a spokesperson for Drift did not immediately respond to a request for comment.

Security firms say North Korea was behind the most crypto thefts last year, netting at least $2 billion in stolen cryptocurrency, funds the regime is believed to use to finance its nuclear weapons program and skirt international sanctions that restrict its access to the global financial system.

Apple has officially kicked off celebrations for its 50th birthday, and we’ve been following along the festivities through our live coverage.

We’ve covered some of the best Apple products the company has released in the last half century (and some of the misses, too) and we’ve even taken a deep dive into the products that didn’t quite make it also.

If you’ve also been following along and you’re also in a bit of a celebratory mood, then you can also join in on the fun by checking out these deals for a few of our favourite current-generation Apple products.

I’ve highlighted savings on Apple Watches and the AirPods Pro 3 — which now drop to their lowest price in Australia. These aren’t the only Apple deals live on Amazon right now, and if you’re totally enamoured with my picks, you can view the full selection at the Apple storefront on Amazon.

SpaceX has confidentially filed paperwork with the Securities and Exchange Commission to sell shares to the public, according to multiple sources familiar with the registration, setting the stage for what would be the largest initial public offering in history and almost certainly making Elon Musk the world’s first trillionaire. The offering, internally code-named Project Apex, could come as early as June and reportedly aims to raise as much as $75 billion at a valuation of up to $1.75 trillion. That would more than double Saudi Aramco’s $29 billion listing in 2019, the current record holder, and would value SpaceX at roughly 94 times its 2025 revenue.

Twenty-one banks have lined up to manage the deal, with Goldman Sachs, JPMorgan Chase, Morgan Stanley, Bank of America, and Citigroup in senior roles, according to CNBC. Musk, who owns approximately 42 per cent of SpaceX according to PitchBook, has a current net worth estimated by Forbes at $823 billion. At a $1.75 trillion valuation, his stake alone would be worth more than $730 billion, pushing his total wealth past the trillion-dollar mark and placing him further ahead of every other person alive than any individual in modern economic history.

The company filing for this listing, however, is no longer just a rocket business. In February, SpaceX absorbed Musk’s artificial intelligence company xAI in an all-stock transaction that valued the combined entity at $1.25 trillion. That deal, a merger that raised immediate questions about optics, governance, and valuation, folded a company reportedly burning roughly $1 billion a month into one generating substantial cash flow. SpaceX also brought Musk’s social media platform X, formerly Twitter, under the same corporate roof. The result is a conglomerate spanning orbital launches, satellite internet, defence contracts, artificial intelligence, and social media, all controlled by a single individual who is simultaneously the largest financial backer of the sitting president of the United States.

The financial engine behind the valuation is Starlink, the satellite internet service that has become the most commercially successful space venture in history. In 2025, Starlink generated $10.6 billion in revenue on 54 per cent EBITDA margins, accounting for roughly two-thirds of SpaceX’s total revenue of $16 billion. The subscriber base has grown from 10,000 beta users in 2021 to more than 10 million paying customers across 150 countries as of February 2026. The Federal Aviation Administration’s January 2026 approval for up to 44 annual Starship launches has provided the operational headroom investors needed to underwrite a public valuation at this scale.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

The xAI component of the entity going public is, by contrast, a work in progress. Musk himself said in March that xAI was “not built right the first time around” and needed to be rebuilt from its foundations. Since the merger, all 11 of xAI’s original co-founders have departed the company, including researchers who had previously worked at Google DeepMind, Google Brain, and Microsoft Research. Jimmy Ba, who co-authored the Adam optimisation paper, one of the most cited in all of artificial intelligence, left in February. Critics have characterised the merger as a financial bailout that allows xAI’s mounting losses to be absorbed by Starlink’s cash flow ahead of the IPO, a framing Musk has rejected.

The conflicts of interest embedded in this offering are without precedent in American capital markets. In the past five years alone, SpaceX has won $6 billion in contracts from NASA, the Department of Defense, and other federal agencies, according to USAspending.gov. The company is NASA’s primary launch provider for crewed missions to the International Space Station and holds more than $4 billion in contracts for the Artemis lunar-landing programme. The Pentagon is reportedly preparing to award SpaceX a $2 billion contract to build a 600-satellite constellation for missile tracking as part of the Golden Dome missile-defence initiative, a programme Trump announced would cost $175 billion and begin initial operations within three years.

Musk was the largest individual donor to Trump’s 2024 presidential campaign and led the Department of Government Efficiency, or DOGE, a temporary body that unilaterally cancelled more than 10,000 federal contracts it deemed wasteful. Ethics observers noted that none of the cancellations affected Musk’s own companies. Among SpaceX’s current investors is Donald Trump Jr, the president’s eldest son, who holds shares through 1789 Capital, a venture firm that made him a partner shortly after his father won the presidency for a second time. That fund, which has crossed $1 billion in assets, has invested approximately $50 million in SpaceX and xAI and has backed at least four companies that subsequently received government contracts during the current administration. The White House has repeatedly denied any conflicts of interest between the presidency and the Trump family’s business activities.

The governance risks do not end at the political boundary. SpaceX under Musk has operated as a private company with minimal public disclosure for more than two decades. Going public will force it to file quarterly earnings, disclose executive compensation, open its books to auditors, and face shareholder lawsuits of the kind Tesla already contends with regularly. Tesla shareholders are currently suing Musk over the company’s $2 billion investment in xAI, arguing he directed shareholder capital into his own private venture. The SpaceX-xAI merger, in which both the buyer and seller were controlled by Musk, presents a similar structure of self-dealing that public-market investors and regulators already struggling with the pace of AI-era consolidation will scrutinise closely.

One unusual feature of the planned offering is the reported intention to allocate up to 30 per cent of shares to retail investors, roughly triple the typical 5 to 10 per cent. The move echoes Google’s unconventional 2004 IPO, which used a Dutch auction to broaden access, and appears designed to build a base of loyal individual shareholders who may be less inclined to challenge management. For a company whose founder has cultivated a large and vocal online following, the retail allocation could serve as both a democratisation of access and a governance insulation mechanism.

SpaceX’s listing would be the first of what could be a trio of mega-IPOs from the companies that defined the current era of AI and deep tech. OpenAI and Anthropic are both reportedly considering public offerings, though neither has filed. Together, the three listings would represent a concentration of market value in a handful of companies whose products, from orbital internet to frontier AI models, now intersect with national security, global communications, and the basic infrastructure of economic life.

The scale of what SpaceX is attempting is difficult to overstate. A $75 billion raise would exceed the gross domestic product of more than half the world’s countries. A $1.75 trillion valuation would make SpaceX more valuable at listing than every company in the S&P 500 except Apple, Microsoft, Nvidia, Amazon, and Alphabet. And at the centre of it all is a single individual who builds the rockets that carry American astronauts, runs the satellites that provide internet to war zones, leads an AI company he admits needs rebuilding, owns a social media platform that shapes political discourse, and has the mobile-phone number of the president.

Whether that concentration of power, capital, and government dependency can survive the scrutiny of public markets is the question Project Apex will ultimately answer. The defence-tech sector is already drawing record investment on the thesis that the next generation of military capability will be built by private companies rather than government labs. SpaceX is the largest and most consequential test of that thesis. If the IPO succeeds on the terms being discussed, it will not merely be the biggest stock offering in history. It will be a statement about the degree to which twenty-first-century governments have outsourced their most critical capabilities to the private sector, and about the price of getting them back.

from the the-internet’s-infrastructure-is-under-attack dept

Last month Walled Culture wrote about an important case at the Court of Justice of the European Union, (CJEU), the EU’s top court, that could determine how VPNs can be used in that region. Clarification in this area is particularly important because VPNs are currently under attack in various ways. For example, last year, the Danish government published draft legislation that many believed would make it illegal to use a VPN to access geoblocked streaming content or bypass restrictions on illegal websites. In the wake of a firestorm of criticism, Denmark’s Minister of Culture assured people that VPNs would not be banned. However, even though references to VPNs were removed from the text, the provisions are so broadly drafted that VPNs may well be affected anyway. Companies too are taking aim at VPNs. Leading the charge are those in France, which have been targeting VPN providers for over a year now. As TorrentFreak reported last February:

Canal+ and the football league LFP have requested court orders to compel NordVPN, ExpressVPN, ProtonVPN, and others to block access to pirate sites and services. The move follows similar orders obtained last year against DNS resolvers.

The VPN Trust Initiative (VTI) responded with a press release opposing what it called a “Misguided Legal Effort to Extend Website Blocking to VPNs”. It warned:

Such blocking can have sweeping consequences that might put the security and privacy of French citizens at risk.

Targeting VPNs opens the door to a dangerous censorship precedent, risking overreach into broader areas of content.

Indeed: if VPN blocks become an option, there will inevitably be more calls to use them for a wider range of material. The VTI also noted that some of its members are considering whether to abandon the French market completely. That could mean people start using less reliable VPN providers, some of which have dubious records when it comes to security and privacy. The incentive for VPNs to pull out of France is increasing. In August last year the Paris Judicial Court ordered top VPN service providers to block more sports streaming domains, and at the beginning of this year, yet more blocking orders were issued to VPNs operating in France. To its credit, one of the VPN providers affected, ProtonVPN, fought back. As reported here by TorrentFreak, the company tried multiple angles:

The VPN provider raised jurisdictional questions and also requested to see evidence that Canal+ owned all the rights at play. However, these concerns didn’t convince the court.

The same applies to Proton’s net neutrality defense, which argued that Article 333-10 of the French sports code, which is at the basis of all blocking orders, violates EU Open Internet Regulation. This defense was too vague, the court concluded, noting that Proton cited the regulation without specifying which provisions were actually breached.

ProtonVPN also argued that forcing a Swiss company to block sites for the French market is a restriction of cross-border trade in services, and that in any case, the blocking measures were “technically unrealizable, costly, and unnecessarily complex.” Despite this valiant defense, the court was unimpressed. At least ProtonVPN was allowed to contest the French court’s ruling. In a similar case in Spain, no such option was given. According to TorrentFreak:

The court orders were issued inaudita parte, which is Latin for “without hearing the other side.” Citing urgency, the Córdoba court did not give NordVPN and ProtonVPN the opportunity to contest the measures before they were granted.

Without a defense, the court reportedly concluded that both NordVPN and ProtonVPN actively advertise their ability to bypass geo-restrictions, citing match schedules in their marketing materials. The VPNs are therefore seen as active participants in the piracy chain rather than passive conduits, according to local media reports.

That’s pretty shocking, and shows once more how biased in favor of the copyright industry the law has become in some jurisdictions: other parties aren’t even allowed to present a defense. It’s a further reason why a definitive ruling from the CJEU on the right of people to use VPNs how they wish is so important.

Alongside these recent court cases, there is also another imminent attack on the use of VPNs, albeit in a slight different way. The UK government has announced wide-ranging plans that aim to “keep children safe online”. One of the ideas the government is proposing is “to age restrict or limit children’s VPN use where it undermines safety protections and changing the age of digital consent.” Although this is presented as a child protection measure, the effects will be much wider. The only way to bring in age restrictions for children is if all adult users of VPNs verify their own age. This inevitably leads to the creation of huge new online databases of personal information that are vulnerable to attack. As a side effect, the UK government’s misguided plans will also bolster the growing attempts by the copyright industry to demonize VPNs – a core element of the Internet’s plumbing – as unnecessary tools that are only used to break the law.

Follow me @glynmoody on Mastodon and on Bluesky. Originally published on WalledCulture.

Filed Under: cjeu, copyright, encryption, privacy, security, vpns

Companies: canal plus, nordvpn, proton