Today’s highlights include Jetrelay’s breakthrough 10 Gbps broadcast using Linux kernel features, the launch of GNU Taler 1.0 boosting digital cash security in Switzerland, and US government app breach exposing sensitive data within minutes. Additionally, concerns grow over privacy risks from Postman logs and threats of exits by Proton and NymVPN over Swiss surveillance laws.
▶️ Internet Infrastructure
Jetrelay Achieves 10 Gbps Broadcast with Linux Kernel Features
Jetrelay is an efficient pub/sub server leveraging Linux kernel features (sendfile(), io_uring, fallocate()) to broadcast Bluesky’s jetstream data feed at 10 Gbps to thousands of clients with minimal CPU usage.
- Jetrelay is a pub/sub server compatible with Bluesky’s jetstream data feed, designed to saturate a 10 Gbps network with 8 CPU cores.
- Utilizes Linux kernel features such as
sendfile(),io_uring, andfallocate()to achieve high efficiency and scalability. - Handles event streaming with file-based storage, client cursors, timestamp indexing via
BTreeMap, and data discarding through hole punching, supporting thousands of clients simultaneously.
GNU Taler 1.0 Launches in Switzerland with Enhanced Security and Scalability
GNU Taler v1.0 launched in May 2025, enabling Swiss operations, with improvements in security, performance, and scalability, supporting digital cash in fiat currency, offline transactions, and anti-money laundering features.
- GNU Taler v1.0 was released in May 2025, enabling operation in Switzerland through Taler Operations AG
- The release addresses over 200 issues, including performance improvements, post-quantum security features, and security audit fixes
- Notable updates include single-signature withdrawal authorization, deterministic signatures for refresh, unified endpoints for withdrawals, per-recipient statistics support, and multilingual legal document translations
Proton and NymVPN Threaten Exit Over Proposed Swiss Surveillance Laws
Proton and NymVPN threaten to leave Switzerland if the government enacts surveillance law amendments requiring user data retention, risking privacy and business model integrity.
- Proton CEO Andy Yen stated the company will leave Switzerland if proposed surveillance law amendments pass
- New rules would require VPNs, messaging apps, and social networks to identify and retain user data, expanding current obligations from mobile networks and ISPs
- NymVPN also announced readiness to exit Switzerland to preserve privacy and security infrastructure
US Government App Hacked in 20 Minutes Due to Server Misconfiguration
A TeleMessage app clone used by US officials was hacked in 20 minutes via a misconfigured Spring Boot server exposing heap dump endpoints, revealing unencrypted chat logs and credentials.
- TeleMessage’s app used by US government officials was hacked in approximately 15-20 minutes due to a misconfigured server.
- The exploit involved accessing a Java heap dump via a publicly exposed Spring Boot /heapdump endpoint, containing unencrypted user credentials and chat logs.
- The breach revealed plaintext chat logs, user credentials, and sensitive data, including messages from a US Customs and Border Protection user and Coinbase internal chats.
- The attack exploited outdated or misconfigured Spring Boot applications, where heap dump endpoints were exposed without authentication, a common security risk.
- TeleMessage’s architecture, which uploaded unencrypted messages to an archive server, contradicts its marketing claim of end-to-end encryption.
- The breach highlights poor security practices, including weak password hashing (MD5) and exposure of critical endpoints, leading to rapid compromise of federal and corporate data.
▶️ Open Source
Postman Logs All Secrets in Plain Text, Raising Security Concerns
A data scientist revealed that Postman logs all secrets and environment variables in plain text, exposing sensitive data through resolvedRequestUrl, raising privacy and security concerns.
- Postman logs all network requests, including secrets and environment variables, in plain text, regardless of masking settings.
- Sensitive data can be captured via
resolvedRequestUrl, which logs URL strings after variable substitution. - The investigation used Charles Proxy with SSL proxying and certificate pinning bypass to decrypt and analyze Postman traffic.
▶️ Management and Leadership
South Korea Adopts AI Digital Textbooks in 30% of Schools Amid Challenges
South Korea has implemented AI-based digital textbooks in 30% of schools nationwide since March, showcasing progress but facing regional and digital literacy challenges.
- 30% of South Korean elementary, middle, and high schools adopted AI-enabled digital textbooks as of March 2025
- Adoption highlighted at the APEC education ministers’ meeting; regional disparities and teachers’ digital literacy remain challenges
- Digital textbooks enable immediate display of student-written math problems on classroom screens
India’s Deep Tech Startups Struggle for Funding Amid E-commerce VC Dominance
India’s deep tech startups face funding challenges despite growth, with global VC focus on e-commerce; local VC funds took 2.5 years to raise $8.5M in 2019.
- Indian deep tech startups like GalaxEye and The ePlane are emerging, but sector funding remains limited.
- India-focused venture capital took approximately 2.5 years to raise an $8.5 million fund in 2019, amid $3.6 billion invested globally.
- Venture capital in India predominantly flows into e-commerce and food delivery, overshadowing deep tech investments.
US Strengthens AI Leadership with Saudi and UAE Data Center Deals
The US’s deals with UAE and KSA bolster AI infrastructure, unlock a trillion-dollar capital pool, and reinforce US AI leadership, while expanding Middle East datacenter capacity and security measures.
- The US signed a $600 billion deal with Saudi Arabia and a partnership with the UAE involving a 5 GW datacenter campus led by G42.
- The UAE agreement guarantees G42 an import quota of 500,000 Nvidia chips annually, with 20% retained for local GPU cloud and datacenter use.
- The UAE project’s first 1 GW phase has already broken ground; the campus aims to serve AI training and inference needs, utilizing solar, gas, and nuclear power.
Nvidia Diversifies with Global Partnerships and Sovereign AI Initiatives
Nvidia is expanding beyond Big Tech by forming sovereign AI deals, investing in neoclouds, and building global partnerships to reduce dependence on Microsoft, Amazon, and Google, aiming for new AI infrastructure markets.
- Nvidia aims to diversify its business by establishing partnerships with nation states, corporate groups, and challengers to Big Tech, reducing reliance on Microsoft, Amazon, and Google.
- The company announced a multibillion-dollar US chip deal with Saudi Arabia’s Humain and plans for a large data centre in Abu Dhabi with UAE, targeting sovereign AI infrastructure.
- Nvidia’s strategy includes developing “neoclouds” like CoreWeave, Nebius, Crusoe, and Lambda, offering preferential access to internal resources and investments, to compete with hyperscalers and expand into enterprise markets.
Trump’s China Tariffs Persist Causing Price Hikes and Business Uncertainty
Uncertainty around Trump’s tariffs persists, causing price increases and planning difficulties for retailers and small businesses, with tariffs remaining a significant economic and operational challenge.
- President Trump’s trade deal with China involves a 30% tariff, still considered painful by businesses.
- Walmart plans to raise prices due to tariffs; Hasbro reversed price hikes; small businesses face significant planning challenges.
- Full 145% tariffs could have raised the price of the game Wingspan from $65 to nearly $200, risking sales and business viability.
Consulting Tips for Businesses to Navigate Tariffs and Supply Chain Challenges
Consulting firms recommend auditing vendor contracts, adjusting pricing strategies, and developing agile, long-term plans to navigate tariffs, with recent US-China tariff reductions and ongoing negotiations impacting supply chain and market strategies.
- Consulting firms advise businesses to audit contracts, adjust pricing, and proactively manage costs amid Trump’s tariffs.
- Companies are encouraged to revisit supply chain strategies, monitor real-time market data, and consider cost-cutting measures like packaging or product adjustments.
- Long-term strategies include forming cross-organizational response teams and reassessing footprint, suppliers, and investment plans.
Bruce Davie Highlights the Importance of Communication Skills for Engineers’ Growth
Bruce Davie advocates that mastering communication—oral and written—is crucial for engineers’ career growth and technical development, supported by his extensive experience in presentations, documentation, and leadership roles.
- Bruce Davie emphasizes that communication skills are essential for career advancement in engineering and can enhance technical abilities.
- Davie shares his experience developing presentation skills, including a PechaKucha talk on giving presentations and engaging audiences.
- He highlights the importance of documentation, such as design documents and RFCs, in system development and impact at organizations like Cisco and IETF.
▶️ Technology
OpenAI Unveils New Models Focused on Creativity Reasoning and Efficiency
OpenAI’s models, including GPT-4, GPT-4o, GPT-4.5, and reasoning models like o1, are tailored for specific tasks such as creative writing, reasoning, and fast quantitative analysis, with mini versions emphasizing speed and cost efficiency.
- OpenAI has released multiple models with complex naming, including GPT-4, GPT-4.5, o1, o3, o4, and their mini versions.
- GPT-4 (2023) and GPT-4o (latest, with advanced visual and speech capabilities) excel at tasks like brainstorming, summarizing, and content creation.
- GPT-4.5, announced by Altman, is designed for more natural, human-like interactions and creative tasks; o1 models focus on reasoning with chain-of-thought training, and smaller models like o3 mini and o4 mini optimize for cost and speed.
Apple Announces Major Accessibility Enhancements for 2025
Apple will launch new accessibility features in 2025, including app compatibility labels, Mac Magnifier, Braille support, and device integration, improving assistive technology across its ecosystem.
- Apple announced new accessibility features for 2025, including product “nutrition labels” in the App Store detailing compatibility with VoiceOver, Voice Control, contrast enhancement, captions, and more
- Introduces the Mac version of iPad’s Magnifier tool, allowing use of iPhone camera for magnification and document font replacement for improved readability; also adds a system-wide Accessibility Reader mode
- Enhances Braille support with Nemeth Braille for math and science, and integrates with Apple Watch and Bluetooth headphones for live captions and hearing aid functions; features like Vehicle Motion Cues assist users with motion sickness