🧠 Editorial

This week, tech feels less like progress and more like a dose of reality.

The same pattern everywhere: Things that were “good enough” for a long time suddenly become real problems. Dependencies that were ignored become political. Security that was postponed becomes urgent. And tools that just worked reveal themselves as quite complex power factors.

France is trying to operationally free itself from precisely such dependencies. Kubernetes consciously takes away convenience to enforce more control. LinkedIn is under scrutiny, not just as a platform but potentially as a market observer. And AI? It simply elevates the whole security topic to a new level.

The common denominator: Control is becoming more important than comfort.

And that’s uncomfortable. For companies, for developers, for entire nations. But that’s exactly where the real movement is right now: moving from “it’ll work” to “we need to understand what’s actually happening here.”

If you want to sum up this week in one sentence: We’re no longer talking about whether we’re dependent – but how we deal with it.

And that’s why it’s worth looking into the individual topics.

By the way, the meme of the week is waiting at the very end. 😉

📰Tech-News:

France wants to move away from Windows – this time for real

France is taking the sovereignty debate a step further: The administration should move away from Windows and US tools to Linux and European infrastructure. Unlike previous initiatives, this time there are concrete measures – and deadlines.

Planned actions include:

• Migration from Windows to Linux on government workstations
• Transition to state tools like Tchap (messenger), Visio (video conferencing), and FranceTransfert
• Relocation of sensitive platforms (e.g., health data) to European-controlled systems
• Mandatory roadmaps by fall 2026 for all ministries – including OS, cloud, AI, databases, and security

The interesting part is not the Linux switch itself, but the structural approach behind it: France is focusing on open standards and interoperability (including Open-Interop, OpenBuro) as well as jointly developed software components (“communs numériques”). The goal is not just to change providers – but to make switching easy in the first place.

That’s the real paradigm shift. Because Europe’s problem was never a lack of alternatives, but deeply entrenched dependencies.

Whether it works in the end will depend less on the technology and more on the implementation: Legacy systems, user acceptance, and political perseverance are likely to be bigger challenges than Linux itself. Nevertheless, this is one of the first serious attempts to not only demand digital sovereignty but to implement it operationally.

🔗 https://www.heise.de/news/Frankreichs-Plan-Weg-von-Windows-hin-zu-Linux-11251566.html

LinkedIn under suspicion: When platform data becomes market intelligence

The allegations against LinkedIn are sensitive – and go far beyond classic data protection. According to BrowserGate.eu and Fairlinked e. V., the platform is said to scan devices on every page view: installed software, browser extensions, in the background, without consent.

If true, we’re not talking about tracking. We’re talking about systematic market observation.

Because LinkedIn knows not just clicks, but real identities: companies, roles, networks. Combined with data on which tools are used, a pretty clear picture emerges:

• Which companies use which SaaS products
• Which tools are used in recruiting or sales
• Who might be looking for a new job

Fairlinked speaks of thousands of captured applications, including direct competitors. This potentially enables something that would otherwise be expensive to purchase: market-relevant data in real-time – down to the company level.

The whole thing becomes particularly explosive in context: LinkedIn belongs to Microsoft, and Microsoft is under DMA supervision in the EU. Exactly where interoperability is supposed to be protected and market power limited, there is now the accusation that third-party tools are actively identified and analyzed.

Then there’s the actual gray area: Browser extensions can indirectly reveal highly sensitive information – from political views to job searches. In the EU, these would be particularly protected data. Without a clean legal basis, this would not be a side issue but a clear violation.

Parallel data is said to flow to third parties, partly via embedded scripts and security services. For users: invisible. For regulators: a feast.

The first legal steps are already underway. In the end, a simple, uncomfortable question remains: What happens when platforms are not just infrastructure, but actively analyze markets in which they themselves play?

If the allegations are true, this is not a UX problem. It’s a competition issue.

🔗https://browsergate.eu

Euro-Office: Sovereignty, but with foreign code

Nextcloud and Ionos are building a European alternative to OnlyOffice with Euro-Office – based on its code. Technically, nothing unusual: Forks are part of open source.

What makes it interesting: OnlyOffice accuses the initiators of license violations. And that’s not a detail, but potentially a real showstopper – especially for a project intended as a flagship initiative for digital sovereignty.

Then there’s the next contradiction: While officially speaking of independence, Euro-Office continues to heavily rely on Microsoft formats. So exactly the dependency that they actually want to reduce.

To me, this feels like a typical European tech project: good idea, high political pressure – and then the quickest path to an MVP is taken, even if it’s legally shaky.

Let’s see if this becomes a real ecosystem or just another fork that fails due to governance and reality.

🔗 https://www.golem.de/news/eurooffice-diebstahl-oder-robin-hood-aktion-2604-207495.html

📺 Recommendation:

Data trading via app: Your smartphone as a spy

The ARTE documentary shows quite unvarnished what lies behind harmless app permissions: Location data is collected en masse and resold in a global network of data traders.

The truly disturbing part is not the tracking itself, but how easily these “anonymous” data can be de-anonymized. Residences, workplaces, or sensitive locations can be quite reliably reconstructed – with corresponding consequences for private individuals, politicians, or even the military.

And yes, this happens right in the EU, despite GDPR.

To me, this is no longer a classic privacy issue, but a systemic security problem that we still treat like a cookie banner.

🔗 https://www.arte.tv/de/videos/123951-000-A/gefaehrliche-apps-im-netz-der-datenhaendler/

✍️Blogpost of the Week:

Kubernetes grows up

The article on Kubernetes v1.36 is less about release notes and more about a quiet course correction: Away from “it just works” to “you’re responsible.”

What’s noticeable: Kubernetes is tidying up. Features like externalIPs are being deprecated, gitRepo is being completely removed – both classic examples of “was convenient, but also a security problem.” At the same time, it moves more towards clear responsibilities, external key management systems, and cleaner deployment models.

This runs through the entire release: less magic, more explicit decisions. In other words – Kubernetes isn’t getting more complex, it’s finally forcing you not to ignore the complexity anymore.

Interestingly, this fits perfectly into the current discourse on sovereignty and compliance: reclaim control, reduce dependencies, stop treating security as a feature.

My take: Not a spectacular release, but an important one. Kubernetes stops giving you shortcuts – and that’s exactly what makes it better in the long run.

🔗 </posts/kubernetes-v1-36-verstandlich-erklart/>

Short-News:

Wildberger wants to make administration less dependent on Microsoft

Ministers aim for digital sovereignty: Dependency on Microsoft should decrease; right of objection in IT projects of other ministries; makes political structural, legal, and control issues visible. Source: golem-open-source

🔗https://www.golem.de/news/digitale-souveraenitaet-wildberger-will-verwaltung-unabhaengiger-von-microsoft-machen-2604-207567.html

Eclipse Foundation launches security program for Open VSX

Open-source infrastructure strengthens sovereignty: Eclipse Foundation initiates Open-VSX security program for supply chain security; focus on open standards instead of commercial monopolies. Source: heise-open-source

🔗https://www.heise.de/news/Bugs-ohne-Bounty-Eclipse-Foundation-startet-Sicherheitsprogramm-fuer-Open-VSX-11257225.html

What’s behind Internal Developer Platforms?

Platform Engineering drives internal developer platforms; enables automation, strengthens control issues, and reduces dependencies on external hyperscalers – a central structural question for infrastructure sovereignty. Source: heise-open-source

🔗https://www.heise.de/hintergrund/Platform-Engineering-vs-DevOps-Was-steckt-hinter-Internal-Developer-Platforms-11255407.html

💬 LinkedIn Post of the Week:

AI meets security reality

The post by Matthias “Mattes” Schrader on Project Glasswing pinpoints a development that should not be ignored right now: When AI seriously begins to systematically find vulnerabilities on a large scale, security changes not evolutionarily, but quite abruptly.

What I find interesting is less the specific model, but the dynamics behind it: The big players organize themselves, build protection mechanisms – and the rest have to see how they keep up.

Especially everything based on many OSS dependencies becomes even more sensitive. Not because it’s bad, but because it can suddenly be analyzed much more efficiently – by both sides.

My take: Very good thought-provoking impulse. I’m especially curious how quickly this materializes in practice – and whether we really see such a shift in power dynamics as suggested.

😄Meme of the Week: