Weekly Backlog Week 6/2026

Regulation becomes code, Open Source becomes infrastructure, Sovereignty becomes… marketing?

🧠 Editorial

2026 is often marketed as a transition year. Transition to what remains mostly unclear. In practice, 2026 is more the year when excuses no longer work. Regulation no longer comes as a PDF but as a feature requirement. Security is no longer an IT issue but a boardroom matter. And digital sovereignty? Continues to be preached – while new dependencies are being cemented in parallel.

This week shows quite well where Europe currently stands: technically clearer than before, but still surprisingly inconsistent politically.

🚨 TECH-NEWS:

IT Laws 2026: The Year When Excuses No Longer Work

The AI Act, Data Act, DSA/DMA, NIS2, Cyber Resilience Act – anyone who still believes in 2026 that regulation is a future topic will be operationally surprised. It’s no longer about panic over fines, but about governance, architecture, and management responsibility.

• AI Act: AI risks = business risks. Documentation, human oversight, and risk management belong in management, not in the Jira backlog.
• Data Act: Data portability becomes a technical obligation. APIs and export formats are no longer a nice-to-have. Lock-in loses its regulatory shield.
• DSA/DMA: Platform power becomes justiciable. Recommendation logics and sales channels are no longer black boxes – even for dependents.
• NIS2 & CRA: Security incidents become reportable, product safety part of compliance. Timeframes in emergencies: hours, not quarters.

The much-cited omnibus package may simplify processes, but it doesn’t change the direction: Europe no longer regulates abstractly but technically. 2026 is not a grace year. It is the year of decision: shape or retrofit.

🔗 https://www.it-daily.net/it-management/projekt-personal/was-2026-auf-unternehmen-zukommt

BDBOS Joins the Linux Foundation – Open Source Becomes Critical Infrastructure

When the Federal Agency for Digital Radio (BDBOS) joins the Linux Foundation, it’s more than symbolic politics. One of the country’s most sensitive network infrastructures openly commits to Open Source – for reasons of security, transparency, and sovereignty.

Focus: SONiC as a network operating system, combined with P4 for programmable networks. Routers and switches as auditable systems instead of manufacturer black boxes. Security here arises not through secrecy, but through review and community.

Noteworthy: BDBOS not only wants to consume but also contribute. Operational experience from critical networks should flow back into the Open Source projects. That’s what the much-cited “digital sovereignty” looks like when taken seriously.

🔗 https://www.linkedin.com/posts/bdbos-modernisierung-netzinfrastrukturen-share-7424366230268166144-TpLs

Advertisement

“Operation Sovereignty” – and Simultaneously Billions for Microsoft?

The Bundestag plans the liberation from Microsoft dependencies. Led by the CSU. Meanwhile, Bavaria under CSU leadership is preparing a billion-euro entry into Microsoft 365 – including Cloud, Teams, and long-term lock-in.

No transparency on terms, no clear cost structure, no real tender. Critics speak of up to one billion euros in license payments. Money that European providers will never see.

The Delos-Cloud fits perfectly into the picture: marketed as a “transition solution,” in fact a dependency enhancer with a German hosting label. Microsoft remains the core, code and roadmap remain non-European. This is not transformation. This is Sovereign Washing.

Open Source alternatives have long existed: openDesk, Phoenix, Nextcloud, STACKIT, Hetzner. They don’t fail due to technology, but due to political will. Digital sovereignty via PowerPoint simply doesn’t work.

🔗 https://www.heise.de/news/Operation-Souveraenitaet-Bundestag-plant-Befreiungsschlag-von-Microsoft-Co-11162849.html

SpaceX Swallows xAI – Powered by Megalomania

Elon Musk has delivered again. Or at least announced. SpaceX takes over xAI – including Grok and also X. Justification: AI consumes too much energy on Earth, so it has to go to space. The sun always shines there, as is well known. Logical.

The plan: one million satellites as AI data centers in orbit, powered by solar energy. Later, it should reach terawatt dimensions, financed by hourly Starship launches, moon factories, and – eventually – interplanetary civilizations. In short: infrastructure planning according to the principle of PowerPoint meets science fiction.

Technically, much remains open: transport capacities, maintenance, latency, radiation, profitability. Financially, the deal mainly appears as an elegant move to embed the losses of xAI (and X) into the SpaceX story – including IPO fantasy. Narrative trumps balance sheet. Once again.

This is less a reliable architectural concept than a capital market fairy tale with rocket propulsion. But one thing must be acknowledged: No one sells visions as consistently above the atmosphere as Musk.

🔗 https://www.heise.de/news/Elon-Musk-fusioniert-SpaceX-mit-xAI-KI-aus-dem-Weltall-mit-Sonnenkraft-11162980.html

🚨ALERT:

OpenSSL – Twelve Security Vulnerabilities, One Critical

Twelve vulnerabilities have been closed in OpenSSL, one of them critical: A stack-based buffer overflow in manipulated CMS-AuthEnvelopeData messages (CVE-2025-15467). Exploitable before authentication, potentially with code execution.

Another relevant vulnerability: faulty PKCS#12 processing (CVE-2025-11187), risk “medium,” but also with crash or exploit potential. Fixed in 3.6.1, 3.5.5, 3.4.4, 3.3.6, and 3.0.19.

Open Source doesn’t automatically mean secure. But it does mean: updates are available – those who don’t apply them are actively choosing against them.

🔗 https://www.heise.de/news/OpenSSL-12-Sicherheitslecks-eines-erlaubt-Schadcodeausfuehrung-und-ist-kritisch-11161775.html

Advertisement

💬 COMMENT OF THE WEEK

Elon Musk: When Storytelling Is More Important Than Balance Sheets

Sascha Pallenberg 潘賞世 dissects the Musk empire in his latest LinkedIn post: X is sold to xAI, xAI burns billions, and is supposed to eventually end up at SpaceX. Along with visions of orbital data centers and an alleged IPO with a $1.2 trillion valuation.

This is contrasted with the German admiration for Musk – Axel-Springer-Award, political accolades, progress myth. What’s left is a system where narratives are more important than sustainability. And that’s exactly why it’s so successful.

A good critique of the confusion between vision, power, and economic reality.

🔗 https://www.linkedin.com/feed/?highlightedUpdateUrn=urn%3Ali%3Aactivity%3A7424420114193620992

🧪 GOOD-NEWS:

wedium – Social Media from Europe, Launch Planned for 2026

Europe talks about digital sovereignty – wedium tries to build it. No surveillance economy, no algorithmic polarization, clear data protection rules, European hosting.

The early launch roadmap is not a marketing gimmick but a political signal: digital public space doesn’t have to take place on US platforms. We are on the waiting list. Not out of nostalgia – but out of strategic interest.

🔗 https://www.linkedin.com/posts/wediumsocial_digitalsovereignty-privacyfirst-switchtoeuropean-activity-7423730975802748928-X2cG

MEME OF THE WEEK: