Giving AI unlimited access to your devices is risky. If it can see and use everything on your phone without your control, all it takes is one bad actor for your privacy to disappear. So, is Siri AI available in your country now?

The video is invaluable. She reported on a dangerous act of surveillance!

You know that chip in your bank card — the one even a physical attacker can’t extract keys from❓ PlugMate is a privacy-protected device—its certification level is comparable to that of bank chips. ✅CC EAL6 Authoritative Certification ✅Independent Hardware Operation ✅Data Encryption Processing #TurstKernel #PlugMate #PlugOS #plugs #dataprivacy #privacy

This is exactly why data sovereignty matters. Centralized platforms promise convenience but hold absolute power over your digital life. Once an algorithm decision is made, your files, identities, and backups may all be lost. This is the real risk when everything lives in someone else’s cloud. This is precisely the important point of independent hardware storage. Such a security system as PlugOS does not trust any software and platform by default, does not upload users to cloud servers, and users' information is run locally and encrypted.  At the same time, we have passed CC EAL6 , ISO/IEC 9001, ISO/IEC 27001, etc.

Extremely valuable! #cybersecurity

Hash algorithms play a significant role in security technology.

Is a firewall enough for home data protection？ You might hear: “Just use a firewall and you’re safe.”I wish. Firewalls excel at filtering network boundaries, but they can't see encrypted traffic. They work at the network level, not the app level. A malicious app can tunnel data over port 443 and the firewall waves it through. And once malware is on your device? The firewall is helpless — the bad actor just uses your own connection. On phones? Most don’t have a real firewall at all — just per‑app toggles, not per‑connection visibility. The effective approach isn't to use a more powerful firewall, but to use a completely different method. PlugOS operating system includes a kernel‑level firewall — inside the OS, not a network box. It sees every single connection any app makes, in real time. Encrypted? Fine — you still see which app is talking to which IP, and you can block that one connection without breaking everything else. It gives you what most firewalls never will: actual visibility and control over your own device’s network behavior. #PlugMate #plugs #PlugOS #Trustkernel #Andriod #Firewall

With just "reasonable suspicion," CBP can search anyone. As of January 2026, CBP updated its electronic device search directive (Directive 3340‑049B). The searchable scope is no longer just phones and computers — SIM cards, USB drives, GPS devices, drones, and evenin-vehicle intelligent control systems are on the list. CBP and ICE have the authority to search anyone’s electronic devices (regardless of status) without a warrant or probable cause, and are not strictly constrained by the Fourth Amendment of the U.S. Constitution. In fiscal year 2025, the number of electronic device searches at the border reached 55,318, a 17.6% increase from the previous year. Cases of travelers from Muslim backgrounds being stopped and having their devices searched at airports have significantly increased. The ACLU argues that the government should not have unlimited search power at the border. The real issue is: the substantive aprotection of data no longer lies in which legal provisions can protect citizens’ privacy, but in who controls the data. These measures are no longer limited to enforcing immigration laws. They will also be used to track political dissident groups. A presidential memorandum lists anti-capitalism, anti-Christianity, criticism of border policy, and others as possible indicators of “domestic terrorism.” #PlugMate #CBP #ICE #Search

49% of Americans Once Stopped Using Social Media Apps 49% of Americans Once stopped using certain social media platforms. This isn't because they're slow or have vulnerabilities—it's because they don't trust how these services or websites use their personal information. The same survey by the Pew Research Center found that 81% of Americans feel they have little control over the personal data companies collect. Another 84% believe the risks of data collection outweigh the benefits. That's incredible, isn't it? But it also feels…so normal. Most of us have had similar experiences: after searching for something, our phones are suddenly flooded with related ads. Or one day we suddenly discover that a "free" app has been silently stealing our private data. Even more disturbing is that even if you're careful—using private browsing mode, clearing cookies, etc.—your data is still stored on your phone. If your phone is compromised, all your data will be exposed. PlugMate solves this problem. It's a small hardware device running PlugOS that's completely separate from your phone or computer. Your main device becomes a screen. Your private data, browsing history, apps—all of this is stored on PlugMate's hardware, encrypted locally by default, and never uploaded to any servers. Seriously, have you ever stopped using certain apps because of excessive privacy data collection? #SocialMedia #PlugMate #PrivacyProtect

Your Smartphone Has Become a Travel Risk U.S. Customs and Border Protection (CBP) has been ramping up device searches at the border. In the last fiscal year, CBP searched more than 55,000 devices, including data you thought had been deleted. Searches include, but are not limited to, your personal banking apps, private chat logs, work documents, and phone photos. If you’re at an international border. An officer asks to unlock your phone. With a normal phone, you have two choices: hand it over with everything exposed, or refuse and risk serious delays or fines. Neither feels good. We thought about this a lot when designing PlugOS. Cross-border citizens should not be forced into this dilemma, which is why PlugOS features a “coercion mode” with automatic data deletion. You set two different passcodes. The real one unlocks your normal environment. The other one — the one you'd give under pressure — doesn't show a decoy. It triggers an automatic self‑destruct and resets the device to its factory state. Your sensitive data can't be accessed without your permission. The officer sees a working phone interface. Your real data will not appears on screen. Use one password for environments you trust, and another for extreme situations. #TrustKernel #PlugMate #PlugOS #America #Amerian #DigitalSafety #DuressMode #CBP

Do you often run into various issues when connecting your Linux system to an Android device? For example, do you struggle with permission conflicts, resource contention, frequent reboots, the inability to run two instances simultaneously, or security risks—making it difficult to balance security and convenience? Read this article： plugos.net/blog/2026/05/sett… A new way to use PlugMate: Connect your Linux computer to an Android environment in just 5 minutes. #PlugMate #PLugOS #TrustKernel #Security #Privacy #PrivacyProtect #Android #Linux #Technology #OperatingSystems #DataSecurity

PlugOS Update Announcement: The Windows (x64) and macOS (Apple M1 ) clients have been updated to version v1.5.10. The iOS app has been updated to version v1.1.1. The Android app has been updated to version v2.0.35. Update Notes: 1. Optimized decoding performance on PC to reduce CPU load. 2. Optimized hardware decoding performance on PC to reduce system CPU load. 3. Optimized keyboard input functionality on PC. 4. Added screenshot and screen recording features on PC. 5. Added customizable shortcut functionality on PC. 6. Added a camera toggle on mobile. 7. Added a microphone toggle on mobile. 8. Added a secure password keyboard on mobile. 9. Optimized the mobile interface layout. 10. Fixed several recently identified and reported issues. We sincerely thank all users who shared their suggestions for improvement. If you encounter any issues during the installation or use of PlugMate, or if you need more information, please feel free to contact us: 1. Submit feedback via the built-in feedback feature in the PlugOS client 2. Send an email to support@trustkernel.com Thank you! We wish you all the best!

On April 1, 2026, Charter Communications suffered a ransomware attack, putting the data of approximately 40 million users at risk of exposure, including personal information such as names, email addresses, phone numbers, and addresses. According to the attackers, the ransom deadline was May 27. That deadline has now passed, and Charter Communications has not responded directly to the attackers. The stolen user data is likely to appear on dark web forums or be sold to third parties. If you have a Spectrum account, please take the following steps immediately: 1. Change your password Change your Spectrum account password and set a unique password that has never been used elsewhere. 2. Check your payment methods Review all associated payment methods to check for any unusual charges. 3. Mitigate risk Avoid responding to phishing emails or calls that mention your account or support history, and be wary of unsolicited messages and calls to prevent identity theft. 4. Freeze credit lines If Charter confirms a larger-scale data breach in the coming days, consider freezing your credit lines promptly. Given the increasingly severe privacy and security landscape, what precautions have you taken? Feel free to share your thoughts in the comments section. #PlugMate #TrustKernel #Security #Privacy #CharterCommunications #Incident #CyberSecurity

How Google's Privacy Policy Uses ‘Informed Consent’ Clauses to Legally ‘Snoop’ on User Privacy? Google has been heavily criticized for excessively collecting users' private data, so what exactly do their privacy services protect? In fact, Google's privacy policy is not a policy designed to protect user privacy, but rather a legal disclaimer intended to protect Google itself. To this end, they have meticulously crafted dozens of pages of privacy terms, hiding key clauses and obscuring critical concepts. The average user simply cannot read through it all or make sense of it, let alone understand how Google cross-references individuals’ real-world identities using location history and Web & App Activity. Every time you set up a new Android phone or log in to Google services, a pop-up window presents users with two options: agree and use, or disagree and uninstall. This is not a choice, but coercion. Google’s privacy policy exploits the concept of “informed consent,” using legality as a cover for illegal practices, and has been fined by multiple countries as a result. Many data protection regulations require “informed consent,” but Google’s services have perfectly exploited a loophole: consent requires just a single click, while revoking it requires sifting through multiple different settings pages. Even more insidious is that certain toggles reset themselves silently—after system updates, permissions you’ve turned off sometimes revert to their default settings. To understand why this mechanism is so unbreakable, one need only look at the revenue structure: approximately 75% of Google’s revenue comes from advertising, which relies on large-scale user profiling. When “agree or don’t use” becomes the industry baseline, “informed consent” ceases to be a safeguard of rights and becomes nothing more than a legally sanctioned and officially sanctioned infringement. The ecosystem’s lock-in further narrows users’ room to refuse. For the average user, abandoning Google services almost inevitably means disconnecting from daily digital life—a reality that is difficult to accept. To address this, PlugMate limits the scope of Google services, keeping data leakage risks within manageable limits, while returning control to the user, allowing them to independently choose and track every data connection. Additionally, the device incorporates local data encryption and obfuscation mechanisms for sensitive information to counter potential privacy theft risks. As a result, Google services and related software cannot directly access users’ real information. #PlugMate #PlugOS #plugs #privacy #security #PrivacyProtect #Android

From Daily Life to Targeted Ads: How Exactly Is Your Voice Being "Leaked"? Opinions on mobile phone eavesdropping have long been a hotly debated topic across online forums. You've probably heard people say, "I was just joking with a friend about getting new headphones, and soon after, I started seeing tons of headphone ads on Amazon." Now there’s concrete evidence, courtesy of the U.S. television broadcasting giant Cox Media Group (CMG). If you follow tech news, you probably remember CMG's "Active Listening" marketing service. Internal slides explicitly stated that AI would use microphones on devices like phones and TVs to "capture real-time intent data" and use it to serve ads. After 404 Media uncovered this material, Google swiftly kicked CMG out of its partnership program, Amazon issued repeated denials, and Meta launched an investigation. In May 2026, the U.S. Federal Trade Commission (FTC) issued a fine totaling $930,000. Ironically, CMG never actually developed the surveillance technology it boasted about; its ad targeting was, in reality, based on purchased email lists. But this at least highlights a serious issue: not only did they intend to do this, but they had already packaged it as a product and were openly selling it—making user surveillance a viable technology for businesses to protect their commercial interests. Malware and sensor Surveillance However, the surveillance methods truly operating in the shadows are far more dangerous than CMG's unfulfilled PowerPoint presentation. If you think surveillance requires you to click "Agree", you’re underestimating them. In February 2026, the security firm iVerify discovered a malware platform called ZeroDayRAT being openly sold on Telegram, supporting both Android and iOS. Once a victim downloads the trojanized app, attackers can remotely activate the microphone for real-time eavesdropping, turn on the camera, record keystrokes, and even intercept one-time passwords. Another example in this category is the infamous Pegasus, which doesn’t even require a click—it exploits iOS vulnerabilities to install silently, access messages, emails, and GPS locations, and remotely activate the microphone and camera. Even without malware, legitimate components on your phone can be exploited. When shopping malls or advertising speakers play music, they superimpose high-frequency sound waves inaudible to the human ear. If an app on your phone with specific permissions receives this signal, it can link your device's identity to your physical location. The physical vibrations generated by sound itself can also become a channel for eavesdropping. In 2025, a joint research team from Pakistan and the United States officially published a study on a vulnerability called STAG. By exploiting timing discrepancies between the gyroscope and accelerometer, combined with AI models to reconstruct conversations, they reduced the word error rate by 83%. On the Android system, accessing motion sensors falls under "standard permissions", meaning virtually any app can do so. The only consolation is that this attack requires the prior installation of a malicious app; under the same conditions, simpler eavesdropping methods exist, but the sensor-based approach has indeed been proven viable. Voice Assistant "Accidental Activation" Furthermore, "accidental activation" of voice assistants are nothing new. Devices from Apple, Amazon, and Google have all uploaded audio streams to the cloud due to false triggers caused by background noise. Amazon once employed thousands of staff to review Echo recordings for manual identification and transcription. Apple, meanwhile, reached a $95 million class-action settlement in 2025 regarding recordings collected after Siri was accidentally activated, covering U.S. users who used Siri from 2014 through the end of 2024. Apple has never publicly admitted fault, but the $95 million figure speaks for itself. From CMG’s "active listening" scam—a false marketing ploy—to malware, voice assistants, and sensor side-channels capable of bypassing all permissions, the pathways for eavesdropping are no longer limited to that tiny microphone inside our phones. Are we really destined to retreat to an era of complete disconnection from the internet? A Hardware Solution A more realistic approach is to extract truly sensitive information from the high-risk mobile ecosystem and place it into a physically isolated, independently operating secure terminal that does not transmit data outward by default. Designs like PlugMate essentially separate critical information from everyday mobile devices—where "anyone could read it"—and entrust it to independent, secure hardware for processing. Storage, encryption, authentication, and decryption are all completed within this independent device, while the host phone handles only input and display. This way, even if the host phone is infected with malware or the voice assistant is accidentally activated, they will only see encrypted content, because the sensitive data isn't actually on that phone. In other words, the attack surface is directly isolated beyond the hardware boundary. Going a step further, a local firewall explicitly displays every connection, so users are no longer "invisibly" subject to data flows by default—instead, they are "visible, controllable, and manageable". Sensor virtualization, meanwhile, breaks down hardware fingerprints, making it harder for applications to piece together a complete profile. The biggest difference between this and general security software is not that it "adds an extra layer of protection to the existing system", but that it directly shifts the environment, moving risks forward and isolating them. Eavesdropping, tracking, malware, and spam—these threats will not disappear. But at the very least, communications, identities, credentials, files, and highly sensitive operations no longer need to be directly exposed to the same high-risk ecosystem. #PlugMate #PLugOS #TrustKernel #Security #Privacy #PrivacyProtect #Android

PlugMate, a pocket-sized Android computer designed with privacy and security in mind. How do you use it? You can get started in just 30 seconds.

This is indeed a very common behavior. For users, privacy risks are everywhere.

Stop scrolling for a sec! Every move you make online is basically an open book for algorithms—it’s like you’re surfing the web in full transparency. No joke: your phone might know you better than you know yourself. Those “just-for-you” app recommendations? They’re proof. Here’s a quick reality check: 1. Have you ever chatted with a friend about something you want to buy… and then get ads for it popping up everywhere? 2. Do you get swamped with phishing emails or r andom spam all the time? If you answered yes to the first, someone—or something—is probably snooping on your device. If it’s the second, your info may already be out there. Either way, it’s time to rethink your habits—change passwords, check your privacy settings, be cautious. But heads up: this won’t magically fix everything. #PlugOS #PlugMate #privacy #security #OperatingSystems #android #ios #DataSecurity