Known for its suite of privacy-focused services like VPN, Mail, Calendar, Pass, and Drive, Proton has built an ecosystem that's trusted by many who are privacy-minded.

Now, surprisingly, Proton has jumped into the highly competitive AI space with Lumo, an open source AI assistant that is powered by open source language models and is hosted in Proton's European datacenters.

Join me as I explore what Lumo brings to the table and how it actually performs.

What Does Lumo Offer that ChatGPT Doesn't?

Lumo keeps conversations fully private with end-to-end encryption and no server logs. Nothing is stored or used for training, and even Proton can’t access your saved chats.

It has a bunch of handy features like ghost mode for one-time chats, the ability to upload and analyze documents, and encrypted chat history that carries across devices if you're logged into your Proton account.

In fact, you don't need an account to use Lumo; it can be used without logging in. There’s a free tier with some usage limits, and if you upgrade to Lumo Plus, you get full access for $12.99/month or $119.88/year. It’s available on the web and through its Android and iOS apps.

If you are after the source code, then you’ll have to wait as the GitHub repo hasn’t shown up yet.

My Hands-On Experience with Lumo

I logged into Lumo with my Proton account, and the experience was straightforward: just enter a prompt in the chat window and wait for the response. The first thing I noticed was Lumo’s cute feline mascot. It is very expressive and reacts to what is happening on screen.

I then asked Lumo what it could do for me, and it replied with the usual boilerplate text, like how it could help me answer questions (particularly about Proton products), analyze files, solve problems, etc.

Next, I directed it to summarize an article of mine, and it threw an error. Turns out, Lumo cannot access any kind of external web link to gather information. So, I pasted the article’s content instead, and it gave me a useful summary. There was a minor mistake in point number four about status notifications, but that was okay.

After that, I tested out the "Web search" feature, asking it why Larry the cat is evil. It asked me to enable the Web search feature even though it was already on. I told Lumo I had enabled it, and then it started processing again.

I got some important lore that I didn’t know earlier, but it emphasized that in reality, "Larry" is a British official known for serving as the Chief Mouser to the Cabinet Office at 10 Downing Street.

When I told Lumo that it was confusing the two Larry cats, it then put out a summary of them. As a side note, Larry is a fictional character, but the cat itself is real; his name is Dexter.

To test Lumo's file analysis capabilities, I uploaded a document and asked Lumo to summarize it. I chose a book by Fyodor Dostoevsky called Crime and Punishment. I could also upload files from Proton Drive (partner link) but decided to go local for this attempt.

Initially, Lumo showed an error saying my files were too large and it might not be able to process them, but it did just fine. I asked it to summarize the book, and it did better than I expected, giving me a helpful short version.

If you’re looking to code with Lumo or have extra help when developing software, you’re in luck. When I asked it to generate specifications for a Rust-based Linux desktop client for Lumo, it gave a solid outline covering key points for building the app.

Processing times are good for most tasks too, but intensive jobs like handling large documents or generating program specs do take some extra time.

There’s also something called "Ghost Mode", which is basically like incognito mode but for Lumo. When you use it, any chat you create is automatically deleted as soon as you click away from it.

You might want to use this for some of your more spicy prompts. 🌶️

If that doesn't cut it, you can always go into Settings > General > Delete all chats to permanently get rid of everything in your chat history.

And finally, it’s worth pointing out that Lumo is tightly integrated with the Proton ecosystem. Right now, it supports pulling in files directly from Proton Drive, which makes working with your documents a lot more convenient.

Looking ahead, it is easy to see how Lumo could become even more connected with the rest of Proton’s services. That could mean helping draft emails in Proton Mail, summarizing events in Calendar, or assisting with writing text in Proton Docs.

A Chinese man with no medical training is injecting cancer patients with a toxic bleach solution; a full course of treatment runs $20,000. He’s now working to bring the unproven treatment to the US.

I was happy to speak with Daniel Solove on Techtonic this week about his new book On Privacy and Technology. It’s a short, readable book covering all the major issues around privacy, technology, and the law.

Solove is the most-cited law professor in the field of privacy and technology, so he’s the right person to give us this tour.

Listen to the interview:

• Stream the show here

• Episode page with links and listener comments (click “Pop-up player” to listen)

I started the interview by asking Solove about the “nothing to hide” argument – that is, the reason many people give for not being worried about intrusive surveillance. You’ve probably heard it: “I don’t mind if they know everything about me, because I have nothing to hide.”

As Solove points out, such a response misses the point entirely about what’s at stake in a society devolving into a surveillance state. For starters, individual data is being tracked and analyzed largely without citizens’ knowledge or consent, which first harms the marginal and vulnerable but eventually creates negative effects for everyone else. But that’s just the beginning.

The more systemic issue, Solove says, is that privacy is a fundamental requirement for a free and democratic society. Conversely, the loss of privacy creates the conditions for autocrats and totalitarian ideologies to take over.

Solove generally had an upbeat and positive attitude throughout our conversation (as, I suppose, one needs to maintain for sanity’s sake while writing 10 books on the threats to privacy). But when he described the risks to democracy due to surveillance, and the vital importance of defending privacy, his tone changed. He said:

We’re entering a dark age where those lessons are being lost. Unfortunately, I see the future as not very bright. We’re seeing the kind of authoritarian, totalitarian style come back.

I don’t know about you, but when one of the world’s leading experts on surveillance says “the future is not very bright,” I feel a chill.

I’ll get to some good news, or at least a sliver of hope, in a moment. But first let me deliver another dose of bad news from Solove’s book: the odds are stacked heavily against anyone who wants to fight back. In particular, the judicial system is tilted against citizens. As Solove points out in multiple examples, the courts tend to favor the interests of large corporations over citizens, even in egregious situations.

Solove tells the story of a credit agency that mistakenly, and falsely, labelled someone a terrorist – simply because the citizen had the same name as someone on a terrorist list. Did the credit agency bother to do the research to make sure they were labelling the right person a terrorist? Of course not – that would take an extra 10 or 15 minutes of work. And once the error was pointed out (as the citizen, surely frantic about their prospects for employment and home ownership with this mistake in their dossier, contacted the company about the error) did the credit company take any action to correct the record? Also no. After all, flipping a bit in a digital dossier must require the concentrated effort of two, maybe even three minutes!

Even more pertinent is what happened when the citizen sued. The judge ruled in favor of the credit company, saying that the citizen hadn’t been harmed: it was just bad data, but the data itself hadn’t (yet) caused material harm, so the company could not be forced to correct their mistake, let alone suffer any penalty.

Here again, much like the threats of surveillance, it’s not just a case of an individual citizen being harmed. As Solove writes:

Though the law often focuses intently on individual harm, privacy harms tend to be societal in nature.

And the cause of the problem extends beyond judges who favor corporations. Solove puts it this way:

If there’s a villain in the story, it’s the law’s role . . . in the loss of privacy, the primary culprit is the legal scaffolding of the modern information economy.

Thus our task, and our sliver of hope, reside in the small matter of remaking the legal scaffolding of our entire economy. Great.

I want to emphasize that I agree with Solove. Everything I’ve read over the past decade on privacy, and the many interviews I’ve conducted on Techtonic, all align with what Solove warns about in his book:

• Technology – as it is deployed today by unethical Big Tech monopolies – is accelerating the destruction of our privacy, and by extension our democracy;

• Those same tech companies enjoy unchecked power, allowing them to “break things” with no compunction or guardrails of any kind;

• The court system tends to favor corporate interests over citizens, even in egregious cases that obviously should be decided in citizens’ interest;

• The law itself is written in a way that favors corporate interests, and laws that could be written to address the problem are unlikely to pass;

• Our current government is not poised to take on these issues and, to the contrary, is sliding toward authoritarianism;

• In the meantime citizens are being told to self-manage their own privacy (configuring privacy settings and reading terms and conditions documents), an impossible task for anyone, including – he says – a privacy expert like Solove himself.

With corporations running uncontrolled, and the government at best asleep and at worst complicit, we have few options. Solove – and once again I agree – names one possible next step: we, the citizens, have to begin the arduous work of building something better. Vote in better representatives; get involved in our communities; and above all, gain more awareness about what tech companies are doing and what’s at stake. Hence my own work, trying to raise the alarm and teach people about what is happening in tech – through this newsletter and my Creative Good community, which I hope you will join.

Again I’d recommend the interview with Daniel Solove (stream the show or see the episode page) and, if you’d like to dive in further, read his book.

Until next time,

-mark

Mark Hurst, founder, Creative Good
Email: mark@creativegood.com
Podcast/radio show: techtonic.fm
Follow me on Bluesky or Mastodon

Apple released the macOS 26 Tahoe public beta today, alongside the public betas for iOS, iPadOS, and other operating systems.

The headliner this year is the new Liquid Glass aesthetic that Apple is introducing across its entire product lineup this year, and aside from that, there's nothing coming to the Mac that feels quite as significant as the iPad's new multi-window multitasking interface.

But macOS remains Apple's most powerful, most flexible, and most power-user-friendly operating system, and per usual, there are a few new things coming in other than the big headliners. Here are a handful of under-the-hood and lesser-publicized things coming in Tahoe, both for those who install the public beta this summer and who install the final version of the update in the fall.

Full color customization

Since introducing Dark Mode in macOS 10.14 Mojave in 2018, macOS has included a handful of toggles for customizing the overall look of your Mac. Tahoe supercharges that, adding not just the relatively well-publicized dark and translucent icon options and colorful Finder folders, but splitting up some existing options so that they can be customized independently. The result is a version of macOS that's more visually flexible than anything we've seen since the old Mac OS Appearance Manager was still a thing.

These are the appearance settings that Tahoe will let you customize independently:

• Whether windows and apps are in Light or Dark mode.
• Whether icons and widgets are in Light mode, Dark mode, transparent mode, or tinted mode.
• The color of your folders, which also controls the tint of icons and widgets in tinted mode.
• Your text highlight color.
• Your "theme" color. This dictates the color used for things like menu selections and buttons in various apps. By default, your text highlight color and folder color also track this selection, but you can change them if you want.
• This isn't new to Tahoe, but if you want to add even more color, go into the Display settings in Accessibility and mess with your pointer outline and fill color.

The original introduction of Dark Mode also made it possible to make macOS more colorful, moving away from the Aqua and Graphite themes that defined macOS X for most of its run. But Tahoe opens things up enough that you can make some truly discordant-looking color combinations.

As in iOS and iPadOS, Tahoe manipulates app icons that haven't been updated so that they can change color with the rest of the operating system. Tahoe recognizes three different kinds of icons that all get treated in slightly different ways.

There are fully Liquid Glass-ified icons, which at this point are mainly for Apple's built-in apps. These are rounded glassy squares with icons that feature rounded glassy designs. Apple's Icon Composer software can help developers experiment with these effects in their own icons until they settle on something they like.

There are icons that haven't been updated with the Liquid Glass aesthetic but do conform to the macOS 11/Big Sur-era rounded-square design. These icons are automatically given a subtle glassy sheen around their edges, making them more or less blend in with the native icons without requiring developer effort.

Icons that use any other shape—rounded, rectangular, irregular, or anything else—get put into a dull gray square box, and then that box is given the subtle-glassy-sheen effect that other icons get. This renders most of these icons more boring and placeholder-y, perhaps creating subtle pressure on their developers to get them updated.

Recovery Assistant

Recovery Assistant is one more tool you can try if your main macOS volume isn't booting. Credit: Andrew Cunningham

If you've ever had a problem getting your Mac to boot, or if you've just wanted to do a totally fresh install of the operating system, you may have run into the Mac's built-in recovery environment before. On an Apple Silicon Mac, you can usually access it by pressing and holding the power button when you start up your Mac and clicking the Options button to start up using the hidden recovery volume rather than the main operating system volume.

Tahoe adds a new tool called the Device Recovery Assistant to the recovery environment, accessible from the Utilities menu. This automated tool "will look for any problems" with your system volume "and attempt to resolve them if found."

Maybe the Recovery Assistant will actually solve your boot problems, and maybe it won't—it doesn't tell you much about what it's doing, beyond needing to unlock FileVault on my system volume to check it out. But it's one more thing to try if you're having serious problems with your Mac and you're not ready to countenance a clean install yet.

"Safari" is no longer available in the macOS recovery environment. Instead, you get the more barebones WebKit-based "Web Browser."

Apple has also made a couple of other tweaks to the recovery environment, beyond adding a Liquid Glass aesthetic. The recovery environment's built-in web browser is simply called Web Browser, and while it's still based on the same WebKit engine as Safari, it doesn't have Safari's branding or its settings (or other features that are extraneous to a temporary recovery environment, like a bookmarks menu). The Terminal window has also been changed from black to blue and made larger by default (the default size is now 120×30 rather than 80×24).

Automated Shortcuts

Shortcuts can have automated triggers in macOS Tahoe. These can be run fully automatically or set up to ask you for permission each time they run. Credit: Andrew Cunningham

If you're like me, you've got a handful of Shortcuts that you set up to accomplish specific tasks, but you haven't spent a ton of time poking at the app otherwise. But Tahoe opens up some new possibilities with the promise of automated Shortcuts—scripts that run automatically without any user input.

Maybe you want to automatically copy files to an external drive when you connect it. Maybe you want to enable Do Not Disturb for an hour every time you open Zoom. Maybe you want your Mac to connect to a networked drive automatically when you connect it to an external monitor at your desk.

Your battery level, the time of day, connecting to a specific Wi-Fi network or Bluetooth device, or getting messages or mail from specific senders are among the list of possible triggers. Whether you've got existing Shortcuts or you want to try to build some new ones, it's worth considering that automating them could save you even more time and effort.

Two-factor autofill in any browser

When it's possible, you should move on from using SMS messages for two-factor authentication, either to codes generated by an app or to passkeys. But there are still plenty of times when you'll run into authentication code texts, either because you're trying to set up an account for the first time, or because the thing you're trying to log in to doesn't support anything else.

For those cases, Tahoe adds a handy feature: the ability to autofill these codes from the Messages and Mail apps into any browser, not just Safari. Just like when you use the equivalent feature in Safari or on iOS, you can also have macOS delete these codes for you automatically after using them.

A new disk image format

Not all Mac users interact with disk images regularly, aside from opening them up periodically to install an app or restore an old backup. But among other things, disk images are used by Apple’s Virtualization framework, which makes it relatively simple to run macOS and Linux virtual machines on the platform for testing and other things. But the RAW disk image format used by older macOS versions can come with quite severe performance penalties, even with today’s powerful chips and fast PCI Express-connected SSDs.

Enter the Apple Sparse Image Format, or ASIF. Apple’s developer documentation says that because ASIF images’ “intrinsic structure doesn’t depend on the host file system’s capabilities,” they “transfer more efficiently between hosts or disks.” The upshot is that reading files from and writing files to these images should be a bit closer to your SSD's native performance (Howard Oakley at The Eclectic Light Company has some testing that suggests significant performance improvements in many cases, though it’s hard to make 1:1 comparisons because testing of the older image formats was also done on older hardware).

The upshot is that disk images should be capable of better performance in Tahoe, which will especially benefit virtual machines that rely on disk images. This could benefit the lightweight virtualization apps like VirtualBuddy and Viable that mostly exist to provide a front end for the Virtualization framework, as well as virtualization apps like Parallels that offer support for Windows.

Quantum-safe encryption support

You don’t have a quantum computer on your desk. No one does, outside of labs where this kind of technology is being tested. But when/if they become more widely used, they’ll render many industry-standard forms of encryption relatively easy to break.

Tahoe and Apple’s other OS updates this year add support for quantum-safe encryption algorithms like ML-KEM and ML-DSA to CryptoKit, the framework that allows third-party apps to leverage macOS’s built-in encryption technologies. This comes a year and a half or so after Apple began protecting iMessage conversations with post-quantum encryption algorithms.

Microsoft is also improving Windows 11’s support for quantum-safe encryption algorithms, as it announced earlier this year. We’re unlikely to need these improved encryption algorithms soon, but by adding support to their operating systems relatively early, companies like Microsoft and Apple make it more likely that the transition will be smoother and less visible for their end users.

Read full article

Comments

Following the thousands of layoffs earlier this month, Microsoft CEO Satya Nadella has addressed the topic while also sharing his vision for the company. Read more...

The public betas are out for iOS/iPadOS/WatchOS/MacOS 26, and Dan Moren and Jason Snell cover them all at Six Colors. Here’s Moren on iOS 26:

Apple’s new design language, dubbed Liquid Glass, applies across all their platforms, but unsurprisingly, it feels most at home on the iPhone and iPad. That’s in part because of the touch interface; the literal hands-on nature makes the feel responsive and more like physical things that you’re interacting with. For example, dragging the new magnifying loupe across the screen, watching the way it magnifies and distorts text and images as it passes over them — this interaction has always been unique to iOS for practical reasons, but the way it feels here doesn’t have a direct analogue on other platforms.

For it now being late July, though, there remain a lot of glaring problems. I hope to be proven wrong, but I think the legibility/usability problems are going to make the 26.0 versions of Apple’s OSes unpopular. Functionally, iOS and iPadOS 26 betas 4 are solid. MacOS 26 Tahoe really adds some great productivity features. But visually, not so much for any of these OSes (especially MacOS) — and that, to me, is a serious problem.

Anyway, public beta commentary:

• Dan Moren on iOS 26.
• Jason Snell on iPad OS 26.
• Moren on WatchOS 26.
• Snell on MacOS 26 Tahoe.