惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Security Latest
Security Latest
Recorded Future
Recorded Future
人人都是产品经理
人人都是产品经理
S
SegmentFault 最新的问题
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
CXSECURITY Database RSS Feed - CXSecurity.com
博客园 - 三生石上(FineUI控件)
博客园 - 聂微东
P
Privacy & Cybersecurity Law Blog
WordPress大学
WordPress大学
Know Your Adversary
Know Your Adversary
Spread Privacy
Spread Privacy
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
量子位
L
LINUX DO - 热门话题
L
Lohrmann on Cybersecurity
博客园 - Franky
酷 壳 – CoolShell
酷 壳 – CoolShell
T
Tor Project blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
雷峰网
雷峰网
阮一峰的网络日志
阮一峰的网络日志
V
Visual Studio Blog
T
Threatpost
T
Tenable Blog
有赞技术团队
有赞技术团队
大猫的无限游戏
大猫的无限游戏
Engineering at Meta
Engineering at Meta
GbyAI
GbyAI
C
Cisco Blogs
H
Heimdal Security Blog
Attack and Defense Labs
Attack and Defense Labs
A
About on SuperTechFans
Last Week in AI
Last Week in AI
N
News and Events Feed by Topic
T
Threat Research - Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
I
Intezer
V
V2EX
Cyberwarzone
Cyberwarzone
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
B
Blog RSS Feed
V
Vulnerabilities – Threatpost
N
Netflix TechBlog - Medium
T
The Blog of Author Tim Ferriss
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
U
Unit 42
PCI Perspectives
PCI Perspectives
P
Privacy International News Feed
D
Docker

Hacker News: Best

madhadron - The seven programming ur-languages GitHub - smol-machines/smolvm: Tool to build & run portable, lightweight, self-contained virtual machines. I Measured Claude 4.7's New Tokenizer. Here's What It Costs You. Introducing Claude Design by Anthropic Labs It Is Time to Ban the Sale of Precise Geolocation The creative software industry has declared war on Adobe Isaac Asimov: The Last Question Newly unsealed records reveal Amazon’s price-fixing tactics, California attorney general claims Clojure - Documentary Android CLI and skills: Build Android apps 3x faster using any agent Qwen3.6-35B-A3B on my laptop drew me a better pelican than Claude Opus 4.7 Codex for almost everything Introducing Claude Opus 4.7 Qwen Studio The Future of Everything is Lies, I Guess: Where Do We Go From Here? Virginia Bans Sale of Geolocation Data YouTube now lets you turn off Shorts Burgers | マクドナルド公式 ChatGPT for Excel Ask HN: Who is using OpenClaw? Live Nation illegally monopolized ticketing market, jury finds Google Broke Its Promise to Me. Now ICE Has My Data. Open Source Isn't Dead. The Future of Everything is Lies, I Guess: New Jobs Unexpected €54k billing spike in 13 hours: Firebase browser key without API restrictions used for Gemini requests IPv6 – Google Your Backpack Got Worse On Purpose Good sleep, good learning, good life Fixing a 20-year-old bug in Enlightenment E16. Does Gas Town 'steal' usage from users' LLM credits & paid services to improve itself? Tell HN: Fiverr left customer files public and searchable Cybersecurity Looks Like Proof of Work Now Getting the Flock out Release OpenSSL 4.0.0 · openssl/openssl Internet será irrespirable los días de fútbol y otros deportes. Telefónica extiende los bloqueos a Champions, tenis y golf. Automate work with routines - Claude Code Docs The Future of Everything is Lies, I Guess: Work Thousands of rare concert recordings are landing on the Internet Archive — listen now What is jj and why should I care? Backblaze has quietly stopped backing up your data Cal.com Goes Closed Source: Why AI Security Is Forcing Our Decision | Cal.com - Scheduling Software for Online Bookings Codex Hacked a Samsung TV The Future of Everything is Lies, I Guess: Safety GitHub - sterlingcrispin/nothing-ever-happens: Polymarket bot that buys "No" on all non-sports markets. For entertainment only, mostly a meme. Make tmux Pretty and Usable - Ham Vocke Microsoft isn't removing Copilot from Windows 11, it's just renaming it Servo is now available on crates.io - Servo aims to empower developers with a lightweight, high-performance alternative for embedding web technologies in applications. We May Be Living Through the Most Consequential Hundred Days in Cyber History, and Almost Nobody Has Noticed All elementary functions from a single binary operator 奈拜提耶市 Seven countries now generate 100% of their electricity from renewable energy Pro Max 5x Quota Exhausted in 1.5 Hours Despite Moderate Usage Tell HN: docker pull fails in spain due to football cloudflare block Bring Back Idiomatic Design @adlrocha - How the "AI Loser" may end up winning Apple update turns Czech mate for locked-out iPhone user Cache TTL silently regressed from 1h to 5m around early March 2026, causing quota and cost inflation The peril of laziness lost AI Will Be Met With Violence, and Nothing Good Will Come of It Center for Responsible, Decentralized Intelligence at Berkeley The disturbing white paper Red Hat is trying to erase from the internet – OSnews The Future of Everything is Lies, I Guess: Annoyances 447 Terabytes per Square Centimetre at Zero Retention Energy: Non-Volatile Memory at the Atomic Scale on Fluorographane Show HN: Pardonned.com – A searchable database of US Pardons 20 Years on AWS and Never Not My Job Artemis II crew splashes down near San Diego after historic moon mission Molotov Cocktail Is Hurled at Home of Sam Altman, OpenAI’s CEO France to ditch Windows for Linux to reduce reliance on US tech On filing the corners off my MacBooks Installing every* Firefox extension Chimpanzees in Uganda locked in vicious 'civil war', say researchers linux/Documentation/process/coding-assistants.rst at master · torvalds/linux GitHub - callumlocke/json-formatter: Makes JSON easy to read. A compelling title that is cryptic enough to get you to take action on it GitHub - Keychron/Keychron-Keyboards-Hardware-Design: Industrial design files for Keychron keyboards and mice. 100+ models with CAD assets in STEP, DXF, DWG, and PDF. Source-available, with commercial use allowed for original compatible accessories within the license terms. [ANNOUNCE] WireGuardNT v0.11 and WireGuard for Windows v0.6 Released 1D-Chess Helium Is Hard to Replace FBI used iPhone notification data to retrieve deleted Signal messages Microsoft suspends dev accounts for high-profile open source projects Why you can’t trust Privacy & Security Serenity Forge (@serenityforge.com) A new trick brings stability to quantum operations OpenAI Backs Bill That Would Limit Liability for AI-Enabled Mass Deaths or Financial Disasters Netflix Prices Went Up Again – I Bought a DVD Player Instead DOJ Wants to Scrap Watergate-Era Rule That Makes Presidential Records Public EFF is Leaving X How NASA built Artemis II’s fault-tolerant computer Meta removes ads for social media addiction litigation How Pizza Tycoon simulated traffic on a 25 MHz CPU Claude mixes up who said what, and that's not OK Reallocating $100/Month Claude Code spend to Zed and OpenRouter Help Keep Thunderbird Alive! Why Are Flock Employees Watching Our Children? The Pentagon Threatened Pope Leo XIV’s Ambassador With the Avignon Papacy Fragments: April 2 Native Instant Space Switching on MacOS Bitcoin miners are losing $19,000 on every BTC produced as difficulty drops 7.8% God sleeps in the minerals Apple Silicon and Virtual Machines: Beating the 2 VM Limit
How I Moved My Digital Stack to Europe
monokai_nl · 2026-05-13 · via Hacker News: Best

On digital sovereignty, and why European cloud is better than you think

April 29, 2026 10 min. Digital SovereigntyDigital InfrastructureDigital AutonomyEuropean CloudEurope

There’s a version of this post that starts with a spreadsheet and ends with a quiet sense of satisfaction. That’s mostly how it went. But underneath the practical exercise of swapping one SaaS tool for another was something that felt more urgent, a growing discomfort with how much of my digital infrastructure sat on servers I didn’t control, in a jurisdiction increasingly prone to unpredictability, operated by companies whose incentives don’t always align with mine.

Digital sovereignty sounds like a buzzword until you think carefully about what it means. It means knowing where your data lives. It means not being one policy change, one acquisition, or one executive’s bad mood away from losing access to tools your business depends on. It means choosing infrastructure based on values, not just convenience.

So I started migrating.

Analytics

Google Analytics was the obvious first target. It’s the canonical example of a service that’s free because you are the product, your visitors’ behavior funneled back into Google’s advertising machinery.

Self-hosting Matomo solved this cleanly. The data stays on my own server, and I’m fully GDPR-compliant without the cookie consent theater that Google Analytics typically requires. The reporting is comprehensive, the interface is familiar enough, and I own everything.

The main downside is maintenance overhead. You’re now responsible for updates, backups, and keeping the server healthy. For most setups this is low-friction, but it’s not zero friction.

Email

Proton Mail is based in Switzerland, not EU territory, but Swiss privacy law is closely aligned with GDPR and arguably stronger in some respects. Proton builds its business model around privacy rather than advertising, and end-to-end encryption is baked in at the protocol level rather than bolted on. The email client is solid, the calendar works well, and for anyone moving away from US-based services, it sits comfortably in the same spirit as the rest of this stack.

One adjustment is getting used to Proton’s filter system, which is a bit more limited than Gmail’s. Gmail lets you write filters against virtually anything, including the full body of the message. Proton doesn’t support filtering on email content at all. So if you’ve built a workflow around catching specific phrases or keywords in message bodies, you’ll have to rethink it. For most people this won’t be a dealbreaker, but it’s worth knowing before you migrate.

There’s also a practical limitation worth flagging: Proton caps custom domains at three, even on the Duo plan. If you run several domains, like separate addresses for different projects or businesses, you’ll hit that ceiling quickly and need to rethink how you route and send mail. I ended up consolidating, which was probably overdue anyway, but it wasn’t a choice I made entirely freely.

Proton isn’t free and charges a substantial fee compared to other options. You’ll get access to a whole suite of Proton apps though.

Password Management

Once I was in the Proton ecosystem, moving password management there as well made sense. Proton Pass is end-to-end encrypted, open source, and benefits from the same Swiss jurisdiction as the rest of Proton’s stack.

1Password is a genuinely great product and this was a lateral move more than an upgrade. The interface is simple, the browser extension works reliably, and having passwords, email, and calendar under one encrypted roof has a certain satisfying coherence to it.

Compute

DigitalOcean has earned its reputation by doing one thing exceptionally well: getting out of your way. The UI is clean, the mental model is simple, and spinning up infrastructure never feels like a chore. It’s the platform that proved developer experience could be a competitive moat.

Scaleway was a pleasant surprise. I expected a capable-but-rough European alternative, but what I found was a platform that’s genuinely well thought out. Servers spun up quickly inside a private network of my own configuration, the control panel is clean, and the options available matched everything I actually needed. Scaleway displays projected CO₂ emissions alongside server location choices, a nice touch.

Object Storage

Scaleway’s object storage is S3-compatible, which makes migration mechanical rather than painful, update your endpoint and credentials and existing code works unchanged.

I used a tool called rclone to sync my old AWS S3 storage buckets to the new Scaleway S3 buckets. This took a little more than a week of constant syncing, as these buckets were quite large.

Offsite Backups

OVH is the largest European cloud provider and brings the reliability and pricing you’d expect at that scale. Their object storage works well as a backup destination and ends up cheaper than Backblaze B2 once you configure lifecycle rules to move older backups to the cold storage class.

Getting there, however, requires some patience. The OVHcloud control panel is a labyrinth: the lifecycle rule configuration is buried somewhere in the documentation, and it involves some work in the terminal. Once it’s set up, it works reliably and the cost difference is meaningful.

Transactional Emails

Lettermint is a European transactional email service that does the job without the bloat. Deliverability is solid, the API is clean, and it has straightforward pricing.

Compared to SendGrid, the analytics are leaner and the ecosystem integrations are fewer. SendGrid has years of tooling, documentation, and community answers behind it. Lettermint is newer and smaller. For most transactional sending use cases (password resets, notifications, receipts) that doesn’t matter much. But if you’re doing complex multi-stream email infrastructure, you’ll want to audit the feature set carefully first.

Error Tracking

Bugsink is a self-hosted error tracking tool that accepts Sentry’s SDK, which means the migration path is almost frictionless, change one line of configuration and you’re done.

To be honest: Bugsink is bare-bones. There’s no performance monitoring, no session replays, no advanced alerting. It’s not a Sentry replacement for teams that use Sentry properly. For me, it’s a simple remote error log, when something breaks in production I get a stack trace and that’s enough. Sentry’s cloud product is genuinely excellent if you need the full feature set, and for larger engineering teams the breadth almost certainly justifies the cost. But if your use case is “tell me when something broke and show me the stack trace”, self-hosted Bugsink does exactly that with no data leaving your infrastructure.

AI API integration

For my AI API integrations, I switched from OpenAI to Mistral. It worked out perfectly as I was mostly using simpler models anyway.

Mistral is headquartered in Paris and has published compelling open-weight models alongside its API offering. The API is clean, the models are fast and capable, and there’s something coherent about a European AI provider that leans into openness rather than away from it. For my inference workloads, the switch was lateral in quality and meaningfully better in terms of where the money goes.

CDN

Exception № 1

Not everything moved. Cloudflare is a US company, I still use it, and I’m at peace with that.

Here’s the reasoning: Cloudflare sits in front of my public-facing websites. Its job is to cache, protect against DDoS attacks, and make content load fast for visitors around the world. The data flowing through it is already public by definition. I’m not routing private communications or sensitive application data through Cloudflare; I’m using it to serve pages that anyone on the internet can read. The sovereignty calculus is different when the thing you’re protecting is already public.

I did try Bunny CDN, which is European-based and has a great reputation. For straightforward CDN use it’s excellent. But Cloudflare’s feature set (security rules, Workers platform, breadth of configuration options) wasn’t matched closely enough to justify the switch for my specific needs. Sometimes the pragmatic answer wins.

Payments

Exception № 2

Stripe is one of the few services I haven’t moved yet, even though payment infrastructure is exactly the kind of thing I care about having in a jurisdiction I trust. Mollie is a Dutch payment processor with full EU incorporation, strong GDPR compliance by design, and a product that has matured considerably in recent years. The API has converged toward parity for most common payment flows, and for a European business the regional payment method coverage (iDEAL, Bancontact, SEPA) is arguably better.

The migration is on the list. It’s just not a trivial one. Payment integrations touch billing logic, webhooks, tax invoicing and customer-facing flows in ways that require careful testing and a good moment to cut over. It’s also more expensive than Stripe for my usecase.

AI Code assistance

Exception № 3

This one felt overdue. OpenAI works fine, but the company’s trajectory doesn’t align with my own views anymore. After a period of deliberate drift, I felt the need to switch. Ideally I wanted to use Mistral Vibe here, but it just didn’t make the cut as it couldn’t compete with Claude.

Claude Code is now my day-to-day AI assistant for coding. The reasoning quality is strong, the context handling is genuinely impressive, and Anthropic’s approach to safety and transparency feels more structurally grounded.

Anthropic is a US company, so this doesn’t satisfy the jurisdictional criterion I applied elsewhere. But it satisfies something else, the sense that the organization building the thing has given serious thought to what it’s building and why.

It’s also worth noting that local models are becoming increasingly viable. Qwen, Alibaba’s open-weight model family, is a strong example: capable enough for many real workloads, running entirely on your own hardware, with no data leaving your machine. The gap between frontier API models and what you can run locally is narrowing faster than most people realize.

Not everything is ideal. Most data centers still sit outside Europe, and “open” means different things to different organizations. But the direction is right. A world where capable AI runs on your own hardware, with published weights and transparent training, is a much better world for digital autonomy than one where all inference routes through a handful of closed API providers. We’re not there yet, but the trajectory is encouraging.

Git Version Control

Exception № 4

GitLab also remains for now. GitLab is headquartered in the US but offers self-hosted options, and the company has long had a strong commitment to transparency and open source. A self-hosted instance is on the roadmap, but moving source control is a more significant undertaking than most of these migrations.

GitHub stays in the picture for one specific purpose: public-facing NPM packages and issue tracking for open source software. When you publish a package or maintain public tooling, GitHub is where developers expect to find it. The network effects are real, it’s where the forks, stars, and issue reports come from. For the public-facing surface of open source work, there’s no meaningful sovereignty concern and a lot of practical upside.

Was it worth it?

The practical friction was real but manageable. Most migrations were an afternoon of work: update a credential here, point a DNS record there, export and import some data. A few took longer. None were catastrophic. All in all it took longer than expected, but most time was spent in researching and planning when to do what. Two months in, everything is running without incident. No fires, no regrets.

Digital sovereignty isn’t about paranoia. It’s about being conscious about your infrastructure, where you decide who holds your data, who can reach it, and what happens when politics shift. The tools are there. The ecosystem is mostly mature. The only thing that was stopping me was inertia. It’s entirely possible to run a reliable, capable, professional digital stack mostly from European infrastructure. This migration was proof of that.