evacide
@evacide.bsky.social
Director of Cybersecurity @eff.org
Co-founder of @stopstalkerware.bsky.social
These opinions are my own, not my employers’
I did a TED talk once
Co-founder of @stopstalkerware.bsky.social
These opinions are my own, not my employers’
I did a TED talk once
I've spent the last year learning Spanish just so I could understand Bad Bunny lyrics.
February 9, 2026 at 3:33 AM
I've spent the last year learning Spanish just so I could understand Bad Bunny lyrics.
Trying to explain compartmentalization to activists, but the biggest stumbling block is that most people become activists by accident, so their activism is deeply enmeshed with all of their existing accounts, platforms, and devices.
February 6, 2026 at 12:50 AM
Trying to explain compartmentalization to activists, but the biggest stumbling block is that most people become activists by accident, so their activism is deeply enmeshed with all of their existing accounts, platforms, and devices.
Hey, remember that time I said that pointing out that AI is giving bad data to ICE is missing the point because ICE doesn't actually care if the data is good? Check out how right I am.
NEW: Records reviewed by WIRED show DHS’s facial recognition app (Mobile Fortify) isn’t designed to actually "verify" identity—despite DHS claims and its agents relying on its matches to support probable cause in the field.
ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are
ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that—and only got approved after DHS abandoned its own privacy r...
www.wired.com
February 5, 2026 at 8:37 PM
Hey, remember that time I said that pointing out that AI is giving bad data to ICE is missing the point because ICE doesn't actually care if the data is good? Check out how right I am.
Every once in a while, someone gets the genius idea of impersonating me online and I spend an afternoon looking for the most chaotic way to make them regret that choice.
February 3, 2026 at 8:26 PM
Every once in a while, someone gets the genius idea of impersonating me online and I spend an afternoon looking for the most chaotic way to make them regret that choice.
Reposted by evacide
1Password not mincing words here:
"If you are experimenting with OpenClaw, do not do it on a company device. Full stop."
"If you have already run OpenClaw on a work device, treat it as a potential incident and engage your security team immediately."
1password.com/blog/from-ma...
"If you are experimenting with OpenClaw, do not do it on a company device. Full stop."
"If you have already run OpenClaw on a work device, treat it as a potential incident and engage your security team immediately."
1password.com/blog/from-ma...
From magic to malware: How OpenClaw's agent skills become an attack surface | 1Password
The same capabilities that make OpenClaw a groundbreaking tool also make it an urgent security risk. This blog contains confirmed examples of agent skills being used as malware vectors, and advice on ...
1password.com
February 3, 2026 at 1:12 PM
1Password not mincing words here:
"If you are experimenting with OpenClaw, do not do it on a company device. Full stop."
"If you have already run OpenClaw on a work device, treat it as a potential incident and engage your security team immediately."
1password.com/blog/from-ma...
"If you are experimenting with OpenClaw, do not do it on a company device. Full stop."
"If you have already run OpenClaw on a work device, treat it as a potential incident and engage your security team immediately."
1password.com/blog/from-ma...
Sometimes I get a really good quote in.
“Pointing out that AI is prone to giving ICE bad information is missing the entire point of ICE,” EFF’s @evacide told @RollingStone. “They don’t care if the information they have is good.”
www.rollingstone.com/culture/cult...
“Pointing out that AI is prone to giving ICE bad information is missing the entire point of ICE,” EFF’s @evacide told @RollingStone. “They don’t care if the information they have is good.”
www.rollingstone.com/culture/cult...
ICE's Use of AI Will Lead to Big Mistakes. Maybe That's the Point
Cybersecurity experts say that U.S. Immigration and Customs Enforcement seems to be indifferent to how their artificial intelligence tools work.
www.rollingstone.com
February 2, 2026 at 10:43 PM
Sometimes I get a really good quote in.
“Pointing out that AI is prone to giving ICE bad information is missing the entire point of ICE,” EFF’s @evacide told @RollingStone. “They don’t care if the information they have is good.”
www.rollingstone.com/culture/cult...
“Pointing out that AI is prone to giving ICE bad information is missing the entire point of ICE,” EFF’s @evacide told @RollingStone. “They don’t care if the information they have is good.”
www.rollingstone.com/culture/cult...
Reposted by evacide
NEW: NSO tried to hijack the Pall Mall Process to whitewash their reputation in the midst of ongoing Pegasus abuses.
France & UK govs leading the process say: "Not so fast!"
Submitting comments ≠ participation/compliance!
By @suzannesmalley.bsky.social
therecord.media/spyware-make...
France & UK govs leading the process say: "Not so fast!"
Submitting comments ≠ participation/compliance!
By @suzannesmalley.bsky.social
therecord.media/spyware-make...
Spyware maker is hijacking diplomatic efforts to limit commercial hacking, civil society warns
Spyware maker NSO Group trumpeted the company’s participation in the Pall Mall Process, which drew criticism from civil society leaders and government officials who called out human rights abuses.
therecord.media
February 2, 2026 at 6:47 PM
NEW: NSO tried to hijack the Pall Mall Process to whitewash their reputation in the midst of ongoing Pegasus abuses.
France & UK govs leading the process say: "Not so fast!"
Submitting comments ≠ participation/compliance!
By @suzannesmalley.bsky.social
therecord.media/spyware-make...
France & UK govs leading the process say: "Not so fast!"
Submitting comments ≠ participation/compliance!
By @suzannesmalley.bsky.social
therecord.media/spyware-make...
If you live in the Bay Area and you like seeing smart people talking about cool historical things, you should come to Curiosity Guild tomorrow.
Reminder: Bright Ideas is tomorrow at Public Works!
Get your tickets here: www.eventbrite.com/e/bright-ide...
Tuesday, February 3rd
Doors at 6:30pm, talks at 7:30
Public Works
161 Erie Street, SF
21+
Get your tickets here: www.eventbrite.com/e/bright-ide...
Tuesday, February 3rd
Doors at 6:30pm, talks at 7:30
Public Works
161 Erie Street, SF
21+
February 2, 2026 at 6:21 PM
If you live in the Bay Area and you like seeing smart people talking about cool historical things, you should come to Curiosity Guild tomorrow.
Notepad++ publishes a blog post saying they caught a probably-Chinese state actor hijacking their product in an attack against highly-selective targets that began last June: notepad-plus-plus.org/news/hijacke...
Notepad++ Hijacked by State-Sponsored Hackers | Notepad++
notepad-plus-plus.org
February 2, 2026 at 6:18 PM
Notepad++ publishes a blog post saying they caught a probably-Chinese state actor hijacking their product in an attack against highly-selective targets that began last June: notepad-plus-plus.org/news/hijacke...
The StopICE plot thickens. It would be nice if Austin would release evidence to back up his claims: www.risky.biz/risky-bullet...
Risky Bulletin: StopICE blames hack on "a CBP agent here in SoCal" - Risky Business Media
StopICE, an app that lets Americans track the location of US Immigration and Customs Enforcement (ICE) raids, has played down a recent sec [Read More]
www.risky.biz
February 2, 2026 at 6:12 PM
The StopICE plot thickens. It would be nice if Austin would release evidence to back up his claims: www.risky.biz/risky-bullet...
Why do your organizing over Signal? So that you don't do your organizing on an app that hasn't been tested or reviewed, run by a guy who doesn't tell his users about data breaches and security problems.
www.ibtimes.co.uk/stopice-hack...
www.ibtimes.co.uk/stopice-hack...
StopICE Data Breach Sent Names And Locations of 100,000 Users to The US Government
StopICE, the anti-ICE activist platform, suffered a major security breach exposing names, logins, phone numbers and GPS locations of over 100,000 users to US federal agencies.
www.ibtimes.co.uk
February 2, 2026 at 4:10 AM
Why do your organizing over Signal? So that you don't do your organizing on an app that hasn't been tested or reviewed, run by a guy who doesn't tell his users about data breaches and security problems.
www.ibtimes.co.uk/stopice-hack...
www.ibtimes.co.uk/stopice-hack...
I spend a lot of time trying to help people understand that not all protests are the same, but one of the things that make this hard is that sometimes you show up for a "liberal vibes with kids" protest and you get an "everyone gets teargassed, including the kids" protest.
Just got gassed pretty good at the labor union anti-ICE protest in Portland. Massive march, 5-10k strong. Vibes were very much liberal rather than radical. Lots of kids and older folks.
They gassed the whole crowd as soon as it marched on ICE, in broad daylight.
They gassed the whole crowd as soon as it marched on ICE, in broad daylight.
February 1, 2026 at 2:23 AM
I spend a lot of time trying to help people understand that not all protests are the same, but one of the things that make this hard is that sometimes you show up for a "liberal vibes with kids" protest and you get an "everyone gets teargassed, including the kids" protest.
Planning to film ICE? Wired has a guide for that: www.wired.com/story/how-to...
How to Film ICE
Filming federal agents in public is legal, but avoiding a dangerous—even deadly—confrontation isn’t guaranteed. Here’s how to record ICE and CBP agents as safely as possible and have an impact.
www.wired.com
February 1, 2026 at 12:44 AM
Planning to film ICE? Wired has a guide for that: www.wired.com/story/how-to...
The level of solidarity and organization in the Twin Cities is a goddamn inspiration. We should all be taking notes and following suit.
BREAKING: Tenants across Minneapolis and Saint Paul have just launched a Twin Cities tenant union, citing the fact that their cities are under siege, and saying they need to band together to protect one another.
linktr.ee/twincitieste...
linktr.ee/twincitieste...
twincitiestenants | Instagram | Linktree
The twin cities are under siege. Every tenant needs a union. We are launching a twin cities-wide tenant union. Organize your neighbors. Join the Union NOW.
linktr.ee
January 30, 2026 at 10:59 PM
The level of solidarity and organization in the Twin Cities is a goddamn inspiration. We should all be taking notes and following suit.
How many people here would be interested if I did a digital security/privacy advice blog somewhere?
January 30, 2026 at 8:29 PM
How many people here would be interested if I did a digital security/privacy advice blog somewhere?
EFF will be closed Friday, Jan. 30 as part of the national shutdown in opposition to ICE and CBP and the brutality and terror they and other federal agencies continue to inflict on immigrant communities and any who stand with them.
www.eff.org/deeplinks/20...
www.eff.org/deeplinks/20...
EFF to Close Friday in Solidarity with National Shutdown
The Electronic Frontier Foundation stands with the people of Minneapolis and with all of the communities impacted by the ongoing campaign of ICE and CBP violence. EFF will be closed Friday, Jan. 30 as...
www.eff.org
January 29, 2026 at 9:34 PM
EFF will be closed Friday, Jan. 30 as part of the national shutdown in opposition to ICE and CBP and the brutality and terror they and other federal agencies continue to inflict on immigrant communities and any who stand with them.
www.eff.org/deeplinks/20...
www.eff.org/deeplinks/20...
Can we just tell all of the "Signal is an op" guys that all of the real high-opsec organizing is being done on some Telegram channel so they can all go there and cosplay at each other?
January 29, 2026 at 7:56 PM
Can we just tell all of the "Signal is an op" guys that all of the real high-opsec organizing is being done on some Telegram channel so they can all go there and cosplay at each other?
@theradr.bsky.social wrote this last year, but I think it is evergreen.
If the horrors feel overwhelming right now and you're wondering how to help without burning yourself out to a cinder, here is a checklist:
www.lifeisasacredtext.com/goodtrouble/
If the horrors feel overwhelming right now and you're wondering how to help without burning yourself out to a cinder, here is a checklist:
www.lifeisasacredtext.com/goodtrouble/
THE GOOD TROUBLE CHECKLIST
keep all your shenanigans in one place
www.lifeisasacredtext.com
January 29, 2026 at 7:53 PM
@theradr.bsky.social wrote this last year, but I think it is evergreen.
If the horrors feel overwhelming right now and you're wondering how to help without burning yourself out to a cinder, here is a checklist:
www.lifeisasacredtext.com/goodtrouble/
If the horrors feel overwhelming right now and you're wondering how to help without burning yourself out to a cinder, here is a checklist:
www.lifeisasacredtext.com/goodtrouble/
Reposted by evacide
Signal will never message you like this.
If you get a message like this, SOMEONE IS TRYING TO HACK YOUR SIGNAL.
DO NOT GIVE THEM THAT CODE.
If you get a message like this, SOMEONE IS TRYING TO HACK YOUR SIGNAL.
DO NOT GIVE THEM THAT CODE.
January 26, 2026 at 2:16 AM
Signal will never message you like this.
If you get a message like this, SOMEONE IS TRYING TO HACK YOUR SIGNAL.
DO NOT GIVE THEM THAT CODE.
If you get a message like this, SOMEONE IS TRYING TO HACK YOUR SIGNAL.
DO NOT GIVE THEM THAT CODE.
I've finally had one of those days where if you don't choose a rest day, your body chooses one for you. Do not recommend. Zero stars.
January 28, 2026 at 3:14 AM
I've finally had one of those days where if you don't choose a rest day, your body chooses one for you. Do not recommend. Zero stars.
Reposted by evacide
bro whistles are the NICE option. do you really want to challenge 1,000 nerds with 3D printers to invent something louder and more annoying???
January 28, 2026 at 1:08 AM
bro whistles are the NICE option. do you really want to challenge 1,000 nerds with 3D printers to invent something louder and more annoying???
This is your regular reminder that the data broker industry must be destroyed.
2. ICE is buying your private location data from sleazy data brokers through a legal loophole. I've had a bill to stop this since 2021. I'm renewing my push to get it passed into black letter law as soon as possible.
Wyden, Paul and Bipartisan Senators Reintroduce the Fourth Amendment is Not for Sale Act | U.S. Senator Ron Wyden of Oregon
The Official U.S. Senate website of Senator Ron Wyden of Oregon
www.wyden.senate.gov
January 27, 2026 at 10:28 PM
This is your regular reminder that the data broker industry must be destroyed.
The same week that Meta was sued over claims that employees can access WhatsApp chat messages, WhatsApp rolls out a stricter security setting meant to protect users from government surveillance malware. techcrunch.com/2026/01/27/w...
WhatsApp is rolling out a new stricter security setting to protect users from cyber attacts | TechCrunch
Days after Meta was sued over alleged false privacy claims surrounding its chat app WhatsApp, the company has rolled out a new setting to protect users
techcrunch.com
January 27, 2026 at 8:32 PM
The same week that Meta was sued over claims that employees can access WhatsApp chat messages, WhatsApp rolls out a stricter security setting meant to protect users from government surveillance malware. techcrunch.com/2026/01/27/w...
Hello, it's me. I'm the one training the resistance in the diabolically professional OPSEC of setting disappearing messages in the Signal group chat.
January 26, 2026 at 7:47 PM
Hello, it's me. I'm the one training the resistance in the diabolically professional OPSEC of setting disappearing messages in the Signal group chat.
Pro tip: if you are an undergraduate looking for professional advice from me, please do not cold call me on WhatsApp. Do the children not know what email is for?
January 26, 2026 at 7:01 PM
Pro tip: if you are an undergraduate looking for professional advice from me, please do not cold call me on WhatsApp. Do the children not know what email is for?