Kurt Opsahl
@kurtopsahl.bsky.social
AGC for Cybersecurity & Civil Liberties Policy at Filecoin Foundation, former Deputy ED and GC of EFF, now EFF Special Counsel, affiliate of BKC Harvard, board emeritus USENIX, advisor Open Archive, former Technical Advisory Council CISA. Skeets are my own
Reposted by Kurt Opsahl
Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle a lawsuit they brought alleging wrongful arrest and defamation.
arstechnica.com/security/202...
arstechnica.com/security/202...
County pays $600,000 to pentesters it arrested for assessing courthouse security
Settlement comes more than 6 years after Gary DeMercurio and Justin Wynn's ordeal began.
arstechnica.com
January 29, 2026 at 7:58 PM
Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle a lawsuit they brought alleging wrongful arrest and defamation.
arstechnica.com/security/202...
arstechnica.com/security/202...
Reposted by Kurt Opsahl
Apple’s new iPhone security feature limits cell networks from collecting precise location data, but appears to have very limited support in the U.S. at the moment. Here’s to hoping all the big carriers get on board too. techcrunch.com/2026/01/29/a...
January 29, 2026 at 3:00 PM
Apple’s new iPhone security feature limits cell networks from collecting precise location data, but appears to have very limited support in the U.S. at the moment. Here’s to hoping all the big carriers get on board too. techcrunch.com/2026/01/29/a...
Reposted by Kurt Opsahl
Do not store your Bitlocker encryption keys on Microsoft's servers if your threat model includes governments or law enforcement. As this article points out, this is the result of a design choice Microsoft made. It didn't have to be this way. www.forbes.com/sites/thomas...
Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw
The tech giant said providing encryption keys was a standard response to a court order. But companies like Apple and Meta set up their systems so such a privacy violation isn’t possible.
www.forbes.com
January 23, 2026 at 7:35 PM
Do not store your Bitlocker encryption keys on Microsoft's servers if your threat model includes governments or law enforcement. As this article points out, this is the result of a design choice Microsoft made. It didn't have to be this way. www.forbes.com/sites/thomas...
Reposted by Kurt Opsahl
Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw | Forbes
https://alecmuffett.com/article/142847
#EndToEndEncryption #HomeOffice #KeyEscrow #apple #encryption #gchq #privacy #surveillance
https://alecmuffett.com/article/142847
#EndToEndEncryption #HomeOffice #KeyEscrow #apple #encryption #gchq #privacy #surveillance
Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw | Forbes
This is the future of which GCHQ wants for all global encryption: “Microsoft confirmed to Forbes that it does provide BitLocker recovery keys if it receives a valid legal order. “While key re…
alecmuffett.com
January 23, 2026 at 4:38 PM
Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw | Forbes
https://alecmuffett.com/article/142847
#EndToEndEncryption #HomeOffice #KeyEscrow #apple #encryption #gchq #privacy #surveillance
https://alecmuffett.com/article/142847
#EndToEndEncryption #HomeOffice #KeyEscrow #apple #encryption #gchq #privacy #surveillance
Reposted by Kurt Opsahl
January 23, 2026 at 2:36 PM
Reposted by Kurt Opsahl
I'm on @npr.org Morning Edition talking about, what else, Grok: www.npr.org/2026/01/16/n...
Elon Musk's X to block AI chatbot Grok from making explicit images of real people
Elon Musk's social media company X says it will block its AI chatbot Grok from creating explicit images of real people after governments around the world launched investigations into the feature.
www.npr.org
January 16, 2026 at 5:24 PM
I'm on @npr.org Morning Edition talking about, what else, Grok: www.npr.org/2026/01/16/n...
Reposted by Kurt Opsahl
BREAKING: #SCOTUS to hear challenge to the constitutionality of geofence search warrants, which seek to identify all mobile devices in a particular area at a particular time. Case is Chatrie v. US. Doc: www.supremecourt.gov/orders/court...
www.supremecourt.gov
January 16, 2026 at 7:35 PM
BREAKING: #SCOTUS to hear challenge to the constitutionality of geofence search warrants, which seek to identify all mobile devices in a particular area at a particular time. Case is Chatrie v. US. Doc: www.supremecourt.gov/orders/court...
Reposted by Kurt Opsahl
Just saw the first trade review of my upcoming book in Publisher's Weekly which called it a "hard-hitting debut exposé" that is "an incisive call for action against the collusions of big money and big government."
Pre-order here: www.amazon.com/Transaction-...
Pre-order here: www.amazon.com/Transaction-...
Transaction Denied: Big Finance's Power to Punish Speech
Transaction Denied: Big Finance's Power to Punish Speech [Reitman, Rainey] on Amazon.com. *FREE* shipping on qualifying offers. Transaction Denied: Big Finance's Power to Punish Speech
www.amazon.com
January 15, 2026 at 9:44 PM
Just saw the first trade review of my upcoming book in Publisher's Weekly which called it a "hard-hitting debut exposé" that is "an incisive call for action against the collusions of big money and big government."
Pre-order here: www.amazon.com/Transaction-...
Pre-order here: www.amazon.com/Transaction-...
Reposted by Kurt Opsahl
I have an op-ed in the NYT today about the Grok scandal, sharing my research from last year finding that legal risk hinders AI companies from making their models safer against CSAM - an echo of the years where white-hat hackers were chilled from good-faith research. www.nytimes.com/2026/01/12/o...
Opinion | There’s One Easy Solution to the A.I. Porn Problem
www.nytimes.com
January 12, 2026 at 4:34 PM
I have an op-ed in the NYT today about the Grok scandal, sharing my research from last year finding that legal risk hinders AI companies from making their models safer against CSAM - an echo of the years where white-hat hackers were chilled from good-faith research. www.nytimes.com/2026/01/12/o...
Reposted by Kurt Opsahl
If you are a resident of California, the state now has a portal where you can demand deletion of your personal data from 500+ registered data brokers with a single request form, for free.
consumer.drop.privacy.ca.gov
consumer.drop.privacy.ca.gov
consumer.drop.privacy.ca.gov
January 2, 2026 at 2:26 AM
If you are a resident of California, the state now has a portal where you can demand deletion of your personal data from 500+ registered data brokers with a single request form, for free.
consumer.drop.privacy.ca.gov
consumer.drop.privacy.ca.gov
Reposted by Kurt Opsahl
Welcome to the Public Domain, THE MALTESE FALCON (1930) 🦅💎
🕵️ Sam Spade is on the Case of the Disappearing Copyright as The Maltese Falcon novel joins the public domain.
Learn more ➡️ blog.archive.org/public-domai...
#PublicDomainDay #CopyrightFree
🕵️ Sam Spade is on the Case of the Disappearing Copyright as The Maltese Falcon novel joins the public domain.
Learn more ➡️ blog.archive.org/public-domai...
#PublicDomainDay #CopyrightFree
January 1, 2026 at 5:25 AM
Welcome to the Public Domain, THE MALTESE FALCON (1930) 🦅💎
🕵️ Sam Spade is on the Case of the Disappearing Copyright as The Maltese Falcon novel joins the public domain.
Learn more ➡️ blog.archive.org/public-domai...
#PublicDomainDay #CopyrightFree
🕵️ Sam Spade is on the Case of the Disappearing Copyright as The Maltese Falcon novel joins the public domain.
Learn more ➡️ blog.archive.org/public-domai...
#PublicDomainDay #CopyrightFree
Sometimes sharing is not caring.
December 30, 2025 at 2:25 AM
Sometimes sharing is not caring.
Reposted by Kurt Opsahl
NEW: Apple, Google, and WhatsApp now regularly notify their users if they suspect they have been targeted or hacked with government spyware, such as that made by NSO Group or Paragon.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
You've been targeted by government spyware. Now what? | TechCrunch
Tech companies are increasingly warning their customers that they have been targeted by governments with advanced government spyware, such as NSO's Pegasus or Paragon's Graphite. What happens after re...
techcrunch.com
December 29, 2025 at 4:27 PM
NEW: Apple, Google, and WhatsApp now regularly notify their users if they suspect they have been targeted or hacked with government spyware, such as that made by NSO Group or Paragon.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
We spoke to experts and wrote a guide on what to do, and where to go, if you receive one of those notifications.
Reposted by Kurt Opsahl
Research that was once freely available is being removed or locked behind paywalls, hindering scientific advancement. Today over a million scientific preprints are accessible through CC licenses, and we’re working to grow that number. Join us with a gift today. www.classy.org/give/313412/...
December 29, 2025 at 3:30 PM
Research that was once freely available is being removed or locked behind paywalls, hindering scientific advancement. Today over a million scientific preprints are accessible through CC licenses, and we’re working to grow that number. Join us with a gift today. www.classy.org/give/313412/...
Reposted by Kurt Opsahl
December 27, 2025 at 11:19 PM
Hear the story of three University of Malta students who got arrested (but eventually pardoned) for disclosing a vulnerability in good faith, #39C3 day 3. @srldf.bsky.social helped support their legal defense. events.ccc.de/congress/202...
[39c3] There is NO WAY we ended up getting arrested for this (Malta edition)
The talk goes through the full journey,
1. The talk describes in more detail how the arrests were carried out on November 12th, 2022 including the confiscation of all computer equipment, the time spe...
events.ccc.de
December 27, 2025 at 3:04 PM
Hear the story of three University of Malta students who got arrested (but eventually pardoned) for disclosing a vulnerability in good faith, #39C3 day 3. @srldf.bsky.social helped support their legal defense. events.ccc.de/congress/202...
And so it begins. Good to be back at CCC for #39C3. Looking forward to the cool hacks, funky art and inspiration the hacktivists bring.
December 26, 2025 at 7:26 PM
And so it begins. Good to be back at CCC for #39C3. Looking forward to the cool hacks, funky art and inspiration the hacktivists bring.
Reposted by Kurt Opsahl
NEW: By a 6-3 vote, the Supreme Court blocks Trump’s deployment of the National Guard to Chicago to assist immigration agents. A majority holds that he likely lacks authority to do so. Thomas, Alito, and Gorsuch dissent. www.supremecourt.gov/opinions/25p...
![The Government asked this Court to stay the District Court's order. After the response and reply were filed, JUSTICE BARRETT referred the application to the Court. We directed the parties to file supplemental letter briefs on an issue that the District Court had addressed but the parties' initial briefs had not: the meaning of the term "regular forces" in §12406(3). In its supplemental brief, the Government argues that the term refers to civilian law enforcement officers, such as those employed by Immigration and Customs Enforcement or the Federal Protective Service.
Respondents, echoing the District Court, maintain that the term refers to the regular forces of the United States mili-tary.
We conclude that the term "regular forces" in §12406(3) likely refers to the regular forces of the United States mili-tary. This interpretation means that to call the Guard into active federal service under §12406(3), the President must be "unable" with the regular military "to execute the laws of the United States." Because the statute requires an assessment of the military's ability to execute the laws, it likely applies only where the military could legally execute the laws. Such circumstances are exceptional: Under the Posse Comitatus Act, the military is prohibited from "execut[ing] the laws" "except in cases and under circumstances expressly authorized by the Constitution or Act of Congress."
18 U. S. C. §1385. So before the President can federalize the Guard under §12406(3), he likely must have statutory or constitutional authority to execute the laws with the regular military and must be "unable" with those forces to perform that function.](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:6h7b2i6ttw3l4t7pvbvxdith/bafkreiftbhzwvn3vgwhqsi7k2paizvdw4t26ailljvovso3chqupnmj364@jpeg)
December 23, 2025 at 8:16 PM
NEW: By a 6-3 vote, the Supreme Court blocks Trump’s deployment of the National Guard to Chicago to assist immigration agents. A majority holds that he likely lacks authority to do so. Thomas, Alito, and Gorsuch dissent. www.supremecourt.gov/opinions/25p...
Reposted by Kurt Opsahl
Scoop: The lone employee behind CISA's Pre-Ransomware Notification Initiative resigned on Friday rather than take a forced reassignment to FEMA.
CISA says PRNI will continue, but sources said David Stern's loss will be a major setback for it.
My story: www.cybersecuritydive.com/news/cisa-ra...
CISA says PRNI will continue, but sources said David Stern's loss will be a major setback for it.
My story: www.cybersecuritydive.com/news/cisa-ra...
December 23, 2025 at 3:50 PM
Scoop: The lone employee behind CISA's Pre-Ransomware Notification Initiative resigned on Friday rather than take a forced reassignment to FEMA.
CISA says PRNI will continue, but sources said David Stern's loss will be a major setback for it.
My story: www.cybersecuritydive.com/news/cisa-ra...
CISA says PRNI will continue, but sources said David Stern's loss will be a major setback for it.
My story: www.cybersecuritydive.com/news/cisa-ra...
Reposted by Kurt Opsahl
Bringing back Limewire to illegally rip copies of reporting suppressed by the government is definitely some cyberpunk shit
December 23, 2025 at 1:08 AM
Bringing back Limewire to illegally rip copies of reporting suppressed by the government is definitely some cyberpunk shit
Reposted by Kurt Opsahl
Question 3 (25 points): Discuss the fair-use, Section 512, and secondary liability issues raised by this tweet.
The 60 Minutes piece on the Trump Administration’s torture prison that Bari Weiss doesn’t want you to see has leaked.
December 22, 2025 at 10:28 PM
Question 3 (25 points): Discuss the fair-use, Section 512, and secondary liability issues raised by this tweet.
Reposted by Kurt Opsahl
Twas the week before Christmas and all through the House (and Senate)...
A recap 🧵 of Hackers on the Hill 2025 and a look ahead to 2026
A recap 🧵 of Hackers on the Hill 2025 and a look ahead to 2026
December 18, 2025 at 9:17 PM
Twas the week before Christmas and all through the House (and Senate)...
A recap 🧵 of Hackers on the Hill 2025 and a look ahead to 2026
A recap 🧵 of Hackers on the Hill 2025 and a look ahead to 2026
Reposted by Kurt Opsahl
Wall Street Journal got an A.I.-run vending machine for their office.
Takeaway: Highly entertaining, but financially disastrous to let a generative A.I. chatbot run your business. www.wsj.com/tech/ai/anth...
Takeaway: Highly entertaining, but financially disastrous to let a generative A.I. chatbot run your business. www.wsj.com/tech/ai/anth...
We Let AI Run Our Office Vending Machine. It Lost Hundreds of Dollars.
An AI agent ran a snack operation in the WSJ newsroom. It gave away a free PlayStation, ordered a live fish—and taught us lessons about the future of AI.
www.wsj.com
December 18, 2025 at 5:24 PM
Wall Street Journal got an A.I.-run vending machine for their office.
Takeaway: Highly entertaining, but financially disastrous to let a generative A.I. chatbot run your business. www.wsj.com/tech/ai/anth...
Takeaway: Highly entertaining, but financially disastrous to let a generative A.I. chatbot run your business. www.wsj.com/tech/ai/anth...
Reposted by Kurt Opsahl
Huge thanks to the New York Times Book Review for naming the revised Cult of the Dead Cow one of its three nonfiction paperback picks of the week. Here is no-paywall version: www.pilotonline.com/2025/12/17/p... #books #hacking
Paperbacks worth reading or giving, from histories to novels
Good books on Handel’s ‘Messiah,’ hackers, saving seeds in the Siege of Leningrad, an Indian school before Wounded Knee, and more.
www.pilotonline.com
December 17, 2025 at 11:09 PM
Huge thanks to the New York Times Book Review for naming the revised Cult of the Dead Cow one of its three nonfiction paperback picks of the week. Here is no-paywall version: www.pilotonline.com/2025/12/17/p... #books #hacking