Martin
@mshelton.bsky.social
Digisec @freedom.press. Was that @mshelton guy on the other site.
Mastodon: https://mastodon.social/@mshelton
Digisec newsletter: https://freedom.press/newsletters
Mastodon: https://mastodon.social/@mshelton
Digisec newsletter: https://freedom.press/newsletters
Reposted by Martin
Newsrooms: We've made a lot of changes to our guide to confidential tip pages. The biggest change — informed by our research into common channels — is that we've actually cut WhatsApp from the list and added web forms. Check it out. freedom.press/digisec/blog...
Security considerations for confidential tip pages
News organizations should take a few steps to improve the security and efficacy of their confidential tip pages.
freedom.press
January 5, 2026 at 11:44 PM
Newsrooms: We've made a lot of changes to our guide to confidential tip pages. The biggest change — informed by our research into common channels — is that we've actually cut WhatsApp from the list and added web forms. Check it out. freedom.press/digisec/blog...
Newsrooms: We've made a lot of changes to our guide to confidential tip pages. The biggest change — informed by our research into common channels — is that we've actually cut WhatsApp from the list and added web forms. Check it out. freedom.press/digisec/blog...
Security considerations for confidential tip pages
News organizations should take a few steps to improve the security and efficacy of their confidential tip pages.
freedom.press
January 5, 2026 at 11:44 PM
Newsrooms: We've made a lot of changes to our guide to confidential tip pages. The biggest change — informed by our research into common channels — is that we've actually cut WhatsApp from the list and added web forms. Check it out. freedom.press/digisec/blog...
Reposted by Martin
In tumultuous times, we believe in being prepared, not scared.
We’ve distilled the advice our trainers have shared with thousands of journalists over the years into the actionable, concrete steps in our 2026 journalist’s digital security checklist:
We’ve distilled the advice our trainers have shared with thousands of journalists over the years into the actionable, concrete steps in our 2026 journalist’s digital security checklist:
The 2026 journalist’s digital security checklist
Our digital security training team's checklist to help journalists secure their digital life.
freedom.press
January 1, 2026 at 2:02 PM
In tumultuous times, we believe in being prepared, not scared.
We’ve distilled the advice our trainers have shared with thousands of journalists over the years into the actionable, concrete steps in our 2026 journalist’s digital security checklist:
We’ve distilled the advice our trainers have shared with thousands of journalists over the years into the actionable, concrete steps in our 2026 journalist’s digital security checklist:
This is all really undermining the credibility of the FIFA Peace Prize.
January 3, 2026 at 10:48 PM
This is all really undermining the credibility of the FIFA Peace Prize.
I recently hung out with someone who said they went to high school with their doctor. I think that's when I realized I do not want to share a friend group with my doctor at all.
December 30, 2025 at 8:52 PM
I recently hung out with someone who said they went to high school with their doctor. I think that's when I realized I do not want to share a friend group with my doctor at all.
Reposted by Martin
Increasingly thinking of writing articles about misinformation on Signal, in something similar to the style of @mmasnick.bsky.social's "Hello! You've Been Referred Here Because You're Wrong About Section 230 Of The Communications Decency Act"
December 19, 2025 at 5:38 AM
Increasingly thinking of writing articles about misinformation on Signal, in something similar to the style of @mmasnick.bsky.social's "Hello! You've Been Referred Here Because You're Wrong About Section 230 Of The Communications Decency Act"
Journalists: We've updated our digital security checklist for 2026. Check it out. freedom.press/digisec/blog...
The 2025 journalist’s digital security checklist
Our digital security training team's checklist to help journalists secure their digital life.
freedom.press
December 17, 2025 at 9:26 PM
Journalists: We've updated our digital security checklist for 2026. Check it out. freedom.press/digisec/blog...
This is such a weirdly specific set of references. I’ll allow it.
December 17, 2025 at 4:09 AM
This is such a weirdly specific set of references. I’ll allow it.
Reposted by Martin
December 13, 2025 at 4:59 AM
Ah I think I understand now. When humans bullshit you, the bullshit is unacceptable. But when AIs bullshit you, 'we're working on it' while running in production.
December 11, 2025 at 12:03 AM
Ah I think I understand now. When humans bullshit you, the bullshit is unacceptable. But when AIs bullshit you, 'we're working on it' while running in production.
I receive a shiny new YubiKey, but my 2FA is on my previous two YubiKeys.
The result: I now use three YubiKeys.
The result: I now use three YubiKeys.
December 3, 2025 at 6:17 PM
I receive a shiny new YubiKey, but my 2FA is on my previous two YubiKeys.
The result: I now use three YubiKeys.
The result: I now use three YubiKeys.
Reposted by Martin
I work at @freedom.press. I'm told it's some sort of holiday for donating to nonprofits.
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
freedom.press
December 2, 2025 at 9:24 PM
I work at @freedom.press. I'm told it's some sort of holiday for donating to nonprofits.
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
I work at @freedom.press. I'm told it's some sort of holiday for donating to nonprofits.
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
freedom.press
December 2, 2025 at 9:24 PM
I work at @freedom.press. I'm told it's some sort of holiday for donating to nonprofits.
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
I remember being a kid, fiddling with these on the plane and not realizing they were vestigial, much like the overhead tube televisions where everyone watched one movie, or the assumption that air traffic controllers would get paid money for their disproportionately important labor.
November 23, 2025 at 2:17 AM
I remember being a kid, fiddling with these on the plane and not realizing they were vestigial, much like the overhead tube televisions where everyone watched one movie, or the assumption that air traffic controllers would get paid money for their disproportionately important labor.
Oh hey guys, I took a break from social media what’s going… Uhhh.
November 22, 2025 at 8:34 AM
Oh hey guys, I took a break from social media what’s going… Uhhh.
Reposted by Martin
New: A judge in Washington has ruled images from Flock surveillance cameras are public records and that anyone can request them. Highlights the pervasiveness of this tech and just how much surveillance is being done. Very notable ruling
www.404media.co/judge-rules-...
www.404media.co/judge-rules-...
Judge Rules Flock Surveillance Images Are Public Records That Can Be Requested By Anyone
A Washington judge said images taken by Flock cameras are "not exempt from disclosure" in public record requests.
www.404media.co
November 12, 2025 at 3:22 PM
New: A judge in Washington has ruled images from Flock surveillance cameras are public records and that anyone can request them. Highlights the pervasiveness of this tech and just how much surveillance is being done. Very notable ruling
www.404media.co/judge-rules-...
www.404media.co/judge-rules-...
Reposted by Martin
Good article about the state of America
www.poynter.org/business-wor...
www.poynter.org/business-wor...
When your local reporter needs the same protection as a war correspondent - Poynter
Five months of covering ICE raids taught our small LA newsroom hard lessons — and we're still figuring out how to sustain it
www.poynter.org
November 11, 2025 at 1:53 PM
Good article about the state of America
www.poynter.org/business-wor...
www.poynter.org/business-wor...
Reposted by Martin
This has been an extraordinary set of data to process: 1.3B unique passwords, 2B unique email addresses (including mine 😭) and almost 3M of our @haveibeenpwned.com subscribers in there. It’s been weeks of processing to get this loaded, and finally, it’s done www.troyhunt.com/2-billion-em...
2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned
I hate hyperbolic news headlines about data breaches, but for the "2 Billion Email Addresses" headline to be hyperbolic, it'd need to be exaggerated or overstated - and it isn't. It's rounded up from ...
www.troyhunt.com
November 6, 2025 at 5:09 AM
This has been an extraordinary set of data to process: 1.3B unique passwords, 2B unique email addresses (including mine 😭) and almost 3M of our @haveibeenpwned.com subscribers in there. It’s been weeks of processing to get this loaded, and finally, it’s done www.troyhunt.com/2-billion-em...
Reposted by Martin
New from 404 Media: someone managed to get into a Microsoft Teams call with phone hackers Cellebrite, who then detailed some of the company's hacking capabilities against Google Pixel phones. Also its capabilities against GrapheneOS, security-focused devices www.404media.co/someone-snuc...
Someone Snuck Into a Cellebrite Microsoft Teams Call and Leaked Phone Unlocking Details
The leaked slide focuses on Google Pixel phones and mentions those running the security-focused GrapheneOS operating system.
www.404media.co
October 30, 2025 at 3:12 PM
New from 404 Media: someone managed to get into a Microsoft Teams call with phone hackers Cellebrite, who then detailed some of the company's hacking capabilities against Google Pixel phones. Also its capabilities against GrapheneOS, security-focused devices www.404media.co/someone-snuc...
Reposted by Martin
Here's a good rundown of why facial recognition is often inaccurate in the wild (as opposed to in a lab environment).
www.techpolicy.press/why-we-shoul...
www.techpolicy.press/why-we-shoul...
October 29, 2025 at 5:24 PM
Here's a good rundown of why facial recognition is often inaccurate in the wild (as opposed to in a lab environment).
www.techpolicy.press/why-we-shoul...
www.techpolicy.press/why-we-shoul...
Great news. In recent years, nearly all page loads are secured with HTTPS by default, so there's very little downside to just protecting people by blocking risky connections by default. security.googleblog.com/2025/10/http...
HTTPS by default
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secu...
security.googleblog.com
October 28, 2025 at 9:05 PM
Great news. In recent years, nearly all page loads are secured with HTTPS by default, so there's very little downside to just protecting people by blocking risky connections by default. security.googleblog.com/2025/10/http...
Reposted by Martin
NEW: CBP searched a record 55,424 devices at the US border over the past 12 months. While these searches are rare compared to the number of travelers, the data shows a notable uptick over the past six months. @mattburgess1.bsky.social and @dell.bsky.social w/ the scoop: www.wired.com/story/cbp-se...
CBP Searched a Record Number of Phones at the US Border Over the Past Year
The total number of US Customs and Border Protection device searches jumped by 17 percent over the 2024 fiscal year, but more invasive forensic searches remain relatively rare.
www.wired.com
October 28, 2025 at 3:29 PM
NEW: CBP searched a record 55,424 devices at the US border over the past 12 months. While these searches are rare compared to the number of travelers, the data shows a notable uptick over the past six months. @mattburgess1.bsky.social and @dell.bsky.social w/ the scoop: www.wired.com/story/cbp-se...
I didn't watch baseball this evening, and heard it took a very long time. I'm told by not watching it, my lifespan therefore extended significantly
October 28, 2025 at 6:00 AM
I didn't watch baseball this evening, and heard it took a very long time. I'm told by not watching it, my lifespan therefore extended significantly