Yael Grauer
@yaelwrites.com
💻 cybersecurity research
🖊️ investigative tech reporting
📣yaelwrites.com
✉️ yael@yaelwrites.com
💥#alwaysantifascist
🎤opinions are mine, but you can have some
🖊️ investigative tech reporting
📣yaelwrites.com
✉️ yael@yaelwrites.com
💥#alwaysantifascist
🎤opinions are mine, but you can have some
Pinned
Yael Grauer
@yaelwrites.com
· Sep 9
US tech companies enabled the surveillance and detention of hundreds of thousands in China
An AP investigation reveals that U.S. technology companies to a large degree designed and built China’s surveillance state, playing a far greater role in enabling human rights abuses than previously k...
apnews.com
Reposted by Yael Grauer
Take note, NSO Group.
Today the Supreme Court heard a very, very technical case about whether a government contractors (in this case, private prison company GEO Group) should get essentially qualified immunity for contractors (I'm oversimplifying). The answer, it seems, will be no.
news.bloomberglaw.com/daily-labor-...
news.bloomberglaw.com/daily-labor-...
Justices Doubt Timing of Immunity Appeal in GEO Wage Case (1)
Several US Supreme Court justices appeared skeptical of GEO Group Inc.’s argument that it can immediately appeal a lower court’s rejection of its immunity defense to escape forced labor claims from im...
news.bloomberglaw.com
November 11, 2025 at 2:07 AM
Take note, NSO Group.
Reposted by Yael Grauer
NEW: I tried to explain why there are so many victims of spyware, despite the fact that its makers have been telling us for years that the tech is only intended to be used in limited cases.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
Why a lot of people are getting hacked with government spyware | TechCrunch
Government surveillance vendors want us to believe their spyware products are only used in limited and targeted operations against terrorists and serious criminals. That claim is increasingly difficul...
techcrunch.com
November 10, 2025 at 2:16 PM
NEW: I tried to explain why there are so many victims of spyware, despite the fact that its makers have been telling us for years that the tech is only intended to be used in limited cases.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
There are several reasons, including how the spyware systems are designed, and how powerful they are.
"appearing to close his eyes"
November 9, 2025 at 7:18 PM
"appearing to close his eyes"
Reposted by Yael Grauer
A bit of transparency into the impossible nature of trust & safety at scale. I hope people will recognize that one reason why other platforms never talk about this stuff is it often leads to people yelling at the trust & safety team. But this kind of transparency is good and useful.
Hopefully I've done this correctly in terms of the leaflet setup this time. Here's a first post in a series on T&S on Bluesky.
Moderating With Humans, For Humans
aaron.leaflet.pub
November 8, 2025 at 9:44 PM
A bit of transparency into the impossible nature of trust & safety at scale. I hope people will recognize that one reason why other platforms never talk about this stuff is it often leads to people yelling at the trust & safety team. But this kind of transparency is good and useful.
For anyone who saw my HOPE or DEF CON talks, I'd like to report that I am the proud parent of a beautiful new Monstera that I'm committed to keeping alive.
November 8, 2025 at 9:17 PM
For anyone who saw my HOPE or DEF CON talks, I'd like to report that I am the proud parent of a beautiful new Monstera that I'm committed to keeping alive.
Reposted by Yael Grauer
This is also one of MY favorite things that’s ever happened on the internet!
November 7, 2025 at 9:08 PM
This is also one of MY favorite things that’s ever happened on the internet!
Reposted by Yael Grauer
“Every participant who was detained by authorities & had biometrics enabled, said they were violently forced to unlock their phone. […]”
The research is clear: those with biometrics lost the power to resist device searches. Only using passcodes had some ability to refuse, delay, or obscure access.
The research is clear: those with biometrics lost the power to resist device searches. Only using passcodes had some ability to refuse, delay, or obscure access.
"Research shows that features like Face ID and fingerprints enable violent, forced phone access by police and authorities" the-decenter.ghost.io/the-body-as-... by Afsaneh Rigot
The Body as a Password: The Cost of Face ID
Convenience is costing people their freedom. Research shows that features like Face ID and fingerprints enable violent, forced phone access by police and authorities, writes Afsaneh Rigot.
the-decenter.ghost.io
November 7, 2025 at 7:47 AM
“Every participant who was detained by authorities & had biometrics enabled, said they were violently forced to unlock their phone. […]”
The research is clear: those with biometrics lost the power to resist device searches. Only using passcodes had some ability to refuse, delay, or obscure access.
The research is clear: those with biometrics lost the power to resist device searches. Only using passcodes had some ability to refuse, delay, or obscure access.
Reposted by Yael Grauer
Texting and messaging scam attempts have increased by 50% in the past year, with young adults ages 18-29 experiencing the sharpest rise of any age group. See our report with @aspendigital.bsky.social & @gca.bsky.social: innovation.consumerreports.org/2025-Consume...
#CybersecurityAwarenessMonth
#CybersecurityAwarenessMonth
October 31, 2025 at 4:00 PM
Texting and messaging scam attempts have increased by 50% in the past year, with young adults ages 18-29 experiencing the sharpest rise of any age group. See our report with @aspendigital.bsky.social & @gca.bsky.social: innovation.consumerreports.org/2025-Consume...
#CybersecurityAwarenessMonth
#CybersecurityAwarenessMonth
i somehow completely missed that the AMAZING Amythyst Kiah was playing in Phoenix and while she was playing I was *completely bombing* an open mic and could have had a nice evening instead. Major major bummer.
November 7, 2025 at 4:39 PM
i somehow completely missed that the AMAZING Amythyst Kiah was playing in Phoenix and while she was playing I was *completely bombing* an open mic and could have had a nice evening instead. Major major bummer.
🎶🎶some of them want to block you
some of them want to be blocked by you
some of them want to be blocked by you
November 7, 2025 at 1:00 AM
🎶🎶some of them want to block you
some of them want to be blocked by you
some of them want to be blocked by you
one time someone asked me what al dente meant and I told them it was Italian for "good enough" and I still think about this when I cook
November 7, 2025 at 12:59 AM
one time someone asked me what al dente meant and I told them it was Italian for "good enough" and I still think about this when I cook
Reposted by Yael Grauer
Excellent explainer from @yaelwrites.com and @consumerreports.org on the new kick-butt iPhone #security feature. Let's hope Android adopts it, too. This is progress.
innovation.consumerreports.org/apples-new-i...
innovation.consumerreports.org/apples-new-i...
Apple’s New iPhone Memory Protections Safeguards Devices Against Sophisticated Attacks - Innovation at Consumer Reports
Apple’s new Memory Integrity Enforcement aligns hardware and software to block memory safety exploits before they start, raising the bar for phone security
innovation.consumerreports.org
November 6, 2025 at 5:25 PM
Excellent explainer from @yaelwrites.com and @consumerreports.org on the new kick-butt iPhone #security feature. Let's hope Android adopts it, too. This is progress.
innovation.consumerreports.org/apples-new-i...
innovation.consumerreports.org/apples-new-i...
Bailey turned ten today!!! Loving every moment with the world’s sweetest, most loving, most playful chiweenie.
November 5, 2025 at 2:57 PM
Bailey turned ten today!!! Loving every moment with the world’s sweetest, most loving, most playful chiweenie.
I wrote about Apple’s new iPhone security feature. innovation.consumerreports.org/apples-new-i...
Apple’s New iPhone Memory Protections Safeguards Devices Against Sophisticated Attacks - Innovation at Consumer Reports
Apple’s new Memory Integrity Enforcement aligns hardware and software to block memory safety exploits before they start, raising the bar for phone security
innovation.consumerreports.org
November 4, 2025 at 9:34 PM
I wrote about Apple’s new iPhone security feature. innovation.consumerreports.org/apples-new-i...
Reposted by Yael Grauer
When you book a flight through major travel sites, a data broker owned by U.S. airlines will sell details about your flight—your name, credit card used, and where you’re flying to the government.
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
How to Opt-Out of Airlines Selling Your Travel Data to the Government
The Airlines Reporting Corporation (ARC), owned by major U.S. airlines, collects billions of ticketing records and sells them to the government to be searched without a warrant. I managed to opt-out…
www.404media.co
November 4, 2025 at 2:48 PM
When you book a flight through major travel sites, a data broker owned by U.S. airlines will sell details about your flight—your name, credit card used, and where you’re flying to the government.
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
We found out how to opt-out of ARC selling your travel data. A guide:
www.404media.co/how-to-opt-o...
Reposted by Yael Grauer
November 3, 2025 at 5:56 PM
Reposted by Yael Grauer
“Carpe Diem” and “YOLO” are just Memento Mori with better PR
October 31, 2025 at 7:19 PM
“Carpe Diem” and “YOLO” are just Memento Mori with better PR
I have a quick Halloween update to BADBOOL! 🎃👻🧙
That's the big ass data broker opt-out list I maintain, helping simplify the process of manually removing your data from people search sites. I also use cute emoji. 🧵
That's the big ass data broker opt-out list I maintain, helping simplify the process of manually removing your data from people search sites. I also use cute emoji. 🧵
github.com
November 1, 2025 at 12:30 AM
I have a quick Halloween update to BADBOOL! 🎃👻🧙
That's the big ass data broker opt-out list I maintain, helping simplify the process of manually removing your data from people search sites. I also use cute emoji. 🧵
That's the big ass data broker opt-out list I maintain, helping simplify the process of manually removing your data from people search sites. I also use cute emoji. 🧵
We voted too late to mail our ballots in, so I had to drop them off in the dropbox, which means I got TWO of these amazing gila monster stickers.
October 30, 2025 at 10:48 PM
We voted too late to mail our ballots in, so I had to drop them off in the dropbox, which means I got TWO of these amazing gila monster stickers.
Reposted by Yael Grauer
Is social media dying? How much has Twitter changed as it became X? Which party now dominates the conversation?
Using nationally representative ANES data from 2020 & 2024, I map how the U.S. social media landscape has transformed.
Here are the key take-aways 🧵
arxiv.org/abs/2510.25417
Using nationally representative ANES data from 2020 & 2024, I map how the U.S. social media landscape has transformed.
Here are the key take-aways 🧵
arxiv.org/abs/2510.25417
October 30, 2025 at 8:09 AM
Is social media dying? How much has Twitter changed as it became X? Which party now dominates the conversation?
Using nationally representative ANES data from 2020 & 2024, I map how the U.S. social media landscape has transformed.
Here are the key take-aways 🧵
arxiv.org/abs/2510.25417
Using nationally representative ANES data from 2020 & 2024, I map how the U.S. social media landscape has transformed.
Here are the key take-aways 🧵
arxiv.org/abs/2510.25417
Can anyone think of a single, easy-to-understand word that means "lethal kinetic strike"? Asking for a friend. www.nbcnews.com/politics/nat...
Pete Hegseth says U.S. carried out another strike on alleged drug boat in Pacific Ocean, killing 4 people
The defense secretary's announcement marks the 14th known strike the U.S. has conducted on alleged drug traffickers in recent months.
www.nbcnews.com
October 30, 2025 at 7:48 PM
Can anyone think of a single, easy-to-understand word that means "lethal kinetic strike"? Asking for a friend. www.nbcnews.com/politics/nat...
Reposted by Yael Grauer
one of my favorite things is when the subject of a piece threatens a journalist and the journalist responds by casually printing everything very matter of factly
October 30, 2025 at 2:11 PM
one of my favorite things is when the subject of a piece threatens a journalist and the journalist responds by casually printing everything very matter of factly
My version of watercolor vs. the cover of the kit. I guess I like my leaves more supernatural!
October 30, 2025 at 4:48 AM
My version of watercolor vs. the cover of the kit. I guess I like my leaves more supernatural!
Reposted by Yael Grauer
Today's tip in @eff.org's #OptOutOctober series comes from CR’s Security Planner: Tighten your account privacy settings www.eff.org/deeplinks/20...
Opt Out October: Daily Tips to Protect Your Privacy and Security
Trying to take control of your online privacy can feel like a full-time job. But if you break it up into small tasks and take on one project at a time it makes the process of protecting your privacy m...
www.eff.org
October 29, 2025 at 7:58 PM
Today's tip in @eff.org's #OptOutOctober series comes from CR’s Security Planner: Tighten your account privacy settings www.eff.org/deeplinks/20...
Reposted by Yael Grauer
Just did this with my Drive settings, and yeah it had Gemini ticked by default without ever asking me if that was something I wanted
October 27, 2025 at 5:50 PM
Just did this with my Drive settings, and yeah it had Gemini ticked by default without ever asking me if that was something I wanted