Martin
@mshelton.bsky.social
Digisec @freedom.press. Was that @mshelton guy on the other site.
Mastodon: https://mastodon.social/@mshelton
Digisec newsletter: https://freedom.press/newsletters
Mastodon: https://mastodon.social/@mshelton
Digisec newsletter: https://freedom.press/newsletters
Reposted by Martin
This has been an extraordinary set of data to process: 1.3B unique passwords, 2B unique email addresses (including mine 😭) and almost 3M of our @haveibeenpwned.com subscribers in there. It’s been weeks of processing to get this loaded, and finally, it’s done www.troyhunt.com/2-billion-em...
2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned
I hate hyperbolic news headlines about data breaches, but for the "2 Billion Email Addresses" headline to be hyperbolic, it'd need to be exaggerated or overstated - and it isn't. It's rounded up from ...
www.troyhunt.com
November 6, 2025 at 5:09 AM
This has been an extraordinary set of data to process: 1.3B unique passwords, 2B unique email addresses (including mine 😭) and almost 3M of our @haveibeenpwned.com subscribers in there. It’s been weeks of processing to get this loaded, and finally, it’s done www.troyhunt.com/2-billion-em...
Reposted by Martin
New from 404 Media: someone managed to get into a Microsoft Teams call with phone hackers Cellebrite, who then detailed some of the company's hacking capabilities against Google Pixel phones. Also its capabilities against GrapheneOS, security-focused devices www.404media.co/someone-snuc...
Someone Snuck Into a Cellebrite Microsoft Teams Call and Leaked Phone Unlocking Details
The leaked slide focuses on Google Pixel phones and mentions those running the security-focused GrapheneOS operating system.
www.404media.co
October 30, 2025 at 3:12 PM
New from 404 Media: someone managed to get into a Microsoft Teams call with phone hackers Cellebrite, who then detailed some of the company's hacking capabilities against Google Pixel phones. Also its capabilities against GrapheneOS, security-focused devices www.404media.co/someone-snuc...
Reposted by Martin
Here's a good rundown of why facial recognition is often inaccurate in the wild (as opposed to in a lab environment).
www.techpolicy.press/why-we-shoul...
www.techpolicy.press/why-we-shoul...
October 29, 2025 at 5:24 PM
Here's a good rundown of why facial recognition is often inaccurate in the wild (as opposed to in a lab environment).
www.techpolicy.press/why-we-shoul...
www.techpolicy.press/why-we-shoul...
Great news. In recent years, nearly all page loads are secured with HTTPS by default, so there's very little downside to just protecting people by blocking risky connections by default. security.googleblog.com/2025/10/http...
HTTPS by default
One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secu...
security.googleblog.com
October 28, 2025 at 9:05 PM
Great news. In recent years, nearly all page loads are secured with HTTPS by default, so there's very little downside to just protecting people by blocking risky connections by default. security.googleblog.com/2025/10/http...
Reposted by Martin
NEW: CBP searched a record 55,424 devices at the US border over the past 12 months. While these searches are rare compared to the number of travelers, the data shows a notable uptick over the past six months. @mattburgess1.bsky.social and @dell.bsky.social w/ the scoop: www.wired.com/story/cbp-se...
CBP Searched a Record Number of Phones at the US Border Over the Past Year
The total number of US Customs and Border Protection device searches jumped by 17 percent over the 2024 fiscal year, but more invasive forensic searches remain relatively rare.
www.wired.com
October 28, 2025 at 3:29 PM
NEW: CBP searched a record 55,424 devices at the US border over the past 12 months. While these searches are rare compared to the number of travelers, the data shows a notable uptick over the past six months. @mattburgess1.bsky.social and @dell.bsky.social w/ the scoop: www.wired.com/story/cbp-se...
I didn't watch baseball this evening, and heard it took a very long time. I'm told by not watching it, my lifespan therefore extended significantly
October 28, 2025 at 6:00 AM
I didn't watch baseball this evening, and heard it took a very long time. I'm told by not watching it, my lifespan therefore extended significantly
Reposted by Martin
Google and Apple should add a device-level AI permission, just like it does for other potentially invasive privacy features, like location, to their phones. www.eff.org/deeplinks/2...
When AI and Secure Chat Meet, Users Deserve Strong Controls Over How
Both Google and Apple are cramming new AI features into their phones and other devices, and neither company has offered clear ways to control which apps those AI systems can access. Recent issues
www.eff.org
October 25, 2025 at 10:00 PM
Google and Apple should add a device-level AI permission, just like it does for other potentially invasive privacy features, like location, to their phones. www.eff.org/deeplinks/2...
Reposted by Martin
“I am not interested, nor will I ever be interested. I'm 61, and I hope to be able to remain uninterested in using it at all until I croak. ... The other day, somebody wrote me an email, said, ‘What is your stance on AI?’ And my answer was very short. I said, ‘I'd rather die.’” 🫡
Filmmaker Guillermo del Toro says 'I'd rather die' than use generative AI
Del Toro's new Frankenstein adaption reimagines Mary Shelley's 1818 Gothic novel. Frankenstein was like a tech bro: "creating something without considering the consequences," he explains.
www.npr.org
October 23, 2025 at 10:08 PM
“I am not interested, nor will I ever be interested. I'm 61, and I hope to be able to remain uninterested in using it at all until I croak. ... The other day, somebody wrote me an email, said, ‘What is your stance on AI?’ And my answer was very short. I said, ‘I'd rather die.’” 🫡
As a person who has studied use of secure messaging tools among journalists, this is both the most interesting and most awful time because the U.S. government keeps using Signal in the goofiest ways
October 24, 2025 at 5:40 AM
As a person who has studied use of secure messaging tools among journalists, this is both the most interesting and most awful time because the U.S. government keeps using Signal in the goofiest ways
Reposted by Martin
In case you haven't had enough cyber for one day...
I'm re-upping my deep-dive blog on why ad-blockers are critical for your online security and privacy, and what threats they can help defend against. Plus, I run through some of the best ad blockers out there, for your browser and beyond.
I'm re-upping my deep-dive blog on why ad-blockers are critical for your online security and privacy, and what threats they can help defend against. Plus, I run through some of the best ad blockers out there, for your browser and beyond.
Why ad blockers are a top security and privacy defense for everyone
Ad blockers can help defend against some of the top hacks, scams, and surveillance today. Here are some of the best ad blockers that you can use.
this.weekinsecurity.com
October 23, 2025 at 10:34 PM
In case you haven't had enough cyber for one day...
I'm re-upping my deep-dive blog on why ad-blockers are critical for your online security and privacy, and what threats they can help defend against. Plus, I run through some of the best ad blockers out there, for your browser and beyond.
I'm re-upping my deep-dive blog on why ad-blockers are critical for your online security and privacy, and what threats they can help defend against. Plus, I run through some of the best ad blockers out there, for your browser and beyond.
WhatsApp also has a fun habit of asking users to back up their messages to iCloud or Google Drive in regular told human-readable text. Even if you do everything right, the people you are talking to might not appreciate this risk.
If you have the choice, go for Signal. freedom.press/digisec/blog...
If you have the choice, go for Signal. freedom.press/digisec/blog...
October 23, 2025 at 3:10 AM
WhatsApp also has a fun habit of asking users to back up their messages to iCloud or Google Drive in regular told human-readable text. Even if you do everything right, the people you are talking to might not appreciate this risk.
If you have the choice, go for Signal. freedom.press/digisec/blog...
If you have the choice, go for Signal. freedom.press/digisec/blog...
Reposted by Martin
the most popular smartphone maker in history literally had to stop using "AI" because it would constantly just make things up and had zero contextual "understanding" of what it was doing
October 21, 2025 at 10:19 PM
the most popular smartphone maker in history literally had to stop using "AI" because it would constantly just make things up and had zero contextual "understanding" of what it was doing
Helluva story. Lindsey Halligan, the U.S. attorney on the Letitia James case, apparently asked to have her Signal messages with Lawfare's Anna Bower taken off the record after the fact. That's not how this works. That's not how any of this works. www.lawfaremedia.org/article/anna...
“Anna, Lindsey Halligan Here.”
My Signal exchange with the interim U.S. attorney about the Letitia James grand jury.
www.lawfaremedia.org
October 20, 2025 at 11:56 PM
Helluva story. Lindsey Halligan, the U.S. attorney on the Letitia James case, apparently asked to have her Signal messages with Lawfare's Anna Bower taken off the record after the fact. That's not how this works. That's not how any of this works. www.lawfaremedia.org/article/anna...
Reposted by Martin
The plan? Act like a jackass and then say, ha, I was only acting like jackass, you got trolled
October 19, 2025 at 7:37 PM
The plan? Act like a jackass and then say, ha, I was only acting like jackass, you got trolled
Reposted by Martin
ICE "has been rapidly building out its surveillance capabilities in recent weeks, signing a string of contracts for technologies to identify individuals by their irises or facial features and to monitor their cellphone activity, social media posts and physical movements," per spending disclosures.
ICE amps up its surveillance powers, targeting immigrants and antifa
Iris scanners, facial recognition apps, phone-hacking software and cellphone location data are among the agency’s recent technological purchases.
www.washingtonpost.com
October 17, 2025 at 11:14 AM
ICE "has been rapidly building out its surveillance capabilities in recent weeks, signing a string of contracts for technologies to identify individuals by their irises or facial features and to monitor their cellphone activity, social media posts and physical movements," per spending disclosures.
I'll just leave this here… techcrunch.com/2025/10/16/a...
Amazon's Ring to partner with Flock, a network of AI cameras used by ICE, feds, and police | TechCrunch
Agencies that use Flock can request that Ring doorbell users share footage to help with "evidence collection and investigative work."
techcrunch.com
October 16, 2025 at 10:34 PM
I'll just leave this here… techcrunch.com/2025/10/16/a...
U.S. news outlets refuse to sign agreement to stop doing journalism
US news outlets refuse to sign new Pentagon rules to report only official information www.theguardian.com/us-news/2025...
US news outlets refuse to sign new Pentagon rules to report only official information
Defense department policy requires outlets to vow not to obtain unauthorized files and restricts access to some areas
www.theguardian.com
October 14, 2025 at 2:58 PM
U.S. news outlets refuse to sign agreement to stop doing journalism
Reposted by Martin
NEW: A stunning new study finds that satellite transmissions—from calls and texts on T-Mobile to US and Mexico military communications—were sent unencrypted for any snoop to grab. @agreenberg.bsky.social and @mattburgess1.bsky.social have the scoop: www.wired.com/story/satell...
Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data
With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypte...
www.wired.com
October 14, 2025 at 1:01 AM
NEW: A stunning new study finds that satellite transmissions—from calls and texts on T-Mobile to US and Mexico military communications—were sent unencrypted for any snoop to grab. @agreenberg.bsky.social and @mattburgess1.bsky.social have the scoop: www.wired.com/story/satell...
Reposted by Martin
EXCLUSIVE: A cell-site simulator, commonly referred to as an IMSI-catcher or "Stingray," may have been used at the ICE facility in Portland.
Analysis of cellular signals in the area showed phones receiving abnormal spikes in requests for their unique identifiers. san.com/cc/exclusive...
Analysis of cellular signals in the area showed phones receiving abnormal spikes in requests for their unique identifiers. san.com/cc/exclusive...
Exclusive: Fake cellphone tower likely surveilled protesters at Portland ICE facility
Law enforcement officials may have deployed a secretive cellphone surveillance technology last weekend at Portland’s ICE facility.
san.com
October 11, 2025 at 5:51 PM
EXCLUSIVE: A cell-site simulator, commonly referred to as an IMSI-catcher or "Stingray," may have been used at the ICE facility in Portland.
Analysis of cellular signals in the area showed phones receiving abnormal spikes in requests for their unique identifiers. san.com/cc/exclusive...
Analysis of cellular signals in the area showed phones receiving abnormal spikes in requests for their unique identifiers. san.com/cc/exclusive...
Reposted by Martin
Journalism is not a crime. Free Debbie Brockman!
WGN-TV producer detained during ICE enforcement action in Lincoln Square www.chicagotribune.com/2025/10/10/w...
WGN-TV producer detained during ICE enforcement action in Lincoln Square www.chicagotribune.com/2025/10/10/w...
WGN-TV producer detained during ICE enforcement action in Lincoln Square
A WGN-TV video editor and producer was roughly detained by two Border Patrol agents on Friday morning during a highly visible rush hour enforcement action in Lincoln Square.
www.chicagotribune.com
October 10, 2025 at 7:02 PM
Journalism is not a crime. Free Debbie Brockman!
WGN-TV producer detained during ICE enforcement action in Lincoln Square www.chicagotribune.com/2025/10/10/w...
WGN-TV producer detained during ICE enforcement action in Lincoln Square www.chicagotribune.com/2025/10/10/w...
Reposted by Martin
WATCH: ‘Portland Frog’ pepper balled by ICE agents
October 6, 2025 at 5:39 AM
WATCH: ‘Portland Frog’ pepper balled by ICE agents
This month my colleague @davisa.bsky.social takes over our digital security newsletter. It’s even more spooky than usual. Check that out (and follow her, she’s the best)! freedom.press/digisec/blog...
Data vampires … we mean, brokers
That unsettled feeling you get when you are served an all-too-accurate advertisement? Data brokers at work
freedom.press
October 9, 2025 at 8:49 PM
This month my colleague @davisa.bsky.social takes over our digital security newsletter. It’s even more spooky than usual. Check that out (and follow her, she’s the best)! freedom.press/digisec/blog...
