Aaron
@oseaaronn.bsky.social
Applied Technology Researcher @safeescape.org
These posts are my own, not my employers
stopstalkerware.org
These posts are my own, not my employers
stopstalkerware.org
Reposted by Aaron
The US TikTok sale has been signed. The company will be controlled by a joint venture including Oracle, Silver Lake, Andreessen Horowitz, Abu Dhabi-based MGX. Adding a UAE company really makes it clear that this was never about national security concerns.
www.axios.com/2025/12/18/t...
www.axios.com/2025/12/18/t...
Scoop: TikTok signs deal for sale of U.S. unit after yearslong saga
The deal would end a yearslong saga to force TikTok's Chinese parent ByteDance to sell the company's U.S. operation.
www.axios.com
December 18, 2025 at 11:35 PM
The US TikTok sale has been signed. The company will be controlled by a joint venture including Oracle, Silver Lake, Andreessen Horowitz, Abu Dhabi-based MGX. Adding a UAE company really makes it clear that this was never about national security concerns.
www.axios.com/2025/12/18/t...
www.axios.com/2025/12/18/t...
Reposted by Aaron
Just a reminder: Your voice matters. Your feelings matter. You matter.
December 2, 2025 at 5:24 PM
Just a reminder: Your voice matters. Your feelings matter. You matter.
Reposted by Aaron
I was featured in a UK documentary about stalkerware, an insidious kind of phone surveillance I've investigated for years.
In this deep-dive for this.weekinsecurity.com, I look back at what I've learned during my investigations, why stalkerware is a global threat, and what actually gives me hope.
In this deep-dive for this.weekinsecurity.com, I look back at what I've learned during my investigations, why stalkerware is a global threat, and what actually gives me hope.
I've investigated 'stalkerware' for five years. Here's what I've learned
Stalkerware is a pervasive surveillance used by millions around the world, but these operations keep getting hacked and leaking victims' private phone data.
this.weekinsecurity.com
December 7, 2025 at 12:10 AM
I was featured in a UK documentary about stalkerware, an insidious kind of phone surveillance I've investigated for years.
In this deep-dive for this.weekinsecurity.com, I look back at what I've learned during my investigations, why stalkerware is a global threat, and what actually gives me hope.
In this deep-dive for this.weekinsecurity.com, I look back at what I've learned during my investigations, why stalkerware is a global threat, and what actually gives me hope.
Reposted by Aaron
When reviewing your digital devices, start by checking which accounts and apps are logged in. Remove any access you do not recognize and change passwords to something you've never used before. A strong password should not be based on personal details that someone else could easily guess.
December 1, 2025 at 5:24 PM
When reviewing your digital devices, start by checking which accounts and apps are logged in. Remove any access you do not recognize and change passwords to something you've never used before. A strong password should not be based on personal details that someone else could easily guess.
Reposted by Aaron
Today, we like to reflect on the things we're thankful for. We're thankful for the amazing people that trust us to help them stay safe. We're thankful for the heroes that volunteer their time to make it all possible. We're thankful for the support of people like you. Happy Thanksgiving.
November 27, 2025 at 5:25 PM
Today, we like to reflect on the things we're thankful for. We're thankful for the amazing people that trust us to help them stay safe. We're thankful for the heroes that volunteer their time to make it all possible. We're thankful for the support of people like you. Happy Thanksgiving.
Reposted by Aaron
We feel that the time was right to take a more up-to-date snapshot of how well the anti-virus companies are performing. www.eff.org/deeplinks/2...
EFF Teams Up With AV Comparatives to Test Android Stalkerware
EFF has, for many years, raised the alarm about the proliferation of stalkerware—commercially-available apps designed to be installed covertly on another person’s device to exfiltrate data from that
www.eff.org
November 8, 2025 at 4:56 PM
We feel that the time was right to take a more up-to-date snapshot of how well the anti-virus companies are performing. www.eff.org/deeplinks/2...
Reposted by Aaron
EFF teamed up with AV Comparatives to see how well anti-virus apps detect stalkerware on Android phones.
www.eff.org/deeplinks/20...
www.eff.org/deeplinks/20...
November 6, 2025 at 8:22 PM
EFF teamed up with AV Comparatives to see how well anti-virus apps detect stalkerware on Android phones.
www.eff.org/deeplinks/20...
www.eff.org/deeplinks/20...
Reposted by Aaron
I think TikTok culture has done more than anything else to normalize casual surveillance / leveraging commercial surveillance against your friends/partners/colleagues/random strangers than anything else I've ever seen
October 16, 2025 at 2:35 PM
I think TikTok culture has done more than anything else to normalize casual surveillance / leveraging commercial surveillance against your friends/partners/colleagues/random strangers than anything else I've ever seen
Reposted by Aaron
BREAKING: S.T.O.P. Report Shows Family Surveillance Apps Used for Probation, Enable Abuse
"We don’t make our children and partners wear ankle monitors, but demanding they use family surveillance apps isn’t all that different." @corinneworthington.bsky.social
www.stopspying.org/latest-news/...
"We don’t make our children and partners wear ankle monitors, but demanding they use family surveillance apps isn’t all that different." @corinneworthington.bsky.social
www.stopspying.org/latest-news/...
S.T.O.P. Report Shows Family Surveillance Apps Used for Probation, Enable Abuse — S.T.O.P. - The Surveillance Technology Oversight Project
www.stopspying.org
September 25, 2025 at 2:52 PM
BREAKING: S.T.O.P. Report Shows Family Surveillance Apps Used for Probation, Enable Abuse
"We don’t make our children and partners wear ankle monitors, but demanding they use family surveillance apps isn’t all that different." @corinneworthington.bsky.social
www.stopspying.org/latest-news/...
"We don’t make our children and partners wear ankle monitors, but demanding they use family surveillance apps isn’t all that different." @corinneworthington.bsky.social
www.stopspying.org/latest-news/...
Reposted by Aaron
Sometimes my interest in state spying and my interest in stalkerware overlap in weird ways. For example, Kenya arrested four journalists, seized their devices and returned them with FlexiSpy installed:
cpj.org/2025/09/spyw...
cpj.org/2025/09/spyw...
Spyware installed on Kenyan filmmakers' phones in police custody - Committee to Protect Journalists
New York, September 10, 2025—The Committee to Protect Journalists is gravely alarmed by the installation of spyware on two Kenyan filmmakers’ phones while the devices were in police custody, and calls...
cpj.org
September 14, 2025 at 1:02 AM
Sometimes my interest in state spying and my interest in stalkerware overlap in weird ways. For example, Kenya arrested four journalists, seized their devices and returned them with FlexiSpy installed:
cpj.org/2025/09/spyw...
cpj.org/2025/09/spyw...
Reposted by Aaron
We know very little about how cell-site simulators (CSS), devices that masquerade as legitimate cell-phone towers, are being deployed in the US or globally, but with Rayhunter, we hope to change that. www.eff.org/deeplinks/2...
Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular
Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out cell-site simulators
www.eff.org
August 26, 2025 at 10:56 PM
We know very little about how cell-site simulators (CSS), devices that masquerade as legitimate cell-phone towers, are being deployed in the US or globally, but with Rayhunter, we hope to change that. www.eff.org/deeplinks/2...
Reposted by Aaron
"This is really the first time, that I’m aware of, where a U.S. court has found that it has jurisdiction over a spyware victim when the spying was done at the behest of a foreign government," EFF’s @davidgreene.bsky.social told @courthousenews.bsky.social.
Federal judge advances Saudi activist’s lawsuit against Emirati cybersecurity firm
Saudi activist Loujain al-Hathloul says that three former U.S. intelligence officers working for DarkMatter Group helped hack her phone and track her movements, leading to her arrest and torture.
www.courthousenews.com
August 13, 2025 at 8:04 PM
"This is really the first time, that I’m aware of, where a U.S. court has found that it has jurisdiction over a spyware victim when the spying was done at the behest of a foreign government," EFF’s @davidgreene.bsky.social told @courthousenews.bsky.social.
Reposted by Aaron
It turns out that the kind of people who write and launch an app in less than two weeks are not the kind of people who feel the need to implement secure coding practices and strong privacy protections for the sensitive user data they ask you to upload.
techcrunch.com/2025/08/06/a...
techcrunch.com/2025/08/06/a...
A rival Tea app for men is leaking its users' personal data and driver's licenses | TechCrunch
The newly launched app, now trending on Apple's App Store, contains at least one major security flaw that exposes the private information of its users, including their uploaded selfies and government-...
techcrunch.com
August 6, 2025 at 8:15 PM
It turns out that the kind of people who write and launch an app in less than two weeks are not the kind of people who feel the need to implement secure coding practices and strong privacy protections for the sensitive user data they ask you to upload.
techcrunch.com/2025/08/06/a...
techcrunch.com/2025/08/06/a...
Reposted by Aaron
Website/device age verification is a privacy and security nightmare and everyone who tells you that this is a solved problem is lying to you.
Looks like we’re going to get age verification on our phones. gizmodo.com/supreme-cour...
Supreme Court Says Age Verification Laws for Porn Sites Are Constitutional
Nineteen states have age verification laws.
gizmodo.com
June 27, 2025 at 6:51 PM
Website/device age verification is a privacy and security nightmare and everyone who tells you that this is a solved problem is lying to you.
Reposted by Aaron
🚨 We're still in need of more #snowflake extensions to help keep Iranians connected during this critical time.
Please consider running a Tor Snowflake proxy. This simple and safe action can make a difference in ensuring Iranians stay online. #KeepItOn
To get started, visit: snowflake.torproject.org
Please consider running a Tor Snowflake proxy. This simple and safe action can make a difference in ensuring Iranians stay online. #KeepItOn
To get started, visit: snowflake.torproject.org
June 25, 2025 at 5:13 PM
🚨 We're still in need of more #snowflake extensions to help keep Iranians connected during this critical time.
Please consider running a Tor Snowflake proxy. This simple and safe action can make a difference in ensuring Iranians stay online. #KeepItOn
To get started, visit: snowflake.torproject.org
Please consider running a Tor Snowflake proxy. This simple and safe action can make a difference in ensuring Iranians stay online. #KeepItOn
To get started, visit: snowflake.torproject.org
Reposted by Aaron
The Minnesota shooter apparently used data broker websites to find the home addresses of the people he shot and murdered.
Congress has had years to do something about data brokers and they've sided with the tech lobby over and over again.
Their inaction is deadly.
Congress has had years to do something about data brokers and they've sided with the tech lobby over and over again.
Their inaction is deadly.
June 16, 2025 at 10:56 PM
The Minnesota shooter apparently used data broker websites to find the home addresses of the people he shot and murdered.
Congress has had years to do something about data brokers and they've sided with the tech lobby over and over again.
Their inaction is deadly.
Congress has had years to do something about data brokers and they've sided with the tech lobby over and over again.
Their inaction is deadly.
Reposted by Aaron
If you have an iPhone, make sure you always have the latest security update.
If you are concerned that you might be targeted by government spyware, enable Lockdown Mode.
If you are concerned that you might be targeted by government spyware, enable Lockdown Mode.
Apple fixes an iPhone zero-day used in Paragon spyware hacks after a Citizen Lab report found two European journalists had their iPhones hacked with the spyware (Lorenzo Franceschi-Bicchierai/TechCrunch)
Main Link | Techmeme Permalink
Main Link | Techmeme Permalink
June 13, 2025 at 12:09 AM
If you have an iPhone, make sure you always have the latest security update.
If you are concerned that you might be targeted by government spyware, enable Lockdown Mode.
If you are concerned that you might be targeted by government spyware, enable Lockdown Mode.
Reposted by Aaron
Signal is making it harder for your private messages to get pulled into Microsoft's new Recall AI feature, which records Windows users' activities and could be a gold mine to attackers.
Learn more in our digital security newsletter (and subscribe):
Learn more in our digital security newsletter (and subscribe):
Signal blocks Microsoft Recall from recalling
Signal is making it harder for your private messages to get pulled into Microsoft’s new Recall AI feature
freedom.press
May 29, 2025 at 6:17 PM
Signal is making it harder for your private messages to get pulled into Microsoft's new Recall AI feature, which records Windows users' activities and could be a gold mine to attackers.
Learn more in our digital security newsletter (and subscribe):
Learn more in our digital security newsletter (and subscribe):
Reposted by Aaron
Signal says no to Windows 11’s Recall screenshots
Signal says no to Windows 11’s Recall screenshots
Signal uses the same tech Netflix does to block screenshots.
buff.ly
May 21, 2025 at 10:21 PM
Signal says no to Windows 11’s Recall screenshots
Reposted by Aaron
The judge sided with law enforcement, and the teens’ fate looked sealed—until the Colorado Supreme Court agreed to hear the defense’s appeal.
The case had now become something that could reshape Americans’ right to search online without fear of retribution.
www.wired.com/story/find-m...
The case had now become something that could reshape Americans’ right to search online without fear of retribution.
www.wired.com/story/find-m...
May 21, 2025 at 3:42 PM
The judge sided with law enforcement, and the teens’ fate looked sealed—until the Colorado Supreme Court agreed to hear the defense’s appeal.
The case had now become something that could reshape Americans’ right to search online without fear of retribution.
www.wired.com/story/find-m...
The case had now become something that could reshape Americans’ right to search online without fear of retribution.
www.wired.com/story/find-m...
Reposted by Aaron
Update May 5, 2025: In a win for privacy and encryption, the Florida Legislature ended its regular 2025 session on May 2 without passing SB 868 / HB 743.
Encryption is one of the most important tools we have to protect privacy online. Florida’s SB 868 intends to completely undermine it while also putting the privacy and safety of young people at risk. Learn more about this dangerous bill and tell FL lawmakers that they must protect digital privacy.
Florida’s Anti-Encryption Bill Is a Wrecking Ball to Privacy. There's Still Time to Stop It.
We've seen plenty of bad tech bills in recent years, often cloaked in vague language about "online safety." But Florida’s SB 868 doesn’t even pretend to be subtle: the state wants a backdoor into encr...
www.eff.org
May 5, 2025 at 8:24 PM
Update May 5, 2025: In a win for privacy and encryption, the Florida Legislature ended its regular 2025 session on May 2 without passing SB 868 / HB 743.