For people who are looking to shield their identities in group chats: Signal does not store past handle IDs and 7 days after changing your handle, another Signal user can claim it.
evacide
evacide@hachyderm-io.mostr.pub
npub18wn0...shpx
Director of Cybersecurity
@EFF
/ Co-founder of
@stopstalkerware
/ These are my opinions, not my employers’ / I did a TED talk once
Big Law has failed to stand up to Trump and now infosec is following suit.
https://www.reuters.com/world/us/cybersecurity-industry-falls-silent-trump-turns-ire-sentinelone-2025-04-10/
Weird how the jobs that AI-boosters say AI is going to replace never seems to include the management or executive class.
I checked in on the Bad Place and discovered that a bunch of misogynists have spent a couple of weeks getting very worked up about a screenshot of a post I made about a decade ago and that locking my account last year has successfully deprived them of further ammo. Everything is cool and normal.
Today's OPSEC lesson is this: all of the encryption in the world is not going to save you if you add the editor of The Atlantic to your war-planning Signal group chat.
The Atlantic
The Trump Administration Accidentally Texted Me Its War Plans
U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bo...
For people who are concerned about crossing the US border, The Verge and Wired both have useful discussion and advice:
The Verge
Is it safe to travel with your phone right now?
Know your rights, but also minimize your risk.
WIRED
How to Enter the US With Your Digital Privacy Intact
Crossing into the United States has become increasingly dangerous for digital privacy. Here are a few steps you can take to minimize the risk of Cu...
You can learn a lot of useful OPSEC lessons by examining the ways in which people get caught, so I'm just going to leave this right here.
404 Media
How Three Alleged Tesla Vandals Got Caught
Automatic license plate readers, Instagram captions, and fingerprints.
If you're critical of the US government and you are planning to cross the US border any time soon, today is a good day to review EFF's border search pocket guide: 
Electronic Frontier Foundation
EFF Border Search Pocket Guide
border-pocket-guide-2.pdf
I rarely tell people to throw their devices into the sea, but you should throw your Amazon Echo into the sea.
WIRED
Everything You Say to Your Echo Will Soon Be Sent to Amazon, and You Can’t Opt Out
Amazon is killing its “Do Not Send Voice Recordings” privacy feature on March 28 as the company aims to bolster Alexa+, its new subscription as...
It's Monday, which is a good day to remember that the data broker industry must be destroyed: 
Gizmodo
Data Broker Brags About Having Highly Detailed Personal Information on Nearly All Internet Users
The advertising industry is immensely powerful, and disturbingly opaque.
Listen, I'm not going to pretend that I'm even remotely surprised, but I will tell you that this is a slap in the face to every person in the infosec community that has worked to track and thwart Russian APTs for the last several decades.
the Guardian
Trump administration retreats in fight against Russian cyber threats
Recent incidents indicate US is no longer characterizing Russia as a cybersecurity threat, marking a radical departure: ‘Putin is on the inside n...
Aerial coach: Do you remember this sequence from two weeks ago?
Me: Listen, a lot has happened in the last two weeks...
Let it be known that on this day in history, I made it to the end of Duolingo French. There are no worlds left to conquer.
My co-workers are badass and I am proud of them.
EFF is suing DOGE and OPM over their illegal sharing of federal employee data.
Electronic Frontier Foundation
EFF Sues DOGE and the Office of Personnel Management to Halt Ransacking of Federal Data
EFF and a coalition of privacy defenders have filed a lawsuit asking a federal court to block Elon Musk’s Department of Government Efficiency (DO...
I spent most of a decade traveling to authoritarian countries and teaching people how to circumvent internet censorship. I am appalled that this is now something I have to do in the US.
For people who are wondering what the TikTok ban is going to look like for US TikTok users if it goes into effect on Sunday, TikTok will be blocking US users, linking to info about the ban, and giving them the option of exporting their data. 
The Verge
TikTok reportedly plans ‘immediate’ Sunday shutdown in the US if it’s banned
Users could see a pop-up directing them to info about the ban.
Lots of folks in my mentions going "Haha, the US will just ban VPNs," possibly because they are not experts in internet censorship and they have not been watching this exact same dynamic play out in dozens of countries over the last 20 years.
After all of the infosec chatter about how you probably don't need a VPN, age verification has made PornHub block access in most Southern states and TikTok's about to block US IPs. We are entering a new age of internet censorship and you might need a non-shady VPN.
404 Media continues to do the Lord's work. And furthermore, the data broker industry must be destroyed.
404 Media
Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location
A hack of location data company Gravy Analytics has revealed which apps are—knowingly or not—being used to collect your information behind the ...
Someone in my feed with a lot of followers asked for technical advice. I was about to reply with a joke, but first I glanced at the many, many replies. I saw that my joke would not be welcome, so I did not post it. You too can learn from this wisdom.