Martin

@mshelton
2.3K Followers
497 Following
334 Posts

Security therapist. Deputy Director of Digital Security @freedomofpress. Journalism, digital security, research.

If you want to get security news and updates from our team somewhere that's not Twitter, subscribe to the newsletter: https://freedom.press/newsletters/

Websitehttps://mshelt.onl/
freedom.presshttps://freedom.press/people/martin-shelton/
Digital security newsletterhttps://freedom.press/newsletters/
PronounsHe/him
Martin6d ago
Freedom of the PressApr 13

Using a VPN may subject Americans to warrantless government surveillance.

We need much more transparency — and stricter limitations on how the government can use this data to bypass Americans’ privacy rights.

https://freedom.press/digisec/blog/vpn-surveillance-time-for-transparency-and-limits-on-spy-powers/

VPN surveillance: Time for transparency and limits on spy powers

A recent letter from our lawmakers raises the question: What does the intelligence community do with the data of VPN users in the United States?

Freedom of the Press
MartinApr 13
VPN users in the U.S.: Did you know that using a VPN may subject you to foreign intelligence spying?https://freedom.press/digisec/blog/vpn-surveillance-time-for-transparency-and-limits-on-spy-powers/
VPN surveillance: Time for transparency and limits on spy powers

A recent letter from our lawmakers raises the question: What does the intelligence community do with the data of VPN users in the United States?

Freedom of the Press
MartinApr 9
SecureDrop inbox has a lot of new improvements that should help newsrooms move more quickly when working with tips. Check out the @securedrop team's announcement post: https://securedrop.org/news/new-features-in-securedrop-inbox/
New features in SecureDrop Inbox

SecureDrop Inbox, the new window into the SecureDrop Workstation, has been rewritten from the ground up to replace the previous client application for existing journalist users. Improving upon the core functionality, it also includes bug fixes, speed improvements, and a range of new features.

SecureDrop
MartinMar 31
I found this discussion with the @eff's executive director, Cindy Cohn, really inspiring. Whether fighting for free speech or against surveillance, underneath is a fight about optimism. What kind of Internet do WE want? https://www.youtube.com/watch?v=QkC1aK7jfLo
Cindy Cohn - Fighting for Digital Human Rights in “Privacy’s Defender” | The Daily Show

YouTube
MartinMar 30

"It depends."

— Ancient Security Proverb

MartinMar 23
I'm a bit late to the game on this one. But I work with a lot of journalists who use CapCut for video editing and their terms of service says you are giving them an "unconditional, irrevocable, non-exclusive, royalty-free, fully transferable (including sub-licensable), perpetual, worldwide license" to use your content and… I have to imagine most journalists are not aware of that. https://www.capcut.com/clause/terms-of-service
CapCut Terms of Service

MartinMar 14
It takes engineering hours to remove a feature. Even if few people use it, why go out of your way to remove it? Meta’s hurting its users. And for what? https://www.theverge.com/tech/894752/instagram-end-to-end-encryption
Instagram is getting rid of end-to-end encrypted DMs that ‘very few’ people used

Starting on May 8th, Instagram will no longer offer end-to-end encrypted messages.

The Verge
MartinMar 12
Well I got all bent out of shape about Proton Mail. There are valid use cases for these tools but users should know what the service can and can't protect. https://freedom.press/digisec/blog/proton-mail-is-not-for-anonymity/
Proton Mail is not for anonymity

A recent story of a Proton Mail user unmasked for Swiss authorities highlights what the company can and can’t protect

Freedom of the Press
Show threadMartinMar 12
Signal's recent disclosure of how little it could share in response to a grand jury subpoena is pretty telling. Its defaults are very strong. But if you want to go further, we have a guide on really how to really maximize its privacy settings. https://freedom.press/digisec/blog/locking-down-signal/
Locking down Signal

Also available in Spanish.

Freedom of the Press
MartinMar 12
Signal recently released another grand jury subpoena which, as always, basically had nothing interesting to turn over in response. For the requested phone numbers they could only provide the account creation timestamp. https://signal.org/bigbrother/district-of-columbia/
Grand jury subpoena for Signal user data in the United States District Court for the District of Columbia

Signal end-to-end encrypts both content and metadata by default far beyond most of our peers. Our aim is to have access to as close to no data as possible, meaning that we have a fraction of the personal information compared to the average communications service. We simply don’t have access to th...

Signal Messenger