Pegasus: NSO Group’s Insidious Spyware

Note: This article was first published at the World Ethical Data Forum. Pegasus is advanced spyware that was first discovered in August 2016, developed by NSO Group based in Israel, and sold to various clients around the world, including Saudi Arabia, Bahrain, the UAE, India, Kazakhstan, Hungary, Rwanda, Azerbaijan, Morocco and Mexico among probably other… Continue reading Pegasus: NSO Group’s Insidious Spyware

Why I won’t recommend Signal anymore

Note: This article is also available in Portuguese, translated by Anders Bateva. One of the things I do is cryptography and infosec training for investigative journalists who have a need to keep either their sources and communications confidential so they can more safely do their work in the public interest. Often they work in places… Continue reading Why I won’t recommend Signal anymore

Automatically update WordPress to the latest version

This post is a quick, temporary break from my usual privacy/civil rights posts, to a post of a slightly more technical nature. As WordPress is the most popular blogging platform on the internet, updates become crucial. However, the way WordPress runs at certain clients of mine means it’s not always just a question of clicking… Continue reading Automatically update WordPress to the latest version

Belgian Privacy Commission Found Facebook in Violation of EU and Belgian Privacy Law

About two weeks ago KU Leuven University and Vrije Universiteit Brussel in Belgium published a report commissioned by the Belgian Privacy Commission about the tracking behaviour of Facebook on the internet, more specifically how they track their users (and non-users!) through the ‘Like’ buttons and Share buttons that are found on millions of websites across… Continue reading Belgian Privacy Commission Found Facebook in Violation of EU and Belgian Privacy Law

Talk at Logan Symposium 2014, London

A few weeks ago, I was in London at the Logan Symposium 2014, which was held at the Barbican Centre in London from 5 to 7 December 2014. During this event, I gave a talk entitled: “Security Dilemmas in Publishing Leaks.” (slides, PDF) The event was organised by the Centre for Investigative Journalism in London.… Continue reading Talk at Logan Symposium 2014, London

Regin: The Trojan Horse From GCHQ

In 2010, Belgacom, the Belgian telecommunications company was hacked. This attack was discovered in September 2013, and has been going on for years. We know that this attack is the work of Western intelligence, more specifically, GCHQ, thanks to documents from Edward Snowden. This operation was called Operation Socialist. Now, however, we know a little… Continue reading Regin: The Trojan Horse From GCHQ

The Internet of Privacy-Infringing Things?

Let’s talk a little bit about the rapid proliferation of the so-called Internet of Things (IoT). The Internet of Things is a catch-all term for all sorts of embedded devices that are hooked up to the internet in order to make them “smarter,” able to react to certain circumstances, automate things etcetera. This can include… Continue reading The Internet of Privacy-Infringing Things?

Killing Counterfeit Chips: Parallels with DRM

Last week, The Scottish chip manufacturer FTDI pushed out an update to their Windows driver that deliberately killed counterfeit FT232 chips. The FTDI FT232 is a very popular chip, found in thousands of different electronic appliances, from Arduinos to consumer electronics. The FT232 converts USB to serial port, which is very useful, and this chip… Continue reading Killing Counterfeit Chips: Parallels with DRM