How you actually should respond to that “183 million credentials leak”
What a recent Forbes article got wrong and what it should have told you instead.
Category Archives: Computer Security
Why websites shouldn’t indiscriminately block VPN users
I convinced a state senator that government websites indiscriminately blocking VPN users is bad. Here’s the case I made, which you can use yourself to keep fighting the good fight.
How to stop Google from invading your privacy and others’ when you share links
“share.google” links are evil. Here’s how to get Google to stop spitting them at you.
Another credit reporting agency breach, another terrible breach notification letter
TransUnion is bad at security and bad at handling security breaches and none of this is going to get better until we have a real federal data privacy law with meaningful penalties for companies which leak people’s data.
Suspicious email from “pulse <root@overlinux.com>”: malicious or just dumb?
The person who sent this email is either extremely clueless or up to no good. It’s hard to say for certain which.
City of Boston electronic poll books: they DO know what they’re doing!
Boston has robust plans in place to ensure that Poll Pad failures will not compromise an election, but I still have some concerns.
Prepared remarks: Center for American Progress panel on June 30, 2025
I am slated to appear tomorrow afternoon at a virtual panel hosted by the Center for American Progress entitled “Uniformed Disservice: How Trump’s Agenda Harms Veterans and Service Members“. Below is the outline of my prepared remarks. I encourage you to join me and the other panelists for an informative and challenging discussion.
Handle MFA like a pro so you don’t get locked out or let the bad guys in
Why you should use MFA, what about passkeys, what kind of MFA to use, how to make it easier to use, and how to protect yourself against being locked out of an account because of MFA.
WaPo article about Signal use by feds with me as lead-off hitter
This morning over at The Washington Post ([archive link]), Shira Ovide, Danielle Abril, and Hannah Natanson write about Signal use among federal workers. I’m the lede (funsies!). This is a great article capturing the mood among federal workers right now, and it makes relatively clear that while what Pete Hegseth et al are doing is… Read More »
TIME quotes me about DOGE and VA, gets stuff wrong
The TIME article contains two substantive errors, several minor errors, and a curious omission.