Martin Shelton
Digisec @freedom.press. Was that @mshelton guy on the other site.
Mastodon: mastodon.social/@mshelton
Digisec newsletter: freedom.press/newsletters
- Reposted by Martin SheltonINBOX: Washington Post Ukraine Correspondent Lizzie Johnson announces that she has been laid off in the middle of a below-freezing war zone without power, heat, or running water.
- Reposted by Martin SheltonWe at the @postguild.bsky.social are raising money for the hundreds of journalists the Post just laid off. This goes to the people who are hurting, not the Post. Or if you'd rather, go subscribe to an independent journalist. Support is hugely appreciated. www.gofundme.com/f/standing-t...
- Dril presents without comment
- Lockdown Mode has blocked some folks from messaging me over SMS, and occasionally fails to load images in Safari. That is kind of annoying. Other than that, everything pretty much works the same. If you feel at acute risk, or if you’re a security nerd, it’s worth trying it out.
- New from 404 Media: the FBI has been unable to get into the iPhone of raided Washington Post journalist because the phone had Lockdown Mode enabled. Apple markets Lockdown Mode mostly to stop spyware like NSO. Here, a real world example of it stopping access too www.404media.co/fbi-couldnt-...
- Reposted by Martin SheltonKind of amazed she had it turned on? I only turn it on when I'm crossing borders or am visiting a country controlled by a repressive regime ahhh shit
- New from 404 Media: the FBI has been unable to get into the iPhone of raided Washington Post journalist because the phone had Lockdown Mode enabled. Apple markets Lockdown Mode mostly to stop spyware like NSO. Here, a real world example of it stopping access too www.404media.co/fbi-couldnt-...
- Reposted by Martin SheltonI personally do not think some rich man should be able to buy an institution like this like a toy and then break it when he doesn’t want to play with it anymore. bsky.app/profile/benm...
- Reposted by Martin Sheltonlook at what hustle culture has done to us www.newsobserver.com/news/state/n...
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton[Not loaded yet]
- We're getting a lot of questions about Signal group chats, and how to use them as safely as possible. Share widely: freedom.press/digisec/blog...
- I suspect my journalist friends already know this, but the risk associated with protests — no matter how normie-coded they might be — is extremely dependent on a just few people making bad decisions that lead to unnecessary escalations.
- Reposted by Martin SheltonNew court record from the FBI details the state of the devices seized from Washington Post reporter Hannah Natanson: phone was on w/Lockdown Mode; personal laptop was off; work laptop was on w/Touch ID; several Signal chats used disappearing messages. storage.courtlistener.com/recap/gov.us...
- Yusssss. www.eff.org/deeplinks/20...
- Reposted by Martin SheltonWARNING, fellow journalists: As @nicoschmidt.io explains, attackers are trying to hijack reporters' Signal accounts by tricking people into handing over their 2FA codes. www.linkedin.com/posts/nicosc...
- Following the recent raid of a Washington Post journalist’s home, we've been getting a lot of quetions about what journalists can do to lower risk to their most sensitive data if they expect someone to snatch their device. freedom.press/digisec/blog...
- There are a lot of citizen journalists using these groups to learn where to document abuses. This is what you'd do if you wanted to intimidate them and suppress coverage. www.nbcnews.com/tech/interne...
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin SheltonAccording to its new privacy policy, TikTok now collects more data on its users, including their precise location, after majority ownership officially switched to a group based in the US. www.wired.com/story/tiktok...
- Between discontinuing security updates for Windows 10 and basically giving away BitLocker encryption keys, Microsoft seems like they are moving in the wrong direction on security. I hope they get their house in order.
- Do not store your Bitlocker encryption keys on Microsoft's servers if your threat model includes governments or law enforcement. As this article points out, this is the result of a design choice Microsoft made. It didn't have to be this way. www.forbes.com/sites/thomas...
- Reposted by Martin SheltonDo not store your Bitlocker encryption keys on Microsoft's servers if your threat model includes governments or law enforcement. As this article points out, this is the result of a design choice Microsoft made. It didn't have to be this way. www.forbes.com/sites/thomas...
- I'll just leave this here… freedom.press/digisec/blog...
- Reposted by Martin SheltonThe raid on the home of @washingtonpost.com’s @hannahnatanson.bsky.social is a reminder journalists need to be vigilant. We can’t stop government overreach — but we can help you secure yourself digitally. Watch @trevortimm.bsky.social share tips that can make a real difference for journalists.
- I am so, so tired. www.washingtonpost.com/national-sec...
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin SheltonPhoto by Pierre Lavie. Yes this is me. And I threw my Leica. It landed on the bass plate with hardly a scratch. Another Photographer grabbed it along with my phone and I was able to track him later. I was held face down tear gas deployed right in front of me and pepper sprayed directly into the eye.
- Reposted by Martin SheltonOn Friday, January 9, ICE arrested a member of our union, the Minnesota Newspaper and Communications Guild, as part of Operation Metro Surge. He has been transferred to a detention facility in Texas, where he is awaiting action on his petition for habeas corpus. newsguild.org/guild-member...
- If you are a journalist who is not already using @signal.org or wants to learn more about digital security more broadly (for some reason) check out our guides. Thanks @evacide.bsky.social!
- If you are organizing folks in Minneapolis right now, you may find this guide to Signal for beginners by @mshelton.bsky.social useful: freedom.press/digisec/blog...
- @eff.org’s surveillance self-defense guide is also excellent: ssd.eff.org
- Reposted by Martin SheltonThe FBI’s raid today on the home of @washingtonpost.com reporter @hannahnatanson.bsky.social is an alarming escalation in the Trump administration’s war on the press. Watch @trevortimm.bsky.social explain how the DOJ is not only attacking the First Amendment but also ignoring federal law.
- The FBI raided the home of a Washington Post reporter, and seized a phone, Garmin watch and two laptops, including a personal laptop. pressfreedomtracker.us/all-incident...
- I'm curious to see how this performs against something like ChatGPT. arstechnica.com/security/202...
- We're hiring. If you or someone you know are looking for a role in HR/finance, @freedom.press is a great place to work. freedom.press/careers/job/...
- I'm apparently just old enough to go, "Ah yes, Discord, it's like Slack, for the youths"
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin SheltonWe've removed the paywall from this guide so everyone can access it. 👇 Stay safe.
- Reposted by Martin Shelton[Not loaded yet]
- What's stopping you from looking like this?
- Y'all the brand contortion olympics are happening
- “I want you to think of your printer as having a soul. Also, it loves you. This printer is ride or die.”
- Newsrooms: We've made a lot of changes to our guide to confidential tip pages. The biggest change — informed by our research into common channels — is that we've actually cut WhatsApp from the list and added web forms. Check it out. freedom.press/digisec/blog...
- Reposted by Martin Shelton[Not loaded yet]
- This is all really undermining the credibility of the FIFA Peace Prize.
- I recently hung out with someone who said they went to high school with their doctor. I think that's when I realized I do not want to share a friend group with my doctor at all.
- Reposted by Martin Shelton[Not loaded yet]
- Increasingly thinking of writing articles about misinformation on Signal, in something similar to the style of @mmasnick.bsky.social's "Hello! You've Been Referred Here Because You're Wrong About Section 230 Of The Communications Decency Act"
- Journalists: We've updated our digital security checklist for 2026. Check it out. freedom.press/digisec/blog...
- This is such a weirdly specific set of references. I’ll allow it.
- Reposted by Martin Sheltonposted about my Apple ID woes, please share widely? hey.paris/posts/appleid/
- Ah I think I understand now. When humans bullshit you, the bullshit is unacceptable. But when AIs bullshit you, 'we're working on it' while running in production.
- I receive a shiny new YubiKey, but my 2FA is on my previous two YubiKeys. The result: I now use three YubiKeys.
- I work at @freedom.press. I'm told it's some sort of holiday for donating to nonprofits. My team supports journalists with digital security for themselves and sources. In 2025, I really do think this matters more than ever. If this is something you care about, support our work. freedom.press/donate
- I remember being a kid, fiddling with these on the plane and not realizing they were vestigial, much like the overhead tube televisions where everyone watched one movie, or the assumption that air traffic controllers would get paid money for their disproportionately important labor.
- Oh hey guys, I took a break from social media what’s going… Uhhh.
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton
- Here's a good rundown of why facial recognition is often inaccurate in the wild (as opposed to in a lab environment). www.techpolicy.press/why-we-shoul...
- New incredible detail here: ICE says a match in its facial recognition app Mobile Fortify is a "definitive" determination of a person's status, and that this overrides birth certificates. This is an app ICE is using in the field to scan people www.404media.co/ice-and-cbp-...
- Great news. In recent years, nearly all page loads are secured with HTTPS by default, so there's very little downside to just protecting people by blocking risky connections by default. security.googleblog.com/2025/10/http...
- Reposted by Martin Shelton[Not loaded yet]
- I didn't watch baseball this evening, and heard it took a very long time. I'm told by not watching it, my lifespan therefore extended significantly
- Reposted by Martin Shelton[Not loaded yet]
- Reposted by Martin Shelton“I am not interested, nor will I ever be interested. I'm 61, and I hope to be able to remain uninterested in using it at all until I croak. ... The other day, somebody wrote me an email, said, ‘What is your stance on AI?’ And my answer was very short. I said, ‘I'd rather die.’” 🫡
- As a person who has studied use of secure messaging tools among journalists, this is both the most interesting and most awful time because the U.S. government keeps using Signal in the goofiest ways
- Reposted by Martin Shelton[Not loaded yet]
- WhatsApp also has a fun habit of asking users to back up their messages to iCloud or Google Drive in regular told human-readable text. Even if you do everything right, the people you are talking to might not appreciate this risk. If you have the choice, go for Signal. freedom.press/digisec/blog...
