/
Navigation
C
Chronicles
Browse all articles
C
E
Explore
Semantic exploration
E
R
Research
Entity momentum
R
N
Nexus
Correlations & relationships
N
~
Story Arc
Topic evolution
S
Drift Map
Semantic trajectory animation
D
P
Posts
Analysis & commentary
P
Browse
@
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
?
Concept Search
Semantic similarity search
!
High Impact Stories
Top coverage by position
+
Sentiment Analysis
Positive/negative coverage
*
Anomaly Detection
Unusual coverage patterns
Analysis
vs
Rivalry Report
Compare two entities head-to-head
/\
Semantic Pivots
Narrative discontinuities
!!
Crisis Response
Event recovery patterns
Connected
Nav: C E R N
Search: /
Command: ⌘K
Embeddings: large
VOICE ARCHIVE

Serge Egelman

@v0max
9 posts
2026-01-04
Those in California can now go here to request that data brokers delete their data: privacy.ca.gov/drop/  —  This is a good thing, however, it's far from a complete solution.  🧵  —  1/
2026-01-04 View on X
PCMag

California launched a free tool on January 1 that lets residents request the deletion of their personal data from over 500 registered data brokers

privacy.ca.gov/drop/ Shira Ovide / @shiraovide : Data brokers are the invisible engines of the data surveillance economy.  It's hard to escape.  Until.  —  California just opened a...

View original
2022-11-08
It turns out they also own a certificate authority! Their roots are everywhere. (Seriously, you should delete them in the off-chance they don't get pulled this week.) https://www.washingtonpost.com/ ...
2022-11-08 View on X
Washington Post

An investigation shows TrustCor Systems, used by Chrome, Safari, and Firefox as a root certificate authority, has connections to US intel and law enforcement

TrustCor Systems vouches for the legitimacy of websites.  But its physical address is a UPS Store in Toronto. Tweets: @shashj , @josephmenn , @jvagle , @matthew_d_green , and @v0ma...

View original
So remember 6+ months when Joel and I outed a shady defense contractor for distributing a malware SDK in the US Play Store by lying to app developers about what it did? https://twitter.com/...
2022-11-08 View on X
Washington Post

An investigation shows TrustCor Systems, used by Chrome, Safari, and Firefox as a root certificate authority, has connections to US intel and law enforcement

TrustCor Systems vouches for the legitimacy of websites.  But its physical address is a UPS Store in Toronto. Tweets: @shashj , @josephmenn , @jvagle , @matthew_d_green , and @v0ma...

View original
A decade ago, @rsingel and @csoghoian found these devices for sale, which purported to break TLS for lawful intercept purposes: https://www.wired.com/... But until now, *how* they were doing it was largely a mystery. The answer seems to be that they simply set up their own CA!
2022-11-08 View on X
Washington Post

An investigation shows TrustCor Systems, used by Chrome, Safari, and Firefox as a root certificate authority, has connections to US intel and law enforcement

TrustCor Systems vouches for the legitimacy of websites.  But its physical address is a UPS Store in Toronto. Tweets: @shashj , @josephmenn , @jvagle , @matthew_d_green , and @v0ma...

View original
One of their products, @msgsafeio, purports to offer end-to-end encrypted email...which isn't. Passwords and message contents are sent plaintext and/or base64 encoded over TLS to their servers. https://twitter.com/...
2022-11-08 View on X
Washington Post

An investigation shows TrustCor Systems, used by Chrome, Safari, and Firefox as a root certificate authority, has connections to US intel and law enforcement

TrustCor Systems vouches for the legitimacy of websites.  But its physical address is a UPS Store in Toronto. Tweets: @shashj , @josephmenn , @jvagle , @matthew_d_green , and @v0ma...

View original
2022-02-28
I should add that many app developers don't actually know whether or not their apps collect location data. Advice for developers generally: pay close attention to third-party SDK documentation, privacy policies, and terms of service. What you find may surprise you. https://twitter.com/...
2022-02-28 View on X
Axios

Google Maps temporarily stops displaying live traffic and “busy area” data in Ukraine, but basic traffic navigation is still available

Google Maps has temporarily disabled some of its tools for Ukraine following the Russian military's invasion of the country, a spokesperson confirmed Sunday.

View original
2021-02-01
tl;dr: They hired Deloitte. https://www.technologyreview.com/ ...
2021-02-01 View on X
MIT Technology Review

VAMS, a CDC website built by Deloitte at a cost of $44M to manage rollout of the COVID-19 vaccine, has been abandoned by states due to bugs and problems

mission comes second, profit comes first. And that comes at a cost: vaccines delayed, loved ones lost. https://twitter.com/... Lawrence Mower / @lmower3 : Unreliable registration, ...

View original
2021-01-31
tl;dr: They hired Deloitte. https://www.technologyreview.com/ ...
2021-01-31 View on X
MIT Technology Review

VAMS, a CDC website built by Deloitte at a cost of $44M to manage rollout of the COVID-19 vaccine, has been abandoned by states due to bugs and problems

The CDC ordered software that was meant to manage the vaccine rollout.  Instead, it has been plagued by problems and abandoned by most states.

View original
2020-09-17
If I wanted to build a massive facial recognition database, this is exactly the type of product I'd sell at a loss. https://twitter.com/...
2020-09-17 View on X
The Verge

Facebook says it has partnered with Ray-Ban maker Luxottica to develop consumer “smart glasses”, coming next year, but shared few details

The company partnered with Ray-Ban maker Luxottica  —  Facebook says its first pair of consumer “smart glasses” will be releasing next year …

View original