Yael Writes | Freelance writing services from Yael Grauer

Stuff I Wrote: January – February 2021

March 8, 2021 By Yael Grauer Leave a Comment

Every time I round up all my articles for the month/quarter/whatever, I’m amazed that this blog is still up because I keep taking steps to getting the site redesigned (which is also why I haven’t fixed the image security). Still, I know that people rely on this to keep an eye on my work because I get emails every time I send this out, and I appreciate you guys!

And, of course, none of my work would be possible without sources that trust me to tell their stories or explain difficult concepts they’re far more well-versed in, researchers and fact-checkers and editors that put up with me obsessing about and sometimes debating every word, art/graphics departments, and so much more, so this is one way to try to spread the shine. So here’s yet another roundup; perhaps the last one of its kind.

Revealed: Massive Chinese Police Database (The Intercept)

Millions of leaked police files detail suffocating surveillance of China’s Uyghur minority. For this story, I was also interviewed for the Intercepted podcast, Freedom of the Press Foundation’s Digital Security and ROMS twitch stream, Talk East Turkestan, and Ahkbar in the UAE. If this article moves you to make a donation, I would recommend donating to the Xinjiang Victims Database or Human Rights Watch rather than The Intercept, which badly mishandled the project on the ~3 years I worked on it, including sitting on drafts for as long as 4.5 months and laying off almost the entire research team, who were absolutely pivotal to the project.) Special thanks goes to Darren Byler, who I interviewed over a dozen times because of massive delays on the part of The Intercept.

How one hacker’s push to secure the internet became a crucial part of Mac, Linux, and Windows operating systems (Business Insider)

I was thrilled to profile security researcher and WireGuard creator Jason A. Donenfeld, though it was a little bit out of my comfort zone since I do almost entirely investigative tech reporting and service journalism. Still, I wrote a little blurb about WireGuard for PopSci’s annual Best of What’s New feature, and there was so much more to the story. I’m posting the Yahoo! News link because of the paywall, but this was originally published on Business Insider. (You can donate to WireGuard here, if you’re so inclined.)

How To Use WhatsApp Privacy Settings (Consumer Reports)

The messaging app, which is owned by Facebook, may be sharing more information than you realize. I did a little breakdown of what settings you may want to change and why. (I also did a little Insta Reel for this piece, which was way out of my comfort zone. You can check it out here if you promise not to laugh too hard.)

How to Use Clubhouse, The Audio-Only, By Invite App, Without Giving Up All of Your Data (Consumer Reports)

The popular social media platform has sparked concern from privacy and security experts. I spoke to hacker Brian Pak, privacy attorney Whitney Merrill, and subreddit mod Bryant Zadegan about some of the issues and what people should consider when deciding how or whether to use the app.

Worst of Cybersecurity Reporting

Each year, David Huerta and I do a little CactusCon talk breaking down the biggest tech media fails of the prior year. I’m starting to feel a little weird about this because as much as journalists often make major errors when covering tech, a lot of technologists, too, are in a bit of a bubble where they throw out wild accusations about journalists fabricating sources, making up information and even deliberately misrepresenting things. It’s far more likely that unnamed sources got things wrong or that it was just an honest mistake. Still, misleading news articles can cause real harm, and it’s important to learn from other people’s mistakes. So here’s a video of us discussing the worst cybersec reporting in 2020, followed by Q&A.

March is Here

Since I’m writing this in early March, here’s a sneak peek to a story that’ll be in the next roundup, if I do one: How to Shut Stalkers Out of Your Tech. I also have a video with very poor lighting that I’m going to try to talk myself into sharing, and am working on some stories I hope will be out by the end of the month.

All the Mr. Robot Content in One Spot

March 8, 2021 By Yael Grauer Leave a Comment

Someone asked me if my Mr. Robot coverage was all in one place, and, well, it is now!

Season 1: WIRED

My first piece was a roundup of the tools and apps used in Season 1. My husband came up with the headline.

A Peek Inside Mr. Robot’s Toolbox

Season 2: Forbes Roundtables

Then I “graduated” to writing blog posts for Forbes, which were paywalled, mostly unedited, and very underpaid. I’m adding a . after forbes.com in the links so you can still read them even after hitting the limit for free articles. If that stops working, my contract allows me to repost the full text anywhere, so I can always do that here.

Episode 1: Society’s OPSEC Is Lacking

Episode 2: Ransomware, Burner Phones, And Setting Cash On Fire

Episode 3: Stolen Bitcoin, Exploding Computers, And More Bad Opsec

Episode 4: When the FBI And Dark Army Are On Your Trail…

Episode 5: 5/9 Truth: Wake Up, Sheeple!

Episode 6: Angela Moss Becomes A Skiddie

Episode 7: What Is Real?

Episode 8: Darlene Takes Off The Heart-Shaped Glasses

Episode 9: Rubber Duckie, You’re The One

Episode 10: The Chickens Come Home To Roost

Episode 11: Twin Peaks Edition

Episode 12: The Grand Finale

I also got to interview writer and tech producer (and former network security analyst) Kor Adana, which was a lot of fun.

Meet Kor Adana, The Man Who Keeps Mr. Robot’s Hacks on Point

Seasons 3: Motherboard

Then I moved onto Motherboard, which paid better, actually has editors, and stopped me from getting dozens of complaints from hackers about Forbes’ ad blocker blocker (even though they were uniquely qualified to circumvent said ad blocker blocker). I enjoy getting emails about more interesting concerns, so this was a good move. I also didn’t have to edit out any weird URL tags from these, which is nice.

Season 3, Episode 1

Season 3, Episode 2

Season 3, Episode 3

Season 3, Episode 4

Season 3, Episode 5

Season 3, Episode 6

Season 3, Episode 7

Season 3, Episode 8

Season 3, Episode 9

Season 3, Episode 10

Season 4: Motherboard

I got to stay at Motherboard for Season 4, which was a lot of fun because I got to work with an amazing editor named Janus Rose. We also managed to get early access to episodes, which was really fun to share with all of the amazing people joining these roundtables. They’re a bit more focused on just the tech and less on the plot for the final season.

Season 4, Episode 1

Season 4, Episode 2

Season 4, Episode 3

Season 4, Episode 4

Season 4, Episode 5

Season 4, Episode 6

Season 4, Episode 7

Season 4, Episode 8

Season 4, Episode 9

Season 4, Episode 10

Season 4, Episode 11

Season 4, Episode 12

Stuff I Wrote: October through December

December 28, 2020 By Yael Grauer Leave a Comment

How to Use Consumer Reports Security Planner to Stay Safer Online (Consumer Reports). Thrilled to finally announce the relaunch of Security Planner, which I’d been quietly working on for six months alongside a talented team. CR Security Planner is a free, easy-to-use guide to staying safer online. It provides personalized recommendations and expert advice on topics such as keeping social media accounts from being hacked, locking down smart speakers and home security cameras, and reducing intrusive tracking by websites. This tool builds upon the work of the Citizen Lab, which originally launched and managed the project. You can also check out the tool directly at https://securityplanner.consumerreports.org/.

The Most Significant Security Innovations of 2020 (Popular Science) Along with Purbita Saha, I helped draw attention to some cool new tech for Popular Science, as part of the larger 100 Greatest Innovations of 2020 list.

Why It’s Smart to Use Authentication Apps for Multifactor Security (Consumer Reports) The apps generate short-lived codes to use along with a password. That can be safer than having codes texted to you.

I was a guest on Freedom of the Press Foundation’s podcast. And at HasGeek, along with Ginny Hahs, I gave a talk on Data Brokers and Consequences for Personal Data.

11 Freelance Tips from 11 Years of Freelancing

December 1, 2020 By Yael Grauer Leave a Comment

It’s December 1st, which means that I have been freelancing full-time for 11 years, can you believe it?! Normally I celebrate with a day pass at the nicest coworking space I can find and break bread (well, cupcakes) and sometimes bubbly with strangers, but it’s still a pandemic! Instead, today, I enjoyed Wicked Good Cupcakes at home and tweeted out 11 pieces of unsolicited advice I’ve gleaned in my freelance journey. I wanted to post those here, too.

11. My first piece of counterintuitive advice is… don’t meet with every editor who asks. Especially if they just want to vaguely discuss stories they might consider assigning you or another 10 writers. (Unless you just want to grab coffee or something; that’s okay, too.) People often take these meetings with bright hopes but sometimes it’s editors feeling out your best ideas that they don’t end up using, AKA two hours of your time that should have been a rejection email.

10. Another counterintuitive piece of advice: carve out time for yourself unabashedly. It’s one of the few perks you get as a freelancer that you’ve exchanged institutional support, a steady paycheck, benefits, etc. for and you should use it. For a year I would go to the gym in the morning and was in the best shape of my life. (My coach tried to convince me that walking barefoot pulls free electrons from the Earth into the body and wanted to talk about my attitude when I called bullshit, but whatever.) I literally was gone from 9am to noon, the best work hours of the day, three days a week, because I could. I recommend this level of self-care, or something like it. Also, people for the most part don’t notice if you stop working 12-hour days, or whatever.

9. Any organization that is shocked (shocked!) that you want to discuss a bad contract provision is one you don’t want to be working for. They may not make changes, but they should at least check. It’s a serious red flag when they lose their shit simply because you brought it up.

8. This is a no-brainer, but I don’t think you can really push yourself as a freelancer without constantly seeking out education even when it doesn’t seem to directly tie into your beat. Think MOOCs, video courses, conferences, in-person classes (for credit or not), coaching, eading industry books, watching panel discussions and screenings (like this one!) and just soaking up knowledge. If you’re sick of your beat, find an interesting new angle to explore or switch beats.

7. I was lucky in that I didn’t get this pushed on me until after I’d already been freelancing for a while, but you don’t have to pretend to be neutral or hide details of who you are or default to the lived, white, cis, male, American experience that’s considered “objective.” Fairness and accuracy are important. Pretending that something abhorrent or factually inaccurate deserves equal consideration is not. And I don’t think responding to bad faith accusations of bias by doubling down on blandness and feigned neutrality is the solution.

There’s actually some pretty amazing writing about this from people like Wesley Lowery and Lewis Raven Wallace and others that I’m happy to share with anybody who has a pulse and is interested. Find organizations that share your values or have missions you support. And not just on paper. (Yes, easier said than done, but they are out there.)

6. No matter what editors tell you, simultaneous submissions are the norm and nobody will get mad at you. (Well, one person got mad at me in 11 years). If I pitched and waited for each story idea, I’d write one piece a quarter and be well below the poverty line. I mean, I’ll give editors who respond quickly and who I have a relationship with first dibs sometimes, but after that it’s a matter of trying to place a story and what I think is the best and quickest way to do that.

5. People tell you not to be friends with your sources, which is generally good advice, but it’s…complicated. Having trusted contacts who can share key pieces of information or point you in the right direction is not something any editor will complain about. It’s complicated, but personally I would much rather have to tell an editor I’m not the best person to write a piece now and again if I’m too close to it than try to sequester myself rather than being part of a brilliant community.

4. This one ties into what I wrote about carving out time for yourself but I really think hobbies that have nothing to do with journalism or with your beat are so, so important. (For me that’s been guitar and hiking and jiu-jitsu and weightlifting and cooking and baking… I also take nature photos that are unrelated to work, have done random TV podcasts, want to get really good at stargazing and I play a lot of board games. I read books about philosophy…., etc.) If you must find a way to tie a hobby into work to justify it to yourself, realize that it can help improve your observation skills, give you a way to connect with sources, give you new ideas, etc. For me it’s given me desperately needed perspective. I went through years where I would literally eat, sleep and breathe work and I’m really glad they’re over… sometimes the first step is going on a walk or picking up a novel or watching a documentary about trains.

3. Trust your instincts. I can come up with a million stories about this but a recent one was when a Pulitzer prize winning professor told me I spent too much time thinking about security, which would negatively impact my career and stop me from getting scoops and stories… About 60-70% of my income in 2020 was related in some way to security. And I can’t count on both hands the number of times an editor rejected a story that was published (by me or someone else) and did tremendously well. Advice is good, but sometimes you’re best to ignore it.

2. Keep pushing. Push yourself and push the industry. Join groups like IWW FJU, NWU, and even Study Hall, groups that who have a vision and a dream of what the industry could look like. But also push yourself to do and learn more than you ever thought possible. That means to stop bragging about how you’re “bad at math” or “bad at scheduling” or “bad at showing up to meetings when you say you’re going to” or “bad at spelling.” But it also means to really work on your areas of weakness in a serious way. Take a statistics class and a data journalism class if you’re “bad at numbers.” Take a narrative writing class if you’re better at reporting than the craft of writing (hand raised). Don’t settle for mediocre or get too comfortable; this isn’t an industry where you can coast. This can also be about pushing yourself to collaborate more meaningfully or to build community or to humanize the team you’re working with. (I send holiday cards and gifts to editors every year, and it’s one of my favorite traditions.) We all know what we need to improve.

1. And my final piece of advice before I go back to demolishing this Wicked Good Cupcake and trying to think of what perfect mid-day cocktail I should whip up to accompany it might be… Keep pushing for your dream byline or dream job. There are always organizations you’d drop everything to work with, whether it’s freelance or staff or some other arrangement altogether. I’m sure you can think of a few…I’ve been lucky to write for or work with many of my dream organizations (honestly too long to list here) over the past 11 years but I still have The Markup, ProPublica, etc. in my sights. Dream big and reach for the stars.💕✨

Stuff I Wrote: July through September

September 17, 2020 By Yael Grauer Leave a Comment

A friend recently pointed out that I haven’t updated this blog in a while. Part of this is because I’m way overdue to revamp this website, and don’t pay much as much attention to it as I should. Beyond that, I’ve been working on some long-term projects which launch in October, December/January and an undetermined future date. (I also helped with a podcast that’ll be out later this month, so I’ll update this post when it is.) That said, I do have five posts and a few odds and ends to share! Here’s a smattering of things I worked on over the past few months.

Huge fleets of Chinese boats have been hiding in North Korean waters (Wired UK)

A combination of satellite tech and AI has helped uncover more than 900 Chinese vessels that might be illegally fishing in North Korean waters. Also, here’s the U.S.-based Wired version of the same story.

The Best VPN Service (Updated!) (Wirecutter, a New York Times company)

This is an update of a piece I did about a year ago, and we have a new top pick and runner-up, and some information on what VPNs are and what they do and don’t do.

How to Delete Your Information From People Search Sites (Consumer Reports)

This accompanied a beautiful narrative feature by Mara Hvistendahl. It’s also a good complement to my Big Ass Data Broker Opt-Out List, which is out now on Github!

Following the DevOps Career Arc From Beginner to Top Tier (Dice Insights)

Cybersecurity Expert Careers: Skills to Embrace, Pitfalls to Avoid (Dice Insights)

I was also quoted in a story about Mozilla’s new VPN in Daily Dot by Ana Valens and was one of many amazing guests on Freedom of the Press Foundation’s really fun podcast on Twitch, which you should totally be listening to. Additionally, I did some background research and writing for EFF’s post about predictive policing: Technology Can’t Predict Crime, It Can Only Weaponize Proximity to Policing by Matthew Guariglia. Also, I was able to cross “being cited in not one, but two amicus briefs to the Supreme Court” off my bucket list. (While you’re here, see this letter in response to Voatz’s recent SCOTUS brief advocating a broad interpretation of the CFAA.)