Stuff I Wrote: December 2015

Writing Fountain penI just realized I forgot to do this last month, so wanted to link to all of my December post before rounding up the ones for January.

Protect Yourself From Workplace Bullies ( Tips from executive coach Michele Woodward, who presented an interactive webinar on the issue for the Harvard Business Review on this topic, and from Eylsia Lock on her own experience.

After 11 Years, FBI Gag Order on Warrantless Surveillance Is Lifted (Slate) With comments from Nick Merrill himself.

5 Generous Paleo-Friendly Holiday Gift Ideas (PAYWALL–Performance Menu) This one is serious.

8 Gifts Every Freelancer Will Love (The Freelancer) This one is tongue in cheek.

Security News This Week: Facebooking At Work Can No Longer Be Charged as “Hacking” (WIRED)

Security News This Week: The Government Really Doesn’t Seem to Like Encryption (WIRED)

Security This Week: Peek Inside the Government’s Spy Gear Catalog (WIRED)

Beating the Odds: UFC 194 (Sherdog)

I want to get posts like this delivered to my inbox.

Yael Hires An Editor (Or Editors)

Expenses calculationInspired by both Susan Hires A Boss and Havi Brooks’ Very Personal Ads, I’ve decided to write up the criteria I select when choosing an editor to work with me. There are application instructions at the end!

All About the Job

Being my editor will be one of the most rewarding opportunities you’ll ever have. After all, not every editor gets to work with a writer who is obsessed with getting to the truth. A writer who’s passionate about covering challenging topic with nuance and complexity—and making them accessible enough for your readers to understand. A writer who’s obsessed with improving her craft and expanding her understanding, and okay with starting back at square one if something isn’t quite right. A writer who’s not afraid to ask hard questions and push back against obvious lies, but is also committed to being incredibly fair.

Being my editor may also be the toughest job you’ve ever had. I’ll need you to be my sparring partner while I bounce ideas off of you. I’ll need your patience while I strive for accuracy over speed, verify details with experts, or wait for those damned FOIA requests to go through. I’ll need your trust to let me look into things that might not make sense to you at first. I’ll need you to have my back when I ruffle feathers.


To apply for this job, you must meet the following requirements:

  • Have a solid understanding of technology (or whatever I’m covering for you) and be a stellar editor
  • Be responsive to pitches, even if that’s just a one-sentence email to tell me when you will respond. If you can’t get through your slush pile, this is not the job for you.
  • Be generally accessible during business hours through text/Slack/some other means. I may need quick responses when I have pertinent questions or want to correct an error.
  • Care more about writers seeking the truth and reporting it than you are about not upsetting government officials or corporate heads (or even readers). No walking back accurate claims for the sake of diplomacy, expecting me to ask softball questions, or rewriting accurate headlines at the behest of politicians or PR flacks.
  • Treat writers fairly. That means paying on time every time. It means no scope creep. It means you won’t assign posts and then change your mind and then pretend they were never assigned.
  • Be based wherever you are, as long as you’re cool with me being in Arizona (or wherever you live if you hire me full-time)
  • Have experience editing without arbitrary word counts
  • See journalism as about creating systemic social change, not just about racking up pageviews.
  • Prefer specialized posts that others might call “insider baseball.” Working to make posts accessible to a general audience is fine. Pretending a story is broader than it is, on the other hand, is not.
  • Show me edits before posts go live, and be okay with me nitpicking grammatical and factual errors (real or perceived). We can discuss them.

Desired Qualifications

  • A sense of humor. You should be able to laugh at yourself. Or at least laugh at me. In a nice way.
  • Share an interest with me. I have so many: botany, folk music, classic lit, riot grrrl zines, improv comedy, combat sports, Olylifting, Bougereau, lactofermentation, anarchism, chocolate, cycling, Fables comics, Agents of S.H.I.E.LD, Mr. Robot… the list goes on and on. We’ll want to discuss things other than work now and again.
  • Legitimately like working with freelancers. You’ll want to get coffee/lunch/drinks when we’re in the same town, send me a holiday card (or be excited about getting mine), verify GPG keys, and follow me back on Twitter, or at least put me on a writer list. Bonus points for tweeting my posts with my handle and trading dumb jokes semi-publicly.

Qualifications for the website or publication:

  • Your site/company’s culture should be friendly and supportive. Edgy is great, but no assholes allowed. (That includes your star writers essentially bullying people they dislike on social media, even if you think it’s cute.)
  • Have a solid track record of respecting sources, including their anonymity if they are at risk, and only covering controversial and possibly damaging stories if the public has a need to know. Bonus points for using SecureDrop or OnionShare.
  • Have a solid track record of respecting marginalized groups in both your practices and coverage.
  • Have a company culture that doesn’t expect employees or freelancers to be on call 24/7.
  • Use good tools rather than roll-your-own-CMS which breaks and you need to keep replacing. Slack/Google chat and Trello/Basecamp is a good start.
  • Care about the security of your readers. Please have SSL. No ad blocker blockers. No blocking Tor. (Cloudflare is okay.)
  • Have a solid track record of treating writers well: paying on time, paying full fees if posts were killed for reasons outside of the writer’s control, etc. (Yes, freelancers do talk about you to each other, so if you don’t do this, I probably already know.)
  • Oh yeah. Pay a decent rate. Nobody wants to spend weeks on a 2000-word feature for ten cents a word.

Desired Qualifications

  • Care about writers’ long-term professional development and continuing education, even if that just means forwarding an email about a great Khan Academy course we’d like.
  • Offer some form of guidance or mentorship. We know freelancers come and go, but I’m looking for an ongoing relationship.
  • Be excited about new, cutting edge issues that nobody’s really covered yet.

About Me

I live in Phoenix on occupied Tohono O’odham land with my amazing husband and our wonderpup. (She’s big on Instagram.) I’m originally from Israel and have lived all over the US, and spent a year studying abroad in Oxford. I went to Shimer College, a Great Books school with original source readings and small (10-12 student) seminar-style classes. The school’s informal motto was “Sex, drugs, and Socrates; we kick ass on GREs.” (I scored in the 93rd percentile in analytical writing and 95th percentile in verbal reasoning.)

I started self-publishing when I was 12 years old with my very own zine. I was a big Sassy reader and was influenced by the riot grrrl movement. When I turned 17 I started writing for Blue Jean magazine. I think I had a poem published in Highlights for Children once, too. I skipped my high school graduation to cook with Food Not Bombs, which I thought was more important.

I’ve visited treesit villages, volunteered as a street medic, and lived in a tent in the desert while learning about permaculture. I was a Tracker School student and a docent at the Botanical Gardens, and have dabbled with herbal medicine for eons. Once I got fired from a vegetarian café in England because I got the job before I really knew how to count the currency. I spent my spare time volunteering at Corporate Watch UK instead. Before freelancing full-time, I taught middle school English. Before that, I spent four years working at the front desk of a public access TV station, where I got to briefly meet Jeremy Scahill. He was nice.

I got obsessed with online privacy and security because of anonymous death threats. I was vehemently opposed to encryption. It took me about a week to change sides.

I’ve written extensively about health and fitness and mixed martial arts. And I do some behind-the-scenes work as a managing editor. I’ve turned down thousands of dollars writing about social media marketing because I got bored and thought our headlines were misleading, and walked away from many lucrative opportunities because they were unethical or didn’t have adequate source protection.

I love Brazilian jiu-jitsu, lifting heavy things, and hanging out at the bookstore or farmer’s market. Things I want to like but don’t include Evernote, Reddit, the whole zombie thing, distance running, and waking up early.

Sites and publications I dig that I don’t already write for include ProPublica, the Intercept (of course!), Ars Technica, Medium, Atlas Obscura, The New Yorker, Fusion, Good, and probably a few I’m forgetting. I used to be obsessed with Fast Company and Inc. and Entrepreneur but have mostly outgrown that. Sites I love not include the ones that will publish hit pieces about Anita Sarkeesian, or quote government officials anonymously. And Pando.

Where to find out more about me

This website. My portfolio. My top 20 favorite posts of 2015 and my year in review. Twitter. LinkedIn, if you must.

Apply to be my editor

Don’t worry. It’s easy. After reading through this site and looking through my portfolio or some of my writing, please send me an email telling me a bit about you and why you think we’d work well together. I will respond within a week to let you know whether I’m interested in scheduling a call to see if we’re a good fit…and then we’ll take it from there.

I want to get posts like this delivered to my inbox.

My 2015 Year In Review

2013-Desktop-Background-Free-1024x640-300x187Each December, I like to pause for a moment to take a look back at the entire year: what went well, what went horribly, and what my goals are for moving forward. I’ve been posting an annual review, as inspired by Chris Guillebeau’s, Although I kept my 2012 review private, you can see posts about 2010, 2011, 2013, and 2014. I often get feedback that my painfully transparent annual reviews are helpful to others, so here’s a long-winded look back at 2015.

What went well


In a word, work went well this year. I had 146 posts published in 2015, and worked with around 30 editors or clients, for about 23 websites or magazines and a handful of brands. I had my first bylines at WIRED, Slate, Forbes, ReadWrite, and Motherboard. I don’t get access to many analytics, and track what I can, and know I got over 75,000 shares on my combined posts this year, and that they were shared publicly by about 80 journalists. (I’ve shared my top 20 posts and 12 additional off-topic posts already.)

Last year, I wrote about how I was ambivalent about around 80 percent of the work that I did. This year, I’m pleased to say that number has been reduced to around 20 percent. I was only really proud of 32 stories I did last year and ambivalent about 118. This year the number of stories I’m crazy proud of is 87, and there were 36 others I was happy with. And yes, there were 23 I didn’t care as much about.

care chart

Steering my career towards work I really care about did have its disadvantages. I worked longer hours, cried a lot more, and took my first income decrease in six years of freelancing-which I believe will be around 9 percent. Still, I think the benefits far outweigh the downsides, and I’m thrilled with the progress I’ve made in focusing on work I find fulfilling and that I believe will make an impact in the world. I’m also consistently impressed by information I discover and grateful to interview so many experts. I’ve been balancing hard-hitting research-intensive reporting, which can be stressful in large doses, with really fun editing projects on topics I find interesting (home decorating! health and wellness!) as well as whimsical posts on one-off topics I find interesting.

It’s usually hard for me to gauge the impact that my work is having, but I pay attention to the Verjus Manifesto and think I have been serving readers vegetables, which is what matters. In addition to the work I published, I’m pretty proud of what I didn’t publish—and that’s all I’ll say about that! Oh, and I’m a new member of the Internet Press Guild. And even though I sometimes find myself leaving journalism meet-ups quickly since nobody will talk to me, I started hosting Freelance Spark events once a month, first at Gangplank in Chandler and now in Phoenix at CoHoots, which is great for meeting like-minded folks.

This year, I  was on the 0311 Media podcast and Global Influencer podcast, was interviewed for a post on the Authors Guild website, got to talk to 10th graders about freelancing and writing for a living, and was a guest on the Tech News Today show.

Work this year has been amazing.

Debt and Boxes of Clutter, Oh My

I used to be embarrassed because I seemed to be posting the same goals year after year, but in some ways, a year is a pretty arbitrary period of time and just like some goals can be completed in days or weeks or months, some goals take longer than a year. I’m pleased with my progress towards paying off debt, and towards getting rid of tons of boxes cluttering my home. I filled up many a recycling bag, and sold dozens of old books or replaced them with Fables graphic novels. Even though there’s still more to do, for both, I’ve made significant headway.

“Sex, Drugs, and Socrates, We Kick Ass on GREs”

The above is a quote from an old chant at my alma mater. In any case, I’ve been toying with going back to school to study journalism more formally, and so I took my GRE. I managed to get in the 93rd percentile for analytical writing and 95th percentile for verbal reasoning. I won’t tell you what my quantitative score was, but it was above average.

Travel and Adventure and Family and Community

My relationship with my amazing husband has never been better. We spent our 1-year anniversary in Albuquerque, and it was fabulous. We just have a lot of fun together, even if we’re just hanging out at home binge watching some new TV series, and while I don’t imagine that ever changing, I don’t want to take it for granted, either.

I didn’t travel far this year, but I did travel a lot for both work and pleasure… I think I went to the Bay Area thrice (Digital Rights in Libraries! Mixergy! and a memorial…), went to Def Con and BSides/PasswordsCon in Las Vegas, traveled to Albuquerque and Minnesota (and hiked in Sedona and Flagstaff!) with my husband and Grand Canyon with my in-laws, and went on a lot of camping trips to California, New Mexico, and remote parts of Arizona with aspiring herbalists. And people got to visit us here, too–including the in-laws during Thanksgiving. I was also initiated into the ways of Ingress with a friend of mine from L.A. (who was my pen pal back when I was in middle school, before Facebook). Good times.

We moved from the outskirts to Phoenix proper, which is great for less driving and being closer to the heart of town. I had a fabulous birthday celebration this year (with Bridgett) and unlike last year, tons of people showed up. I dressed up for Halloween for the first time in ages, did an Escape the Room challenge (though didn’t really get the chance to participate much), saw Jake Shimabukuro and Jayke Orvis play (the same two shows I go to every year), and am ending the year with a batch of parties and events. It feels good to get invited to things. This year I met Swiss Miss and I met Twig the Fairy (at the Renaissance Faire). I had a lot of other great adventures, too. I even bought cybertwee cookies on the deep web. A Crimethinc panel discussion which brought together organizers from Latin America, the Balkans, Eastern Europe, and the O’odham reservation to discuss the significance of anarchist tactics and ideas in the 21st century was particularly inspiring to me.

What didn’t go well

Too much work: health and mental health as casualties

The flip side of work going so well this year is that I worked way too much. I felt like I was always on call, often canceling events at the last minute and feeling guilty whenever I went out for drinks, always feeling like I had to make it up by staying up later and working later. Obviously this lack of balance means a lot of things fell by the wayside. I didn’t work out or eat as well as I’d like to this year, and certainly sleep was one of the casualties as well.

Rest in Power

None of my friends were murdered or committed suicide this year (that I know of), but I did lose two loved ones. My grandmother passed away, as did my dear friend Bright. And I learned this year that Maria, who owned a café I loved to visit (Morning Glory café in Flagstaff), passed away six years ago, at the young age of 49. She used to let me wash dishes in exchange for food, but really it was like a party in the kitchen with great conversation, that made me feel like a human being again at a time I really needed it. So I was saddened to learn about that.

Unfinished projects, canceled plans, and other shattered dreams

There were other big fails, too, like all the grants I applied for but didn’t get. I also set out to learn all sorts of tech stuff and didn’t really get very far in my multiple attempts to learn Python, learn Linux, take Dan Boneh’s crypto course, finish a project I’ve been trying to hash out with a friend/mentor, etc.

I tried and failed to organize a crypto party (mostly just a lot of talk and no action) and never did organize a Library Freedom Project event, as I’d planned to. I missed Obscura Day, missed Dia de los Muertos, missed the Winter Street Fair in Tucson, missed Tucson Meet Yourself.

Some good things must come to an end

I had four posts killed this year. One I managed to place elsewhere, one is in purgatory, and two were completely axed. This happens every year, but I learned that the more I care about a piece, the more it hurts when it never sees the light of day.

And some of my favorite projects also ended their run this year. Access Tucson, the community media center where I worked for four years in my first real job after college, shut its doors at 124 E. Broadway earlier this year after a years-long funding battle with the city. Circa, my favorite news app, met its untimely demise, as did GigaOm, one of my favorite sites. Access Tucson is attempting to carry on parts of its mission in some form, but it’ll never be the same. Circa and GigaOm have been re-bought, but the magic is gone.

Caveat emptor

I signed up for an herbal medicine course in Tucson but apparently should have heeded warnings from past students. It ended up being a bit of a joke. Even the handouts we were given, which we were led to believe were original, were often ripped off from random anatomy courses online. The instructor was racist and overall unpleasant, and has some sort of 1950s ideas about women. Several students were kicked out or bullied into quitting, but I guess that’s between the instructor and their spouses! (See what I did there?) It’s always depressing to realize you put time and money into a course that wasn’t worth either, or to put your trust into an instructor who’s more dedicated to his backwards political agenda than educating his students.

This wasn’t the only disappointing event of the year–hearing Bill Nye speak wasn’t worth the cost of tickets, and Luminaria Nights in Tucson just wasn’t as good as I remembered it–it’s just the only disappointing course that I spent $895 on, but shouldn’t have. We did get to spend time outdoors with the plants, so it wasn’t a complete fail, but I’ll be writing a lot more about what I learned and didn’t learn in the future.

Looking forward to 2016

All Work And No Play Makes Yael A Dull Girl

The one big thing I want to work on in the Year of the Monkey (and beyond) is working less. I want to be able to get a drink with friends after an event without feeling like I need to “make up” for that lost time by going home and working more afterwards. I feel like a lot of my health goals (sleeping more, eating better, exercising more, etc.) stem out of this goal, so I’m hoping that once I address the root issue, the rest will take care of themselves.

Fun, fun, fun

I want to pursue hobbies outside of work, though I haven’t pinpointed which ones specifically. In the past I’ve dabbled in improv comedy, gardening, cycling, locksport, herbalism etc. and taught lots of workshops, and did a lot of volunteer work, so those are all possibilities.

One of my goals is to get a group together regularly to play games like Diplomacy and Eclipse Phase and Changeling and Wolf Among Us. I also have a game of my own I’m toying with.

I’m also working on rehabbing an old injury (finally!) and hoping to eventually start grappling again.

Old Goals, Revisited

And then of course I’d like to finish what I started w/r/t abolishing debt and continuing to go through boxes and creating a cozy home office.

Okay, but work

As far as professional goals, this year they’re not so much a list of bylines I’m shooting for like I’ve had in the past but more of a focus on the type of writing I want to do—which is investigative or adversarial. I admire the writing in the Intercept and ProPublica and Mother Jones, and also sites like Good. I’d like to continue down the road of doing work I care about rather than just focusing on making money.

I want to at least apply to graduate school programs again.

Ideally I’d like to find a podcast cohost and get that going again. And I want to figure out exactly which type of coding I want to learn, and then do it (and finish last year’s coding project). Plus there’s a book proposal hidden in here somewhere…

Oh, and I want to stop tracking on my website. I already disabled analytics, but still have some more trackers to turn off.

More Play

I’m resisting the urge to list off a batch of health-related goals in order to focus on the root issue, which is taking a bit of a breather (on a regular basis) instead of working non-stop. I really do think doing this will be pivotal. So instead of listing off have-to-dos, I want to focus on doing things that feel good (like eating real food and lifting heavy things and having creative side projects).

Time outdoors. Wilderness awareness. Finding a way to see Shakespeare this year. Maybe finish a zine I started with a friend. I want to make food seen in Miyazaki films. There’s a dream zine idea I want to toy around with as well… it may even be a good Tor Hidden Service if I can find a tool like Anonymouth to let people contribute anonymously… And we really want to get a puppy…

I hope that in a year as I look back on 2016 I’ll have fun adventures (and plenty of down time) to report instead of just long hours…

I want to get posts like this delivered to my inbox.

My Top 12 Posts in 2015 That Aren’t About Privacy or Surveillance or Anything

220px-The_sun1Writing about the eradication of our civil liberties is exhilarating, but also exhausting. I am so thankful that I can write about other random things as well. Here are my top twelve picks of posts I wrote in 2015 that are as off-topic as I could find.

Fitness Fix: Preventing Shin Splints

I loved writing this piece because I know how awful shin splints are, and how preventable. As a journalist, I find that it’s difficult to gauge the impact of my work, but this piece is a bit of an exception. If one person prevents shin splints…well, that just makes me insanely happy. Special thanks to my friend Melanie for the intro to Francesca Conte. Before her, many running coaches told me that preventative movements/stretches/exercises didn’t exist, so I was thrilled to learn otherwise (both for Experience Life readers’ benefit and for my own.)

This Wedding Photographer Also Shoots the Most Amazing Storm Pics You’ve Ever Seen

I saw Mike Olbinski speak at Creative Mornings in Phoenix, and saw some of his amazing photographs and timelapse videos of clouds and dust storms and lightning, and I knew that Made Man readers had to get a glimpse, too. Thus this OMG amazingly gorgeous slideshow was born.

Migrants Gone Missing: Healing and Closure, Thanks to Forensic Science

My friend Will Bradley, who taught me how to use PGP, tweeted something about a non-profit that helped people find loved ones who they believe had died at the border, and I knew I had to write about them. Luckily, TakePart World was also interested. I plan to research this issue a little more in-depth, so look for more on this in 2016.

Checking in With Gina McCarthy, Obama’s Environmental Watchdog

This Q+A for Men’s Journal stemmed from a meteorology conference I signed up to attend specifically because I knew Harris Corp. was tabling, and I wanted to pepper them with questions about cell site simulators (aka stingrays). Of course, none of them knew what I was talking about. Big company. Much technology. And the weather toys don’t have much to do with illegal surveillance. However, the EPA approached me about this interview…. and then a flak got extremely annoyed with the tone of my questions, which I thought were actually incredibly mild. This whole situation always  makes me scratch my head a bit.

Protecting Yourself From Workplace Bullies

In my past life as a teacher, I was once bullied by the union rep. (I know; wrap your head around that one.) I felt like a lot of the conventional wisdom for how to respond didn’t take into account a lot of workplace politics. Luckily, I got to speak with Michele Woodward and Elysia Lock about this issue for Dice.

Jessamyn Duke and Shayna Baszler’s Gnarly Street Fight

I don’t write about MMA a whole lot anymore, but when I started freelancing, it was a big chunk of what I did. In fact, I started covering fights so I could get free cageside seats back when I was still a teacher. In any case, I was thrilled to be the first to cover a months-old street fight. This wasn’t the first time I broke MMA news–I covered the Ultimate Women Challenge disaster, where the filming was plagued by a lack of foods, funds, and training, back in 2011 (about two and a half years before MMA Junkie picked it up). But I was pleased that Shayna and Jessamyn trusted me to tell their story for The Sports Post after someone alerted me about what had happened. Bleacher Report and many other sites linked to this piece.

This Startup Will Piss Off Publishers-And Make Freelancers Happy

When I heard that journalist Scott Carney was launching a Kickstarter campaign  that was like Yelp for editors, I knew I had to get the inside scoop on it, so I did a Q+A for the Freelancer (which was reprinted on the Content Strategist and Media Shift as well). I’ll admit that I’m still scratching my head about this story and why it did as well as it did. Perhaps it was buzz from the project, or maybe readers had the same questions I did.

Should Writers Respond to Comments on Their Articles?

This post for the Freelancer didn’t get a ton of shares, and I don’t have access to traffic numbers, but I’m putting it on here solely because Mathew Ingram tweeted out the link. As for me, I used to read comments religiously and even engaged in discussion with commenters, but have since decided the benefits may not outweigh the cost. I like looking at this post because the perspectives of the star writers I interviewed are so diverse.

Staring Down A Non-Compete Clause

Sometimes the contracts you sign for work, whether as an employer or as a contractor, will bite you in the ass. Consider this post for Dice fair warning.

Finding Software Jobs When You’re Over 50

Another Dice post. Possibly useful.

I want to get posts like this delivered to my inbox.

My Top 20 Posts In 2015

blue_star_backdrop-300x199Each year, I do a wrap-up of my favorite posts. In the past, I picked the ones that were most popular, based on whatever metrics were available to me.  But this year, I decided to ignore analytics, because my Ashley Madison posts and even ones about bad TV shows did better than some of the pieces I thought people should be reading.

And even though I find how-to posts personally informative, I didn’t include the servicey pieces about disabling Flash selectively and selecting stronger passwords and taking steps towards online security and privacy, about teaching your folks how to use 2FA and a Yubikey and getting them on Signal, being a good online citizen in the wake of a tragedy, and even what very bright people would recommend for bridging the gap between UX and security. This year I even wrote and a digital hygiene course for Trollbusters which included a list of people finder and data brokers linked to by Feminist Frequency, and I’ve been writing weekly security news roundup posts for WIRED, some of which have garnered quite a bit of traffic (thanks in part to Reddit). But for the list, I wanted to focus on posts of mine that were either somewhat adversarial or particularly research-intensive, that had some investigative element, or were just too cool not to share.


Wickr’s Time Feed (Not Quite Steganography)

For ReadWrite, I wrote about Wickr’s feature which lets people share photos on Facebook. I got to dig into the parts of the app’s marketing copy that I found misleading, and was interviewed briefly on This Week In Tech News  about the app.


Stopping a Smart TV From Eavesdropping On You Could Be a Felony

For Slate, I wrote about how disabling Samsung’s creepy smart TV could be a felony under these really awful DMCA laws you may have heard about when the two issues bubbled up in the media around the same time. I spoke with Software Freedom Conservancy president Bradley Kuhn and Electronic Frontier Foundation activist Parker Higgins for the piece, which was rehashed by Washington Times and multiple other websites.


Whisper Says It Doesn’t Track Your Exact Location—But It Still Could

As the Guardian was walking back accurate claims about Whisper–presumably for legal reasons–I spoke with Nate Cardozo, a staff attorney on the Electronic Frontier Foundation’s digital civil liberties team, about how the app collects enough info to pinpoint user locations, though it says it doesn’t use it.

Meet Canary Watch, A Way To Disclose Gag Orders Without Disclosing Them

I wrote about this clever asymmetric warfare against the surveillance state. This post received some criticism for making it seem like I didn’t like the concept, which was unintentional—I just am a bit skeptical. Oh, and I got to interview the ACLU’s Christopher Soghoian and Calyx Institute founder Nick Merrill, who was one of the first Americans to legally resist a gag order related to a national security data request. (More on that later.)


Perkins Coie’s Web Copy Reveals Its Client,, Was Under FTC Investigation

I picked this post because it was based on documents I got from the FTC using a Freedom of Information Act request, following a lead from a tweet. It was also killed by two separate publications before Motherboard picked it up. Their legal team wrote the headline, which is “Online Marketing Leads to Inadvertent Revelations.” I’m not sure how well this piece did traffic-wise, but I think it effectively warns law firms against overzealous marketing copy. Sam Glover at the Lawyerist linked to it, too. It’s about ethics in law firms’ online marketing copy.

Ruling May Stop Willy-Nilly Gadget Searches at US Borders

I spoke with Nathan Freed Wessler, a staff attorney with ACLU’s Speech, Privacy, and Technology Project, about a new ruling which signaled a better direction for search guidelines at the border, at least as far as the 4th Amendment and laptops and mobile devices are concerned. The piece was reprinted in Slate, mentioned on Security Weekly, and Naked Security linked to it as well.


Report: Government Surveillance Planes Spotted Over Baltimore Protests

This piece was about the FBI surveillance planes flown over the city of Baltimore in late April and early May in the aftermath of the Baltimore protests in response to the death of Freddie Gray in police custody. A lot more has come to light since then, but I spoke with ACLU staff attorney Nathan Freed Wessler about the issue, as originally reported in the Washington Post.

Metadata Doesn’t Lie: Is That Why Governments Are Withholding It?

I wrote about web engineer, public records researcher and policy nerd Tony Webster’s lawsuit against the city of Bloomington after it refused to release a large amount of data–including metadata–in response to his public records request on information related to the Black Lives Matter protest in the Mall of America. This post was reprinted in TECHdotMN, quoted in the Democrat and Chronicle,  and linked to by the Bill of Rights Defense Committee and in CJ Ciaramella’s weekly FOIA Rundown newsletter.

Facebook Is Now Pushing For Stronger Encryption

I spoke with privacy and security researcher Runa Sandvik and security adviser Per Thorsheim about Facebook’s embracing of PGP.

Website Owners Deserve the Right to Stay Anonymous

I wrote about iCANN’s proposal to eliminate anonymity for commercial website owners. Thankfully, the idea of prohibiting businesses from shielding information such as addresses from public view was ultimately scrapped.


A Peek Inside Mr. Robot’s Toolbox

This piece for Wired, in which I looked at the tech tools used on the best hacking show on the planet, was probably my favorite of the year. Interviewing show creator Sam Esmail and technical adviser Michael Bazzell was a real treat. The post made TechMeme, and earned a backlink from a post on The Atlantic,  which was syndicated on Yahoo! Tech.

When It Comes To Encryption, Our Policy Makers Could Learn A Thing Or Two From Thomas Jefferson

I like this piece because I had to go to the library and inspect microfiche for it, and because I got to interview network security researcher Ethan Heilman, but I got the idea from a software engineer I met at DEF CON.


Awkward! How One Woman’s Tinder Dates Popped Up As Professional Suggestions On LinkedIn

Could swiping left get you fired? I interviewed a woman who found all sorts of information about her Tinder contacts, who had used pseudonyms, when she received “People You May Know” suggestions from LinkedIn—you know, since LinkedIn solicits phone numbers from its users and pulls data from users’ phones. Although media pundits often go after Twitter and Facebook quite aggressively for privacy violations and poor UX, it seems that LinkedIn sometimes gets a pass for bad practices in the media, though it’s hard to tell whether that’s because it gives journalists (myself included) special perks for attending boring media trainings or because of the company’s hair-trigger PR team, but chinks in the armor are showing.

Donald Trump’s Deleted 9/11 Tweet Shows The Need For The Politwoops Service Twitter Killed

This Forbes post managed to draw attention both to Donald Trump’s deleted tweet and to a service that recorded tweets deleted by politicians en masse. I spoke with two policy analysts at Access Now. Slate and Silicon Beat both linked back to it. In late October, Twitter’s CEO mentioned Politwoops by name and promised to improve relationships with transparency organizations, but as far as I know, Politwoops still does not have access to Twitter’s API.

Anti-virus Software Could Make You Less Secure Because Vendors Are Ignoring Security Best Practices

Just a little bit of piggy-backing on Thomas Fox-Brewster’s reporting and research by security engineer Tavis Ormandy, a member of Google’s Project Zero vulnerability research team.


Mr. Robot uses ProtonMail–But It’s Got A Couple of Problems…

This piece is a deep dive on ProtonMail’s security and who should be using it. The best part of researching this piece was sending about 575 zillion emails to technologist and all-out rockstar Micah Lee about 575 zillion emails. I also spoke with technologist Joseph Bonneau, lawyers Victor Vital and Alex Abdo, and ProtonMail’s CEO, and did a bit of research on some email applications (namely, Lavabit and Hushmail) since people learned the hard way that they weren’t as pristine as previously believed.

Why You’re Rejected For Security Clearances

This post was based on a talk by security pro Kevin Tyers at the BSides Las Vegas conference. It discusses the many factors that go into a security clearance decision, based on 15 years worth of adjudication data. I like this piece because it gives a bit of a historical snapshot on industry decisions.

Filing Public Records Requests: A Quick and Dirty Guide

I’m pretty lucky in that I have a lot of people to turn to when I struggle with FOIA records requests. Jason Leopold, Michael Morisy, Dave Maass, and others have assisted me when I’ve had questions. But I tried to lay out all of the basics in one place in this post for the Freelancer, and I hope it’s useful to other reporters.

37 Whistleblowers You Can Follow on Twitter

Not including @Snowden—with him it’s 38.


Court Lifts NSL Gag Order on FBI Warrantless Surveillance 11 Years After It Was Issued

This is about a National Security Letter accompanied by a gag order served to then-ISP owner Nicholas Merrill, and what information the FBI was actually seeking.

If you just scrolled to the bottom because you aren’t at all interested in online privacy and security, you may want to check out my top 12 off-topic posts for the year.

I want to get posts like this delivered to my inbox.

16 Painful Truths About Freelancing

I'll_Cry_If_I_Want_ToToday is my six year freelance anniversary. For the past couple of years, I’ve paused to offer a reflection of sorts. Two years ago, I wrote about 20 things I learned the hard way. Last year I wrote about avoiding the trap of focusing on pay at the risk of quality, integrity, or personal goals.

Although this past year has been incredible in many ways, and I wouldn’t trade my job for the world, I’d be lying if I didn’t say that a lot of things about freelancing that just plain suck.

We all know about the great things: interviewing amazing people, writing posts that expose corruption or highlight the best of human nature, making an impact in the world, having a flexible schedule, and making good money doing work you love. But aside from minor quibbles, there’s a whole underbelly of hard stuff people don’t often talk about.

The only way around is through, but since it’s my party and I’ll cry (and swear) if I want to, I decided not to sugarcoat any of the hard but instead to sing it from the rooftops. So here’s a glimpse of some of the suck that you’ll want to be aware of before diving headfirst into freelancing, or ones you might relate to if you’ve been freelancing for a while.

Being a journalist won’t magically give you access.

For every person who will only talk to you (or a small handful of reporters), there’ll be a few who’ll dodge your calls or pretend they’re out of town or pull a no-show or turn off their porch lights just so you’ll think they are not home.

And then there are the people at conferences who will make a beeline towards you or anyone else with a media badge loudly proclaim that they don’t talk to the media, even if you didn’t try to talk to them at all. (Pro tip: taking cabs from your hotel/crash pad to the conference rather than getting on a shuttle or bus is expensive, but sometimes worth it for sanity’s sake.)

Sadly, the people you really want to talk to may not feel the same way, and the people who really want to talk to you are usually PR people who you don’t want to talk to at all, creating some sort of weird media love triangle. Or something.

Speaking of PR people…

You’ll get so inundated with PR pitches that you’ll want to scream. Screaming won’t help. Neither does responding, because most won’t take no for an answer, so now you have three pitches and six follow-ups to delete instead of just one pitch and six follow-ups. I try to deal with this by using SaneBox and setting up filters and having multiple email addresses and funneling pitches through Muck Rack, but you can still hear muffled screams coming from my general vicinity.

People will be dismissive and distrustful.

Most people (sources, editors, you name it) will ignore your calls and emails.You’ll get a great story but your source will back out at the last second before an interview and give it to another writer instead. You would’ve told it better, but the world will never know… Someone will listen to terrible advice on some podcast and decide to only do interviews over email…which will kill your interview. You’ll build trust but as soon as you can get one source there’ll be one you can’t get who you’ll want even more because human nature. The best solution is to find an editor with great contacts (good luck with that!) or to pick up Buddhism and renounce desire.

People will blame you for things outside of your control.

People will do interviews with you and break their own university’s conflict of interest policy (unbeknownst to you) and blame you when they get in trouble. That guy you know who gives workshops to journalists but seems to despise them probably didn’t find errors in the article you wrote so instead decided he’ll publicly share his opinions of a headline you didn’t write. Editors will introduce errors into your work, leaving you to choose between throwing them under the bus and protecting your professional reputation. More often than not, they’ll completely ignore your urgent emails about adding a correction…

Editors will kill or neuter your best stories.

You’ll have amazing editors that make your work shine, and you’ll fire all the sucky editors, but some of the amazing ones will sometimes do sucky things. You’ll write about NGOs working on human trafficking issues in Thailand and your editor will sit on the story for months and then kill it because she decided the person she asked you to interview, the person who gave up her life and moved across the world, “isn’t compelling enough.” And since you actually cared deeply about the piece, getting paid for unpublished work won’t be any consolation.

When a PR flack complains about an entirely accurate story, that editor who you thought had your back will lose his backboon and capitulate to insane demands quicker than you can say “conflict of interest.” There’ll be very little you can do. Freelancers are expendable, after all.

Editors will even ask you to send questions in advance when interviewing administration officials so that the state, with all of its resources, has all the time in the world to properly spin their answers. Up next: no blog post needed, just an Instagram photo of the government’s talking points… no wonder media folks are worried about robots taking their jobs.

You’ll fuck up.

Your editors will ask you to cover topics you don’t know on tight deadlines. You’ll fact check as much as you can and get things wrong sometimes anyway because you’ve got a blind spot and won’t double-check stuff you think you know. You’ll have to write corrections (or worse, send an editor corrections and be summarily ignored) and it’ll suck. They say fighters are only as good as their last fight. Writers are only as good as their most error-riddled post. I’ve seen entire industries turn on journalists with 15, 20+ years of experience because of a single error they immediately corrected. The sad part about fucking up is that it’s not always easy to learn from your mistake, because you can build resistance to these tactics and find new ways to fuck up that you haven’t accounted for in your new time-consuming strategy.

You’ll waste a lot of time because you’ll think you may have fucked up, when you hadn’t.

You’ll get vague criticism and go down the Google rabbit hole and then realize that there is debate within an industry on the way a term is used, but the way you picked is the more accepted one. +1 for wasting time realizing that you were pretty much right all along, I guess. If only you could bill for those hours.

Your worst posts will do the best.

The dumb post you dashed off on no sleep, fueled by sugar and caffeine, will get tons and tons of traffic because of a gimmicky headline and reference to porn or pop culture (that you may not have even written). The smart post about internet kill switches will go almost entirely unread.

You’ll want to blame this on site readers, but even in your own social networks, a cute new profile pic will be far more popular than that column you spent 15 hours on. You know some people are reading because they’re whining about something or other in all caps in the comments, but you’ll pretend they are bots because the possibility that they are representative of your readers is too depressing for words.

Everything will be unfair.

The writer who has no command of spelling or grammar and isn’t great at factual accuracy either will somehow start writing for glossy mags you can’t break into. Writers at the same sites you write for will scoop you (no wonder they wouldn’t share contacts when the editor asked). You’ll turn down countless trips and dinners and events and beers because of a stringent conflict of interest policy, and then your assigning editor will write about that same free trip you declined. Your favorite sources will think you’re batshit insane because you insist on buying your own drink, leading to so many awkward moments that you’ll want to switch to copywriting, where the perks flow freely.

But it’s not just COI that’s at stake. Your colleagues will get basic factual information wrong, casually dox people for page views, or find other creative ways to destroy people’s lives, and nobody will bat an eye. Your heroes will follow them (and not you) on social media and publicize their other work (and not yours).

Of course nobody will know own about all the (similar…not to mention lucrative) stories you turned down for ethical reasons. Nobody gives a shit about your ethics. Nobody will even notice your ethics. Nobody sees the stories you can’t publish because they might be inaccurate or because a source backs out or because publishing would be problematic for various reasons.

Oh yeah, and that person you’re ghostwriting for will get invited to speak about the post you wrote on a radio show with your favorite actor of all time who he’s never even heard of. It’s the freelance version of someone repeating your idea in a meeting, except you agreed to ghost, so you can only blame yourself.

You’ll get opportunities you can’t take.

Because who is going to cover your hotel and airfare to give that unpaid keynote or host that unpaid panel? Per diem? What were you thinking? You’re not even on staff.

Not to mention all the stories you lost because a site said yes and then changed their mind before a contract was signed, but after you could still pitch the time-sensitive idea to the other sites that originally expressed interest.

You will realize that freelancing is incredibly lonely.

I’m a huge extrovert, and though I have no trouble finding events to attend and making friends, there’s something about working with a group of people toward a common goal that I miss. Long gone are the days of work parties or happy hours. As a freelancer, I’m lucky if I can get more than a few sentences in an email from an editor. I have a handful of freelancer friends and we support each other and work through work drama, share leads, and take turns listening to each other vent. I go to cafes and co-working spaces and work parties. Even still, but most of the day is filled with dead silence. Add to that the fact that you typically have to email everyone multiple times to even get a response and even the most stable, well-adjusted freelancer might start to feel radioactive.

You’ll get limited feedback, and the feedback will probably make you feel shitty most of the time.

Since your editors don’t really give you feedback, you’ll instead be rewarded with…reading the comments, peaking at responses on Reddit or social media, and dealing with emails. The nicer feedback won’t tell you how to improve, and the other ones won’t be constructive either. Even if you go above and beyond and spend hours fact-checking the accuracy of claims until you’re proud as hell of a finished product, someone you actually like and respect at your favorite non-profit will tell you she wasn’t a fan because it didn’t include some favorite pet peeves & she didn’t like the order of suggestions given. You won’t make corrections since there’s nothing to correct, but this comment will probably cancel out all of the positive feedback you actually did get. But typically all you can hope for is that sigh of relief when nobody comments at all (or they just argue with each other).

No good deed will go unpunished.

Your future pay will hinge on that post you over-delivered on because you cared about the subject, but your sweat and tears won’t be reflected in the page views. You’ll stick up for other writers an editor is screwing over, and learn months later about how they retaliated—in a way that has negative career repercussions.

Continuing ed is a motherfucker.

As a freelancer, nobody is really invested in your long-term career except for you, so you have to be your own freelance hero. For me that means taking lots and lots of online classes or learning new things. I’ve set out to learn everything from programming languages to visual design to cryptography. Unfortunately, the courses are either easy/boring or pretty frickin’ hard and I don’t have the same level of support that someone working with other people at the same publication would have. (No afterhours study groups for me!) Nor is it obvious what will be useful a month or a year or five years from now. I have never believed in certainty anyway, but the support systems and group learning situations that non-freelance positions can bring have their own benefits.

You won’t even know what metrics editors are judging you by.

Sure, you can check, but you probably won’t have access to page view data or know how your work stacks up. And since nobody talks to you about it, you can’t offer feedback about all the reasons a post may have done well (or not). Because a lot of the time it’s the topic, or the image, or the SEO keywords used, or the headline. But metrics are a whole ‘nother ball game for obsessives, where no number will ever live up to your own expectations.

The good feelings don’t last.

Even if you write a dream post for a dream site, the buzz will only last a few hours to a few days. After the initial thrill, you’ll get depressed about how you’ll never be able to repeat the feat, or find some way to discount the experience. And if your goal is to make an impact on the world, there may not even be a good metric you can use to judge whether you’re doing that.

So what’s the verdict?

I’m not trying to talk people out of freelancing. I’m just pointing out that it’s not a bowl of cherries. Chances are that if you quit your job and start freelancing, you won’t be able to interview everyone you write, even if you work for Bigshot Magazine. That people will often be upset at you for reasons outside of your control. That editors won’t always improve your work and will sometimes destroy it (or worse, capitulate to brands or governments). You won’t always get things right. People maybe think you’re wrong even if you do get things right. The amount of energy you put into a post, or the gravity of the topic, is not what will get you traffic. Hard work won’t always pay off. Having high standards will make things harder for you, not easier. You won’t be getting a lot of feedback or even talking to editors for more than a few minutes. You’ll be lonely. You’ll probably cry a lot. And you won’t appreciate your own success as much as you should.

But this isn’t the end of the story.

I’ve been busy brainstorming ways to move past this, which may start with working fewer hours and coming up with new goals/metrics that are meaningful to me, and balancing heavy-hitting work with stuff that’s less exhausting, including a bit of brand work I’m doing. Here’s hoping next year I’ll have a more positive outlook to share.

I want to get posts like this delivered to my inbox.

Stuff I Wrote: November 2015

Writing Fountain pen

November’s coming to a close, so it’s time for my roundup of posts published this month. As always, I divided them by category and included short summaries so you’ll know if you want to click on the headline to read the full story in each link posted.

If you celebrate, I hope you had a fabulous Thanksgiving, surrounded by family and friends and maybe even got offline for a little bit. I’ll be back early next month to celebrate my freelance-versary, as well as the annual year-in-review posts and a list of the most popular posts of the year. Phoenix freelancers may be interested in Freelance Spark on December 2nd, where we’ll discuss cultivating successful client relationships in person.

For now, here’s a roundup of 13 posts I wrote for November for WIRED, Forbes, Dice, the Performance Menu, and Sherdog.

Privacy and Security

  • Security News This Week: 9 out of 10 Websites Leak Your Data to Third Parties (WIRED) This column also discusses the Pentagon outsourcing coding to Russia, Iran hacking Obama administration officials, data retention proposals (and over a decade of MI5 spying that came to light) in the UK, Mozilla’s new tracking prevention tool, ProtonMail getting hit with DDoS attacks and its ill-fated ransom payment, and ad blocking circumvention tool PageFair’s malware.
  • Security News This Week: Someone’s Cutting Fiber Optic Cables in the Bay Area (WIRED) I also wrote about how Yik Yak isn’t really anonymous and therefore is not a “safe space” for making racist threats, Europe’s coordinated raids against an Iranian cyberspy group called Rocket Kitten, Vizio’s SmartTVs selling viewing data to advertisers, Comcast resetting passwords, the fact that the nation’s biggest wiretap program might be illegal, and how military officials are lagging behind in updating their Android phones.
  • Security News This Week: The Manhattan DA Wants Backdoors for Smartphones (WIRED) This column also includes information on how the NSA found ways to continue email surveillance after “ending” it, Bangladesh blocking messaging services, Anonymous and GhostSec battling ISIS (sort of), the potential of ransomware hitting medical devices, malware found on Starwoods’ payment system, a vuln found pre-loaded on police body cameras, Blackberry being totally cool with government encryption backdoors, and more.

Hacking in Pop Culture

Job Hunting

Health & Wellness


  • Beating the Odds: UFC 193 (Sherdog) I wrote about Holly Holm and Ronda Rousey, and the other upsets that took place on November 15.
I want to get posts like this delivered to my inbox.

Stuff I Wrote: October 2015

oopsHappy November! It’s actually finally nice enough for a bike ride here in Phoenix, and I just had a marvelous Halloween (even though I almost got eaten by a wolf!) This month I have a nice roundup of posts for you as well as a blog I was quoted in. As always, I’ve divided it up by category as best as possible.

But before I get started with that, here’s an event annoucement: Those of you in Phoenix should definitely come out to Freelance Spark this Wednesday, where we will be discussing how to build an inspired business at 6PM at Co+Hoots. Get your free tickets here: We will also be meeting on December 2nd to discuss how to cultivate successful client relationships. Even if you’re not in Phoenix, there may be a Spark in a city near you, so go to for the details.

I have a whopping 22 posts to share this month, and hopefully you’ll find something you like! I’m always open to suggestions and pitches (especially if they’re not from PR folks), so please feel free to get in touch. Details for how to do that are here:

But yeah. Dem posts.

Writing Fountain pen

Online Security

For Freelancers

Weekly Security News Roundups

Each of these has links and short summaries of seven to 10 news stories for each respective week, so read ’em all to keep up-to-date. They’re posted each Saturday.


A Primer On Herbalism Part 2: Herbal Preparations (Performance Menu)  (paywall) This is the second in a three-part series about herbal medicine.

TUF Recap Episode 4 and Episode 5 (The Sports Post) I was writing recaps of the Ultimate Fighter for a little while–here are a couple of them.

I want to get posts like this delivered to my inbox.

Stuff I Wrote: September 2015

Writing Fountain penHappy autumn! Here in Phoenix we are thankful that the temperature is finally dipping down into the double digits, and getting ready for the beautiful fall and winter temperatures (as opposed to the intolerable summer heat). Anyway, I have a huge batch of stories for you to peruse this month. Enjoy!

Online Privacy and Security

Tech News

Security News This Week

This weekly column for WIRED runs down security news each week that WIRED didn’t cover in depth, but deserves your attention nonetheless…

Your Career

Health and Fitness


I want to get posts like this delivered to my inbox.

Stuff I Wrote: August 2015

Writing Fountain penIt’s been a really busy month for posts, so here’s a round-up of all of ’em.

A Peek Inside Mr. Robot’s Toolbox (WIRED) Just in time for the season finale. I spoke with show creator and executive producer Sam Esmail and tech consultant Michael Bazzell and did a heck of a lot of research on ten tech tools used on the show. Faraday cage not included. (P.S. This post hit Techmeme.) (P.P.S. My husband came up with that excellent title.)

When It Comes To Encryption, Our Police Makers Could Learn A Thing Or Two From Thomas Jefferson (Forbes) I actually went to the library and broke out the microfiche while researching this puppy. I also got to quote Ethan Heilman, which was cool.

So You Found Your Name (Or Your Executive’s) In The Ashley Madison Data Dump. Now What Do You Do? (Forbes) I spoke with a crisis management consultant, a security adviser, and even a relationship coach for answers on this hairy topic.

That Fired Facebook Intern Explains The ‘Marauders Map’ Extension That Cost Him His Gig (Forbes) I got both sides of this debacle.

Tell Us Which Companies Crushed It In Response to Security or Privacy Issues This Year (Forbes)

Watch Out For Phishing Scams Like These (Forbes)

Security News

Security News This Week: Oh Good, The Weaponized Police Drones Are Here! (WIRED) I also wrote about GitHub getting DDoS’ed, Oakland cops’ new retention guidelines for license plate data, Baltimore cops tracking cellphones, AT&T injecting ads on HTTP traffic through airport Wi-Fi, and India shutting off mobile internet for 63 million people.

Security News This Week: Police Use Mobile Cell Phone Trackers to Avoid Court Orders (WIRED) I also wrote about mobile supercookies, a secret email Ed Snowden sent NSA, the IRS hack, and some Google news.

Security News This Week: US Admits It Uses Predictions, Not Data, to Blacklist Flyers (WIRED) I also wrote about an Android bug, a security flaw Volkswagen kept hidden for years, spies in China reading U.S. officials’ private emails, a software engineer harvesting Facebook user data using cell phone numbers, attackers hijacking Cisco networking gear, Lenovo injecting its software into clean installs, and government requests for Twitter user data skyrocketing.

Security News This Week: The Pentagon Got Hacked While You Were at Def Con (WIRED) I also wrote about a Firefox exploit found in the wild, a court ruling against warrantless release of cell phone location data, and about tearing down cyberwalls, whatever they are.


We’ve got you covered if you’re looking for a job in tech: Finding Software Jobs When You’re Over 50 (Dice), Hacking Job Interviews (Dice), and 5 Big Interview Mistakes To Avoid (Dice) have some words of wisdom from people who are a lot smarter than me.

I want to get posts like this delivered to my inbox.