Archives | Page 2 of 71

Stuff I Wrote: August 2019

September 4, 2019 By Yael Grauer Leave a Comment

August was the month that I finished coursework for my Masters degree in Mass Communication, the month I spent a week at DEF CON playing Open CTF and connecting with friends, new and old, and the month my husband and I escaped to Minnesota to see family and go on a bit of a vacation. August also saw the culmination of two projects I’d put a considerable amount of time into, as well as a very important post I put together quite quickly. It’s also the month I’ve been building up business again after a year of working overtime—so if you are in need of an investigative tech reporter, please get in touch.

The Best VPN Service (Wirecutter)

I spent months researching and testing VPNs, and these are the results. I was hesitant to take on this project after penning a post on how you couldn’t meaningfully rank VPNs back in 2016, but couldn’t pass the opportunity to write for one of my favorite sites. Luckily, I had a handful of technical experts who answered countless questions as I worked through what data I could find in an incredibly opaque industry. In particular, Dan Guido, cofounder and CEO of Trail of Bits, spent two hours talking me through the ins and outs of security audits and their limitations, security challenges I was unaware of, and other considerations that hadn’t crossed my mind. And, of course, my editors and the entire team at Wirecutter were also amazing. Sarah Jeong linked to this piece in The New York Times’ Privacy Project newsletter, which was pretty cool.

FEMA Still Struggles With Post-Disaster Planning (News21)

This piece, written in collaboration with Harrison Mantas and Kailey Broussard, is the culmination of 10 weeks of reporting on how FEMA still struggles with coordination and communication during disasters, even after years of reforms and reorganizations. It was done for News21, as part of a larger project on disaster recovery called State of Emergency. This piece was picked up by NonDoc in Oklahoma, which was neat since my fellowship (and Harrison’s!) was funded by the Oklahoma-based Ethics and Excellence in Journalism Foundation.

Facebook Insists No Security ‘Backdoor’ Is Planned for WhatsApp (OneZero)

The company is fighting back against rumors that it would scan messages on users’ phones prior to encryption… and I delved into some of the ways we could tell if this wasn’t the case. For this piece, I interviewed a WhatsApp spokesperson and Steve Weis, a fellow at the Aspen Tech Policy Hub and former software engineer at Facebook.

Coming Up

It’s been a weird month since I was on vacation for half of it and business is just revving up again now that I’m done with school, and I’m still working on some long-term projects that may or may not be up in September. At the very least, you can look forward to a profile of a marine toxicologist this month. And in October, Mr. Robot is returning…

2018 In Review

December 29, 2018 By Yael Grauer 1 Comment

Each December, I pause to take a look back at the past year: my accomplishments, my setbacks, and my goals moving forward. Inspired by Chris Guillebeau, I’ve posted annual reviews in 2010, 2011, 2013, 2014, 2015, 2016, and 2017.

What Went Well

Travel

This year my husband and brother and I went to Israel to visit my parents and to celebrate my brother’s 40^th birthday. We visited my grandmother, hung out at the Dead Sea and Masada, visited at Yad Vashem, spent time in Tel Aviv/Yafo, and I even got to ride a camel. I went to Minnesota with my husband for our annual summer trip, where we also went to Lake Itasca, rode bikes in the forest, got our fill of hiking, and stayed in a romantic cabin. I went to HOPE in New York and DEF CON in Vegas to get my hacking conference fix, and after DEF CON I got to hang out with MMA fighter Sarah Moras, tour the UFC Performance Institute, and tag along during all of Sarah’s workouts where I got my ass kicked doing way less weight than she was. She even gave me a pair of shoes (!!) which was great because I was boycotting New Balance though I don’t remember why. I got to visit D.C. to speak about how freelancers can collect past due unpaid invoices at the Science Writers conference, which was a fun but far-too-quick trip which included trips to the Newseum, the Spy Museum, and noodles and cocktails with friends. And the year is going to end with a hiking trip in Zion National Park (barring government shutdowns or other unforeseen circumstances.) Travel is important to me and I’ve really enjoyed being able to squeeze in so many trips, both short and long.

Learning

I went back to grad school for journalism this year, and trying to figure out how to use a broadcast camera and a DSLR camera and Premiere and a million other programs was definitely a steep learning curve. That said, I learned a lot, made some great friends, and am SO excited about delving into data journalism and investigative reporting skills next semester. But my learning hasn’t stopped at school. After the Capital Gazette newsroom shooting, I attended a bleeding control training class to learn about packing wounds and using tourniquets. I also got to attend a few days of the ScienceWriters conference, a Strictly Financials workshop, the Health Journalism conference, and CyberMed, which is a two day conference focusing on medical device hacking and ways to prevent it. I took a Psychological First Aid course online because people keep coming to me with their problems and thinking I’m equipped to help them, so I wanted to flail a little less. I’ve been a MOOC queen this year, too. 2018 has been great for my Ravenclaw brain.

Teaching

In addition to speaking on a panel at the NASW conference, I also gave a lightning talk at Queercon about how hackers can work with journalists while lowering the risk of losing their job or getting arrested. I also got to discuss several of my articles on podcasts and even on TV. And I continue to help develop digital security resources for journalists.

Family and Friends

My husband is a rock star who literally made me lunches every day so I could work the crazy grad school hours and still eat. This is the first year I’ve spent significant time with my parents since my wedding in 2014, so that was really cool. And, of course, I spent time with my brother (a permanent Thanksgiving guest) and my in-laws. I’ve also somehow managed to make a few friends in school even though I’m older than almost everybody. And I really cherish even those hour-long coffee or happy hour meetings with friends throughout the year.

Work

My online content marketing textbook came out this year. I posted my top 12 articles for the year already, and am incredibly grateful for the opportunity to work with so many great sources and editors to do work that I feel makes a real impact. And somehow I managed to keep my income the same as 2017, in spite of 4 months of grad school (though this may be a testament to how slow some people pay me).

What Didn’t Go Well

As always, there are things that are just pooptastic, and I think it’s been a difficult year for a lot of us.

Health

I got through my first semester of grad school, but not without it taking a toll on my physical and mental health. I can see why people do this in their 20s!

A Slim Majority of Work

The majority of my clients this year were amazing this year (94 percent, to be precise), but of course, there is that six percent. Every freelancer worth their salt has stories about toxic clients that put sources at risk, edit errors into copy, or rewrite pieces so drastically that it is only appropriate to request to remove a byline.

Stagnation and other Fails

I had plans for getting a car that’s not 20 years old, moving out of the apartment, etc. but school put that on the backburner. It also put both my podcasts on hold, one of which has sort of fizzled and died after losing a great cohost to other products (one failed Patreon fundraising attempt later). Meanwhile, the garden my husband and I planted literally fizzled and died. Additionally, without getting into details, I filed a complaint about a Bad Thing that went nowhere, which was discouraging. I tried to get a group of people together for birthday drinks and way more people RSVPed than showed up, so I totally should’ve kept it at the cute but tiny cocktail bar instead of the other place that was giving us dirty looks because most of the people I reserved space for didn’t come. Those bitters I tried to make failed, I didn’t get picked for jury duty (and yes, I really wanted to!), and I never did make those honey lilac possets. School wise, all of my b-roll is shaky (no matter which camera or which tripod) and I never really did learn how to use those broadcast cameras. None of these failures are catastrophic and some are downright silly, but it’s worth remembering that not everything is sunshine and roses… or it will be in a year when I review this.

Going Forward

I do an annual review with Pamela Slim every year, looking at the year that happened and making plans for the year to come. This year, since I’ll be slammed with school, we focused less on making a huge list of goals and more on goals and values. The following notes stemmed from our two-hour session, which I’d really recommend to freelancers and business owners of all stripes.

Work

In 2019 (and beyond), I want to use my maverick provocateur spirit (and resourcefulness) to continue doing work in line with my values—fairness, being ethical, supporting underdogs, and doing impact journalism that does have a side rather than the “view from nowhere.” I want to do work that leads to change, which I playfully refer to as being a sprite in the machine or pulling the bad linchpin. My work has focused on privacy, security, and digital freedom for years, peppered with enjoyable work (like my Munchies article!) and a few public health type things… It makes sense to mostly continue in that direction.

Knowing that most of my editors are lovely, I want to make it a point to cut the ones that aren’t sooner. It is never worth clinging to bad situations with toxic editors who lack integrity, are unprofessional, or are just bad at their jobs. I also want to only do work with clients who give me credit (yes, I want my name on things, yes, I want to be tagged when my work is shared).

This Fall

After I graduate, I am open to a full-time position rather than freelancing, so long as it’s for a site that’s aligned with my values and ethics (and ideally, is either local or allows remote workers). I’m just planning on keeping my eyes open.

I also want to work on a series of materials that’ll let me express my voice for the emerging role of journalism, whether that’s continuing my work on source protection to explaining best practices for sharing and attribution, or something else entirely.

Health

I want to work on my sleep, because that helps everything else fall in place when that’s taken care of. For example, I don’t crave sugary soft drinks or junk food when I’m well-rested.

Soft skills

I’ve been spending the past year or so working on moving towards participating in conscious disagreement (rather than just conflict), in finding a steadiness and balance. This year, even as I live what I consider an investigative style, I also want to make sure I hold space for people to do their own thing.

Last but not least, I’m working on incorporating self-gratitude practices to celebrate my accomplishments and recharge a bit, even as I continue to push myself hard and juggle a million activities.

That’s about it for me (and honestly, feels like quite a lot). Please share your thoughts or links to your own annual reviews in the comments; would love to hear what you’re working on!

Stuff I Wrote: December 2018

December 28, 2018 By Yael Grauer Leave a Comment

I’m writing this update from Utah, where I’ve been winter hiking at Zion National Forest with my husband, spotting wildlife, taking photos, and catching up on some reading. I hope your winter has been as enjoyable. This month I have five posts for you. I also discussed last months’ billboard article on the Zero Hour podcast, which you can listen to here.

I’m still rethinking the design of this monthly roundup post. If you have suggestions for what would make it more useful for you, please let me know. For now, here are some posts of mine. Thanks, as always, for reading.

Facebook is Not Equipped to Stop the Spread of Authoritarianism (TechCrunch) Whether by accident or design, Facebook makes it easy for even low-tech governments to silence dissent.

‘Donald’ Is Now One of the Top 25 Most Commonly Used Passwords (Motherboard) Another year of horrendous, terrible, no good passwords is in the books.

Reynolds Weekly: December 3, 2018 (Donald W. Reynolds National Center for Business Journalism) Some cities are making it easier for people to ride their bike to the airport. Find out how to localize this and other stories in the latest Reynold’s Weekly.

A Tale of 3 Downtowns (ASU Cronkite Project: One Step Deeper) How Chandler, Scottsdale and Glendale are revitalizing their urban cores. (Multimedia project with Frank Morris-Lopez and Krystiana Cornella.)

Cybersecurity Books Recommended by Top Security Researchers (Enterprise.nxt) If you’re looking to get into the field, let the security researchers whose names you know share the books that got them started and the books they recommend for today’s hackers.

2018’s Greatest Hits: Top 12 Posts Of The Year

December 18, 2018 By Yael Grauer Leave a Comment

Self-promotion doesn’t come easy for most journalists. We know that our work doesn’t have impact without an audience, and that editors look at a variety of metrics including page views. We’re used to cutting and pasting URLs and tags into a growing litany of fora. At the same time, we’ve also been trained to not be a part of the story.

And for good reason. It takes a village to write an article. Security researchers and academics sharing their findings and patiently answering basic questions. Whistleblowers and activists, anonymous or otherwise, putting themselves at great risk to speak truth to power. Non-profit organizations, doctors, experts in every capacity…without great sources, our work is nothing.

And that’s not even mentioning the team behind each publication, comprised of editors, copyeditors, fact-checkers, developers, designers, social media experts, the list goes on and on.

So when I say that I wrote 51 articles or blog posts this year for 25 different sites or publications, or that I co-hosted 12 podcasts, or that my content marketing textbook was published…well, I should really be giving that credit to everyone else. For 2018’s Top 12, presented in chronological order, I’ll share a little bit of backstory and highlight some of the people who helped me bring the stories to fruition.

A Practical Guide to Microchip Implants (Ars Technica) An estimated 50 to 100k folks have implants; how do the benefits compare to the risks?

I thought of this story when I was at DEF CON and I saw people line up to get microchip implants injected into the subdermal fascia between their thumbs and forefingers. This was after a Wisconsin-based tech company was getting skewered for offering to pay for its employees to be voluntarily microchipped. It was difficult to reconcile the two, and I set out to figure out what the real security risks were. I did a lot of interviews and uncovered a lot of FUD, like a game of whack-a-mole, and ended up pivoting a bit from what this piece was originally meant to be….something Ars editor Nathan Mattise is great at rolling with. Special thanks to security whizzes Tarah Wheeler and Drew Porter and to Amal Graafstra, the ever-patient Dangerous Things CEO.

Hackers Are So Fed Up With Twitter Bots, They’re Hunting them Down Themselves (The Intercept)

Illustration: Angie Wang for The Intercept

I learned about this story from Sean O’Brien at Yale Privacy Lab—the idea that pornbots were so ubiquitous and Twitter was so behind the curve in stopping their spread that French security researcher Baptiste Robert had come up with his own solution. Then I learned that a group of five archivists, data journalists, and academic researchers in Sweden were doing something similar. Last but not least, I finally had an excuse to interview the amazing Erin Gallagher, who creates these gorgeous data visualizations of Twitter bot networks showing clusters of retweet networks, hub accounts, and other information, using the visualization software tool Gephi. This piece was edited by the amazing Ryan Tate. (I was even interviewed for a podcast about this article, but I didn’t realize they didn’t want me to mention pornbots. Oops.)

Here’s a Long List of Data Broker Sites and How to Get Off of Them (Motherboard) (Also: What Are ‘Data Brokers’ And Why Are They Scooping up Information About You?)

These sites you haven’t heard of are sharing boatloads of info about you, which is annoying, and scary, and I’m grateful to Motherboard for letting me share what I call “the big-ass data broker opt out list” that I started compiling for local cryptoparties, and then for Trollbusters, and now for Vice. For this piece, I got great information from Amul Kalia (then at EFF), Paul Stephens at Privacy Rights Clearinghouse, Tiffany George at the FTC, Joe Sutton at DeleteMe, Harvard’s Berkman Klein Center for Internet & Society sysadmin Griffin Boyce and web engineer Tony Webster. These articles were edited by Emanuel Maiberg, who’s a pleasure to work with.

Photo illustration by Slate. Photo by SIphotography/iStock

Why Is It Okay For Cellphone Companies to Sell Your Data to Third Parties? (Slate/Future Tense) We shouldn’t be complacent about this.

When I was reading about how Robert Xiao discovered the vulnerability in a platform that revealed the real-time location of basically everyone with a cellphone in the United States, I already recognized his name. I’d interviewed him for a fun post about computer security ‘Capture the Flag’ games…and now look at him. For this piece I also spoke with Chris Calabrese, vice president for policy at the Center for Democracy & Technology. This piece was edited by Torie Bosch, who is a pro.

Medical Device Security: Hacking Prevention Measures (Enterprise.nxt) With so many lives at stake, computer scientists and healthcare IT pros are motivated to develop strategies that keep patients safe from medical device hackers. They’re making progress.

This post is top of mind because I just attended the second annual CyberMed conference, where physicians, security researchers, manufacturers and regulations teamed up to address healthcare cybersecurity challenges. I continue to be inspired by the hackers and physicians and hacker physicians who work hard to harden systems, create device resiliency, and build awareness of the dangers of internet connectivity meeting pacemakers and infusion pumps, through not just talks but also harrowing simulations.

Quoted in this piece are Josh Corman, who co-founded I Am The Cavalry, Roman Lysecky, professor of electrical and computer engineering at the University of Arizona, and Dr. Jeff Tully, a security researcher and physician. Change in this space is slow, so I’m glad we have people like them chiseling away at it and hopefully helping keep us all safe.

This piece was edited by Esther Schindler, who I’m lucky to know IRL.

Undated file photo of Staatsschutz on a raid in Germany. (Image: file photo)

German Police Raid Homes of Tor-Linked Group’s Board Members (ZDNet) One board member described the police’s justification for the raids as a “tenuous” link between the privacy group, a blog, and its email address.

This post was a hand-me-down from one of my favorite security reporters, who is on staff at a publication that couldn’t run this piece. There was an incredibly tight deadline over a holiday to find somewhere to place this, and I simultaneously pitched it to every good editor I could think of. (Some even got back to me after I’d already sold it to someone else.) For this piece, I quoted the very brave Moritz Bartl. A friend who speaks the language helped me try reach out to German police for a statement, for which I am grateful. My editor was the inimitable Zack Whittaker, who is now at TechCrunch.

British and Canadian Governments Accidentally Exposed Passwords and Security Plans to the Entire Internet (The Intercept)

This article is just one of many “private” Trello boards that security researcher Kushagra Pathak (who is looking for work, by the way!) found exposed to the entire internet. Check it out, check out his Medium posts, and check out Micah Lee’s article on Pathak’s U.N. research.

A Critical Look at Sovereign Identity Startups (Breaker) A new wave of startups is offering a fundamentally different approach to data collection and use.

This article idea was given to me by my editor, Julie. Blockchain stories ain’t easy, and this one in particular was a lot to wrap my head around. In addition to several Breaker editors shepherding this piece, multiple security researchers literally spent hours on the phone and on chat with me making sure I got all the details right. I also quoted infosec pro Cem Paya and software engineer Andrew Trainor in the piece.

Full Engagement (Museum)

Museums globally are expanding their social role—and value—by engaging underserved communities.

This is another piece that came to me thanks to editors Gayle Bennett and Dean Phelus and the fact that this year’s American Alliance of Museums conference happened to take place in Phoenix. I was thrilled to interview Museum of Egyptian Antiquities curator Wesam Mansour, Milena Micić, senior curator of art collection at the Homeland Museum of Knjaževac, Serbia, Tatiana Quevedo, education department coordinator at Museo de Arte Contemporáneo de Bogotá in Colombia, Marcela Giorla, Head of Education at the Museum of Contemporary Art of Buenos Aires in Argentina, German Paley, community outreach coordinator at the Museum of Modern Art of Buenos Aires in Argentina, Ignacio Vazquez, curator at Museo Memoria y Tolerancia in Mexico City, and Susana Mejia, coordinator of programming and communications at Museo Pedro Nel Gómez in Medellín, Colombia.

Circle the City “Inspired Soles” Exhibit at Found:RE Puts Homeless Artists on Display (Phoenix New Times)

This piece started out as a class assignment for my Digital Print course at Cronkite. It was edited by Doug Markowitz. I spoke with Circle the City art teacher and former patient Michael Reilly, Found:RE cultural curator Michael Oleskow, and Circle the City Director of Development Kimberly Hall. I got to attend the exhibit with some classmates at Cronkite, which was really rewarding.

IRL Ads are Taking Scary Inspiration from Social Media (Medium/The New New)

The billboards are watching you

This post was assigned to me by talented editor Damon Beres. I spoke with software engineer Elleen Pan, author Bob Hoffman, associate professor of media design David Carroll and, Yale Privacy Lab researcher Sean O’Brien

How I Tracked Down the Delicious Israeli Pudding of My Childhood (Munchies)

Milky is iconic for those who grew up in Israel in the 80s, but proved to be a feat to find stateside.

I haven’t written about food in years, but visiting my parents in Israel brought back a flood of memories and I was grateful for the opportunity.This post didn’t really use sources other than a company spokesperson, but I had several friends and family members in Israel and Germany helping me track down prices. This piece was edited by Hilary Pollack.

BONUS

Facebook Is Not Equipped to Stop the Spread of Authoritarianism (TechCrunch)

Whether by accident or design, Facebook makes it easy for even low-tech governments to silence dissent.

This post was one that I spent months on for a publication where it ultimately didn’t get published due primarily to my concerns over source protection. I was thrilled to have it posted in a site with such a wide reach and an editor as solid as Zack Whittaker. The article includes quotes from Access Now policy director Raman Jit Singh Chima, Access Now Asia policy associate Naman M. Aggarwal, Yale Privacy Lab researcher Sean O’Brien, Human Rights Watch South Asia director Meenakshi Ganguly, and a brave source we granted anonymity due to fear for their personal safety.

9 Years of Freelancing

December 1, 2018 By Yael Grauer 1 Comment

I’ve been putting pen to paper (or rather, typing on a laptop) out of coffeeshops and coworking spaces and the comfort of my own home for a total of nine years and counting, and this is the sixth year where I’ve been posting an annual write-up summing up my experiences (Here’s 2013, 2014,
2015, 2016 and 2017.) I also typically celebrate by bringing cupcakes to a coworking space, one for each year I’ve freelanced. One year we even had champagne. (Thanks, Ty!)

But this year is a little different. My freelance anniversary (freelance-versary?) coincides with the Saturday before the final day of my first semester as a grad student at the Walter Cronkite School of Journalism and Mass Communication. I did go to a coworking space last Tuesday to massively overhaul a final group project, which I’ll write about in a different post, but I did not bring cupcakes. I did, however, get extremely lost in a parking lot once I left. After 45 minutes of wandering, I finally got a security guard, who also got lost in the same parking garage…because the numbered parking spots did not go numerically. Eventually we did find my car, though.

The moral of this story is that I’m at a weird moment in my career where I don’t feel like I have wisdom a lot of wisdom to impart. I could tell you that I switched from Freshbooks to Wave for my invoicing software, and it’s saved me money and I like it so much better. I could reiterate some of the freelancing truths I’ve shared over the years, but many of these are summed up in a series of blog posts about the business of freelancing that I’ve been writing for the Reynolds Center (with two more to come). I could tell you that it’s a good idea to shake things up a bit, play with new mediums, and learn to use tools you may never use again. But there’s a lot of context missing in that statement, and it doesn’t apply across the board.

I’ll be wrapping up my year and linking to my top posts in about a month, and I plan to write a bit about what my first semester of grad school was like for people who are contemplating getting back in the classroom next fall. But for now, I’ll just thank you for sticking with me through the years. I never take it for granted that I even have a platform where people will read my ~~inane ramblings~~ ~~words of wisdom~~ thoughts on the state of things, and I will do my best to continue to provide any resources and information I think you will benefit from. ❤️