Stuff I Wrote: May 2016

May 31, 2016 By Yael Grauer Leave a Comment

This month, I taught a MidWeek MindTweak at CoHoots on securing small businesses, which was a really fun session with a great audience. I also held my final Phoenix Freelance Spark event, and you can read all about why I stepped down if you’re interested. Next month I’ll be at the IRE conference in New Orleans–drop me a line if you’ll be there, too. Here’s to escaping Phoenix’s summer heat for… other cities’ summer heat!

It’s always hard for me to do a roundup of my posts for the month when I know I have some really good posts on the first of June, but I do have nine posts for you to check out.

On Lockpicking, Sexism, And Your Tech Conference’s Code of Conduct (Or Lack Thereof) (Forbes)

There are no easy answers for sexism and sexual harassment at hacker conferences or tech events, but there are a few ways to minimize incidents and handle them when they arise. (Oh yeah, and nobody at the lockpicking village wants to hear your creepy handcuff jokes.)

How To Run A Gym Without Being A Classist Asshole (Performance Menu) (paywall, $5.99)

Don’t be that douchebag telling people who literally can’t afford a gym membership that they’re lying and will never get results, and other tips.

Reporter Plays Softball With Hardass (Medium)

This was my recap of the Society for Professional Journalists’ regional conference, in which Arizona Republic columnist E.J. Montini and the controversial Sheriff Joe Arpaio engaged in a keynote “interview” that not only more closely resembled amateur comedy hour, but was entirely devoid of substance. SPJ advocates for fearless journalism, believe it or not… I’d be embarrassed.

Complaining to HR Without Blowback (Dice Insights)

Complaining to HR should be your last resort, but if it’s your only option, these are some things to keep in mind.

3 BAD Food Combinations to Avoid and 6 Good Ones (LiveStrong)

I spoke with three nutrition experts to find out which food combining combos you should really avoid and some that can help optimize your health.

Security News You Might Have Missed: Criminal Risk Assessment Software is Racially Biased (Forbes)

Also, a security researcher was raided by FBI after pointing out a vulnerability in a dental database, anti-choice groups use smartphone surveillance to target “abortion-minded women,” an Israeli startup claims its tech can determine whether a person is a terrorist based on facial analysis, Chicago police use secret information to determine shooting perpetrators, Canary Watch sunseted, and more. Oh, and it’s time to change your Reddit and MySpace passwords.

Security News You Might Have Missed: I Don’t Know Why You Say Allo, I Say Goodbye (Forbes)

Google’s new messaging app will offer end-to-end encryption, but not by default. Apple makes it harder for feds to unlock devices. LinkedIn finally resets passwords for users whose accounts were apparently compromised back in 2012. (Oops!) The Intercept releases the NSA’s juicy, top secret internal newsletters. And a new report takes a look at media use of the whistleblower platform SecureDrop.

Security News You Might Have Missed: If Math Is Outlawed, Only Outlaws Will Do Math (Forbes)

Alleged British hacker wins court battle over encryption keys, Twitter bars Dataminr from sending alerts to intelligence agencies, federal agents planted hidden mics and videos at a courthouse, Senate contemplates reauthorizing the NSA’s controversial 702 surveillance, a government spy truck poses as a Google Street View car, and more.

Security News You Might Have Missed: Brazil Blocks WhatsApp, Stingray Parallel Construction, More (Forbes)

A roundup of security news this week, including Brazil’s short-lived WhatsApp shutdown, Maryland cops relying on Stingray tech for petty theft, parallel construction in Stingray use in Oklahoma City, Rule 41 changes to increase mass surveillance, and passwords being sold on the dark web.

Tips and comments are welcome at yael@yaelwrites.com (I do use PGP). I’m on Twitter@yaelwrites and on Jabber and Tor Messenger at yael@jabber.calyxinstitute.org. Additional ways to contact me securely are here: https://yaelwrites.com/contact/.

Filed Under: stuff I wrote

I Stepped Down as an Organizer of Phoenix Freelance Spark. Here’s Why.

May 31, 2016 By Yael Grauer Leave a Comment

11130240_10153232159101122_9081754209403817967_n Last month, I stepped down as an organizer of the Phoenix chapter of Freelance Spark. (Organizers in other cities stepped down as well.) I started volunteering with Freelancers Union in January 2015, holding my first event in February at GangPlank in Chandler. Soon, videographer Ita Udo-Ema joined me as a co-organizer, before I went solo in order to move the event to CoHoots in downtown Phoenix on October 2015 in hopes of drawing a larger crowd. Our June meeting would’ve been tomorrow (Wednesday) so I wanted to give an explanation.

From the beginning of my volunteer stint, I noticed two things. First, it became immediately apparent that the Freelancers Union staff (which doesn’t include many former or current freelancers) wanted to basically run the show with very little feedback from volunteers—even going so far as to provide “scripts” in each month’s material for us to read aloud, often to promote their own health insurance offerings or initiatives. And second, I noticed that this non-profit, whose goal is (supposedly) to help freelancers thrive and grow, was instead invested in how much additional work it could get from volunteers. What more could chapter leaders be doing? Early on, I remember leaving a Google Hangout for this very reason. It was exhausting.

At one point, Spark wanted to reprint one of my blog posts, and asked me for a photograph. When I asked for specs, they sent me a laundry list that would be more appropriate for a paid graphic designer or photographer to receive from a client: body turned towards camera, high resolution (non blurry/grainy), landscape orientation (not square), negative space–the more the merrier–around your entire silhouette (except for the bottom, no part of you touches the edge of the photo), minimum resolution: 72 dpi, minimum dimensions: 700 px tall, 900px wide, at least 300KB,” it read in part. Of course, they forgot to add a link to the original post until I wrote back in with a reminder. Priorities, amirite?

Freelance Spark seems to cater to fledgling freelancers, rather than established professionals, focusing its campaigns on things like legislation in New York (which wouldn’t affect many members) and a laundry list of unpaid invoices by its members that it’s titled “the world’s longest invoice” (in spite of the fact that pointing to plight of unpaid freelance work doesn’t exactly help the profession, or how it’s perceived by others). But it wasn’t lost on even the greenest attendees that the curriculum provided was of increasingly poor quality. Perhaps as a byproduct of material that wasn’t applicable to most of the people in the room, attendance to meetings dwindled. Even when many people RSVPed for events, only few would show up, and I got used to recycling unused material at the end of the night month after month. On multiple occasions, our gathering had just one or two attendees. I found myself wondering whether it was worth it, but discussing it with the Freelancers Union powers that be was pointless, as they provided little feedback or assistance.

Some of these issues came to a head in our Slack channel when a Freelancers Union staffer decided that we would all be charging for events going forward to prevent no-shows. Not all organizers were thrilled with the idea of asking members to pay for events we were hosting as volunteers, in space generously provided free of charge, but we were never even asked.

In response to growing conversation and actual feedback from its unpaid volunteers, Freelancers Union leaders decide to shut down the discussion and send out a survey. In response to my concerns with Freelance Spark meetups, I was sent an email and asked to hop on the phone with two organizers so that we could discuss my tone.

I had already been planning to resign because I didn’t feel like my volunteer work was making a positive impact, because the material seemed meaningless, and because–after months of this–I didn’t envision a possibility for change. But I was waiting for a scheduled happy hour (as a way to say thanks to our hosts) and for a session on security for small businesses, which I was asked to help develop curriculum for. Prior to being asked to create written material, I was asked to be on a panel (which never happened). As I was surveying chapter leaders for information to cover (something, incidentally, that Spark hadn’t really ever done when designing curriculum), a Freelancers Union organizer asked me to tack on information on IP and copyright, which is not only problematic for multiple reasons, but also out of scope. After agreeing to multiple requests to help with this session, I was then asked to hop on the phone to essentially repitch the idea. Later, the scheduled talk was quietly removed from the calendar.

How many freelancers haven’t had this problem? Someone asks you to do something, then when you agree, asks you to explain how you’re qualified and essentially pitch it to them? It’s annoying when it’s paying work, and honestly a little bit insulting for unpaid work. Freelancers Union relies on unpaid volunteers, and apparently views our time as expendable. I’m not sure how it distinguishes between “promoting the interests of independent workers” and promoting its own interests through the unused and unacknowledged (let alone unpaid) labor of independent workers, which is how I knew it was time to say goodbye.

After a year and a half of being dismissive of concerns, it’s hard to say whether Freelancers Union will be able to rebuild trust with its cadre of volunteers, or demonstrate that its staffers are familiar with freelancing and care about the needs of independent workers (beyond soliciting unpaid labor and trying to sell insurance). Running a successful remote group of volunteers isn’t easy even when it’s done properly, and I can’t even imagine how hard it would be when done wrong.

I did make some great connections through Spark, so not all was lost. And information wants to be free. In addition to teaching multiple workshops on online privacy and security for small businesses at my coworking space, and cohosting several events at another coworking space and the downtown library, I’ve already started organizing informal meetups for networking and troubleshooting sessions without forced curriculum, and without being asked to push a dismissive and out-of-touch organization’s agenda. Here’s to mutual assistance and the spirit of d.i.y., which drew a lot of us to freelancing in the first place.

Filed Under: musings

Reporter Plays Softball With Hardass

May 4, 2016 By Yael Grauer Leave a Comment

America’s toughest sheriff struggles with real media questions. (photo: Gage Skidmore)

“America’s Toughest Sheriff” Joe Arpaio SPJ Regional Conference Keynote Interview Was Lacking

Last Saturday, I attended the Society of Professional Journalists (SPJ) Western Regional Conference. The theme was “a thirst for news,” and keynote was a one-on-one interview with Maricopa County Sheriff Joe Arpaio conducted by Arizona Republic columnist E.J. Montini.

SPJ’s tagline is “improving and protecting journalism since 1909.” The organization is perhaps best known for its code of ethics, voluntarily embraced by journalists aspiring to hold themselves to high standards of integrity in their work. Having a sheriff–any sheriff–as a keynote speaker seems somewhat unusual. In contrast, other regions chose ESPN Films and Original Content VP and award-winning documentarian John Dahl, Washington Post reporter T. Rees Shapiro, Louisville Public Media executive editor Stephen George, University of Southern California Annenberg School for Communication and Journalism professor Robert Hernandez, and Times-Picayune/NOLA.com environmental reporter and Pulitzer winner Mark Schleifstein.

But SPJ advocates for fearless journalism. “Seek the truth and report it,” its code of ethics advises, as well as the admonition to “be vigilant and courageous about holding those with power accountable” and to “give voice to the voiceless.” Surely a keynote interview conducted by a journalist in front of an audience of journalists would include something resembling journalism? That’s what I came to the conference expecting, but not what the keynote delivered.

Not only did Montini and Arpaio engage in an “interview” that more closely resembled amateur comedy hour, it was entirely devoid of substance. It began with Arpaio laughing about sending Montini anchovy pizzas–which, incidentally, doesn’t seem like a practice SPJ would recommend–its code of ethics advises journalists to “refuse gifts, favors, fees, free travel and special treatment.”

Montini repeatedly minimized the impact of Arpaoi’s policies, referring to them as “stunts” and trivializing his history of misconduct with comments like “you had this Justice Department stuff for a long time” before changing the subject. Arpaio, who once had a SWAT team set the house of an innocent man on fire, made dumb jokes about being Elvis in Las Vegas. Arpaio, whose staff mishandled or neglected ~400 sex crimes between ’05 and ’07, joked about how having a female chain gang was an example of equal opportunity. Arpaio, “America’s toughest sheriff,” waxed poetic about the good old days when he could buy reporters a cup of coffee and have an off-the-record conversation. Apparently doesn’t think being lobbed a series of inane softball questions at a regional conference for an organization dedicated to seeking the truth was good enough.

On April 3^rd, Vice News journalist Tess Owens wrote a lengthy post about the mistreatment of mentally ill prisoners in Maricopa County, and, Owens wrote, “Arpaio and his staff did not respond to multiple phone calls and written requests for comment.” It’s too bad that a journalist who had him on stage in front of an audience with “a thirst for news” decided that hard-hitting questions were not appropriate for an audience of journalists.

After all, why would journalists possibly be interested in Arpaio’s unlawful enforcement of immigration laws, racial profiling, unlawful traffic stops, failure to investigate sex crimes, or election law violations? Why would they care about how cases involving him or his office have cost taxpayers upwards of $142 million in settlements, court awards, and legal expenses. Why would they care about Arpaio’s misuse of funds allocated for inmate services, when they could talk about Elvis and anchovy pizza instead?

Over Twitter, Montini said “Arpaio was a guest.” That he should get grilled for news stories but “this was more of a conversation.”

It’s was the setting. Arpaio was a guest. For news stories, he should get grilled. This was more of a conversation. https://t.co/qjLc3RoESY

— E.J. Montini (@ejmontini) April 30, 2016

I've asked what you'd call REAL questions of him for 20+ years, and will continue to do so. This wasn't the venue. https://t.co/kooUNRfbBb

— E.J. Montini (@ejmontini) April 30, 2016

“I’d like to leave some time open for you to ask questions as well, and when you do, make sure to raise your hand, and one of the sheriff’s security guards will come up and tase you,” Montini joked at one point. It’s not funny. Mere hours after the Justice Department released its findings that the Maricopa County Sheriff’s Office has a pervasive culture of discriminatory bias against Latinos, reaching the highest levels of the agency, one of Arpaio’s detention officers used a taser on Latino veteran Ernest “Marty” Atencio, who stopped breathing after he was stripped naked, severely beaten, and left alone in a “safe cell.” Atencio died days after the injury. Atencio was just one victim of Arpaio’s Maricopa County Jails.

It's almost a comedy routine. @ejmontini chat w/ @RealSheriffJoe #spjwest pic.twitter.com/GYYKZcIpRK

— Dustin Gardiner (@dustingardiner) April 30, 2016

You can see the “joke” in the video linked in Gardiner’s tweet above.

Although there were some real questions from audience members, including my own, Montini didn’t press Arpaio when he evaded questions, even helping him save face by pretending Arpaio wasn’t involved in ACLU’s lawsuit over the jails he oversees.

Question from @yaelwrites: How do you justify treatment of mentally ill prisoners? How do you sleep at night? #spjwest

— Maria Polletta (@mpolletta) April 30, 2016

.@RealSheriffJoe: I'm not responsible for mental-health services in my jail and shouldn't be. That's Dept of Corrections.

— Maria Polletta (@mpolletta) April 30, 2016

It’s hardly a surprise when a corrupt politician shamelessly shucks responsibility for his own misconduct. And perhaps a spineless reporter helping a corrupt politician save face for diplomacy’s sake isn’t much of a surprise, either. But it damn well should be.

Filed Under: political, rants

Stuff I Wrote: April 2016

April 29, 2016 By Yael Grauer Leave a Comment

800px-Skrifmaskin,_Blickensderfer-maskin,_Nordisk_familjebok It’s been a busy month for events! After attending RightsCon in San Francisco, I co-organized and participated in two CryptoParties here in Phoenix, one at Mod and one at the Burton-Barr Public Library. Missed them? Follow @cryptopartyphx on Twitter, and check out David Huerta’s slides on when ads stare back, Will Bradley’s Prezi on encrypted messaging, and my slides on basic operational security. (Jeremy Leung was our fourth presenter.) You can also check out my Mid-Week MindTweak at Co+Hoots on May 25th at 12:30 to get food truck food and learn some ways to keep your business secure.

Freelancers attending the Society for Professional Journalists Western Regional Conference in Phoenix this Saturday can catch me at the freelancer’s survival hack panel moderated by KJZZ reporter Carrie Jung, where I’ll be answering questions alongside fellow freelancers Jimmy Magahern and Maritza Felix. And, as always, Freelance Spark is the first Wednesday of the month.

As far as posts this month, I do have seven to share.

Apple Bug Exposed Chat History With A Single Click (The Intercept) I’m excited about this one! Bishop Fox researchers discovered a security vulnerability in the Mac version of Apple’s Messages app allowed users to be compromised by malicious links, and I wrote it up for, uh, the best site of all time (with a fabulous editor)

5 Reasons You Should Stop Shortening URLs (Forbes) A recent paper published by Cornell Tech researchers showed that shortened URLs can be cracked to spy on people—but that’s just one reason to avoid bit.ly and sites like it. Here are five more. (And yes, do as we do, not as we say. I do my best to refrain from shortening links myself, but can’t speak for sites I write for!

This Is The Easiest Way To Password Protect A Word Document (Forbes) How to protect a single Microsoft Office file with a password to stop others from opening and/or modifying it. You don’t even have to download anything. I wrote this post when a friend of mine asked for help and I didn’t know what to say.

Security News You Might Have Missed: Microsoft Sues The Government Over Secret Cloud Data Searches (Forbes) I miss writing WIRED’s security roundup so much that I’m doing it for Forbes. Microsoft sues the Justice Department, Apple patches a Messages vulnerability but no longer updates QuickTime for Windows, Australian federal police admit to seeking a journalist’s metadata, a study shows that location data from two apps can identify you, and more.

Security News You Might Have Missed: $1.3M iPhone Hack, Feds Want More Apple Data, More (Forbes) This week, the government revealed it paid at least $1.3m for tool to unlock San Bernardino phone, a transparency report revealed that US government orders for Apple user data quadrupled, the secret FISA court ignored a public advocate’s concerns over FBI access to NSA data for domestic crimes, NSAs were deemed legal (for now).

Security News You Might Have Missed: Waze Stalking, Email Privacy Act Passes House, More (Forbes) Government requests for Facebook user data spike, awareness of mass surveillance led to plummeted Wikipedia traffic on entries related to terrorism, a former Tor developer now creates malware for the government to track Tor users, and more security news you might have missed this week.

[Paywall] Community Gardening For Fun And Produce (The Performance Menu) Why and how to get started growing your own food in a community garden.

Tips and comments are welcome at yael@yaelwrites.com (I do use PGP). I’m on Twitter @yaelwrites and on Jabber and Tor Messenger at yael@jabber.calyxinstitute.org. Additional ways to contact me securely are here: https://yaelwrites.com/contact/.

Filed Under: musings

Stuff I Wrote: March 2016

April 6, 2016 By Yael Grauer Leave a Comment

Writing Fountain pen Happy April! As always, here’s my roundup of posts I wrote last month… I also updated my portfolio, so check it out at https://yaelgrauer.contently.com/ if you are so inclined.

5 Free Alternatives to Freelance Must-Have Tools (The Freelancer) Save cash on project management, email marketing, photo editing, word processing and accounting tools.

Getting Into a Competitive Boot Camp (Dice Insights) Some tips from folks at Hackbright Academy, Code Builders, and Startup Institute.

Jumping into User Experience (UX) Design (Dice Insights) Some tips from UX designers on making the transition.

Security News You Might Have Missed: Apple vs the FBI (Forbes) After a flurry of legal briefs and the beginning of a media showdown, Apple and the FBI were set to square off in a trial to determine whether Apple would be required to write, sign, and deliver new software code to allow government access to data that may or may not be on a phone belonging to one of the San Bernardino shooters. I put together a roundup of some recent news and analysis for context on the upcoming trial, which was ultimately canceled.

FBI Files Motion To Postpone Tomorrow’s Showdown With Apple (Forbes) A day before its scheduled showdown with Apple, the Justice Department moved to postpone a court hearing on whether Apple should be forced to help the government break into a deceased San Bernardino shooter’s iPhone

FCC Slapped Verizon With A $1.35M Fine, But Supercookies Remain A Problem Around The World (Forbes) Unique Identifier Headers remain a problem internationally, but the FCC could drive reforms going forward, and other companies could follow suit.

FCC Privacy Rules Would Close Loophole for Supercookies (Forbes) Federal Communications Commission chairman Tom Wheeler proposed new privacy regulations that would require broadband Internet access service providers to obtain customer consent before collecting and using their data. The proposal will be voted on by the commission on March 31st.

Beef Up Your Security By Revoking Unnecessary Third-Party Permissions (Forbes) Is your Twitter account posting or direct messaging out spam? Getting inundated (or inadvertently sending) game requests on Facebook? Here’s what to do…

Filed Under: stuff I wrote

FBI Filed A Motion To Postpone Tomorrow’s Showdown With Apple

March 21, 2016 By Yael Grauer Leave a Comment

Less than 24 hours before its planned showdown with Apple, the FBI moved to vacate March 22nd’s hearing. The request was granted.

“On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone. Testing is required to determine whether it is a viable method that will not compromise data on Farook’s iPhone. If the method is viable, it should eliminate the need for the assistance from Apple Inc. (“Apple”) set forth in the All Writs Act Order in this case,” the filing read in part. Government attorneys proposed filing a status report with the court by April 5th, 2016.

The hearing was meant to determine whether the government can use the All Writs Act to compel Apple to create a new vulnerability in its software, sign it, and deliver it to an iPhone belonging to a deceased San Bernardino shooter, so that investigators can peek inside the phone (in spite of the fact that it likely doesn’t even have anything of value on it). This came on the heels of a federal magistrate judge in Brooklyn ruling that the government does not have the authority to compel Apple to unlock an iPhone using the All Writs Act.

The news was first reported on Politico.

Filed Under: musings

Stuff I Wrote: February 2016

March 1, 2016 By Yael Grauer Leave a Comment

Writing Fountain pen In February, I wrote about securing photos, how to prevent getting hacked mid-air, and a whole lot more. As always, I’ve rounded up everything I had published for the month, but the posts are divided by publications rather than by topic.

Forbes

How Not To Get “Hacked” Mid-Air USA Today columnist Steven Petrow recently wrote a post about a stranger on an airplane who claimed to have hacked into his email account. Here are five steps to take to avoid sharing his fate.

How To Secure Your iPhone Photographs. What to do to secure your images if you’re worried about device theft or loss, or about images being subpoenaed or confiscated.

Strong Crypto Is Widely Available Outside The US, So Restrictions Are Unlikely To Thwart Terrorism. US restrictions on unbreakable crypto are far less likely to thwart terrorists and criminals they will negatively impact US companies’ bottom line and the safety and security of everyday internet users.

This Heartwave-Sensing Wristband Unlocks Your Laptop–But Some Say It Falls Short. The Nymi Band promises continuous authentication based on electrocardiogram data–but it doesn’t eliminate passwords, has a password override, and can be configured to work without ECG information at all.

Apple Vs. FBI Roundup: All The News And Analysis You May Have Missed. Things have been heating up between Apple and the FBI. If you’re looking for detailed legal or technical explanations–or even just some basic overviews–here’s a roundup of news stories and analyses to refer to.

Wired

Sadly, these are my final three WIRED security news roundup columns.

Security News This Week: The White House Bans Its Own Security Researcher. Also, why the government can’t claim it is “going dark,” a legislator working on an anti-swatting bill was swatted, and more.

Security This Week: Employers Are Paying Data Firms to Predict Your Health Risks. Also, sensitive student data was released to a non-profit, a data intelligence company gathered intel on caucus workers, a union in Philly deployed a surveillance drone to help its workers, and more.

Security News This Week: The Government Wants to Listen In on Your Smart Home. Also, a way to get academic papers for free, leaked police contracts destroy civilian complaints and keep disciplinary records secret, NYPD’s stingray use, and more.

Dice

Your Workplace Transition Survival Guide. What to pay attention to when moving from enterprise to a startup, or vice versa.

Tips For Negotiating Equity. Great if you’re planning on joining a startup.

Jumping Into Project Management. Self-explanatory.

Jumping Into Product Management. Also self-explanatory.

Filed Under: stuff I wrote

Stuff I Wrote: January 2016

January 30, 2016 By Yael Grauer Leave a Comment

In January, I wrote about administrative backdoors, shitty passwords, and a whole lot more. As always, I’ve rounded up everything I had published for the month, this time divided by publications rather than by topic.

A note for Forbes readers (or non-readers, as the case may be): Unfortunately, Forbes is blocking ad blockers, and I’ve been getting a lot of comments from folks who’d like to read these posts but don’t want to put themselves at risk of malware. There are certain ad blockers that still seem to work (like uBlock Origin), and Tor is always an option, but if you really want to read something and can’t access it, feel free to email me–the terms of my contract allow me to share my own work privately or repurpose it after it’s published.

Forbes Tech

Peerio Co-Founder On Why He Left The Company (Hint: It Had To Do With Admin Backdoors) I wrote about why 25-year-old programmer and privacy advocate Nadim Kobeïssi says he quit the company he co-founded. And for the record, I believe him.

2015’s Worst Passwords Are Still Really Bad (So Please Tell Me Yours Is Not On The List) This post got 60,000+ views, and I’m not really exactly sure why, but I’ll take it.

Many Americans Are Willing To Sacrifice Personal Information For Good Deals This is about an interesting Pew Research Center study which gets into a bit of detail on when people will give up their privacy, and when they say they’d find a certain tradeoff unacceptable.

I Tried To Shop Online Anonymously (And It Was A Pain In The Butt) It really was.

Twitter Restores Politwoops’ API Access, Allowing It To Post Politicians’ Deleted Tweets Once Again This was actually a bit of a followup to my first post about Politwoops and Donald Trump’s deleted tweet.

The Freelancer

How Investigative Journalists Can Protect Themselves Some great technical and legal tips from cybernetic lawyer Aaron Williamson and digital security trainer Harlo Holmes to help us stay safe.

This Tool Wants to Help Writers Break News The scoop on Sqoop.

WIRED

Security This Week: License Plate Readers in Texas Are Now Also Debt Collectors. This roundup also includes information on the UK allowing firms to sell invasive spying equipment to human rights abusers, Chicago police sabotaging their own dashcams, an espionage campaign targeting minority activists, Israel’s electric authority getting hacked, a new Android ransomware, Lenovo SHAREit’s poor security, and how easy it is to get an address from Amazon over chat.

Security News This Week: Now California Wants to Ban Encrypted Phones, Too Also the FBI ran a child porn site for two weeks, a UK court ruled that the Terrorism Act violates the rights of a free press, a GCHQ-built phone messaging app has a massive backdoor, and more.

Security News This Week: Tim Cook Demands That the White House Defend Encryption This roundup also includes information on Spamhaus Project accusing Verizon of routing millions of IP addresses for spammers, Homeland Security asking hotel staff to essentially spy on guests, a graduate center purging interlibrary loan records to protect the privacy of its patrons, and more.

Security News This Week: Hacked Toymaker VTech Now Makes Home Monitoring Tech Plus news on the monkey selfie, Ukraine’s malware-induced power outage, the Dutch government formally rejecting backdoors, the FTC fining a dental practices software provider for misleading ads about encryption, and more.

Sherdog

Beating the Odds: UFC 195 (Sherdog) I wrote about the four upsets on the January 2nd card.

That’s it for now! I’ll see you next month.

Filed Under: stuff I wrote

Stuff I Wrote: December 2015

January 29, 2016 By Yael Grauer Leave a Comment

Writing Fountain pen I just realized I forgot to do this last month, so wanted to link to all of my December post before rounding up the ones for January.

Protect Yourself From Workplace Bullies (Dice.com) Tips from executive coach Michele Woodward, who presented an interactive webinar on the issue for the Harvard Business Review on this topic, and from Eylsia Lock on her own experience.

After 11 Years, FBI Gag Order on Warrantless Surveillance Is Lifted (Slate) With comments from Nick Merrill himself.

5 Generous Paleo-Friendly Holiday Gift Ideas (PAYWALL–Performance Menu) This one is serious.

8 Gifts Every Freelancer Will Love (The Freelancer) This one is tongue in cheek.

Security News This Week: Facebooking At Work Can No Longer Be Charged as “Hacking” (WIRED)

Security News This Week: The Government Really Doesn’t Seem to Like Encryption (WIRED)

Security This Week: Peek Inside the Government’s Spy Gear Catalog (WIRED)

Beating the Odds: UFC 194 (Sherdog)

Filed Under: musings

Yael Hires An Editor (Or Editors)

January 25, 2016 By Yael Grauer Leave a Comment

Inspired by both Susan Hires A Boss and Havi Brooks’ Very Personal Ads, I’ve decided to write up the criteria I select when choosing an editor to work with me. There are application instructions at the end!

All About the Job

Being my editor will be one of the most rewarding opportunities you’ll ever have. After all, not every editor gets to work with a writer who is obsessed with getting to the truth. A writer who’s passionate about covering challenging topics with nuance and complexity—and making them accessible enough for your readers to understand. A writer who’s obsessed with improving her craft and expanding her understanding, and okay with starting back at square one if something isn’t quite right. A writer who’s not afraid to ask hard questions and push back against obvious lies, but is also committed to being incredibly fair.

Being my editor may also be the toughest job you’ve ever had. I’ll need you to be my sparring partner while I bounce ideas off of you. I’ll need your patience while I strive for accuracy over speed, verify details with experts, or wait for those damned FOIA requests to go through. I’ll need your trust to let me look into things that might not make sense to you at first. I’ll need you to have my back when I ruffle feathers.

Qualifications

To apply for this job, you must meet the following requirements:

Have a solid understanding of technology (or whatever I’m covering for you) and be a stellar editor
Be responsive to pitches, even if that’s just a one-sentence email to tell me when you will respond. If you can’t get through your slush pile, this is not the job for you.
Be generally accessible during business hours through text/Slack/some other means. I may need quick responses when I have pertinent questions or want to correct an error.
Care more about writers seeking the truth and reporting it than you are about not upsetting government officials or corporate heads (or even readers). No walking back accurate claims for the sake of diplomacy, expecting me to ask softball questions, or rewriting accurate headlines at the behest of politicians or PR flacks.
Treat writers fairly. That means paying on time every time. It means no scope creep. It means you won’t assign posts and then change your mind and then pretend they were never assigned.
Be based wherever you are, as long as you’re cool with me being in Arizona (or wherever you live if you hire me full-time).
Have experience editing without arbitrary word counts.
See journalism as about creating systemic social change, not just about racking up pageviews.
Prefer specialized posts that others might call “insider baseball.” Working to make posts accessible to a general audience is fine. Pretending a story is broader than it is, on the other hand, is not.
Show me edits before posts go live, and be okay with me nitpicking grammatical and factual errors (real or perceived). We can discuss them.

Desired Qualifications

A sense of humor. You should be able to laugh at yourself. Or at least laugh at me. In a nice way.
Share an interest with me. I have so many: botany, folk music, classic lit, riot grrrl zines, improv comedy, combat sports, Olylifting, Bougereau, lactofermentation, chocolate, cycling, Fables comics, Agents of S.H.I.E.LD, Mr. Robot… the list goes on and on. We’ll want to discuss things other than work now and again.
Legitimately like working with freelancers. You’ll want to get coffee/lunch/drinks when we’re in the same town, send me a holiday card (or be excited about getting mine), verify GPG keys, and follow me back on Twitter, or at least put me on a writer list. Bonus points for tweeting my posts with my handle and trading dumb jokes semi-publicly.

Qualifications for the website or publication:

Your site/company’s culture should be friendly and supportive. Edgy is great, but no assholes allowed. (That includes your star writers essentially bullying people they dislike on social media, even if you think it’s cute.)
Have a solid track record of respecting sources, including their anonymity if they are at risk, and only covering controversial and possibly damaging stories if the public has a need to know. Bonus points for using SecureDrop or OnionShare.
Have a solid track record of respecting marginalized groups in both your practices and coverage.
Have a company culture that doesn’t expect employees or freelancers to be on call 24/7.
Use good tools rather than roll-your-own-CMS which breaks and you need to keep replacing. Slack/Google chat and Trello/Basecamp are a good start.
Care about the security of your readers. Please have SSL. No ad blocker blockers. No blocking Tor. (Cloudflare is okay.)
Have a solid track record of treating writers well: paying on time, paying full fees if posts were killed for reasons outside of the writer’s control, etc. (Yes, freelancers do talk about you to each other, so if you don’t do this, I probably already know.)
Oh yeah. Pay a decent rate. Nobody wants to spend weeks on a 2000-word feature for ten cents a word.

Desired Qualifications

Care about writers’ long-term professional development and continuing education, even if that just means forwarding an email about a great Khan Academy course we’d like.
Offer some form of guidance or mentorship. We know freelancers come and go, but I’m looking for an ongoing relationship.
Be excited about new, cutting edge issues that nobody’s really covered yet.

About Me

I live in Phoenix on occupied Tohono O’odham land with my amazing husband and our wonderpup. (She’s big on Instagram.) I’m originally from Israel and have lived all over the US, and spent a year studying abroad in Oxford. I went to Shimer College, a Great Books school with original source readings and small (10-12 student) seminar-style classes. The school’s informal motto was “Sex, drugs, and Socrates; we kick ass on GREs.” (I scored in the 93^rd percentile in analytical writing and 95^th percentile in verbal reasoning.)

I started self-publishing when I was 12 years old with my very own zine. I was a big Sassy reader and was influenced by the riot grrrl movement. When I turned 17, I started writing for Blue Jean magazine. I think I had a poem published in Highlights for Children once, too. I skipped my high school graduation to cook food for the homeless with Food Not Bombs, which I thought was more important.

I’ve visited treesit villages, volunteered as a street medic, and lived in a tent in the desert while learning about permaculture. I was a Tracker School student and a docent at the Botanical Gardens, and have dabbled with herbal medicine for eons. Once I got fired from a vegetarian café in England because I got the job before I really knew how to count the currency. I spent my spare time volunteering at Corporate Watch UK instead. Before freelancing full-time, I taught middle school English. Before that, I spent four years working at the front desk of a public access TV station, where I got to briefly meet Jeremy Scahill. He was nice.

I got obsessed with online privacy and security because of anonymous death threats. I was vehemently opposed to encryption. It took me about a week to change sides.

I’ve written extensively about health and fitness and mixed martial arts. And I do some behind-the-scenes work as a managing editor. I’ve turned down thousands of dollars writing about social media marketing because I got bored and thought our headlines were misleading, and walked away from many lucrative opportunities because they were unethical or didn’t have adequate source protection.

I love Brazilian jiu-jitsu, lifting heavy things, and hanging out at the bookstore or farmer’s market. Things I want to like but don’t include Evernote, Reddit, the whole zombie thing, distance running, and waking up early.

Sites and publications I dig that I don’t already write for include ProPublica, the Intercept (of course!), Ars Technica, Medium, Atlas Obscura, The New Yorker, Fusion, Good, and probably a few I’m forgetting. I used to be obsessed with Fast Company and Inc. and Entrepreneur but have mostly outgrown that. Sites I love not include the ones that will publish hit pieces about Anita Sarkeesian, or quote government officials anonymously. And Pando.

Where to find out more about me

This website. My portfolio. My top 20 favorite posts of 2015 and my year in review. Twitter. LinkedIn, if you must.

Apply to be my editor

Don’t worry. It’s easy. After reading through this site and looking through my portfolio or some of my writing, please send me an email telling me a bit about you and why you think we’d work well together. I will respond within a week to let you know whether I’m interested in scheduling a call to see if we’re a good fit…and then we’ll take it from there.

Filed Under: musings

Yael Writes

Stuff I Wrote: May 2016

I Stepped Down as an Organizer of Phoenix Freelance Spark. Here’s Why.

Reporter Plays Softball With Hardass

“America’s Toughest Sheriff” Joe Arpaio SPJ Regional Conference Keynote Interview Was Lacking

Stuff I Wrote: April 2016

Stuff I Wrote: March 2016

FBI Filed A Motion To Postpone Tomorrow’s Showdown With Apple

Stuff I Wrote: February 2016

Forbes

Wired

Dice

Stuff I Wrote: January 2016

Forbes Tech

The Freelancer

WIRED

Sherdog

Stuff I Wrote: December 2015

Yael Hires An Editor (Or Editors)

All About the Job

Qualifications

Desired Qualifications

Qualifications for the website or publication:

Desired Qualifications

About Me

Where to find out more about me

Apply to be my editor

Subscribe!

Join Me On

Professional Organizations

Publication Credits