Search page

Digital Security Articles & Newsletters

All Articles

    ea0eaa31-e10d-25c7-1bae-513b73402919

    DOJ sues Apple, spotlighting iMessage

    Newsletter

    The U.S. Department of Justice filed an antitrust lawsuit against Apple, claiming the company engages in monopolistic practices over the smartphone market, preventing competitors by degrading the experience of communicating with non-Apple users in its products. iMessage features prominently in the suit, with the DOJ alleging consumers are disincentivized to leave its “walled garden” and so miss out on unique features built into the iMessage protocol, including end-to-end encryption between Apple users.

    Dr. Martin Shelton
    Blue lattice behind three ornate keys_credit Electronic Frontier Foundation

    Post-quantum iMessage

    Newsletter

    Both in the U.S. and abroad, governments are capturing encrypted connections that pass over the public internet and saving them for later use. Within years or decades, post-quantum computers could meaningfully shorten the amount of time required to unscramble encryption, allowing attackers to read previously private messages. So a growing number of organizations, including Apple, are preparing for attacks like these with post-quantum encryption. Read more in our newsletter.

    Dr. Martin Shelton
    A dumpster on fire with a pink background

    Avast caught selling browsing data

    Newsletter

    Aye hearties, gangway — the Avast cor-pirates are walking the plank. That’s because the company sold user data without consumers’ knowledge, according to the Federal Trade Commission, which ordered U.K.-based Avast Limited to pay $16.5 million and will also bar the antivirus company from selling or licensing browser data for advertisements. Read more in our newsletter.

    Dr. Martin Shelton
    Header image with a graphic of Signal's "speech bubble" logo, with a pattern of silhouettes of phones in the background.

    Signal usernames are here!

    Newsletter

    This week, security nerds are dancing in the streets because Signal, the encrypted messaging app, is finally rolling out usernames. Signal has previously required users to provide their phone number as an identifier, but with this most recent update, users may instead use a username. Read more in our newsletter.

    Dr. Martin Shelton
    animated shark fin on a computer screen_Credit EFF

    Mozilla breaks into the anti-data broker game

    Newsletter

    Hundreds of data brokers aggregate and sell access to personal data, such as phone numbers, emails, addresses, and even purchasing habits collected through loyalty card programs, social media sites, apps, trackers embedded in websites, and more. Mozilla has a new monthly subscription service which automatically scans for your personal data on data broker websites, but there are other ways to make your data less easily searchable. Read more from the Digital Security Team.

    Dr. Martin Shelton
    Illustration by Freedom of the Press Foundation. (CC BY 4.0)

    Journalists targeted with Pegasus yet again

    Newsletter

    Mercenary spyware firm NSO Group’s Pegasus spyware, designed to remotely access targeted smartphones, is marketed to governments around the world for the purposes of law enforcement and counterterrorism. But in the wild, we’ve seen governments repeatedly abuse this and similar spyware tools to infect journalists, spying on their most sensitive files, communications, and sources.

    Dr. Martin Shelton
    b5f4979b-2827-7e9e-7acd-96a3dcf47329

    Harden your iPhone against thieves

    Newsletter

    Thieves don’t just steal iPhones for the hardware — they may also want access to banking apps and Apple Pay to facilitate fraudulent transfers and purchases. One thing that works in thieves’ favor is that people often use short passwords that are easy to shoulder surf and to memorize — typically only six digits. To minimize this risk, instead of typing in passcodes, where possible and practical consider opting for Face ID or Touch ID when unlocking the phone in public spaces.

    Dr. Martin Shelton
    23b31aa3-369f-5c8f-fdaf-4f010f1c90bf

    Learn from the social media breach at SEC

    Newsletter

    On Jan. 9, 2024, the U.S. Securities and Exchange Commission’s account on X, formerly known as Twitter, was hijacked and used to post about the approval of a Bitcoin exchange-traded fund. This could have happened to anyone, whether an individual or a well-resourced organization. Learn how to mitigate similar attacks in this week's edition of our digital security digest

    Dr. Martin Shelton
    1704391473962

    Private browsing isn’t that private

    Newsletter

    On all major browsers, research suggests many users overestimate the privacy promises of private browsing mode, with many believing that it allows them to hide their IP address, encrypt their web traffic, browse anonymously, and more. That’s why you’ll want to read about what private browsing mode does and doesn’t do.

    Dr. Martin Shelton

Sign Up. Take Action.

Join our email list to stay up to date on the issues and learn how you can help protect journalists and sources everywhere.

See all newsletters

Thanks for subscribing to Freedom of the Press Foundation's mailing list. We'll send you opportunities to take action on combating government secrecy, protesting mass surveillance, and protecting reporter's rights.

Photo Credit: Rainmaker Photo/MediaPunch/IPX via AP