In case you missed it, last week I was on an episode of the kill switch podcast. I discussed the ICEBlock app and why it was activism theater, and how the developer handled my vulnerability report in the worst possible way. But I also talk about why, even though I| micahflee
I gave the Saturday morning keynote at BSidesPDX! I spoke honestly and frankly about the terrifying reality that Americans are facing under Trump's fascist regime, alongside practical advice for communities to defend themselves. Watch my talk below. Of if you prefer reading articles over watching video, I'| micahflee
I'll be giving the Saturday morning keynote at BSidesPDX next weekend in beautiful Portland, Oregon. I'm still putting the final touches on my talk, but it will largely be about the new American technofascist reality of mercenary spyware, device searches, and app censorship, with a focus on practical ways to| micahflee
Last week, I wrote about how Joshua Aaron's ICEBlock app, which allows people to anonymously report ICE sightings within a 5-mile radius, is – unfortunately, and despite apparent good intentions – activism theater. This was based on Joshua's talk at HOPE where he made it clear that he isn't taking the advice| micahflee
At this summer's HOPE conference, Joshua Aaron spoke about ICEBlock, his iPhone app that allows users to anonymously report ICE sightings within a 5 mile radius, and to get notifications when others report ICE sightings near them. You can see the full talk, and the lively/infuriating Q&A, here,| micahflee
I just gave my first solo main stage DEFCON talk, about Signalgate, and I think it was a resounding success! The room was packed – apparently people were waiting outside to get in. I got tons of positive feedback, and no negative feedback (though, someone told me a boomer sitting next| micahflee
Hacker Summer camp is upon us. If you're going to DEFCON, make sure to check out my talk! It's Saturday at 4pm. Here are the details: "We are currently clean on OPSEC": The Signalgate Saga Saturday at 16:00 in LVCC - L1 - EHW3 - Track 5 45 minutes| micahflee
Things are heating up. Millions of people are taking to the streets against Trump's rising authoritarianism. Communities around the US are organizing to defend against ICE raids, to protest Israeli genocide, for mutual aid, and for other forms of fighting fascism. Signal can help people safely organize in all of| micahflee
💡Update May 19, 2025: Uh oh: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server Update May 21, 2025: I've written a new detailed analysis of the heap dump dataset itself: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more Update May 26, 2025:| micahflee
💡Update May 26, 2025: I've published the source code for TeleMessage Explorer: a new open source research tool I've been digging through the 410 GB of Java heap dumps from TeleMessage's archive server, provided by DDoSecrets. Here's a description of the dataset, some of my initial findings, details about an| micahflee
I've spent the last week or two writing code to make sense of the massive hack of data from TeleMessage, the comically insecure company that makes a modified Signal app that Trump's former national security advisor Mike Waltz was caught using. I've decided to publish my code as open source| micahflee
This morning, Distributed Denial of Secrets published 410 GB of data hacked from TeleMessage, the Israeli firm that makes modified versions of Signal, WhatsApp, Telegram, and WeChat that centrally archive messages. Because the data is sensitive and full of PII, DDoSecrets is only sharing it with journalists and researchers. There's| micahflee
TeleMessage, a company that makes a modified version of Signal that archives messages for government agencies, was hacked.| micahflee
Kyle Schutt is a 37 year old "DOGE software engineer," according to ProPublica. In February, Drop Site News reported that he gained access to FEMA's "core financial management system." His computer was apparently compromised with malware, because his email address and passwords have shown up in four separate stealer log| micahflee
Despite their misleading marketing, TeleMessage, the company that makes a modified version of Signal used by senior Trump officials, can access plaintext chat logs from its customers. In this post I give a high level overview of how the TeleMessage fake Signal app, called TM SGNL, works and why it's| micahflee
💡Update May 4, 2025: I have published quite the follow-up story, if I may say so myself: The Signal Clone the Trump Admin Uses Was Hacked Update May 6, 2025: I've written a new detailed analysis. The findings are based on the TM SGNL source code and are corroborated by| micahflee
💡Update May 3, 2025: I have posted a follow-up, Here's the source code for the unofficial Signal app used by Trump officials. Update May 4, 2025: Another followup, and a big one: The Signal Clone the Trump Admin Uses Was Hacked Update May 6, 2025: I've written a new detailed| micahflee
Things are scary in the US right now. ICE is disappearing students for protesting genocide and kidnapping innocent people off the streets to enslave in El Salvador. All over the country, people are taking to the streets every week to protest oligarchy, and fascist counter-protesters are starting to show up| micahflee
While digging through the Paramilitary Leaks dataset, I came across American Community Outreach Network (ACON), a now-defunct front group that American Patriots Three Percent used to accept donations. In leaked internal militia chats, video, and voice messages, AP III militia leaders repeatedly claimed that ACON was a 501c3 tax-exempt non-profit| micahflee
Welcome to the second installment of my series on the Paramilitary Leaks! In case you missed it, the first installment is here: Exploring the Paramilitary Leaks. Since I published that, several people reached out offering to help. We now have a private Signal group of researchers working on this together,| micahflee
On paper, Elon Musk is the richest person in the world, but his money isn't just sitting in a bank account he can access. The bulk of it resides in his stake in Tesla, a wildly overvalued publicly traded company which he owns 13% of. If you're looking for a| micahflee
In January, Distributed Denial of Secrets published over 200 gigabytes of chat logs and recordings from paramilitary groups and militias, including American Patriots Three Percent (APIIII) and the Oath Keepers. The files were obtained by John Williams, a wilderness survival trainer who spent years deep undercover infiltrating the American militia| micahflee
