Last week, I wrote about how Joshua Aaron's ICEBlock app, which allows people to anonymously report ICE sightings within a 5-mile radius, is – unfortunately, and despite apparent good intentions – activism theater. This was based on Joshua's talk at HOPE where he made it clear that he isn't taking the advice| micahflee
At this summer's HOPE conference, Joshua Aaron spoke about ICEBlock, his iPhone app that allows users to anonymously report ICE sightings within a 5 mile radius, and to get notifications when others report ICE sightings near them. You can see the full talk, and the lively/infuriating Q&A, here,| micahflee
Social I stopped using billionaire-controlled social media platforms. Follow me here instead: * I'm @micahflee.com on Bluesky * I'm @micahflee@infosec.exchange on Mastodon Email You can email me at micah@micahflee.com. Signal You can send me encrypted messages on Signal with username micah.01. Hush Line I run a| micahflee
Hi, I'm Micah. I'm a coder, a journalist, and I help people stay private and secure.| micahflee
I just gave my first solo main stage DEFCON talk, about Signalgate, and I think it was a resounding success! The room was packed – apparently people were waiting outside to get in. I got tons of positive feedback, and no negative feedback (though, someone told me a boomer sitting next| micahflee
Hacker Summer camp is upon us. If you're going to DEFCON, make sure to check out my talk! It's Saturday at 4pm. Here are the details: "We are currently clean on OPSEC": The Signalgate Saga Saturday at 16:00 in LVCC - L1 - EHW3 - Track 5 45 minutes| micahflee
Things are heating up. Millions of people are taking to the streets against Trump's rising authoritarianism. Communities around the US are organizing to defend against ICE raids, to protest Israeli genocide, for mutual aid, and for other forms of fighting fascism. Signal can help people safely organize in all of| micahflee
💡Update May 19, 2025: Uh oh: DDoSecrets publishes 410 GB of heap dumps, hacked from TeleMessage's archive server Update May 21, 2025: I've written a new detailed analysis of the heap dump dataset itself: TeleMessage customers include DC Police, Andreessen Horowitz, JP Morgan, and hundreds more Update May 26, 2025:| micahflee
💡Update May 26, 2025: I've published the source code for TeleMessage Explorer: a new open source research tool I've been digging through the 410 GB of Java heap dumps from TeleMessage's archive server, provided by DDoSecrets. Here's a description of the dataset, some of my initial findings, details about an| micahflee
I've spent the last week or two writing code to make sense of the massive hack of data from TeleMessage, the comically insecure company that makes a modified Signal app that Trump's former national security advisor Mike Waltz was caught using. I've decided to publish my code as open source| micahflee
This morning, Distributed Denial of Secrets published 410 GB of data hacked from TeleMessage, the Israeli firm that makes modified versions of Signal, WhatsApp, Telegram, and WeChat that centrally archive messages. Because the data is sensitive and full of PII, DDoSecrets is only sharing it with journalists and researchers. There's| micahflee
TeleMessage, a company that makes a modified version of Signal that archives messages for government agencies, was hacked.| micahflee
Kyle Schutt is a 37 year old "DOGE software engineer," according to ProPublica. In February, Drop Site News reported that he gained access to FEMA's "core financial management system." His computer was apparently compromised with malware, because his email address and passwords have shown up in four separate stealer log| micahflee
Despite their misleading marketing, TeleMessage, the company that makes a modified version of Signal used by senior Trump officials, can access plaintext chat logs from its customers. In this post I give a high level overview of how the TeleMessage fake Signal app, called TM SGNL, works and why it's| micahflee
Yesterday, I published an analysis of what I could publicly find about TM SGNL, the obscure and unofficial Signal app used by Mike Waltz, and presumably also by Pete Hegseth, JD Vance, Tulsi Gabbard, and other fascists in Trump's government. Afterwards, someone privately sent me the URL https://www.telemessage.| micahflee
Yesterday, a Reuters photographer captured a photo of the freshly-ousted former National Security Advisor Mike Waltz checking his Signal messages during a Trump cabinet meeting. If you're not familiar with Waltz, he's most well known for inviting The Atlantic's editor-in-chief to secret Trump administration war crimes Signal group. They discussed,| micahflee
Things are scary in the US right now. ICE is disappearing students for protesting genocide and kidnapping innocent people off the streets to enslave in El Salvador. All over the country, people are taking to the streets every week to protest oligarchy, and fascist counter-protesters are starting to show up| micahflee
Privacy Guides is a non-profit website that publishes news and recommendations about security and privacy tools. The passionate privacy advocate Em published an interview with me on their site about my recent work. I'm reposting the interview here. You can read the original over on the Privacy Guides| micahflee
Last week I participated in a livestreamed mass mobilization call for the #TeslaTakedown movement – alongside US Rep Jasmine Crockett, Alex Winter, my friend John Cusack, and a bunch of other rad people – and it just now occurred to me that maybe I should post about it here. I'm not used| micahflee
While digging through the Paramilitary Leaks dataset, I came across American Community Outreach Network (ACON), a now-defunct front group that American Patriots Three Percent used to accept donations. In leaked internal militia chats, video, and voice messages, AP III militia leaders repeatedly claimed that ACON was a 501c3 tax-exempt non-profit| micahflee
Welcome to the second installment of my series on the Paramilitary Leaks! In case you missed it, the first installment is here: Exploring the Paramilitary Leaks. Since I published that, several people reached out offering to help. We now have a private Signal group of researchers working on this together,| micahflee
On paper, Elon Musk is the richest person in the world, but his money isn't just sitting in a bank account he can access. The bulk of it resides in his stake in Tesla, a wildly overvalued publicly traded company which he owns 13% of. If you're looking for a| micahflee
In January, Distributed Denial of Secrets published over 200 gigabytes of chat logs and recordings from paramilitary groups and militias, including American Patriots Three Percent (APIIII) and the Oath Keepers. The files were obtained by John Williams, a wilderness survival trainer who spent years deep undercover infiltrating the American militia| micahflee