Kevin Collier Profile picture
Reporter @nbcnews: cybers/disinfo/privacy/elections. From West Virginia. Tip me! Signal 347-461-7155, Kevin.Collier@nbcuni.com, kevincollier@bsky.social
Feb 23 5 tweets 2 min read
A really crucial detail that emerged from @aseitzwald reporting today that I want to highlight, which reinforces experts' claims that we simply cannot trust AI detection software to reliably inform us. nbcnews.com/politics/2024-… The Biden robocall was made with a top audio deepfake company, ElevenLabs, which offers a free service that lets you upload a file and see if it came from them. Not whether it's a deepfake in general, but whether it's a deepfake made with their product.
Sep 13, 2022 5 tweets 3 min read
My latest: Bulk text messaging — a tactic that's hard for individuals to filter, increasingly common, and impossible for authorities to monitor — is poised to be the new front for election disinformation: nbcnews.com/tech/security/… Start with the Kansas last month, where pro-choice voters were spammed with a lie about how to vote in the statewide abortion referendum. It appears nobody will pay any price for that. Image
Sep 10, 2022 5 tweets 1 min read
Go @HerdFB. Gonna hold on to this day the rest of my life.
Aug 9, 2022 5 tweets 2 min read
This case, where Facebook turned over chats of a Nebraska woman charged with giving her then-underaged daughter abortion pills, is exactly the kind that experts have warned we'd see in a post-Roe world. nbcnews.com/tech/tech-news… Police didn't start their investigation with a sweeping subpoena for pregnancy metadata. They got a tip, then proceeded to get a warrant for six smartphones and seven computers. Knowing the two chatted on Facebook, cops got a warrant for that too.
nbcnews.com/tech/tech-news…
Jun 24, 2022 4 tweets 2 min read
Seeing more calls today to delete your period-tracking apps. But experts say that if you look at how states have already brought evidence in abortion-related cases, the *much* bigger concern is unsecured, unencrypted communications & stored search history. nbcnews.com/tech/security/… ImageImage Think of the threat model. Data from a period-tracking app at best can show that a person likely became pregnant and then no longer was. But miscarriages aren't illegal. Prosecutors would want evidence that someone wanted to and did willingly terminate a pregnancy.
Jun 21, 2022 5 tweets 1 min read
I'm at the NFT NYC conference again in Times Square, and Snoop walked by, flanked by security. I grabbed his handler, said I'm a reporter, would love a few minutes. The guy said actually that's an impersonator, legally can't say it's him, they hired him to drum up excitement. Feels like a metaphor
Feb 1, 2022 4 tweets 1 min read
NEW: Hundreds of Coke distributors in three states are STILL not fully paid after a ransomware attack on a payroll company in December. nbcnews.com/tech/security/… One driver I talked to, a young man in Charleston, WV with three kids, didn't get his Christmas Eve paycheck and has since had several inexplicably low checks that are a fraction of what he was owed.
Jul 22, 2021 5 tweets 1 min read
News: Kaseya, the patient zero company for REvil's 1,500-company 4th of July ransomware spree, finally obtained a REvil decryptor key yesterday. 19 days after it was first infected.

Got it from "a trusted third party," a spox says. Company is working to remediate customers now. Emsisoft, known for custom ransomware decryptors, is involved, per @BrettCallow. "We are working with Kaseya to support their customer engagement efforts. We have confirmed the key is effective at unlocking victims."
Jul 22, 2021 6 tweets 3 min read
New: Russia absolutely loves to hack the Olympics. It's like Germans and @DavidHasselhoff. It's become a ~biannual tradition.

With the Tokyo games starting tomorrow, everybody's on edge: Will they try again?
nbcnews.com/tech/security/… A quick refresher, because I think most people overlook how ridiculous this is: for its flagship 2014 Sochi games, a major point of national pride, Russia instituted a massive doping system. Then it got caught.
Jul 2, 2021 8 tweets 3 min read
New and developing: An enormous supply-chain ransomware attack, potentially the single largest criminal ransomware spree in history, is happening now at the start of the 4th of July weekend
nbcnews.com/tech/security/… Initial estimates of 200 companies affected. But the hackers got at least four managed service providers. The final tally could rise by orders of magnitude.
Jun 24, 2021 4 tweets 1 min read
I read a lot of profiles of McAfee from the past decade to write this obit. They were almost all wide-eyed, credulous, laughing at how wild and outrageous this guy was. Less horrified at his murder investigation, his rape accusation, his blatant scamming. nbcnews.com/tech/tech-news… I didn't come intending to speak ill of the dead. But it's striking when a well known person dies and so few people who knew him have anything genuinely positive to say.
Mar 16, 2021 8 tweets 3 min read
FIXED: Here's the IC's assessment of foreign election interference attempts in 2020:
assets.documentcloud.org/documents/2051… The tl;dr:
1 No indication votes changed
2 Putin authorized anti-Biden influence ops, not cyber ones
3 Khamenei authorized ops to denigrate Trump
4 China thought about it but sat this one out
5 Smaller players, incl. Cuba and Venezuela, made minor efforts
Jan 15, 2021 8 tweets 1 min read
Signal's down, so everybody tweet your most sensitive information. This is new! Seeing on mobile, not desktop.
Jan 5, 2021 4 tweets 2 min read
Sorry for the small font, but new joint government statement finally formally pins the SolarWinds hack on Russia.

Notably, "fewer than ten U.S. government agencies" were "compromised by follow-on activity." Only four agencies have identified themselves as such so far. Image Now there's a link. Also notably, "At this time, we believe this was, and continues to be, an intelligence gathering effort."
cisa.gov/news/2021/01/0…
Nov 24, 2019 4 tweets 1 min read
A fun fact about Republicans embracing the idiotic Crowdstrike conspiracy theory is that the RNSC and RNCC both use Crowdstrike. Have paid more than $175,000 since 2017, per FEC filings.
2017 didn't even begin until after 2016 had completely and irrevocably concluded, multiple sources say.
Nov 29, 2018 5 tweets 2 min read
#breaktheinternet Here's Rosenstein's full prepared remarks, if you're curious
documentcloud.org/documents/5331…