J.M. Porup is a freelance national security and cybersecurity reporter based in Toronto. He has covered wrongdoing at the NSA, GCHQ, CSE, and elsewhere. His work has appeared in Ars Technica, The Christian Science Monitor, Slate, Motherboard, The Daily Dot, The Kernel, The Economist, CyberScoop, and the CBC.
In a former life, he worked for many years as a F/LOSS programmer in Melbourne, Australia. As a reporter with a solid background in computer science, he brings a depth of technical understanding to his reporting that few journalists possess.
He reported from Latin America for many years. From his base in Cali, Colombia, he co-authored Lonely Planet guidebooks to Venezuela, the Dominican Republic & Haiti, South America on a Shoestring, and the Caribbean Islands. He was the Co-ordinating Author of Lonely Planet Colombia, 5th ed. He speaks Spanish fluently with a hilarious gringo-Colombian accent.
In his spare time, he co-founded LatAm Hub Toronto, a startup accelerator that brings Latin American startups to Canada and scales them globally. He serves as CTO and sits on the board of directors.
Porup is also a novelist, playwright, and satirist, and performs improv comedy (badly).
Some recent work:
The NSA’s SKYNET program may be killing thousands of innocent people Ars Technica UK, February 16, 2016
A battle rages for the future of the Web: Should the WWW be locked down with DRM? Tim Berners-Lee needs to decide Ars Technica UK, February 13, 2017
New tool can help prevent government-mandated backdoors in software, Swiss researchers say CyberScoop, July 25, 2017
Turning security flaws into cyberweapons endangers Canadians, experts warn CBC, September 2, 2016
UK secret police are indiscriminately spying on millions of innocent people Ars Technica UK, April 20, 2016
Without anonymity, democracy crumbles: Building a new Tor that can resist next-generation state surveillance Ars Technica UK, August 31, 2016
Hacking Team hacker steals €10K in Bitcoin, sends it to Kurdish anticapitalists in Rojava Ars Technica UK, May 18, 2016
The Linux kernel's Ralph Nader moment Ars Technica UK, September 27, 2016
Copperhead OS: The startup that wants to solve Android’s woeful security Ars Technica UK, August 9, 2016
CISSP certification: Are multiple choice tests the best way to hire infosec pros? Ars Technica UK, July 4, 2016
“Internet of Things” security is hilariously broken and getting worse Ars Technica, January 23, 2016
Cothority to Apple: Let’s make secret backdoors impossible Ars Technica, March 10, 2016
Underwriters Labs refuses to share new IoT cybersecurity standard Ars Technica, April 13, 2016
British police, in witch hunt, demand suspect turn over encryption keys—for the second time Ars Technica, March 31, 2016
European spy tech sold to ultra-secret branch of Egyptian gov’t, claims new report Ars Technica UK, February 25, 2016
Malware in the hospital Slate, January 25, 2016
FDA presses medical device makers to OK good faith hacking CSM Passcode, February 10, 2016
Ransomware is coming to medical devices Motherboard, November, 2015
Why aren’t there better cybersecurity regulations for medical devices? Motherboard, October, 2015
‘Dissent,’ a new type of security tool, could markedly improve online anonymity Motherboard, September, 2015
Finally, a ‘reasonably-secure’ operating system: Qubes R3 Motherboard, October, 2015
Qubes: A Digital Fortress? The Economist, March, 2014
This new ‘secure’ app for journalists may not be secure at all Motherboard, October, 2015
Reverse engineering proves journalist security app is anything but secure Motherboard, October, 2015
How mexican twitter bots shut down dissent Motherboard, September, 2015
Debian Reproducible Builds Motherboard, September, 2015
How a frozen neutrino observatory grapples with staggering amounts of data Motherboard, October, 2015