Press

Suspect Identified in C.I.A. Leak Was Charged, but Not for the Breach
May 15, 2018 | Scott Shane and Adam Goldman, New York Times

Despite the scale of the breach, Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, Calif., said WikiLeaks had exaggerated the danger to civil liberties from the C.I.A. hacking tools, which he said were actually designed to target small numbers of high-priority targets.

Narseo Vallina-Rodriguez, one of the authors of the recent Proceedings on Privacy Enhancing Technologies study, says he and his team did not know why the apps they examined were collecting personal data from children – whether they were doing it intentionally or by mistake, and whether that data was used for commercial purposes or internal purposes.

Nicholas Weaver, a senior researcher at the International Computer Science Institute at the University of California, Berkeley, told Motherboard in a Twitter message "This once again shows that data is like an oil spill: the contamination gets everywhere. The notion that a chain of 3+ companies, including one specifically intended for marketing, is able to resell access to everyone's real-time location with pretty high precision is disturbing but it shouldn't be surprising."

“I don't see it as any riskier than any of the other gazillion databases from a technical front,” Weaver told me via email. “Rather, it seems more likely to cause damage from a social front by needlessly and cruelly denying benefits due to innocent mistakes such as a transposed digit or forgotten social security number.”

“Most third-party services operate in the background and do not provide any visual cues inside the apps, effectively tracking users without their knowledge or consent while remaining virtually invisible,” wrote researchers in a February 2018 study. Meanwhile, the collected data is virtually untraceable as it is passed from data broker to marketers to others.

Researchers from the International Computer Science Institute at the University of California, Berkeley downloaded apps on a smartphone between November 2016 and March 2018. They then used an automated testing process where they ran the apps as a simulated user.

With this tool, AI could identify new malware as readily as it recognizes cats
April 18, 2018 | Jackie Snow, MIT Technology Review

“The hacker will find an example anyway,” says Gerald Friedland, a computer science professor at the University of California, Berkeley.

A ‘Cryptocurrency’ Without a Blockchain Is Eating My City
April 18, 2018 | Jordan Pearson, Motherboard

This raises a pertinent question: If BTZ is working fine without a blockchain, why does it need one? "That this is private record keeping only makes the system better [than if it had a blockchain], since that at least is efficient,” Nicholas Weaver, a senior researcher at the International Computer Science Institute in Berkeley, California, wrote me in an email.

“This is a market failure,” said Serge Egelman, a co-author of the study and the director of usable security and privacy research at the International Computer Science Institute at the University of California at Berkeley. “The rampant potential violations that we have uncovered points out basic enforcement work that needs to be done.”

Researchers at the University of California's International Computer Science Institute analyzed 5,855 of the most downloaded kids apps, concluding that most of them are "are potentially in violation" of the Children's Online Privacy Protection Act 1998, or COPPA, a federal law making it illegal to collect personally identifiable data on children under 13.

Pages