Press

Knowing your information was used “accomplishes next to nothing, since there’s nothing you can do about it other than be mad,” according to Serge Egelman, research director of the Usable Security & Privacy group at the International Computer Science Institute, an affiliate of the University of California, Berkeley. Unless, of course, you channel your anger to effect change, he added.

Which Tech Giant Will Build a Revenge Porn Database?
April 3, 2018 | Joseph Cox, Motherboard

“You can't make the fingerprint algorithm public (these things are too brittle), so you [the revenge porn victim] have to provide someone with a copy of the image (e.g. Facebook),” Nicholas Weaver, a senior researcher from the International Computer Science Institute at the University of California, Berkeley, told Motherboard in a Twitter message.

Facebook is just the tip of the iceberg. Thousands of apps can take your data
March 30, 2018 | Hiawatha Bray, Boston Globe Tech Lab

Serge Egelman, a researcher at the International Computer Science Institute in Berkeley, Calif., built a website, AppCensus , where consumers can find privacy ratings for about 80,000 Android apps. He also built an app called Lumen that lets Android users see what all the apps on their devices are doing.

How to keep your data safe without having to #DeleteFacebook
March 24, 2018 | Jessica Roy, Los Angeles Times

"Basically, there's no enforcement mechanism" to make sure the developer actually deletes your data when you ask them to, said Serge Egelman, the research director of the Usable Security and Privacy Group at the International Computer Science Institute at UC Berkeley. "Facebook just takes it on faith that everyone complies with this and doesn't use data inappropriately, which is obviously ridiculous."

What You Need To Know About Deleting Your Facebook Account
March 19, 2018 | Ann Brenoff, HuffPost

The real business of Facebook is collecting data, Egelman says, and for years now, the site has made it hard for users to delete theirs ― not that the internet allows erasures anyway. Once you post something, it is out there, somewhere, forever more.

Did This American Tech Help Turkey Spy In Syria?
March 9, 2018 | Thomas Fox-Brewster, Forbes

Bill Marczak, Citizen Lab researcher, told Forbes attacks using the PacketLogic box to redirect users to the StrongPity malware had continued up to this week.

Nicholas Weaver, a researcher at the International Computer Science Institute, told NPR earlier this year that nonpresidential campaigns are perfect phishing targets. "Phishing is unreliable — you might send out 500 phishing emails and only get a couple of responses," said Weaver. "But when you have [435] House races, each with dozens of potential staffers as targets, you're going to see a lot of these low-level attacks that are remarkably effective when you just use the law of large numbers."

A $5 Billion Cryptocurrency Has Enraged Cryptographers
March 2, 2018 | Daniel Oberhaus and Jordan Pearson, Motherboard

For example, security researcher Nicholas Weaver from UC Berkeley wrote that the IOTA team were “drooling idiots” in a tweet on Sunday, and Johns Hopkins cryptography professor Matthew Green tweeted that people should “avoid the IOTA project—with your brains and your money.”

New Reports Shine a Spotlight on Tether’s Legal Status
February 9, 2018 | Kai Sedgwick, Bitcoin.com

Nicholas Weaver is a computer security researcher at the International Computer Science Institute in Berkeley. On Thursday, he published a piece in Lawfareblog giving his thoughts on the likelihood of Tether being targeted by U.S. regulators.

Berkeley computer security researcher Nick Weaver argues that form of "arbitrage"—running a crime scheme with profitable victims in one locale, while hosting in another that's safer from prosecution—can provide more effective shielding for criminals than Tor. "You find a place where the local laws are happy and host there," Weaver says. "A cybercrime forum that is 'no damage to Russia' is generally allowed in Russia, no need to use Tor."

Pages