"It's a brilliant example of taking advantage of social weaknesses with technical exploitation," said Weaver, "Actually building the cryptography to do this would be something that would be a reasonable homework assignment. Doing the integration needed and the social aspects needed to get this adopted and used by thousands of criminals, running millions of dollars in drugs is the true brilliance of this operation."

UC Berkeley receives 3 $25M donations to fund construction of new facility
June 10, 2021 | Ryan Teoh and Ashley Tsai, The Daily Cal

The donations, made by the anonymous donor and campus professors Ion Stoica and Scott Shenker, will go toward building The Gateway, a facility designed to be a collaborative space for more than 1,600 faculty, students, researchers and staff that is anticipated to open in 2025.

Sometimes even app developers can find it challenging to figure out where data is being sent because of third-party components built into apps, according to a study by Serge Egelman.

It's unclear how the DOJ obtained the private key, but experts, including Dr. Nicholas Weaver, a cybersecurity professor at the University of California at Berkeley, have suggested federal officials effectively hacked the hackers in a show of unprecedented government intervention in the cryptocurrency space.

How it came to have that private key is the key question. Nicholas Weaver, a lecturer at the computer science department at University of California, Berkeley, said the most likely explanation is that law enforcement agents seized money from a specific DarkSide affiliate responsible for bringing the crime gang the initial access to Colonial’s systems.

Notably, two of the gifts are from current Berkeley faculty: professors Scott Shenker and Ion Stoica of the Division of Computing, Data Science, and Society, and the College of Engineering. “We are deeply grateful for these three gifts.” said Jennifer Chayes, associate provost of the Division of Computing, Data Science, and Society. “I cannot imagine a stronger endorsement of CDSS and of Berkeley than the unprecedented generosity of our two current faculty, Scott and Ion.”

The Key to Getting People to Be Safer Online: Make the Appeals More Personal
June 7, 2021 | Serge Egelman and Eyal Pe'er for Wall Street Journal

Many of us know that strong passwords are crucial protection against hackers, yet many people still routinely use weak ones. So, how can they be encouraged to create stronger passwords? Our research suggests the answer is to make the appeal more personal.

Want to Stop Ransomware Attacks? Ban Bitcoin and Other Cryptocurrencies.
June 2, 2021 | Jacob Silverman, The New Republic

With conventional banking off-limits, “the ransomware problem is a Bitcoin problem,” wrote Nicholas Weaver, who researches computer security at the International Computer Science Institute. And a full ban may not ultimately be necessary.

Hacker Lexicon: What Is a Supply Chain Attack?
May 31, 2021| Andy Greenberg, Wired | Also appeared in Ars Technica on June 6, 2021

"Supply chain attacks are scary because they're really hard to deal with, and because they make it clear you're trusting a whole ecology," says Nick Weaver, a security researcher at UC Berkeley's International Computer Science Institute. "You're trusting every vendor whose code is on your machine, and you're trusting every vendor's vendor."

The experts on the panel — Angela Campbell, a Georgetown Law professor; Serge Egelman, a research director at UC Berkeley; and Beeban Kidron, founder and chair of 5Rights Foundation — also all testified in opposition to Instagram launching a platform for kids.