Nicholas Weaver, a computer scientist at the University of California, Berkeley, said that the FBI’s efforts to push Apple to crack its own iPhones were “more disingenuous than normal.” “It’s entirely about legislation, not the courts,” he said.

Nicholas Weaver, researcher and lecturer at Berkeley's International Computer Science Institute, said that even before the indications that GrayKey would work on the latest iPhones, the FBI's attempts to strongarm Apple into helping amounted to "theatre." He said that Apple had designed its phones so that it wouldn’t be able to provide information if a GrayKey or a competing product couldn’t. "Basically, Apple made a safe where to change the combo you have to unlock the safe, and the FBI is saying 'change the combo' when they know full well you can't change the combo without unlocking the safe first."

Popular Apps Share Intimate Details About You With Dozens of Companies​
January 14, 2020 | Thomas Germain, Consumer Reports

Many of the companies involved make money compiling details about individual consumers to build comprehensive profiles in order to target personalized ads. “However, there are increasingly other uses beyond targeted advertising,” says Serge Egelman, a digital security and privacy researcher at the University of California, Berkeley, who studies how apps gather consumer data.

Apple Takes a (Cautious) Stand Against Opening a Killer’s iPhones
January 14, 2020 | Jack Nicas and Katie Benner, New York Times

“The iPhone 5 is so old, you are guaranteed that Grayshift and Cellebrite can break into those every bit as easily as Apple could,” said Nicholas Weaver, a lecturer at the University of California, Berkeley, who has taught iPhone security.

Privacy International leads revolt over Android ‘bloatware’
January 13, 2020 | Jamie Davies,

In July, International Computer Science Institute (ICSI) researchers said numerous apps could easily circumnavigate Android’s privacy protections.

Serge Egelman, a research director at the University of California–Berkeley’s International Computer Science Institute, points out that the campaign wouldn’t have to buy location data collected through another third-party app if a supporter just downloads the official app. “It eliminates the middle man,” said Egelman. “If you just do it all yourself, that’s obviously a lot cheaper.”

“Consumers aren’t given the information they need to make informed decisions, and the entities supplying that information are not incentivized to give them accurate or useful information,” Serge Egelman, research director of the Usable Security & Privacy Group at the International Computer Science Institute, told Recode.

CrowdStrike, Ukraine, and the DNC server: Timeline and facts​
December 03, 2019 | Cynthia Brumfield, CSO

Nicholas Weaver, a senior staff researcher focusing on computer security at the International Computer Science Institute in Berkeley, California, tells CSO that “Russia's hacking of the DNC and Podesta is cloaked in only ‘implausible deniability.’ Those who want to convince themselves otherwise are simply willfully ignoring the mountains of evidence. The only reason to do that is to admit the truth is to go up against the President's personal delusions.”

Encryption and Combating Child Exploitation Imagery​
October 23, 2019 | Nicholas Weaver, Lawfare Blog (ICSI)

The current systems for detecting these child exploitation images rely on bulk surveillance by private companies, and even the most cursory encryption—with “exceptional access” or no—will eliminate this surveillance. If the government is serious about policy changes designed to keep this detection capability in the face of encryption, however, the best policy is not to weaken communication security but instead to mandate endpoint scanning of images as they appear on phones and computers.

China is rolling out a 5G network faster than anyone else
September 26, 2019 | Gwynn Guilford, MSN Money

“Having [supply chain] codependency was useful because it allowed us to at least somewhat enforce sanctions against Iran and North Korea and stuff like that,” [Nicholas Weaver, a computer security expert at the International Computer Science Institute] says. “But a full-on balkanization means that in the future we won’t be able to do that.”