Electrical Engineering and Computer Science

EECS News Topics

Security (Computing):


Heres exactly how Russia can hack the 2018 elections

Vulnerabilities in our voting system need to be addressed swiftly, according to experts in the field, including Prof. J. Alex Halderman. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Let's Encrypt Issues 100 Millionth Security Certificate

The Internet is more secure thanks to Let's Encrypt, the certificate authority founded by Prof. J. Alex Halderman and his collaborators. Since launching in Jan. 2016, Let's Encrypt has issued 100 million certificates. [Full Story]
Related Topics:  Halderman, J. Alex   

Apps available for your smartphone could steal your personal information

WXYZ Detroit reports on work by UM researchers that has exposed dangerous open ports in mobile platforms that can be taken advantage of by hackers. [Full Story]
Related Topics:  Graduate Students   Mao, Zhuoqing Morley   Mobile Computing   

Prof. J. Alex Halderman Testifies in Front of Senate Intelligence Committee on Secure Elections

Prof. J. Alex Halderman testified in front of the Senate Intelligence Committee as a part of the broader Russian hacking investigation. His remarks focused vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

How to prevent Russian hackers from attacking the 2018 election

In this commentary piece in the Chicago Tribune, Prof. J. Alex Halderman and Justin Talbot-Zorn make the case for a straightforward policy agenda to secure America's voting systems against the threat of hackers. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

If Voting Machines Were Hacked, Would Anyone Know?

In the article, Prof. J. Alex Halderman points out how electronic voting systems even those not connected to the Internet can be compromised. One path for hackers is to attack the computers that are used to program the ballots, which are later transferred to voting machines via memory cards. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Smartphone security hole: "Open port" backdoors are common

The College of Engineering reports on work by computer science security researchers which has revealed that so-called "open ports" are much more vulnerable to security breaches than previously thought. [Full Story]
Related Topics:  Mao, Zhuoqing Morley   Mobile Computing   Networking, Operating Systems, and Distributed Systems   

Hundreds of popular Android apps have open ports, making them prime targets for hacking

This article reports on the work done by CSE researchers Yunhan Jack Jia, Qi Alfred Chen, Yikai Lin, Chao Kong, and Prof. Z. Morley Mao in characterizing a widespread vulnerability in popular Android apps. [Full Story]
Related Topics:  Graduate Students   Mao, Zhuoqing Morley   Mobile Computing   Networking, Operating Systems, and Distributed Systems   

Open Ports Create Backdoors in Millions of Smartphones

This article reports on work by CSE researchers who have characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data by using open ports to create backdoors. [Full Story]
Related Topics:  Graduate Students   Mao, Zhuoqing Morley   Mobile Computing   Networking, Operating Systems, and Distributed Systems   

Hacking with Sound Waves

CSE researchers have demonstrated a new way of using sound to interfere with devices containing accelerometers, such as smartphones and self-driving cars. This presents a new avenue for hackers to use in compromising devices to steal information or disrupt communication. [Full Story]
Related Topics:  Embedded Computing and Systems   Fu, Kevin   Internet of Things   

An Obscure Flaw Creates Backdoors in Millions of Smartphones

CSE researchers have characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data, and also to install malware and to perform malicious code execution which could be used in large-scale attacks. [Full Story]
Related Topics:  Graduate Students   Mao, Zhuoqing Morley   Mobile Computing   Networking, Operating Systems, and Distributed Systems   

Courage to Resist: The High-Stakes Adventures of J. Alex Halderman

This story by Randy Milgrom at the UM College of Engineering profiles Prof. J. Alex Halderman and his work in the area of Digital Democracy. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Why India Needs A Paper Trail For Free And Fair Elections

This article in the Indian edition of the Huffington Post, references the work that Prof. J. Alex Halderman and his collaborators did in 2010 to demonstrate vulnerabilities in India's "tamper-proof" electronic voting machines. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Open Ports Act As Security Wormholes Into Mobile Devices

Computer science and engineering researchers at the University of Michigan have for the first time characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data, and also to install malware and to perform malicious code execution which could be used in large-scale attacks. [Full Story]
Related Topics:  Graduate Students   Mao, Zhuoqing Morley   Mobile Computing   Networking, Operating Systems, and Distributed Systems   

The next cyberattack could render your anti-virus and encryption software useless

Researchers including Prof. Kevin Fu and CSE graduate student Timothy Trippel have demonstrated a new way of using sound to interfere with devices containing accelerometers, such as smartphones. This presents a new avenue for hackers to use in compromising devices to steal information or disrupt communication. [Full Story]
Related Topics:  Fu, Kevin   

Smartphone Accelerometers Can Be Fooled by Sound Waves

This article features work done by Prof. Kevin Fu and his collaborators in which they demonstrate a way to take control of or influence devices such as smartphones through the use of sound waves. [Full Story]
Related Topics:  Embedded Computing and Systems   Fu, Kevin   Internet of Things   

It's Possible to Hack a Phone With Sound Waves, Researchers Show

This article features work done by Prof. Kevin Fu and his collaborators in which they demonstrate a way to take control of or influence devices such as smartphones through the use of sound waves. The Department of Homeland Security is expected to issue a security advisory alert for affected chips. [Full Story]
Related Topics:  Embedded Computing and Systems   Fu, Kevin   

Sonic Cyber Attacks Show Security Holes in Ubiquitous Sensors

Sound waves can be used to hack into critical sensors used in a broad array of technologies including smartphones, automobiles, medical devices, and the Internet of Things, according to research performed by Prof. Kevin Fu, Prof. Peter Honeyman, CSE graduate student Timothy Trippel, and their collaborators at the University of South Carolina. [Full Story]
Related Topics:  Embedded Computing and Systems   Fu, Kevin   Graduate Students   Internet of Things   

Professor Who Urged an Election Recount Thinks Trump Won, but Voting Integrity Still Concerns Him

This article in the Chronicle of Higher Education includes a Q and A with Prof. J. Alex Halderman on the 2016 presidential election recount and on the challenges ahead for election integrity. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Inside the Recount

This story provides an in-depth, inside view of how the recount effort for the 2016 presidential election - of which Prof. J. Alex Halderman was a primary participant - was sparked, how it came to focus on three states, what the results showed, and what we can learn from it all. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Our Voting System Is Hackable by Foreign Powers

This article reviews the vulnerabilities that currently exist in our voting system. It references Prof. J. Alex Halderman, who has stated that he and his students could have changed the results of the November election. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

The 2016 US Election Wasnt Hacked, but the 2020 Election Could Be

Prof. Alex Halderman is quoted in this article which reports on the recent Chaos Communication Congress. "Developing an attack for one of these machines is not terribly difficult," says Prof. Halderman. "I and others have done it again and again in the laboratory. All you need to do is buy one government surplus on eBay to test it out." [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Prof. Kevin Fu to deliver endowed Dr. Dwight Harken Memorial Lecture on medical device security

Prof. Kevin Fu has been selected to give the annual Dwight E. Harken Lecture during the AAMI 2017 Conference & Expo in Austin, TX, June 912. Prof. Fu directs the Archimedes Center for Medical Device Security and the Security and Privacy Research Group at Michigan and is also CEO and chief scientist of Virta Labs, Inc. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Five things that got broken at the oldest hacking event in the world

Chaos Communications Congress is the world's oldest hacker conference, and Europe's largest. Every year, thousands of hackers gather in Hamburg to share stories, trade tips and discuss the political, social and cultural ramifications of technology. This story quotes Prof. J. Alex Halderman, who with his student Matt Bernhard, has studied the security of the past US presidential election. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Trump Allowed to Join Fight Against Pennsylvania Recount

A battle over whether or not a recount of ballots cast in Pennsylvania during the recent presidential campaign is taking place. In the case made for a recount, hackers could have easily infected Pennsylvanias voting machines with malware designed to lay dormant for weeks, pop up on Election Day and then erase itself without a trace, according to Prof. J. Alex Halderman. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Vote Recount Push Advances, but Reversing Trumps Win Is Unlikely

This article in the New York Times reports on the uneven progress toward recounts in three key states for the recent presidential election. Led by Green Party candidate Jill Stein, the recounts were inspired by a call from leading security experts, including Prof. J. Alex Halderman. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Trump election: Activists call for recount in battleground states

The BBC reports on the call by leading computer scientists, including Prof. J. Alex Halderman, for a recount of votes in the presidential election in three swing states. Their analysis shows that Clinton performed worse in counties that relied on electronic voting machines compared to paper ballots and optical scanners. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Computer scientists urge Clinton campaign to challenge election results

CNN reports that a group of top computer scientists, including Prof. J. Alex Halderman, have urged Hillary Clinton's campaign to call for a recount of vote totals in Wisconsin, Michigan and Pennsylvania. The computer scientists believe they have found evidence that vote totals in the three states could have been manipulated or hacked and presented their findings to top Clinton aides on a call last Thursday. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Want to Know if the Election was Hacked? Look at the Ballots

In this post, Prof. J. Alex Halderman sets the record straight regarding what he and other leading election security experts have actually been saying to the Clinton campaign and everyone else whos willing to listen. He describes a situation where malware could be a factor in the vote totals during the presidential election. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Experts Urge Clinton Campaign to Challenge Election Results in 3 Swing States

Leading computer security experts with an interest in election integrity, including Prof. J. Alex Halerman, have called for a recount of the votes cast in the presidential election in three key swing states. They believe they have found evidence that results in Wisconsin, Michigan, and Pennsylvania may have been manipulated. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Vulnerable connected devices a matter of "homeland security"

This article describes the security ramifications of unprotected IoT devices such as internet-connected cameras, video recorders on the larger Internet. It quotes Prof. Kevin Fu on the effort that would be required to secure this new ecosystem. [Full Story]
Related Topics:  Fu, Kevin   Internet of Things   

Professor to Congress: "Internet of Things security is woefully inadequate"

As the Internet of Things grows around us, so do the threat of cybersecurity breaches severe enough to shut down hospitals and other vital infrastructure. This is the message that Prof. Kevin Fu delivered to lawmakers at a congressional hearing this week. [Full Story]
Related Topics:  Fu, Kevin   

After Dyn cyberattack, lawmakers seek best path forward

In a hearing hosted by the House Energy and Commerce Committee, University of Michigan professor Kevin Fu, Level 3 Communications Chief Security Officer Dale Drew and computer security luminary Bruce Schneier briefed Congress on the challenges posed by insecure internet-connected devices and whether they believe the government can make a difference. This article provides a summary of the proceedings. [Full Story]
Related Topics:  Fu, Kevin   

Regulate cybersecurity or expect a disaster, experts warn Congress

The U.S. government must demand that all internet-connected devices have built-in security, according to experts including Prof. Kevin Fu who warned Congress that the country could soon face a disastrous, lethal cyberattack. [Full Story]
Related Topics:  Fu, Kevin   Internet of Things   

Kevin Fu Testifies on the Role of Connected Devices in Recent Cyber Attacks

Prof. Kevin Fu testified before the House Energy and Commerce Committee on the role of connected devices in recent cyber attacks on Wednesday, Nov 16, 2016. Follow the link to see a video of the proceedings. [Full Story]
Related Topics:  Fu, Kevin   

The Network Standard Used in Cars Is Wide Open to Attack

As automobiles grow increasingly computerized, the security of the network for in-vehicle communication is a growing security concern. New research by Prof. Kang G. Shin and graduate student Kyong-Tak Cho demonstrates that the controller area network (CAN) protocol implemented by in-vehicle networks has a new and potentially quite dangerous vulnerability. [Full Story]
Related Topics:  Graduate Students   Networking, Operating Systems, and Distributed Systems   Shin, Kang G.   

How Safe is Your Smart Home?

The Smart Home sounds like a great idea. But is it an unsafe home? "I would be cautious, overall," says Prof. Atul Prakash. "The technology is relatively new. Hardware is probably a little bit ahead of the software at this point, and a lot of vulnerabilities we are seeing are primarily on the software side of things." Read more and listen to the full interview here. [Full Story]
Related Topics:  Prakash, Atul   

A Lot Of Voting Machines Are Broken Across America (But It's Totally Normal)

Forbes reports on numerous reports of broken machines causing epic queues and peeving voters. Matt Bernhard, CSE graduate student and an expert on the security of electoral systems, says that "This year isn't that different, other than I'm expecting higher turnout which may stress the infrastructure more." [Full Story]
Related Topics:  Digital Democracy   Graduate Students   

US election: Experts keep watch over 'hack states'

"Unless the election is extraordinarily close, it is unlikely that an attack will result in the wrong candidate getting elected," suggest CSE graduate student Matt Bernhard and Prof. J. Alex Halderman. But they say the risk the election process could be disrupted by hackers should be taken extremely seriously. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Next Weeks Anticipated U.S. Election

This article discusses the vulnerabilities of direct recording electronic voting systems. It quotes Prof. J. Alex Halderman and his colleagues on the security of DREs. Twenty-nine states still use DREs and five states: Delaware, Georgia, Louisiana, New Jersey and South Carolina, use the easily compromised machines without a paper trail. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

US Election Systems Seen 'Painfully Vulnerable' to Cyberattack

This article sheds light on potential cyberattacks during the U.S election. Some cybersecurity analysts warned that hackers of even moderate talent could possibly throw the results of the 2016 presidential election into chaos. Prof. Halderman hopes all the attention on voting-system vulnerabilities will motivate state governments to invest in cybersecurity for the 2020 elections. [Full Story]
Related Topics:  Halderman, J. Alex   

Forget rigged polls: Internet voting is the real election threat

Prof. J. Alex Halderman and his contemporaries have been tireless in warning us of the security risks associated with internet voting. Will we listen? [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

The Security Challenges of Online Voting Have Not Gone Away

This guest post on IEEE Spectrum by CSE graduate student Matthew Bernhard, Prof. J. Alex Halderman, and Robert Cunningham, Chair of the IEEE Cybersecurity Initiative, lays out the details for the case against Internet voting. [Full Story]
Related Topics:  Digital Democracy   Graduate Students   Halderman, J. Alex   

How the 2016 Election Could Be Hacked (story+video)

Is our voting system really vulnerable to hackers? Professor of computer science, J. Alex Halderman, explains the situation to VICE News in this segment that originally aired on October 24. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

$800K in Research Awards Aim to Address Data Science

Four research teams from the University of Michigan and Shanghai Jiao Tong University in China are sharing $800,000 in awards to use data science techniques to address big challenges. Prof. Atul Prakash is co-PI for a project that aims to develop algorithms and mechanism design to incentivize users to charge electric vehicles at appropriate times and locations, leading to better load management, a more reliable grid, and cost savings. [Full Story]
Related Topics:  Big Data   Electric Vehicles and HEVs   Prakash, Atul   

Using cyber security to keep your ballot safe ahead of the presidential election

This TV news segment features an interview with CSE graduate student Matthew Bernhard. He is interviewed about the possibility for stolen votes in the upcoming election. His answer: Michigan has a paper ballot/optical scan system, which is considered best practice. Touchscreen, paperless systems like those in Ohio, Virginia, and some other states are not secure enough yet. [Full Story]
Related Topics:  Digital Democracy   Graduate Students   

Matthew Bernhard on the Steve Gruber Show (audio)

Matthew Bernhard, a CSE graduate student working with Prof. J. Alex Halderman, speaks on the Steve Gruber Show about the possibility for voting fraud in Michigan during the upcoming election. He is introduced just over one minute into the show. [Full Story]
Related Topics:  Digital Democracy   Graduate Students   

How to (Really) Steal an Election (audio)

Prof. J. Alex Halderman is interviewed on the dangers posed by electronic voting in this story. The story covers all types of concerns regarding elections, from Donald Trump's warning of a rigged election through the Bush v. Gore contest and the use of electronic voting systems. Halderman appears at about 20:15. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

This Is Why We Still Cant Vote Online

This article highlights the work done by security researchers to demonstrate the dangers inherent in the use of paperless electronic voting systems. It spotlights work done by Prof. J. Alex Halderman and his students in 2010, when they accepted a challenge to hack Washington DC's proposed new Internet system. The research team was able to hack the system, steal records, and modify it to play the Michigan fight song -- all in less than two days. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Rigging the Election

Jason Smith, writer and director of the documentary "I Voted?", references work done by Prof. J. Alex Halderman in demonstrating the vulnerabilities of electronic voting systems in this opinion piece. Mr. Smith's mission has been to reinforce the message that "Nothing is more important to the future of our democracy than ensuring the integrity of all elections." [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Experts: State Should Audit Election Results

Since hackers have targeted the election systems of more than 20 states, cyber-security experts including Prof. J. Alex Halderman say Michigan should change its policy and routinely audit a sample of its paper ballots to protect against election fraud. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

As cyberthreats multiply, hackers now target medical devices

This article, which quotes Prof. Kevin Fu, describes the threat of malware for implantable medical devices and for hospital systems. Because these systems were typically designed without security in mind, "There is no [impervious] device," says Prof. Fu. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Why Can't We Vote Online?

This article on the security concerns associated with Internet voting points to the 2010 hack of the District of Columbia's internet voting system by researchers led by Prof. J. Alex Halderman as a prime example of what could go wrong. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Technology Will Destroy Democracy Unless This Man Stops It

This article provides an in-depth profile of Prof. J. Alex Halderman and his research in the area of security, in particular his work in exposing the security vulnerabilities of electronic voting systems and his additional work in the area of internet anticensorship. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Cybersecurity and Voting Machine Security (video)

Prof. J. Alex Halderman appeared on C-SPAN to discuss vulnerabilities associated with electronic voting and to answer viewer questions. It's worth viewing this 40-minute video segment of the C-SPAN airing. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Despite Flaws, Paperless Voting Machines Remain Widespread in the U.S.

This article surveys problems associated with aging and insecure electronic voting systems. It quotes Prof. J. Alex Halderman, a leading researcher in this area, as saying, "Clearly we still have a long way to go to ensure that all Americans have access to a form of voting technology they can trust." [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Paperless voting could fuel 'rigged' election claims

This article describes the concern that talk of a potentially "rigged" election could undermine confidence in results. Amongst the issues associated with electronic voting is that many systems do not produce paper backups that could be used for verification, according to Prof. J. Alex Halderman, who is quoted in the article. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Guarding Presidential Election Vote Integrity Presents a Daunting Task

Prof. J. Alex Halderman is quoted in this article regarding election integrity. He points out that any election system must be able to prove that results are accurate in order to dispel concerns about vote rigging. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

New Concerns About Hacks Into State Voting Systems

Prof. J. Alex Halderman was a guest on the Diane Rehm show on August 31, where the conversation included discussion of the security of elections. Click the "Listen" button under the headline to hear the interview; the discussion with Prof. Halderman begins at 20:30. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Hacking Report on St. Jude Pacemakers Was Flawed, Researchers Say

This article details how a report on cybersecurity vulnerabilities in St. Jude Medicals implantable heart devices released last week by short sellers was flawed and didnt prove the flaws existed, according to a review by University of Michigan researchers including Prof. Kevin Fu. [Full Story]
Related Topics:  Fu, Kevin   

University study finds flaws in criticism of St. Jude cyber security

This article reports on the work done by Prof. Kevin Fu and his collaborators, which has called into question the allegations of security flaws in St. Jude Medical's pacemakers and other life-saving medical devices. The claim of security holes was released last week by short-selling investment research firm Muddy Waters Capital LLC and medical device security firm MedSec Ltd. [Full Story]
Related Topics:  Fu, Kevin   

Holes Found in Report on St. Jude Medical Device Security

Michigan researchers including Prof. Kevin Fu have reproduced experiments alleging security flaws in St. Jude Medical's pacemakers and other life-saving medical devices and have concluded that those claims are questionable. The report alleging the security flaws was released last week by short-selling investment research firm Muddy Waters Capital LLC and medical device security firm MedSec Ltd. [Full Story]
Related Topics:  Fu, Kevin   

Correlation is Not Causation: Electrical Analysis of St. Jude Implant Shows Normal Pacing

This blog post by the Archimedes Center for Medical Device Security provides additional technical detail regarding the claims by Muddy Waters and St. Jude regarding pacemaker/defibrillator security. Prof. Kevin Fu, who heads the Archimedes Center, and his collaborators at Michigan have concluded that those claims are questionable. [Full Story]
Related Topics:  Fu, Kevin   

How Electronic Voting Could Undermine the Election

Foreign hackers, domestic hackers, those with physical access to voting machines, and those who attack from afar: this article describes the multiple risks associated with electronic voting and highlights the work of Prof. J. Alex Halderman in making this clear to us. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Online voting could be really convenient. But its still probably a terrible idea.

This article reports on Internet voting availability in the US. It then examines Estonia's electronic voting system, which has been been hailed by some as a model system for secure electronic voting. Prof. J. Alex Halderman, who was part of a security team that documented failings in the Estonian system, disagrees and is quoted in the article. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Researchers David Adrian and Prof. J. Alex Halderman Receive Pwnie Award for Work on DROWN Attack

A research team that includes CSE PhD student David Adrian and Prof. J. Alex Halderman has been awarded the Pwnie Award for Best Cryptographic Attack at the Black Hat conference for their work on the DROWN attack. DROWN allows attackers to break encryption used to protect HTTPS websites and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

How to Hack an Election in 7 Minutes

This in-depth article in Politico traces the history of "the Princeton group" -- a cadre of security experts, including Michigan's Prof. J. Alex Halderman, who grew out of Andrew Appel and Ed Felton's groups at Princeton and have influenced the conversation on the security of electronic voting. The article concludes with this remark from Halderman regarding the danger posed by state-sponsored cyber attackers: "We sit around all day and write research papers. But these people are full time exploiters. They're the professionals. We're the amateurs." [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

CSE Researchers Win Pwnie Award for Work on DROWN Attack

A research team that includes CSE PhD student David Adrian and Prof. J. Alex Halderman has been awarded the Pwnie Award for Best Cryptographic Attack at the BlackHat conference for their work on the DROWN attack. DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

The DNC Leak Shows How Vulnerable This Election Is To Hacking

Security experts including Prof. J. Alex Halderman are quoted in this article about the security risks associated with electronic voting. Many studies conducted by Prof. Halderman and his contemporaries have demonstrated that elections based on electronic voting are at risk of manipulation - often without detection. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Clever Tool Shields Your Car From Hacks by Watching its Internal Clocks

In a paper they plan to present at the Usenix security conference next month, researchers led by Kang G. Shin, the Kevin and Nancy O'Connor Professor of Computer Science, describe an easy-to-assemble tool they call the Clock-based Intrusion Detection System, or CIDS. CIDS characterizes the clock inaccuracies of all of the processors in a car in order to spot the malicious messages that hackers use to take control of vehicle components like brakes and transmission. [Full Story]
Related Topics:  Automotive industry   Graduate Students   Shin, Kang G.   

The Mr. Robot Hack Report: Ransomware and Owning the Smart Home

This article references work done by UM CSE researchers, led by Prof. Atul Prakash, who recently exposed vulnerabilities in the Samsung SmartThings platform that let them set off smoke alarms or even unlock doors. [Full Story]
Related Topics:  Prakash, Atul   

Experimenting with Post-Quantum Cryptography

This Google blog post announces the company's decision to test post-quantum cryptography in Chrome, in which a small fraction of connections between desktop Chrome and Google's servers will use a post-quantum key-exchange algorithm in addition to the elliptic-curve key-exchange algorithm that would typically be used. The algorithm used in the test builds on work by Prof. Chris Peikert and his collaborators. [Full Story]
Related Topics:  Peikert, Chris   Quantum Computing   

Online voting would be disastrous because hackers could hijack the democratic process

This article frames the very real dangers of online voting and underscores them with examples from Prof. J. Alex Halderman's work in demonstrating weaknesses in the Estonian online voting system and Washington DC's 2010 attempt at an Internet voting system. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Two Michigan Papers Win Top Awards at IEEE Security and Privacy Symposium

Two papers authored by EECS researchers were selected for top honors at the 37th IEEE Symposium on Security and Privacy. One of the papers, describing and demonstrating a malicious hardware backdoor, received the Distinguished Paper Award. The second, which demonstrated security failings in a commercial smart home platform, received the Distinguished Practical Paper Award. [Full Story]
Related Topics:  Austin, Todd   Computer Architecture   Graduate Students   Hicks, Matt   Internet of Things   Prakash, Atul   Sylvester, Dennis   

U-M cyber security startup purchased by FICO

QuadMetrics, a cyber risk security startup co-founded by Prof. Mingyan Liu, announced it has been purchased. Analytic software company FICO of San Jose, Calif., bought QuadMetrics to help in its development of a FICO Enterprise Security Score. The scores will rank an organization's level of cyber security risk, the company said in a statement. [Full Story]
Related Topics:  Liu, Mingyan   Technology Transfer   

Undetectable proof-of-concept chip poisoning uses analog circuits to escalate privilege

In this article, Cory Doctorow describes work by Michigan researchers that demonstrates a "novel, frightening attack on the integrity of microprocessors." The paper describes the attack, which is nearly undetectable, and how it can lead to full control of a computing system. [Full Story]
Related Topics:  Austin, Todd   Computer Architecture   Graduate Students   Sylvester, Dennis   

Michigan and Verisign Researchers Demonstrate New Man-in-the-Middle WPAD Query Attack

Security researchers including Prof. Z. Morley Mao and CSE graduate student Qi Alfred Chen have demonstrated that new security ramifications exist when laptops and smartphones configured for enterprise systems and using generic top-level domains are used outside the enterprise in the realm of the wider web. [Full Story]
Related Topics:  Graduate Students   Mao, Zhuoqing Morley   Networking, Operating Systems, and Distributed Systems   

This "Demonically Clever" Backdoor Hides in a Tiny Slice of a Computer Chip

This article in Wired describes work by Michigan researchers that demonstrates how a hacker could hide a malicious backdoor in silicon and trigger it to gain access to a computing system. Google engineer Yonatan Zunger is quoted as saying "This is the most demonically clever computer security attack Ive seen in years." [Full Story]
Related Topics:  Austin, Todd   Blaauw, David   Computer Architecture   Graduate Students   

Security Risks in the Age of Smart Homes

CSE graduate student Earlence Fernandes writes about the security risks of connected homes in this article at The Conversation. Earlence is part of a research team that included Prof. Atul Prakash and Jaeyeon Jung of Microsoft, which exposed security flaws in Samsung's popular SmartThings product offerings. [Full Story]
Related Topics:  Graduate Students   Prakash, Atul   

Fighting Cyber Crime with Data Analytics

Companies like Sony, JP Morgan Chase, Target, and even some state universities have had sensitive information like credit card numbers and account logins leaked, resulting in far-reaching economic consequences for countless households. Prof. Liu co-founded QuadMetrics to keep companies diligent when it comes to cybersecurity. QuadMetrics offers a pair of services to help companies both assess the effectiveness of their security and decide the best way to allocate (or increase) their security budget. [Full Story]
Related Topics:  Big Data   Entrepreneurship   Graduate Students   Liu, Mingyan   

Hacking into Homes: Security Flaws Found in SmartThings Connected Home System

Prof. Atul Prakash, CSE graduate student Earlence Fernandes, and Jaeyeon Jung (Microsoft Research), have performed a security analysis of the SmartThings programming framework. They were able to hack into the automation system and essentially get the PIN code to a homes front door. [Full Story]
Related Topics:  Prakash, Atul   Security (national and personal safety)   

Your Devices' Latest Feature? They Can Spy on Your Every Move

In The Converstation, Prof. HV Jagadish sheds light on how smart devices are a gateway for hackers to spy on you. Since devices are networked, they can communicate in ways we dont want them to and people can take control of these technologies to learn private information about you. [Full Story]
Related Topics:  Jagadish, HV   Security (national and personal safety)   

Dropping USB Drives Is the Easiest Trick Hackers Can Use - And You're Probably a Sucker

Researchers including CSE graduate student Zakir Durumeric have discovered a highly effective security hack to gain access to others' computing systems - leaving USB flash drives with malicious payloads laying on the ground. In their study, they found there is a nearly 50% chance that someone will pick up a given drive, plug it into their computer, and start clicking. This presents the opportunity for malware to be activated. [Full Story]
Related Topics:  Graduate Students   

With Hospital Ransomware Infections, the Patients Are at Risk

The article in MIT Technology Review quotes Prof. Kevin Fu on the recent string of ransomware attacks against hospitals. Prof. Fu's research is in the area of security for medical equipment, from implanted devices through bedside monitoring equipment, medical diagnostic equipment, and medical IT systems. [Full Story]
Related Topics:  Fu, Kevin   

Malware Attacks On Hospitals Put Patients At Risk

The article at NPR describes recent cases in which hospitals became the victims of ransomware attacks. Prof. Kevin Fu, an expert on the security vulnerabilities of medical equipment, is quoted. [Full Story]
Related Topics:  Fu, Kevin   

Startup Co-founded by Prof. Kevin Fu Gets NSF Grant

Healthcare security company Virta Laboratories, Inc, co-founded by Prof. Kevin Fu, has received a $750,000 grant from the National Science Foundation Small Business Innovation Research (SBIR) program. Virta Labs provides hardware and software cybersecurity solutions for hospitals. [Full Story]
Related Topics:  Entrepreneurship   Fu, Kevin   

Attack against TLS shows the pitfalls of weakening encryption

This article describes how, for the third time in a year, security researchers including Prof. J. Alex Halderman have found a method to attack encrypted Web communications, a direct result of weaknesses that were mandated two decades ago by the U.S. government. The latest instance is the DROWN attack. [Full Story]
Related Topics:  Halderman, J. Alex   

Drown attack: how weakened encryption jeopardizes 'secure' sites

This article describes how researchers including Prof. J. Alex Halderman have succeeded in attacking "secure" connections that are used in email, news and entertainment services. The article notes that the technique could affect up to one third of all websites that use secure communications and is a legacy of past efforts to water down online encryption. [Full Story]
Related Topics:  Halderman, J. Alex   

'Thousands of popular sites' at risk of Drown hack attacks

This article describes how researchers including Prof. J. Alex Halderman have discovered a new way to disable popular internet encryption protocols. Their "DROWN" attack takes advantage of past government rules against strong encryption in technology to be exported. The rules have since changed, but the effects live on. [Full Story]
Related Topics:  Halderman, J. Alex   

More than 11 million HTTPS websites imperiled by new decryption attack

This article reports on the DROWN vulnerability, which allows attackers to break encryption and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. The research team who reported on DROWN are from a number of institutions around the world, including U-M. Their measurements indicate that 33% of all HTTPS servers are vulnerable to the attack. [Full Story]
Related Topics:  Halderman, J. Alex   

Passwords, Privacy and Protection: Can Apple Meet FBI Demand Without Creating a Backdoor?

Join The Conversation, in which Prof. HV Jagadish sheds some light on the issues involved in the FBI/Apple standoff over the court order to unlock a terrorism suspect's iPhone. [Full Story]
Related Topics:  Jagadish, HV   

Internet voting is just too hackable, say security experts

This article revisits the question of Internet voting, and reviews the reasons why these systems have been proven unreliable in the past. Prof. J. Alex Halderman, a prominent researcher in this area who has demonstrated vulnerabilities in many types of electronic voting systems, is quoted: "Imagine the incentives of a rival country to come in and change the outcome of a vote for national leadership. Elections require correct outcomes and true ballot secrecy." [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Censys Enables Fast Searching of Actionable Internet Data

CSE researchers have introduced Censys, a search engine that enables researchers to ask questions about the hosts and networks that compose the Internet and get an immediate reply. Censys builds on past work at Michigan that produced the first fast Internet-wide scanner, ZMap. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

Kevin Fu Named a Top Influencer in Health Information Security

Prof. Kevin Fu has been named to the 2016 list of Top Influencers in Healthcare Information Security by HealthcareInfoSecurity. This list recognizes leaders who are playing significant roles in shaping the way healthcare organizations approach information security and privacy. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Cybersecurity Startup QuadMetrics Calculates Odds a Company Will be Breached

As reported by the Wall Street Journal, QuadMetrics Inc. says it can predict with greater than 90% accuracy the likelihood that a company will be breached within the next year. QuadMetrics cloud service determines the probability of a breach at a particular company by collecting from its network more than 250 different data points. The company was co-founded by Prof. Mingyan Liu. [Full Story]
Related Topics:  Liu, Mingyan   

Michigan Researchers Win the 2016 Applied Networking Research Prize

A team of researchers, including CSE graduate students Zakir Durumeric, David Adrian, James Kasten, CS student Ariana Mirian, and Prof. J. Alex Halderman have received The Applied Networking Research Prize (ANRP) for their paper, "Neither Snow Nor Rain Nor MITM... An Empirical Analysis of Email Delivery Security". The Applied Networking Research Prize (ANRP) recognizes the best new ideas in networking. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   Security (national and personal safety)   

A Search Engine for the Internets Dirty Secrets

This MIT Technology Review article highlights a new search engine called Censys, which aims to help security researchers find specific hosts and create aggregate reports by tracking all the devices hooked up to it. Data is harvested through the software ZMap and the researchers are trying to maintain a complete database of everything on the Internet. The open-sourced project is led by CSE graduate student Zakir Durumeric. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   Security (national and personal safety)   

Why medical devices are so hard to secure

In this article, Prof. Kevin Fu addresses the security of medical devices. Many of the aging medical devices still in wide use in hospitals across the U.S. were built without much consideration for security controls. [Full Story]
Related Topics:  Fu, Kevin   Security (national and personal safety)   

Medical device security? Forget hackers, think 'hand-washing'

In this article, Prof. Kevin Fu talks about the potentially dangerous faults in implants and bedside devices. Fu states, if you're using this old software, these old operating systems, you're vulnerable to all that malware that garden-variety malware that has been out in the wild for more than 10 years. [Full Story]
Related Topics:  Fu, Kevin   Security (national and personal safety)   

Could hackers break my heart via my pacemaker?

This BBC article highlights Prof. Kevin Fu's first peer-reviewed paper describing an attack on a heart device. Fu and his team made a combination pacemaker and defibrillator deliver electric shocks, a potentially fatal hack had the device been in a patient rather than a computing lab. The article addresses the publics concern about the security of pacemakers. [Full Story]
Related Topics:  Fu, Kevin   Security (national and personal safety)   

Gmail Will Soon Warn Users When Emails Arrive Over Unencrypted Connections

This article in Tech Crunch highlights recent findings from an analysis of email delivery security. Google will leverage the findings to improve the security provided through its Gmail service and to warn its users when messages are not secure. The study was conducted by Michigan researchers J. Alex Halderman, Zakir Durumeric, David Adrian, Ariana Mirian, and James Kasten along with rsearchers from the University of Illinois and Google. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

New Research: Encouraging trends and emerging threats in email security

This Google security blog entry highlights recent findings from an analysis of email delivery security. Google will leverage the findings to improve the security provided through its Gmail service and to warn its users when messages are not secure. The study was conducted by Michigan researchers J. Alex Halderman, Zakir Durumeric, David Adrian, Ariana Mirian, and James Kasten along with rsearchers from the University of Illinois and Google. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

Email Encryption is Broken

This article in Motherboard highlights research which found that large chunks of email traffic are being deliberately stripped of their encryption, or just sent without any in the first place, leaving them totally open to passive eavesdroppers. Amongst the study's authors are Prof. J. Alex Halderman and CSE graduate students Zakir Durumeric, David Adrian, Ariana Mirian, and James Kasten. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

Computer Scientists Win Best Paper Award at ACM Conference on CCS for Exposing the Vulnerabilities of the Diffie-Hellman Key Exchange

A team of researchers, including Prof. J. Alex Halderman and CSE graduate students Zakir Durumeric, David Adrian, Drew Springall, Benjamin VanderSloot, and Eric Wustrow, has won a Best Paper Award at the ACM Conference on Computer and Communications Security (CCS), which took place October 12-16, 2015 in Denver, Colorado. In the paper, Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice, the researchers investigate the security of Diffie-Hellman key exchange. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   Security (national and personal safety)   

Research Shows How NSA Exploits Flaws to Decrypt Huge Amounts of Communications Instead of Securing the Internet

According to an award-winning paper, which was co-authored by Prof. Alex Halderman, the NSA has likely used its access to vast computing power as well as weaknesses in the commonly used TLS security protocol in order to spy on encrypted communications. The paper represents a major contribution to public understanding by drawing a link between the NSAs computing resources and previously known cryptographic weaknesses. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

This Common Cryptography Method Is Alarmingly Vulnerable

This blog posting on Slate examines the recent paper presented by Prof. Halderman and other researchers at the ACM Conference on Computer and Communications Security. The paper reveals the vulnerabilities of the Diffie-Hellman key exchange, which is a method for two parties to securely share a cryptographic key that was first published in 1976 and is widely used. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

How the NSA can Break Trillions of Encrypted Web and VPN connections

Privacy advocates have pushed developers of websites, virtual private network apps, and other cryptographic software to adopt the Diffie-Hellman cryptographic key exchange as a defense against surveillance from the US National Security Agency and other state-sponsored spies. Now, Prof. Alex Halderman and other researchers are renewing their warning that a serious flaw in the way the key exchange is implemented is allowing the NSA to break and eavesdrop on trillions of encrypted connections. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

NSA may be Breaking Popular Algorithm

A popular algorithm, known as the Diffie-Hellman key exchange, is vulnerable to state-sponsored attackers, according to a new research paper presented at the ACM Conference on Computer and Communications Security, which was co-authored by Prof. Alex Halderman. Diffie-Hellman is used to secure websites, email and other protocols. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

J. Alex Halderman and Collaborators Receive NSF Cybersecurity Award to Develop Rapid-Response Architecture

A team of leading security experts has been awarded $2M by the National Science Foundation for a project aimed at reducing the impact of software vulnerabilities in Internet connected systems. The researchers, J. Alex Halderman, Vern Paxson, and Michael Bailey, will leverage the high-speed ZMap Internet-wide scanning system developed in Prof. Halderman's lab as the basis for a rapid response architecture to counter emerging threats. [Full Story]
Related Topics:  Halderman, J. Alex   

Prof. Kevin Fu Addresses Technical Debt of Medical Device Security at NAE Symposium

Prof. Kevin Fu was selected to speak at the 2015 US Frontiers of Engineering Symposium, which was hosted by the National Academy of Engineering (NAE). The event took place September 9-11 at the Arnold and Mabel Beckman Center in Irvine, California. He was one of only 15 speakers who presented at the symposium. [Full Story]
Related Topics:  Fu, Kevin   

Brilliant 10: Alex Halderman Strengthens Democracy Using Software

For the 14th year, Popular Science honors the brightest young minds in science and engineering. Prof. J. Alex Halderman has been named one of their Brilliant 10 for exposing the vulnerabilities in electronic-voting systems and working with governments to make them more secure. [Full Story]
Related Topics:  Halderman, J. Alex   

J. Alex Halderman Named One of Popular Science's Brilliant Ten

Associate Professor J. Alex Halderman has been named one of Popular Science's 2015 Brilliant 10 for his work in computer security and privacy. From exposing the vulnerabilities in e-voting systems to making voting more secure, he is the epitome of a bright young mind that Popular Science selects for their annual list. [Full Story]
Related Topics:  Halderman, J. Alex   

Zakir Durumeric Named MIT Technology Review Innovator Under 35

MIT Technology Review has named CSE graduate student Zakir Durumeric one of this years Innovators Under 35. Each year since 1999, MIT Technology Review selects exceptionally talented young innovators whose work they believe has the greatest potential to transform the world. His work focuses on developing quantitative, measurement-based approaches to combat threats against hosts and networks on the Internet. [Full Story]
Related Topics:  Graduate Students   Security (national and personal safety)   

Virta Labs Introduces PowerGuard

Virta Labs recently introduced their flagship product called PowerGuard. While it looks like an everyday power outlet, its embedded intelligence detects when an infected device is plugged into the outlet by analyzing subtle power consumption patterns. [Full Story]
Related Topics:  Fu, Kevin   

Can hackers take over Ann Arbor's traffic signals? U-M researcher discusses

In this MLive article about the security of municipal traffic signal systems, the work of CSE graduate student Branden Ghena is highlighted. Ghena received permission to hack the traffic lights at an unnamed Michigan municipality in 2014, where he quickly demonstrated how signals could be taken under the control of a hacker. Ann Arbor's system, he notes, is hardwired and would require a direct connection, rather than a wireless connection, to hack. [Full Story]
Related Topics:  Graduate Students   

Can hackers take over traffic lights?

In this Washingtion Post article about the security of municipal traffic signal systems, the work of CSE graduate student Branden Ghena is highlighted. Ghena received permission to hack the traffic lights at an unnamed Michigan municipality in 2014, where he quickly demonstrated how signals could be taken under the control of a hacker. [Full Story]
Related Topics:  Graduate Students   

Prof. Kevin Fu Testifies on the IRS Data Breach for Senate Committee

As reported on the Computing Community Consortium blog, Prof. Kevin Fu was one of the five witnesses to testify to the U.S. Senate Committee on Homeland Security & Governmental Affairs at a hearing on "The IRS Data Break: Steps to Protect Americans Personal Information." Video from the hearing is available here; Prof. Fu speaks at about 13:00. [Full Story]
Related Topics:  Fu, Kevin   Security (national and personal safety)   

Massive Clinton-era Internet bug shows pitfalls of Obama's 'backdoor' proposal

In this CNN Money article, Prof. J. Alex Halderman is quoted regarding the FBI's request for security backdoors in technology products. "It's a bad idea," he says. [Full Story]
Related Topics:  Halderman, J. Alex   

New Computer Bug Exposes Broad Security Flaws

The Wall Street Journal reports on the newly-discovered Logjam bug, which could allow an attacker to read or alter communications that claim to be secure and may have been exploited by the National Security Agency to spy on virtual private networks, or VPNs. The vulnerability could also be exploited by hackers. CSE Graduate student Zakir Durumeric, one of the researchers working on the bug, is quoted in the article. [Full Story]
Related Topics:  Graduate Students   

HTTPS-crippling attack threatens tens of thousands of Web and mail servers

ARS Technica reports on the Logjam vulnerability in detail and quotes Prof. J. Alex Halderman, who says, "Logjam shows us once again why it's a terrible idea to deliberately weaken cryptography, as the FBI and some in law enforcement are now calling for. That's exactly what the US did in the 1990s with crypto export restrictions, and today that backdoor is wide open, threatening the security of a large part of the Web." [Full Story]
Related Topics:  Halderman, J. Alex   

Your House Is Your Next Fit Band

This article in Discovery highlights a Wi-Fi based approach to a local area fitness monitoring system prototyped at MIT. It includes commentary by U-M Prof. Fu, who sees potential for the system, especially in cases where typical sensor placement is not viable. He does, however, have concerns about WiFi security for medical data transmission. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Digital democracy: will 2015 be the last paper-based general election?

There is a growing call for on-line voting in the UK with Estonia's system seen by some as a model, as discussed in this article in The Telegraph. However, work by Prof. J. Alex Halderman and others, including Halderman's 2014 assessment of the Estonian systems, point to major risks in the system [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Duo Security Raises $30 Million To Protect Enterprises Against Data Breaches

Ann Arbor-based Duo Security, the two-factor authentication startup founded by CS alums Dug Song and Jon Oberheide, wants to do more to help protect companies from hackers trying to gain access to their networks. With that goal in mind, its launching a new product to secure their networks and announcing $30 million in new funding led by Redpoint Ventures. More in this article on Techcrunch. [Full Story]
Related Topics:  Alumni   

Machine politics: Electronic voting and the persistent doubts about its integrity

Prof. J. Alex Halderman and his collaborator Dr. Vanessa Teague are interviewed on Up Close, the research talk show from the University of Melbourne, about their work in investigating the iVote system recently used in New South Wales and about the security challenges of electronic voting in general. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Why you arent voting for Chicago mayor from a smartphone

This article in the Chicago Tribune summarizes why Chicago voters won't be casting online votes in April 7's mayoral runoff election. Although other transactions can be accomplished by smartphone, "the shape of the problem is fundamentally different than things we routinely do online today," says Prof. J. Alex Halderman in the article. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Probing the Whole Internet for Weak Spots

This article in MIT Technology Review profiles the work of CSE graduate student Zakir Durumeric. Durumeric led in the development of ZMap, the software capable of probing the entire public Internet in less than an hour. Through the use of ZMap, Durumeric was first person to realize the scope of the FREAK flaw. His use of ZMap was also pivotal to researchers' understanding of the recent Heartbleed flaw. [Full Story]
Related Topics:  Graduate Students   

Our Data, Our Health. A Future Tense Event Recap.

This blog posting on Slate addresses threats to medical device security and highlights the thoughts of Prof. Kevin Fu on the matter. Prof. Fu directs the Archimedes Medical Device Research Center at Michigan. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Security Flaw in New South Wales Puts Thousands of Online Votes at Risk

A security flaw detected by Prof. J. Alex Halderman and Dr. Vanessa Teague of the University of Melborne may have exposed thousands of votes to manipulation during a six-day period of online voting in New South Wales, Australia. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

NSW election result could be challenged over iVote security flaw

This article in The Guardian covers the discovery of a security flaw in the the online voting system used in New South Wales during the current election. The researchers included Prof. J. Alex Halderman and Dr. Vanessa Teague of the University of Melbourne. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Thousands of NSW iVotes open to FREAK flaw

This article in The Australian covers the discovery of a security flaw in the the online voting system used in New South Wales during the current election. The researchers included Prof. J. Alex Halderman and Dr. Vanessa Teague of the University of Melbourne. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Australian online voting system may have FREAK bug

This article in The Register covers the discovery of a security flaw in the the online voting system used in New South Wales during the current election. The researchers included Prof. J. Alex Halderman and Dr. Vanessa Teague of the University of Melbourne. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Yi-Chin Wu Receives ProQuest Distinguished Dissertation Award for Research in Network Security

Yi-Chin Wu (MSE PhD EE:Sys 11 14) received the ProQuest Distinguished Dissertation Award for 2014 for her dissertation, Verification enforcement for opacity security property. Her research brings Discrete Event Control Theory to the analysis and design of secure systems. Dr. Wu says that we can no longer solve security and privacy threats by only examining the implementation of each specific system. To proactively design general secure systems, we need to address security in a theoretical approach. [Full Story]
Related Topics:  Alumni   Diversity and Outreach   Networking, Operating Systems, and Distributed Systems   

Security Concerns Raised Regarding Clinton Offices Use of Private Email

Prof. J. Alex Halderman is quoted regarding security concerns in this Al Jazeera America article on Hillary Clinton's use of a private email service while in office as Secretary of State. Prof. Halderman has previously demonstrated vulnerabilities in the security of a number of trusted systems, including airport body scanners and electronic voting systems. [Full Story]
Related Topics:  Halderman, J. Alex   

Researchers Map Extent of FREAK Security Flaw

Prof. J. Alex Halderman and CSE graduate student Zakir Durumeric have used their ZMap scanning software to determine that of the 14 million web sites worldwide that offer encryption, more than 5 million remain vulnerable to the FREAK encryption flaw as of March 4. The U-M researchers are part of a broad effort that has demonstrated the dangers inherent in the older 512-bit encryption code that is still in use. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

Outdated Encryption Keys Leave Phones Vulnerable to Hackers

Prof. J. Alex Halderman and CSE graduate student Zakir Durumeric have used their ZMap scanning software to determine that of the 14 million web sites worldwide that offer encryption, more than 5 million remain vulnerable to the FREAK encryption flaw as of March 4. Prof. Halderman is quoted on the danger of weak crypto and "back doors" in this New York Times article on the subject. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

J. Alex Halderman Selected for Sloan Research Fellowship

Professor J. Alex Halderman has been selected for a Sloan Research Fellowship for his work in the science of computer and network security with an emphasis on problems that broadly impact society and public policy. [Full Story]
Related Topics:  Cryptography   Digital Democracy   Halderman, J. Alex   Security (national and personal safety)   

Can Hackers Get Into Your Pacemaker?

Prof. Kevin Fu is quoted in this article in The Atlantic, which summarizes a number of factors that contribute toward vulnerabilities in medical devices like insulin pumps, defibrillators, fetal monitors, and scanners. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

CS Researchers Introduce New Certificate Authority in Aim to Securely Encrypt Every Website

Computer science researchers including Prof. J. Alex Halderman and CSE graduate student James Kasten have announced Let's Encrypt, a free, automated, and open certificate authority that is intended to bring secure encryption to the entire web. Let's Encrypt was developed with the Electronic Frontier Foundation and Mozilla and will debut in summer 2015. [Full Story]
Related Topics:  Cryptography   Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   Security (national and personal safety)   

Computer Scientists Win Best Paper Award at ACM IMC for Analysis of the Impact of the Recent Heartbleed Vulnerability

A team of computer scientists including Prof. J. Alex Halderman, CSE graduate student and lead co-author Zakir Durumeric, and CSE graduate students James Kasten and David Adrian, has won a Best Paper Award at the 2014 ACM Internet Measurement Conference for their comprehensive, measurement-based analysis of the impact of the recent Heartbleed vulnerability, and the server operator community's response to it. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   Security (national and personal safety)   Software Systems   

Yang Liu Receives Best Applications Paper Award for Cyber Security Research in Phishing

Yang Liu, Ph.D Candidate in Electrical Engineering:Systems, earned a Best Applications Paper Award from the ACM/IEEE International Conference on Data Science and Advanced Analytics (DSAA2014) for his recent research on phishing. His paper detailed his use of big data analysis to solve a major problem of cyber security [Full Story]
Related Topics:  Big Data   Communications   Graduate Students   Liu, Mingyan   

Estonia has online voting. Should the United States?

Vox takes a look at voting in Estonia, a country that is an early adopter of online voting. The article notes that the convenience of the system is outweighed by the security risks inherent in such systems and references the work done by Prof. J. Alex Halderman in exposing weaknesses in the Estonian system and in an earlier proposed system in Washington DC. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Hackers Could Decide Who Controls Congress Thanks to Alaskas Terrible Internet Ballots

In today's elections, Alaska will use its first-in-the-nation Internet voting system in today's mid-term elections -- a move that top security experts, including Prof. J. Alex Halderman, consider a security nightmare that could put control of the US Congress in the hands of hackers. More in this article at The Intercept. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Decode DC: The Future of Voting. Prof J. Alex Halderman Interviewed on Electronic Voting

In this podcast, host Andrea Seabrook and Decode DC reporter Miranda Green explore the potential benefits and risks of on-line voting. Coming down in the side of caution is Prof. J. Alex Halderman, who has demonstrated security vulnerabilities in voting systems worldwide and who says that "the problem with voting and computer technology is that hackers can change the election result to be whatever they want." [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Rise of e-voting is inevitable, as is risk of hacking

As elections approach in both Canada and the US, more municipalities are considering the use of Internet voting or electronic voting machines. This article in the Globe and Mail describes some of the risks associated with this trend and references the work that was done during the last national election cycle when Prof. J. Alex Halderman and his students hacked the proposed Washington DC Internet voting system. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

New Jersey e-vote experiment after Sandy declared a disaster

This article in Aljazeera America details research into the security of electronic voting that was taken up in New Jersey following Hurricane Sandy. Prof. J. Alex Halderman is quoted in long form in the article. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Theres Really No Delete Button on the Internet

In this interview on Michigan Radio, Prof. Kevin Fu talks about Internet privacy and the fact that boundaries don't really exist in the age of cloud computing. [Full Story]
Related Topics:  Fu, Kevin   Security (national and personal safety)   

Research finds No Large Scale Heartbleed Exploit Attempts Before Vulnerability Disclosure

Did the NSA or anyone else take advantage of the Heartbleed bug prior to its public disclosure? This Threat Post story describes research by Prof. J. Alex Halderman and others which indicates that traffic data collected on several large networks shows no exploit attempts in the months leading up to the public disclosure. The article has also been slashdotted here. [Full Story]
Related Topics:  Halderman, J. Alex   Security (national and personal safety)   

Facets of Privacy Discussed at Inauguration Panel

At a symposium to mark the inauguration of President Mark S. Schlissel, leading privacy scholars from U-M and Carnegie Mellon University, including Prof. Kevin Fu, discussed the issues surrounding privacy, social media, and cloud computing. [Full Story]
Related Topics:  Security (national and personal safety)   

Shared Memory in Mobile Operating Systems Provides Ingress Point for Hackers

Computer science researchers have exposed a shared memory weakness believed to exist in Android, Windows, and iOS operating systems that could be used to obtain personal information from unsuspecting users. The research team has demonstrated how passwords, photos, and other personal information can be stolen while users use popular mainstream apps. [Full Story]
Related Topics:  Mao, Zhuoqing Morley   

Researchers Expose Security Flaws in Backscatter X-ray Scanners

A team of security researchers including Prof. J. Alex Halderman and graduate student Eric Wustrow have discovered several security vulnerabilities in the full-body backscatter X-ray scanners that were deployed to U.S. airports between 2009 and 2013. The researchers were able to slip knives, guns, and other contraband past the systems. [Full Story]
Related Topics:  Halderman, J. Alex   

Researchers Demo Hack to Seize Control of Municipal Traffic Signal Systems

Computer science researchers working with Prof. J. Alex Halderman have demonstrated that a number of security flaws exist in commonly-deployed networked traffic signal systems that leave the systems vulnerable to attack or manipulation. They presented their findings at the 8th USENIX Workshop on Offensive Technologies. [Full Story]
Related Topics:  Halderman, J. Alex   

Researchers Hack Into Michigans Traffic Lights

MIT Technology Review has covered work led by Prof. J. Alex Halderman, in which he and students including Branden Ghena have demonstrated security flaws in a common system of networked traffic signals. [Full Story]
Related Topics:  Halderman, J. Alex   

Two New Faculty Join CSE in Fall 2014

CSE is delighted to welcome two outstanding new faculty members to Michigan. With highly relevant research pursuits in the realms of secure and private Internet-scale services and in machine-learning and data extraction methodologies, they'll help to lead and teach us as we enter a world increasingly shaped by computer science and engineering. [Full Story]
Related Topics:  Big Data   Machine Learning   Madhyastha, Harsha   Wiens, Jenna   

Vulnerabilities Demonstrated in Traffic Signal Controls

Students in Prof. J. Alex Halderman's recent EECS 588 course, including graduate student Brandon Ghena, have demonstrated vulnerabilities that would allow hackers to take control of municipal traffic light systems. [Full Story]
Related Topics:  Halderman, J. Alex   

Court case: Voting via the Internet is a civil rights issue for disabled

The debate over whether Americans should be permitted to vote via the Internet has long pitted voting system manufacturers, who frame it to election officials as inevitable and modern, against cybersecurity experts including Prof. J. Alex Halderman, who has repeatedly demonstrated vulnerabilities in voting systems worldwide. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Utah is correct to both be at the front of online voting, and cautiously study security

Prof. J. Alex Halderman is watching as the state of Utah convenes a committee to study how the Beehive State might proceed with online voting. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Zakir Durumeric Selected for Google PhD Fellowship

CSE graduate student Zakir Durumeric has been selected to receive a Google PhD Fellowship in Security for the 2014-15 academic year. Zakir was chosen as a Google Fellow on the basis of his security research related to Internet-wide scanning, the HTTPS ecosystem, weaknesses in cryptographic keys and protocols, and network mismanagement. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

Hack the Vote: The Perils of the Online Ballot Box

In the Wall Street Journal opinion piece, the authors quote Prof. J. Alex Halderman on electronic voting, who says "With today's security technology, no country in the world is able to provide a secure Internet voting system." More that 30 US states and territories currently allow some form of internet voting. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Parinaz Naghizadeh, Researcher in Economic Network Security, is Named a Barbour Scholar

Parinaz Naghizadeh, a graduate student in electrical engineering, has been named a 2014 Barbour Scholar. She is conducting research in the general area of computer and network security, and more specifically, combining communications with economics to assess the security level of a network and then apply that data to design cyber-insurance contracts. [Full Story]
Related Topics:  Communications   Graduate Students   Liu, Mingyan   Networking, Operating Systems, and Distributed Systems   

BBC: Is Estonia e-Voting Safe?

In this audio interview, Prof. J. Alex Halderman details some of the security risks that his research team has uncovered in the Estonian electronic voting system. Up to a quarter of the electorate will vote online. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Researchers Identify Security Risks in Estonian Online Voting System

Ahead of European Parliamentary elections on May 25, an international team of independent experts, including Prof. J. Alex Halderman and CSE graduate students Travis Finkenauer and Drew Springall, has identified major risks in the security of Estonia's Internet voting system and recommended its immediate withdrawal. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

PC World: Estonian electronic voting system vulnerable to attacks, researchers say

Research conducted by Prof. J. Alex Halderman and his collaborators has shown a number of security flaws in Estonia's Internet voting system. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

The Guardian: Estonian e-voting shouldnt be used in European elections, say security experts

Research conducted by Prof. J. Alex Halderman and his collaborators has shown a number of security flaws in Estonia's Internet voting system. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

The Washington Post: How Russia could easily hack its neighbors elections

Research conducted by Prof. J. Alex Halderman and his collaborators has shown a number of security flaws in Estonia's Internet voting system. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Heartbleed: Behind the Scenes at CSE

Computer science researchers at Michigan, including graduate student Zakir Durumeric, used their Internet scanning software to rapidly pinpoint vulnerable servers on the Internet, quantifying the scope of the Heartbleed bug and providing data on when and where servers were patched to repair the flaw. [Full Story]
Related Topics:  Graduate Students   Halderman, J. Alex   

Wired: Its Crazy What Can Be Hacked Thanks to Heartbleed

[Full Story]
Related Topics:  Halderman, J. Alex   

Startup Virta Labs Wins Ann Arbor SPARK Best of Boot Camp

Virta Laboratories, Inc., the startup co-founded in part by Prof. Kevin Fu and visiting scholar Denis Foo Kune, has been named Best of Boot Camp at the conclusion of Ann Arbor SPARK's Entrepreneurial Boot Camp. Virta Labs delivers malware and anomaly detection on medical devices and process control systems by non-intrusively measuring the power consumption patterns of the machines being protected. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Halderman and Lafortune Join TerraSwarm Research Center

Two EECS faculty with expertise in Privacy and Security, J. Alex Halderman and Stephane Lafortune, will join the TerraSwarm Research Center in May. TerraSwarm addresses the huge potential, as well as the risks, of pervasive integration of smart, networked sensors and actuators into the connected world. [Full Story]
Related Topics:  Halderman, J. Alex   Lafortune, Stephane   

Heartbleed Software Snafu: The Good, the Bad and the Ugly

[Full Story]
Related Topics:  Halderman, J. Alex   

New York Times: Study Finds No Evidence of Heartbleed Attacks Before the Bug Was Exposed

[Full Story]
Related Topics:  Halderman, J. Alex   

Hacker From China Wastes Little Time in Exploiting Heartbleed

[Full Story]
Related Topics:  Halderman, J. Alex   

Michigan Daily: Internet security flaw left University sites vulnerable

[Full Story]
Related Topics:  Halderman, J. Alex   

Heartbleed Hackers Steal Encryption Keys in Threat Test

[Full Story]
Related Topics:  Halderman, J. Alex   

Researchers find thousands of potential targets for Heartbleed OpenSSL bug

CSE researchers have used ZMap, their Internet address scanning software, to perform comprehensive scans of the IPv4 address space and to identify servers still vulnerable to the Heartbleed exploit. [Full Story]
Related Topics:  Halderman, J. Alex   

Vox: Take these 4 steps right now to protect yourself from the Heartbleed bug

In the wake of the Heartbleed OpenSSL bug, Vox interviews Research Prof. Michael Bailey who comments on steps you can take to better protect your information on the web. [Full Story]
Related Topics:  

Kevin Fu Selected for World Economic Forum Young Scientist Award

Prof. Kevin Fu has been recognized by the World Economic Forum with its Young Scientist Award for improving the security of embedded computer systems by uncovering their security flaws. [Full Story]
Related Topics:  Fu, Kevin   

What are quantum computers going to do for us?

Prof. Duncan Steel, a leading expert in quantum computer technology, describes how these computers work, and what their implications are for cyber security. [Full Story]
Related Topics:  Optics and Photonics   Quantum Computing   Quantum Science and Technology   Steel, Duncan   

Halderman: Wired - Four Information Security Stories of 2013 You May Have Missed (ZMap)

[Full Story]
Related Topics:  Halderman, J. Alex   

Cheating on Exams with Smartwatches

In this Freedom to Tinker blog entry, CS undergrad Alex Migicovsky discusses a smartphone app for collaborative cheating and how increasingly small and inconspicuous technology form factors will pose future testing and broader security challenges. Alex's work in this area has been advised by Dr. Jeff Ringenberg and Prof. J. Alex Halderman. [Full Story]
Related Topics:  Undergraduate Students   

Tales From the Crypto Community

In this article in Foreign Affairs, Prof. J. Alex Halderman and Nadia Heninger of University of Pennsylvania describe how recent NSA actions have diminished computer security for everyone and harmed US national cyberdefense interests in a number of ways. [Full Story]
Related Topics:  Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

Halderman: Interview on Tana TV (Estonia) regarding e-voting in Estonia and Latvia

[Full Story]
Related Topics:  Halderman, J. Alex   

Iranian Internet Censorship System Profiled for First Time

Prof. J. Alex Halderman and two anonymous coauthors have published the first peer-reviewed technical study of Iran's national censorship infrastructure, revealing much about the extent and nature of one of the largest and most sophisticated Internet censorship regimes in the world. [Full Story]
Related Topics:  Halderman, J. Alex   

Download ZMap and Scan the Entire Internet in Less Than 45 Minutes

Three U-M computer science researchers have released ZMap, a new open-source tool that can perform a scan of the entire public IPv4 address space on the Internet in less than 45 minutes - over 1000 times faster than with previous tools. [Full Story]
Related Topics:  Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

New Grant: Reducing Computer Viruses in Health Networks

Prof. Kevin Fu and Research Prof. Michael Bailey will establish methods to scientifically study the extent of malware in hospital networks under the new five-year Trustworthy Health and Wellness project that has received $10 million from the National Science Foundation. [Full Story]
Related Topics:  Fu, Kevin   

Researchers Work Recognized Amongst Notable Computing Books and Articles of 2012

Research conducted by Michigan computer scientists has been selected for ACM Computing Review's Notable Computing Books and Articles of 2012. [Full Story]
Related Topics:  Halderman, J. Alex   

Security Risks Found in Sensors for Heart Devices, Consumer Electronics

An international team of researchers including Prof. Kevin Fu has demonstrated that the type of sensors that pick up the rhythm of a beating heart in implanted cardiac defibrillators and pacemakers are vulnerable to tampering. The researchers were able to forge an erratic heartbeat with radio frequency electromagnetic waves in controlled laboratory conditions. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Workshop Brings Together Industry and Researchers on Medical Device Security Challenges

Over 60 professionals from medical device manufacturers and level-I trauma centers and security researchers attended the two-day Archimedes Workshop run by Prof. Kevin Fu through his Archimedes Research Center for Medical Device Security. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

A better single-photon emitter for quantum cryptography

A silicon-based single-photon emitter developed by Prof. Pallab Bhattacharya and his group is simpler and more efficient than those currently available, and can be made using traditional semiconductor processing techniques. [Full Story]
Related Topics:  Bhattacharya, Pallab   LNF   Optics and Photonics   Quantum Science and Technology   Solid-State Devices and Nanotechnology   

Kevin Fu Interviewed Regarding Cyber Security of Medical Devices

Kevin Fu, Director of the Security and Privacy Research Lab, has been interviewed by Healthcare Info Security about the evolving malware and security risks associated with implantable and bedside medical devices. Article includes audio interview. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Kevin Fu Testifies on the Security of Smart Cards to Access Medicare and Medicaid Services

Professor Kevin Fu testified on Nov. 28 in the Energy and Commerce Committee of the U.S. House of Representatives on the cybersecurity of smart cards for combating fraud in health care. Students can learn about such technical, human, and regulatory issues by enrolling in Prof. Fu's Winter 2013 course, EECS 598-008, the first course in the nation dedicated to issues of medical device security. [Full Story]
Related Topics:  Fu, Kevin   Medical Device Security   

Computer Scientists Win Best Paper Award at 21st USENIX Security Symposium

U-M graduate students Zakir Durumeric and Eric Wustrow, Professor J. Alex Halderman, and UC San Diego postdoctoral researcher Nadia Heninger received the award for their paper, "Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices." [Full Story]
Related Topics:  Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

Securing Digital Democracy Opens on Coursera

Securing Digital Democracy, a massive open on-line course taught by Prof. J. Alex Halderman, launched on September 3, with over 14,000 people enrolled. New students are still welcome to join. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   Technology for Education   

Computer Scientists Named Runners Up for PET Award

A team of computer science security researchers including Professor J. Alex Halderman and PhD students Eric Wustrow and Scott Wolchok have been recognized as a runner-up for the annual Privacy Enhancing Technologies (PET) award. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Researchers Demonstrate Firewall Vulnerability in Cell Network

Assoc. Prof. Z. Morley Mao and graduate student Zhiyun Qian have demonstrated how the security features of popular cell network firewalls can be exploited, allowing hackers to break into Facebook and Twitter accounts. [Full Story]
Related Topics:  Mao, Zhuoqing Morley   Mobile Computing   Networking, Operating Systems, and Distributed Systems   

Alex Halderman to Teach Digital Democracy Course Through Coursera

Prof. J. Alex Halderman will teach a free course on Securing Digital Democracy this fall through Coursera, the online education company that was founded in 2011 by two faculty from Stanford University. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   Technology for Education   

Security Researchers Publish Details of Online Voting Hack

Security researchers Scott Wolchok, Eric Wustrow, Dawn Isabel, and Prof. J. Alex Halderman have for the first time published the full details of their much-discussed hack of the Washington D.C. online voting system in late 2010. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

Alex Halderman Featured in PBS Story on the Security of Internet Voting

Prof. J. Alex Halderman was featured in the PBS news story, "Internet Voting: Will Democracy or Hackers Win?" which aired on February 16, 2012. The segment examines the security ramifications of efforts at various levels of government to provide Internet voting opportunities for citizens, such as overseas military personnel, in elections. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

Security Researchers Describe Newly Discovered Vulnerabilities in Public Key Encryption

A team of four security researchers, including U-M Prof. J. Alex Halderman, grad students Zakir Durumeric and Eric Wustrow, and UC San Diego postdoctoral researcher Nadia Heninger have released findings on the security of public keys in response to a New York Times article. [Full Story]
Related Topics:  Halderman, J. Alex   Networking, Operating Systems, and Distributed Systems   

Computer Scientists Funded for New Inquiry into Non-Consumptive Research

A team of computer science researchers that includes U-M Prof. Atul Prakash is pursuing the first funded investigation of non-consumptive research of a major mass collection of content. [Full Story]
Related Topics:  Big Data   Prakash, Atul   

Halderman: New York Times - Holding Companies Accountable for Privacy Breaches

[Full Story]
Related Topics:  Halderman, J. Alex   

Halderman: AnnArbor.com - U-M Professor threatened with deportation by Indian officials, kept from presenting controversial study

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Halderman: Lecture on EVMs creates chaos in Gandhinagar, rescheduled

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

J. Alex Halderman Interviewed on CNN and NPR

CSE Prof. J. Alex Halderman was interviewed on CNN television about how his research team cracked and reprogrammed the new Washington DC Internet voting system - in 36 hours. [NPR Link] [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

U-M Researchers Hack into Voting Test Bed

Michigan Engineering computer science researchers, led by Prof. J. Alex Halderman, successfully hacked into a test bed of a new Internet-based absentee voting system in Washington, D.C. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Green Computing: Higher Energy Efficiency from Silicon to the Cloud

For decades, researchers and industry have been focused on increasing computing performance by increasing transistor density and shrinking the size of computing devices. But with the continued scaling of computing systems to sizes only theorized a decade ago, combined with the prevalence of mobile devices, social networking, cloud computing, and the cost of powering huge data centers, the computing paradigm has changed. Energy efficiency is now a primary consideration at all levels of computing. [Full Story]
Related Topics:  Blaauw, David   Communications   Dick, Robert   Dutta, Prabal   Entrepreneurship   Environment   Flynn, Michael   Graduate Students   Health   Infrastructure   Liu, Mingyan   MEMS and Microsystems   Millimeter-scale Computing   Mudge, Trevor   Papaefthymiou, Marios   Sarabandi, Kamal   Security (national and personal safety)   Sensors   Sylvester, Dennis   Wenisch, Thomas   Wentzloff, David   Wise, Kensall   Yoon, Euisik   

Halderman: Times of India - Tamper-Proof? Scientists Show EVMs Can Be Hacked

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Halderman: Slashdot - Researchers Demo Hardware Attacks Against Indias...

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Halderman: BBC News - US Scientists Hack India Electronic Voting Machines

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Researchers Demonstrate Vulnerabilities in Indias Voting Machines

An international team of researchers, including CSE Asst. Prof. J. Alex Halderman, has demonstrated that electronic voting machines in India, the world's largest democracy, are vulnerable to fraud. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Bertacco and Austin: BBC News - Web Security Attack Makes Silicon Chips More Reliable

[Full Story]
Related Topics:  Austin, Todd   Bertacco, Valeria   Cryptography   

Bertacco and Austin: The Register - Severe OpenSSL Vuln Busts Public Key Crypto

[Full Story]
Related Topics:  Austin, Todd   Bertacco, Valeria   Cryptography   

Bertacco and Austin: Slashdot - Researchers Find Way to Zap RSA Algorithm

[Full Story]
Related Topics:  Austin, Todd   Bertacco, Valeria   Cryptography   

CSE Researchers Find Weakness in Common Digital Security System

Profs. Valeria Bertacco, Todd Austin, and doctoral student Andrea Pellegrini have demonstrated a weakness in a popular encryption method that is frequently used in a variety of electronic transactions. [Full Story]
Related Topics:  Austin, Todd   Bertacco, Valeria   Cryptography   

Bertacco and Austin: UPI.com - Study Finds Weakness in Security System

[Full Story]
Related Topics:  Austin, Todd   Bertacco, Valeria   Cryptography   

CSE Researchers Present Findings from Internet Study

CSE researchers, in conjunction with Arbor Networks and Merit Network, released findings at NANOG47 on the evolution of the Internet from the largest study of its kind. [Full Story]
Related Topics:  Networking, Operating Systems, and Distributed Systems   

Halderman - Freedom to Tinker: Breaking Vanish: A Story of Security Research...

[Full Story]
Related Topics:  Halderman, J. Alex   

Alex Halderman - Science Daily: Computer Scientists Take Over Electronic Voting Machine with New Programming Technique

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Alex Halderman - Slashdot: Voting Machine Attacks Proven To Be Practical

[Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Computer Scientists Demonstrate Vulnerability in Electronic Voting Machine

A team of researchers from three universities, including Asst. Prof. J. Alex Halderman at CSE, has demonstrated how criminals could hack and take control of an electronic voting machine. [Full Story]
Related Topics:  Digital Democracy   Halderman, J. Alex   

Alex Halderman - New York Times: Experts Say Chinese Filter Would Make PCs Vulnerable

[Full Story]
Related Topics:  Halderman, J. Alex   

Alex Halderman - PC Magazine: Chinas Filtering Software Contains Pirated Code

[Full Story]
Related Topics:  Halderman, J. Alex   

Alex Halderman - Wall Street Journal: Political Cues in China Web Filter

[Full Story]
Related Topics:  Halderman, J. Alex   

CSE Researchers Discover Security Vulnerabilities in Government-Mandated Chinese Censorware

CSE researchers Scott Wolchok, Randy Yao, and Prof. Alex Halderman have released a report on security vulnerabilities caused by Green Dam, the censorware program that the Chinese government just ordered installed on all new PCs in China beginning July 1. [Full Story]
Related Topics:  Halderman, J. Alex   

Alex Halderman - Yahoo! Games: Could Videogame Anti-Piracy Protection Invite Hackers into Your PC?

[Full Story]
Related Topics:  Halderman, J. Alex   

CSE Security Researcher Petitions for DMCA Exemption to Study DRM

Assistant Professor Alex Halderman is petitioning the U.S. Copyright Office to grant an exemption from the Digital Millennium Copyright Act so that he and others can study the potential security risks of DRM technologies. [Full Story]
Related Topics:  Halderman, J. Alex   

Smart Bridges Under Development with New Grant

Faculty from EECS are part of an interdisciplinary team developing a full range of interlocking technologies that together will sense and collect bridge status data and make it available to inspectors. U-M Press Release [Full Story]
Related Topics:  Communications   Energy Scavenging   Flynn, Michael   Integrated Circuits and VLSI   Liu, Mingyan   Lynch, Jerome   MEMS and Microsystems   Mortazawi, Amir   Najafi, Khalil   Prakash, Atul   Sensors   Sylvester, Dennis   Wireless Communications   

Researchers develop next-generation antivirus system

Prof. Farnam Jahanian, PhD candidate Jon Oberheide and postdoctoral fellow Evan Cooke developed a new approach to antivirus software, called CloudAV, that moves the software off individual computers while greatly improving its effectiveness against malicious software (malware). [Technology Review article] [Full Story]
Related Topics:  Graduate Students   

Atul Prakash and Grad Students Discover Banking Website Flaws

Prof. Atul Prakash and graduate students Laura Falk and Kevin Borders discover design flaws in banking web sites that make their customers vulnerable to monetary or identity theft. Banks and similar institutions need to make changes to protect their customers. [Full Story]
Related Topics:  Graduate Students   Prakash, Atul   

New computer network security threat identified

Large companies are vulnerable to hackers when they network their computers for cost-saving live virtual machine migration.

Read the press release about this new research by graduate student Jon Oberheide, Evan Cooke, and Prof. Farnam Jahanian. See also: [Forbes Article]
Related Topics: