Security and Society
Security and Society
Security and Society Security and Society

News

Undocumented immigrants' privacy at risk online, on phones

Every day, undocumented immigrants in the U.S. face discrimination, surveillance, deportation, and other dangers. When it comes to their smartphones, immigrants struggle to apply instinctive caution, according to a study by a team of University of Michigan researchers that included CSE PhD student Allison McDonald. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  

Connected cars can lie, posing a new threat to smart cities

In the article in The Conversation, PhD candidate Qi Alfred Chen and Prof. Z. Morley Mao describe how vulnerabilities in intelligent infrastructure, such as the Intelligent Traffic Signal System being tested by the US Department of Transportation, can create opportunities for hackers to create chaos. [Full Story]

Related Topics:  Autonomous Vehicles  Cybersecurity  Graduate Students  Lab-Software Systems  Mao, Zhuoqing Morley  

Mingyan Liu named 2018 Distinguished University Innovator

Mingyan Liu helped develop a new approach to enhancing cybersecurity through technology that predicts with up to 90 percent accuracy the likelihood that a company will be exploited by cyber criminals within the next year, earning her the Distinguished University Innovator award. [Full Story]

Related Topics:  Cybersecurity  Liu, Mingyan  

Building a security standard for a post-quantum future

Chris Peikert, with a team of eleven other researchers, has submitted a cryptographic scheme as a proposed standard to the NIST Post-Quantum Cryptography project. Called FrodoKEM, this family of encryption algorithms is designed to be a conservative and practical implementation of one of the most-studied approaches in the post-quantum cryptography field. [Full Story]

Related Topics:  Cybersecurity  Peikert, Chris  Quantum Science and Technology  

I hacked an election. So can the Russians.

Professor Alex Halderman and the New York Times staged a mock election to demonstrate voting machine vulnerability. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Possession of ransomware is now a crime in Michigan

There were more than 1,300 reported cases of ransomware attacks in Michigan in 2017, according to FBI statistics. New legislation signed by the governor closes a loophole that hindered the pursuit of suspected cybercriminals. Professor Kang Shin weighs in on the usefulness of these laws and headaches that may arise. [Full Story]

Related Topics:  Cybersecurity  Shin, Kang G.  

CSE PhD student Matt Bernhard on the Facebook data breach

In this video, CSE PhD Student Matt Bernhard weighs in on the matter Facebook data harvesting, such as that done by Cambridge Analytica. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  

Inaugural ECE Willie Hobbs Moore Alumni Lecture: Dr. Isaac R. Porche III

Dr. Porche (PhD EE:S 1998) was the inaugural speaker for the ECE Willie Hobbs Moore Alumni Lecture. A senior engineer at the RAND Corporation, Porche talks on "Information-Age Conflict" as an expert in cybersecurity. [Full Story]

Related Topics:  Alumni  Cybersecurity  

Security of State Voter Rolls a Concern as Primaries Begin

This article describes steps being taken in Illinois, the lone state known to have its state election system breached in a hacking effort, regarding its election systems. It quotes Prof. J. Alex Halderman, who points out that many of the same weaknesses present in 2016 remain. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Election audits to debut in Mich. 2018 race

This article describes new measures to bolster security for Michigans 2018 midterm elections. Prof. J. Alex Halderman points out that additional progress can occur in the stat's process for auditing of paper ballots. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

U of M computer scientists might have solved mystery behind Cuba 'sonic attacks'

In this local news segment, Prof. Kevin Fu explains why the "sonic attacks" that poisoned diplomats in Cuba may have been the accidental effect of eavesdropping. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Cuba "sonic attacks" - a covert accident?

The purported "sonic attacks" that sickened U.S. and Canadian government workers in Cuba last year could have been an accidental side effect of attempted eavesdropping, says Prof. Kevin Fu, who with his colleagues reverse-engineered the attacks in a lab. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Pacemakers, defibrillators are potentially hackable

This article on the security of cardiac implants quotes Prof. Kevin Fu, who notes that limiting remote interactions would also address scenarios such as an old computer virus that unintentionally shuts down global operations of remote cardiac telemetry for hundreds of thousands of patients at once. [Full Story]

Related Topics:  Cybersecurity  Electronic devices  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

The Myth of the Hacker-Proof Voting Machine

This article describes the security holes that exist in today's electronic voting machines, including both the shortcomings of voting systems that do not provide paper backup and those of the systems that transmit electronic votes to counting centers. It quotes Prof. J. Alex Halderman, who points to flaws in the protections for vote transmission systems put forth by vendors of paperless systems. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Internet-scanning U-M startup pioneers new approach to cybersecurity

Ann Arbor-based Censys has launched based on work done over the past 5 years in Prof. J. Alex Halderman's lab. Censys is the first commercially available internet-wide scanning tool. It helps IT experts working to secure large networks, which are composed of a constantly changing array of devices ranging from servers to smartphones and internet-of-things devices. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

New bill could finally get rid of paperless voting machines

Prof. J. Alex Halderman is quoted on the the vulnerabilities that exist in voting machines, why paper backup is a practical solution, and the approaches that should be taken in auditing election results. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

DARPA Takes Chip Route to "Unhackable" Computers

This article in EE Times quotes Prof. Todd Austin on his DARPA-funded MORPHEUS project, which will use computer circuits that are designed to randomly shuffle data around a computer system in order to thwart hackers who are looking for the location of a bug or valuable data. [Full Story]

Related Topics:  Austin, Todd  Computer Architecture  Cybersecurity  Lab-Computer Engineering (CE Lab)  

A New Type of Computer Could Render Many Software Hacks Obsolete

This article quotes Prof. Todd Austin on his DARPA-funded MORPHEUS project, which will use computer circuits that are designed to randomly shuffle data around a computer system in order to thwart hackers who are looking for the location of a bug or valuable data. [Full Story]

Related Topics:  Austin, Todd  Computer Architecture  Cybersecurity  Lab-Computer Engineering (CE Lab)  

Unhackable Computer Under Development with $3.6M DARPA Grant

By turning computer circuits into unsolvable puzzles, a University of Michigan team aims to create an unhackable computer with a new $3.6 million grant from the Defense Advanced Research Projects Agency. Todd Austin, a professor of computer science and engineering, leads the project, called MORPHEUS. [Full Story]

Related Topics:  Austin, Todd  Computer Architecture  Cybersecurity  Lab-Computer Engineering (CE Lab)  

The Art of Cyber War with Isaac Porche

Isaac Porche (PhD EE:S 1998) is a senior engineer at the RAND Corporation, where he leads research to help Homeland Security and the government adopt proper cyber security tactics. In this interview, he shares the global state of cyber warfare, the threats to government computer systems, and how his time at Michigan led him to being on the frontlines of technological attacks. [Full Story]

Related Topics:  Alumni  Cybersecurity  Diversity and Outreach  

An armed robber's Supreme Court case could affect all Americans digital privacy for decades to come

Prof. HV Jagadish writes in this article for The Conversation about the data privacy challenges presented by a world in which our devices continuously record and track our activities. [Full Story]

Related Topics:  Big Data  Cybersecurity  Jagadish, HV  Lab-Software Systems  Mobile Computing  

Kevin Fu Elected IEEE Fellow for Contributions to Embedded and Medical Device Security

Prof. Fu is an expert on the subject of creating trustworthy embedded computing systems that are resistant to attack. He has served in several national leadership roles to advise government on science, technology, and policy to improve computer security and privacy. He is a cofounder of healthcare cybersecurity startup VirtaLabs [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Medical Device Security  

Prof. Chris Peikert Receives TCC Test of Time Award for Work in Lattice Cryptography

Chris Peikert, the Patrick C. Fischer Development Professor in Theoretical Computer Science, and his co-author Alon Rosen have received the TCC Test of Time Award for their paper on efficient collision-resistant hashing on cyclic lattices. The award is a recognition of a long line of works by Prof. Peikert and others who laid the foundations for practically efficient lattice-based cryptography. [Full Story]

Related Topics:  Cybersecurity  Lab-Theory of Computation  Peikert, Chris  

Securing the vote: How 'paper' can protect US elections from foreign invaders

This story on security problems with voting quotes Prof. J. Alex Halderman, who says that "Although there is no evidence that any past election in the United States has been changed by hacking, it is in my opinion only a matter of time until one is." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

VAuth tech feels your voice in your skin

This article describes VAuth, the new thechnology that supplements voice authorization developed in the lab of Prof. Kang G. Shin. [Full Story]

Related Topics:  Cybersecurity  Lab-Software Systems  Networking, Operating Systems, and Distributed Systems  Shin, Kang G.  

Duo Security raises $70 million at a valuation north of $1 billion

Duo Security, based in Ann Arbor, was founded by alums Jon Oberheide (CSE PhD 2011) and Dug Song (CS BS 1997) in 2009. Congrats to them! [Full Story]

Related Topics:  Alumni  Cybersecurity  

Why the Krack Wi-Fi Mess Will Take Decades to Clean Up

This article quotes Prof. Kevin Fu, who says "For the general sphere of IoT devices, like security cameras, we're not just underwater. We're under quicksand under water." [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Software Systems  

Wearables to boost security of voice-based log-in

Voice authentication is easy to spoof. New technology could help close this open channel. [Full Story]

Related Topics:  Cybersecurity  Lab-Software Systems  Networking, Operating Systems, and Distributed Systems  Shin, Kang G.  

Hacking North Korea is Easy. Its Nukes? Not So Much

This article reports on how difficult it is for hackers to invade North Korea's nuclear program. CSE research fellow Will Scott talks about the country's limited connections, and says that any successful attack would require a human agent working to manually sabotage target systems. [Full Story]

Related Topics:  Cybersecurity  

Manos Kapritsos and Collaborators Win USENIX Security Paper Award

A team of researchers including Prof. Manos Kapritsos has won a Distinguished Paper Award at the 2017 USENIX Security Symposium for Vale, a new programming language and tool that supports flexible, automated verification of high-performance cryptographic assembly code. [Full Story]

Related Topics:  Cybersecurity  Kapritsos, Manos  Lab-Software Systems  

In fight for free speech, researchers test anti-censorship tool built into the internet's core

This article describes an implementation of TapDance, a method of anticensorship deployment that is built into the very core of the internet itself. By building TapDance into the servers and routers that underpin the Internet, censorship would become impractical. TapDance's development has been led by Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

U.S. elections are an easier target for Russian hackers than once thought

This article on voting system security quotes Prof. J. Alex Halderman, who says of the prospect of election tampering that "the technical ability is there and we wouldn't be able to catch it. The state of technical defense is very primitive in our election system now." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Heres exactly how Russia can hack the 2018 elections

Vulnerabilities in our voting system need to be addressed swiftly, according to experts in the field, including Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Apps available for your smartphone could steal your personal information

WXYZ Detroit reports on work by UM researchers that has exposed dangerous open ports in mobile platforms that can be taken advantage of by hackers. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  Mao, Zhuoqing Morley  Mobile Computing  

Let's Encrypt Issues 100 Millionth Security Certificate

The Internet is more secure thanks to Let's Encrypt, the certificate authority founded by Prof. J. Alex Halderman and his collaborators. Since launching in Jan. 2016, Let's Encrypt has issued 100 million certificates. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Prof. J. Alex Halderman Testifies in Front of Senate Intelligence Committee on Secure Elections

Prof. J. Alex Halderman testified in front of the Senate Intelligence Committee as a part of the broader Russian hacking investigation. His remarks focused vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

How to prevent Russian hackers from attacking the 2018 election

In this commentary piece in the Chicago Tribune, Prof. J. Alex Halderman and Justin Talbot-Zorn make the case for a straightforward policy agenda to secure America's voting systems against the threat of hackers. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

If Voting Machines Were Hacked, Would Anyone Know?

In the article, Prof. J. Alex Halderman points out how electronic voting systems even those not connected to the Internet can be compromised. One path for hackers is to attack the computers that are used to program the ballots, which are later transferred to voting machines via memory cards. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Smartphone security hole: "Open port" backdoors are common

The College of Engineering reports on work by computer science security researchers which has revealed that so-called "open ports" are much more vulnerable to security breaches than previously thought. [Full Story]

Related Topics:  Cybersecurity  Lab-Software Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

Hundreds of popular Android apps have open ports, making them prime targets for hacking

This article reports on the work done by CSE researchers Yunhan Jack Jia, Qi Alfred Chen, Yikai Lin, Chao Kong, and Prof. Z. Morley Mao in characterizing a widespread vulnerability in popular Android apps. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

Open Ports Create Backdoors in Millions of Smartphones

This article reports on work by CSE researchers who have characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data by using open ports to create backdoors. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

An Obscure Flaw Creates Backdoors in Millions of Smartphones

CSE researchers have characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data, and also to install malware and to perform malicious code execution which could be used in large-scale attacks. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

Hacking with Sound Waves

CSE researchers have demonstrated a new way of using sound to interfere with devices containing accelerometers, such as smartphones and self-driving cars. This presents a new avenue for hackers to use in compromising devices to steal information or disrupt communication. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  Lab-Software Systems  

Why India Needs A Paper Trail For Free And Fair Elections

This article in the Indian edition of the Huffington Post, references the work that Prof. J. Alex Halderman and his collaborators did in 2010 to demonstrate vulnerabilities in India's "tamper-proof" electronic voting machines. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Courage to Resist: The High-Stakes Adventures of J. Alex Halderman

This story by Randy Milgrom at the UM College of Engineering profiles Prof. J. Alex Halderman and his work in the area of Digital Democracy. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Open Ports Act As Security Wormholes Into Mobile Devices

Computer science and engineering researchers at the University of Michigan have for the first time characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data, and also to install malware and to perform malicious code execution which could be used in large-scale attacks. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

The next cyberattack could render your anti-virus and encryption software useless

Researchers including Prof. Kevin Fu and CSE graduate student Timothy Trippel have demonstrated a new way of using sound to interfere with devices containing accelerometers, such as smartphones. This presents a new avenue for hackers to use in compromising devices to steal information or disrupt communication. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Lab-Software Systems  

Smartphone Accelerometers Can Be Fooled by Sound Waves

This article features work done by Prof. Kevin Fu and his collaborators in which they demonstrate a way to take control of or influence devices such as smartphones through the use of sound waves. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  Lab-Software Systems  

It's Possible to Hack a Phone With Sound Waves, Researchers Show

This article features work done by Prof. Kevin Fu and his collaborators in which they demonstrate a way to take control of or influence devices such as smartphones through the use of sound waves. The Department of Homeland Security is expected to issue a security advisory alert for affected chips. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Lab-Software Systems  

Sonic Cyber Attacks Show Security Holes in Ubiquitous Sensors

Sound waves can be used to hack into critical sensors used in a broad array of technologies including smartphones, automobiles, medical devices, and the Internet of Things, according to research performed by Prof. Kevin Fu, Prof. Peter Honeyman, CSE graduate student Timothy Trippel, and their collaborators at the University of South Carolina. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Graduate Students  Internet of Things  Lab-Computer Engineering (CE Lab)  Lab-Software Systems  

Professor Who Urged an Election Recount Thinks Trump Won, but Voting Integrity Still Concerns Him

This article in the Chronicle of Higher Education includes a Q and A with Prof. J. Alex Halderman on the 2016 presidential election recount and on the challenges ahead for election integrity. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Inside the Recount

This story provides an in-depth, inside view of how the recount effort for the 2016 presidential election - of which Prof. J. Alex Halderman was a primary participant - was sparked, how it came to focus on three states, what the results showed, and what we can learn from it all. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Our Voting System Is Hackable by Foreign Powers

This article reviews the vulnerabilities that currently exist in our voting system. It references Prof. J. Alex Halderman, who has stated that he and his students could have changed the results of the November election. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

The 2016 US Election Wasnt Hacked, but the 2020 Election Could Be

Prof. Alex Halderman is quoted in this article which reports on the recent Chaos Communication Congress. "Developing an attack for one of these machines is not terribly difficult," says Prof. Halderman. "I and others have done it again and again in the laboratory. All you need to do is buy one government surplus on eBay to test it out." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Prof. Kevin Fu to deliver endowed Dr. Dwight Harken Memorial Lecture on medical device security

Prof. Kevin Fu has been selected to give the annual Dwight E. Harken Lecture during the AAMI 2017 Conference & Expo in Austin, TX, June 912. Prof. Fu directs the Archimedes Center for Medical Device Security and the Security and Privacy Research Group at Michigan and is also CEO and chief scientist of Virta Labs, Inc. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Medical Device Security  

Five things that got broken at the oldest hacking event in the world

Chaos Communications Congress is the world's oldest hacker conference, and Europe's largest. Every year, thousands of hackers gather in Hamburg to share stories, trade tips and discuss the political, social and cultural ramifications of technology. This story quotes Prof. J. Alex Halderman, who with his student Matt Bernhard, has studied the security of the past US presidential election. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Trump Allowed to Join Fight Against Pennsylvania Recount

A battle over whether or not a recount of ballots cast in Pennsylvania during the recent presidential campaign is taking place. In the case made for a recount, hackers could have easily infected Pennsylvanias voting machines with malware designed to lay dormant for weeks, pop up on Election Day and then erase itself without a trace, according to Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Vote Recount Push Advances, but Reversing Trumps Win Is Unlikely

This article in the New York Times reports on the uneven progress toward recounts in three key states for the recent presidential election. Led by Green Party candidate Jill Stein, the recounts were inspired by a call from leading security experts, including Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Computer scientists urge Clinton campaign to challenge election results

CNN reports that a group of top computer scientists, including Prof. J. Alex Halderman, have urged Hillary Clinton's campaign to call for a recount of vote totals in Wisconsin, Michigan and Pennsylvania. The computer scientists believe they have found evidence that vote totals in the three states could have been manipulated or hacked and presented their findings to top Clinton aides on a call last Thursday. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Trump election: Activists call for recount in battleground states

The BBC reports on the call by leading computer scientists, including Prof. J. Alex Halderman, for a recount of votes in the presidential election in three swing states. Their analysis shows that Clinton performed worse in counties that relied on electronic voting machines compared to paper ballots and optical scanners. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Want to Know if the Election was Hacked? Look at the Ballots

In this post, Prof. J. Alex Halderman sets the record straight regarding what he and other leading election security experts have actually been saying to the Clinton campaign and everyone else whos willing to listen. He describes a situation where malware could be a factor in the vote totals during the presidential election. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Experts Urge Clinton Campaign to Challenge Election Results in 3 Swing States

Leading computer security experts with an interest in election integrity, including Prof. J. Alex Halerman, have called for a recount of the votes cast in the presidential election in three key swing states. They believe they have found evidence that results in Wisconsin, Michigan, and Pennsylvania may have been manipulated. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Vulnerable connected devices a matter of "homeland security"

This article describes the security ramifications of unprotected IoT devices such as internet-connected cameras, video recorders on the larger Internet. It quotes Prof. Kevin Fu on the effort that would be required to secure this new ecosystem. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  

Professor to Congress: "Internet of Things security is woefully inadequate"

As the Internet of Things grows around us, so do the threat of cybersecurity breaches severe enough to shut down hospitals and other vital infrastructure. This is the message that Prof. Kevin Fu delivered to lawmakers at a congressional hearing this week. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

After Dyn cyberattack, lawmakers seek best path forward

In a hearing hosted by the House Energy and Commerce Committee, University of Michigan professor Kevin Fu, Level 3 Communications Chief Security Officer Dale Drew and computer security luminary Bruce Schneier briefed Congress on the challenges posed by insecure internet-connected devices and whether they believe the government can make a difference. This article provides a summary of the proceedings. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Regulate cybersecurity or expect a disaster, experts warn Congress

The U.S. government must demand that all internet-connected devices have built-in security, according to experts including Prof. Kevin Fu who warned Congress that the country could soon face a disastrous, lethal cyberattack. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  

Kevin Fu Testifies on the Role of Connected Devices in Recent Cyber Attacks

Prof. Kevin Fu testified before the House Energy and Commerce Committee on the role of connected devices in recent cyber attacks on Wednesday, Nov 16, 2016. Follow the link to see a video of the proceedings. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

The Network Standard Used in Cars Is Wide Open to Attack

As automobiles grow increasingly computerized, the security of the network for in-vehicle communication is a growing security concern. New research by Prof. Kang G. Shin and graduate student Kyong-Tak Cho demonstrates that the controller area network (CAN) protocol implemented by in-vehicle networks has a new and potentially quite dangerous vulnerability. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  Networking, Operating Systems, and Distributed Systems  Shin, Kang G.  

How Safe is Your Smart Home?

The Smart Home sounds like a great idea. But is it an unsafe home? "I would be cautious, overall," says Prof. Atul Prakash. "The technology is relatively new. Hardware is probably a little bit ahead of the software at this point, and a lot of vulnerabilities we are seeing are primarily on the software side of things." Read more and listen to the full interview here. [Full Story]

Related Topics:  Cybersecurity  Lab-Software Systems  Prakash, Atul  

A Lot Of Voting Machines Are Broken Across America (But It's Totally Normal)

Forbes reports on numerous reports of broken machines causing epic queues and peeving voters. Matt Bernhard, CSE graduate student and an expert on the security of electoral systems, says that "This year isn't that different, other than I'm expecting higher turnout which may stress the infrastructure more." [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  

US election: Experts keep watch over 'hack states'

"Unless the election is extraordinarily close, it is unlikely that an attack will result in the wrong candidate getting elected," suggest CSE graduate student Matt Bernhard and Prof. J. Alex Halderman. But they say the risk the election process could be disrupted by hackers should be taken extremely seriously. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

US Election Systems Seen 'Painfully Vulnerable' to Cyberattack

This article sheds light on potential cyberattacks during the U.S election. Some cybersecurity analysts warned that hackers of even moderate talent could possibly throw the results of the 2016 presidential election into chaos. Prof. Halderman hopes all the attention on voting-system vulnerabilities will motivate state governments to invest in cybersecurity for the 2020 elections. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Next Weeks Anticipated U.S. Election

This article discusses the vulnerabilities of direct recording electronic voting systems. It quotes Prof. J. Alex Halderman and his colleagues on the security of DREs. Twenty-nine states still use DREs and five states: Delaware, Georgia, Louisiana, New Jersey and South Carolina, use the easily compromised machines without a paper trail. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Forget rigged polls: Internet voting is the real election threat

Prof. J. Alex Halderman and his contemporaries have been tireless in warning us of the security risks associated with internet voting. Will we listen? [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

The Security Challenges of Online Voting Have Not Gone Away

This guest post on IEEE Spectrum by CSE graduate student Matthew Bernhard, Prof. J. Alex Halderman, and Robert Cunningham, Chair of the IEEE Cybersecurity Initiative, lays out the details for the case against Internet voting. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Software Systems  

How the 2016 Election Could Be Hacked (story+video)

Is our voting system really vulnerable to hackers? Professor of computer science, J. Alex Halderman, explains the situation to VICE News in this segment that originally aired on October 24. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

$800K in Research Awards Aim to Address Data Science

Four research teams from the University of Michigan and Shanghai Jiao Tong University in China are sharing $800,000 in awards to use data science techniques to address big challenges. Prof. Atul Prakash is co-PI for a project that aims to develop algorithms and mechanism design to incentivize users to charge electric vehicles at appropriate times and locations, leading to better load management, a more reliable grid, and cost savings. [Full Story]

Related Topics:  Big Data  Cybersecurity  Electric Vehicles and HEVs  Lab-Software Systems  Prakash, Atul  

Using cyber security to keep your ballot safe ahead of the presidential election

This TV news segment features an interview with CSE graduate student Matthew Bernhard. He is interviewed about the possibility for stolen votes in the upcoming election. His answer: Michigan has a paper ballot/optical scan system, which is considered best practice. Touchscreen, paperless systems like those in Ohio, Virginia, and some other states are not secure enough yet. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  

How to (Really) Steal an Election (audio)

Prof. J. Alex Halderman is interviewed on the dangers posed by electronic voting in this story. The story covers all types of concerns regarding elections, from Donald Trump's warning of a rigged election through the Bush v. Gore contest and the use of electronic voting systems. Halderman appears at about 20:15. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Matthew Bernhard on the Steve Gruber Show (audio)

Matthew Bernhard, a CSE graduate student working with Prof. J. Alex Halderman, speaks on the Steve Gruber Show about the possibility for voting fraud in Michigan during the upcoming election. He is introduced just over one minute into the show. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Software Systems  

Rigging the Election

Jason Smith, writer and director of the documentary "I Voted?", references work done by Prof. J. Alex Halderman in demonstrating the vulnerabilities of electronic voting systems in this opinion piece. Mr. Smith's mission has been to reinforce the message that "Nothing is more important to the future of our democracy than ensuring the integrity of all elections." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

This Is Why We Still Cant Vote Online

This article highlights the work done by security researchers to demonstrate the dangers inherent in the use of paperless electronic voting systems. It spotlights work done by Prof. J. Alex Halderman and his students in 2010, when they accepted a challenge to hack Washington DC's proposed new Internet system. The research team was able to hack the system, steal records, and modify it to play the Michigan fight song -- all in less than two days. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Experts: State Should Audit Election Results

Since hackers have targeted the election systems of more than 20 states, cyber-security experts including Prof. J. Alex Halderman say Michigan should change its policy and routinely audit a sample of its paper ballots to protect against election fraud. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

As cyberthreats multiply, hackers now target medical devices

This article, which quotes Prof. Kevin Fu, describes the threat of malware for implantable medical devices and for hospital systems. Because these systems were typically designed without security in mind, "There is no [impervious] device," says Prof. Fu. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Medical Device Security  

Why Can't We Vote Online?

This article on the security concerns associated with Internet voting points to the 2010 hack of the District of Columbia's internet voting system by researchers led by Prof. J. Alex Halderman as a prime example of what could go wrong. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Technology Will Destroy Democracy Unless This Man Stops It

This article provides an in-depth profile of Prof. J. Alex Halderman and his research in the area of security, in particular his work in exposing the security vulnerabilities of electronic voting systems and his additional work in the area of internet anticensorship. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Cybersecurity and Voting Machine Security (video)

Prof. J. Alex Halderman appeared on C-SPAN to discuss vulnerabilities associated with electronic voting and to answer viewer questions. It's worth viewing this 40-minute video segment of the C-SPAN airing. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Despite Flaws, Paperless Voting Machines Remain Widespread in the U.S.

This article surveys problems associated with aging and insecure electronic voting systems. It quotes Prof. J. Alex Halderman, a leading researcher in this area, as saying, "Clearly we still have a long way to go to ensure that all Americans have access to a form of voting technology they can trust." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Paperless voting could fuel 'rigged' election claims

This article describes the concern that talk of a potentially "rigged" election could undermine confidence in results. Amongst the issues associated with electronic voting is that many systems do not produce paper backups that could be used for verification, according to Prof. J. Alex Halderman, who is quoted in the article. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Guarding Presidential Election Vote Integrity Presents a Daunting Task

Prof. J. Alex Halderman is quoted in this article regarding election integrity. He points out that any election system must be able to prove that results are accurate in order to dispel concerns about vote rigging. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Hacking Report on St. Jude Pacemakers Was Flawed, Researchers Say

This article details how a report on cybersecurity vulnerabilities in St. Jude Medicals implantable heart devices released last week by short sellers was flawed and didnt prove the flaws existed, according to a review by University of Michigan researchers including Prof. Kevin Fu. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

New Concerns About Hacks Into State Voting Systems

Prof. J. Alex Halderman was a guest on the Diane Rehm show on August 31, where the conversation included discussion of the security of elections. Click the "Listen" button under the headline to hear the interview; the discussion with Prof. Halderman begins at 20:30. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Holes Found in Report on St. Jude Medical Device Security

Michigan researchers including Prof. Kevin Fu have reproduced experiments alleging security flaws in St. Jude Medical's pacemakers and other life-saving medical devices and have concluded that those claims are questionable. The report alleging the security flaws was released last week by short-selling investment research firm Muddy Waters Capital LLC and medical device security firm MedSec Ltd. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Correlation is Not Causation: Electrical Analysis of St. Jude Implant Shows Normal Pacing

This blog post by the Archimedes Center for Medical Device Security provides additional technical detail regarding the claims by Muddy Waters and St. Jude regarding pacemaker/defibrillator security. Prof. Kevin Fu, who heads the Archimedes Center, and his collaborators at Michigan have concluded that those claims are questionable. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

University study finds flaws in criticism of St. Jude cyber security

This article reports on the work done by Prof. Kevin Fu and his collaborators, which has called into question the allegations of security flaws in St. Jude Medical's pacemakers and other life-saving medical devices. The claim of security holes was released last week by short-selling investment research firm Muddy Waters Capital LLC and medical device security firm MedSec Ltd. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

How Electronic Voting Could Undermine the Election

Foreign hackers, domestic hackers, those with physical access to voting machines, and those who attack from afar: this article describes the multiple risks associated with electronic voting and highlights the work of Prof. J. Alex Halderman in making this clear to us. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Online voting could be really convenient. But its still probably a terrible idea.

This article reports on Internet voting availability in the US. It then examines Estonia's electronic voting system, which has been been hailed by some as a model system for secure electronic voting. Prof. J. Alex Halderman, who was part of a security team that documented failings in the Estonian system, disagrees and is quoted in the article. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

Researchers David Adrian and Prof. J. Alex Halderman Receive Pwnie Award for Work on DROWN Attack

A research team that includes CSE PhD student David Adrian and Prof. J. Alex Halderman has been awarded the Pwnie Award for Best Cryptographic Attack at the Black Hat conference for their work on the DROWN attack. DROWN allows attackers to break encryption used to protect HTTPS websites and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Software Systems  

How to Hack an Election in 7 Minutes

This in-depth article in Politico traces the history of "the Princeton group" -- a cadre of security experts, including Michigan's Prof. J. Alex Halderman, who grew out of Andrew Appel and Ed Felton's groups at Princeton and have influenced the conversation on the security of electronic voting. The article concludes with this remark from Halderman regarding the danger posed by state-sponsored cyber attackers: "We sit around all day and write research papers. But these people are full time exploiters. They're the professionals. We're the amateurs." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Software Systems  

CSE Researchers Win Pwnie Award for Work on DROWN Attack

A research team that includes CSE PhD student David Adrian and Prof. J. Alex Halderman has been awarded the Pwnie Award for Best Cryptographic Attack at the BlackHat conference for their work on the DROWN attack. DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Software Systems