Security and Society
Security and Society
Security and Society Security and Society

News

Censys, a search engine for internet-connected devices, raises $2.6 million led by GV and Greylock

Cybersecurity startup Censys, co-founded by Prof. J. Alex Halderman, PhD candidate David Adrian, and alum Zakir Durumeric, announced that it has raised a $2.6 million seed round led by GV and Greylock. The funding will be used as Censys, which just launched as a commercial company last year, seeks to collect more data and develop additional paid services. [Full Story]

Related Topics:  Alumni  Cybersecurity  Entrepreneurship and Tech Transfer  Halderman, J. Alex  

Online censorship in Saudi Arabia soared after Jamal Khashoggis murder

This story highlights how tools such as Censored Planet, developed by Research Prof. Roya Ensafi, have shed light on state-sponsored censorship activities such as the measures that were put in place recently in Saudi Arabia. [Full Story]

Related Topics:  Cybersecurity  Ensafi, Roya  Lab-Systems  

A look at the election security charges in Georgias governors race

An already tight governors race in Georgia devolved into new chaos Monday after the Republican candidate, who is also the states chief election official, alleged with little evidence that Democrats sought to hack a voter database that will be used in Tuesdays elections. CSE PhD student Matthew Bernhard told the AP that anyone with access to an individual voters personal information could alter that voters record in the system. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Systems  

A secure future for US elections starts in the classroom

Prof. J. Alex Halderman has been at the forefront of exposing vulnerabilities in electronic voting systems around the world. This Fall, Prof. Halderman and CSE PhD student Matt Bernhard are teaching a new special topics course on election cybersecurity, providing students with a deep examination of the past, present, and future of US elections with perspectives from computer security, tech policy, human factors, and more. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Systems  Undergraduate Students  

J. Alex Halderman on Election Systems and Vulnerabilities

C-SPAN Prof. J. Alex Halderman talked on C-SPAN about voting machine security and vulnerabilities in US election systems. He took questions from live callers and online viewers. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Q&A | Dont kid yourself, U.S. enemies are trying to hack our elections

As a national expert on election system security, Prof. J. Alex Halderman has never shied away from explaining how Americas election systems can and have been hacked. The University of Michigan computer science professor stops short of saying vote counts have been changed, but notes Russians tapped into voter registration lists in some states in 2016, and that he and fellow election-hack experts have demonstrated how state election systems can be infiltrated. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Ahead of important elections, U.S. voting system is still vulnerable to hacking

This CBC Radio Q&A with Prof. J. Alex Halderman focuses on vulnerabilities that exist in the US voting system, as well as telephone voting in Canada and the US. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

The midterms are already hacked. You just dont know it yet.

This in-depth investigation into the US election system reveals frightening vulnerabilities at almost every level. It quotes Prof. J. Alex Halderman and CSE PhD student Matt Bernhard regarding some of vulnerabilities that exist. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Systems  

Should You Be Afraid of Election Hacking? Here's What Experts Say

This article examines what it means to hack an election and what vulnerabilities exist. Prof. J. Alex Halderman is quoted on where we are with respect to this challenge. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

How hackable are American voting machines? It depends who you ask

Prof. J. Alex Halderman is on a crusade to demonstrate how vulnerable American voting machines are, and some of his arguments are quite compelling. He has rigged mock elections. He has testified to the machines vulnerabilities in Congress and in court. He has even managed to turn a commonly used voting machine into an iteration of the classic arcade game Pac-Man. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Tyche: A new permission model to defend against smart home hacks

Prof. Atul Prakash, CSE PhD student Kevin Eykholt, and CSE alumni Amir Rahmati and Earlence Fernandes have proposed Tyche, a safer app permissions system for smart homes and the Internet of Things. Their paper on this project, Tyche: A Risk-Based Permission Model for Smart Homes, received a Best Paper Award at the IEEE Cybersecurity Development Conference. [Full Story]

Related Topics:  Alumni  Cybersecurity  Graduate Students  Internet of Things  Lab-Systems  Prakash, Atul  

Researchers find way to spy on remote screensthrough the webcam mic

Prof. Daniel Genkin and collaborators have investigated a potential new avenue of remote surveillance that they have dubbed "Synesthesia": a side-channel attack that can reveal the contents of a remote screen, providing access to potentially sensitive information based solely on "content-dependent acoustic leakage from LCD screens." All that is needed is audio picked up by webcam microphones. [Full Story]

Related Topics:  Cybersecurity  Genkin, Daniel  Lab-Systems  Machine Learning  

Hackers can spy on your computer screen just by listening to your webcam's microphone, experts warn

Prof. Daniel Genkin and a team of researchers discovered how hackers can spy on remote computers. LCD displays emit high-frequency sounds that can be recorded by a microphone, including from webcam, smartphone or smart speaker up to 30 ft away. These recordings are then fed into a machine learning algorithm and analyzed to generate an estimation of what's onscreen. [Full Story]

Related Topics:  Cybersecurity  Genkin, Daniel  Lab-Systems  Machine Learning  

Kids at hacking conference show how easily US elections could be sabotaged

In this article, Prof. J. Alex Halderman is quoted on the problems that continue to exist with electronic voting, and why paper ballots should be used. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Hackers are out to jeopardize your vote

Cyberattacks on the 2016 US election caused states to bolster the defenses of their voting systems. Prof. J Alex Halderman explains why this hasn't been enough in this Q&A piece. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Intel processor vulnerability could put millions of PCs at risk

A newly discovered processor vulnerability could potentially put secure information at risk in any Intel-based PC manufactured since 2008. It could affect users who rely on a digital lockbox feature known as Intel Software Guard Extensions, or SGX, as well as those who utilize common cloud-based services. CSE researchers contributed to the discovery of the security hole, called Foreshadow. [Full Story]

Related Topics:  Cybersecurity  Genkin, Daniel  Graduate Students  Kasikci, Baris  Lab-Systems  Wenisch, Thomas  

Spectre-Like Flaw Undermines Intel Processors' Most Secure Element

Wired reports on the security work done by Michigan CSE researchers and their collaborators on a flaw in what was supposed to be a secure enclave in Intel chips. [Full Story]

Related Topics:  Cybersecurity  Genkin, Daniel  Graduate Students  Kasikci, Baris  Lab-Systems  Wenisch, Thomas  

Intel's SGX blown wide open by, you guessed it, a speculative execution attack

ARS Technica reports on the security work done by Michigan CSE researchers and their collaborators on a flaw in what was supposed to be a secure enclave in Intel chips. [Full Story]

Related Topics:  Cybersecurity  Genkin, Daniel  Graduate Students  Kasikci, Baris  Lab-Systems  Wenisch, Thomas  

Is Blockchain Technology the Future of Voting?

West Virginia is experimenting with voting via a blockchain network using smartphones. Prof. J. Alex Halderman cautions that such an approach is not yet truly viable, and that mobile voting using blockchain doesn't address core security problems that are unique to mobile voting. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Cisco is buying Duo Security for $2.35B in cash

Cisco today announced its intention to buy Ann Arbor, MI-based security firm, Duo Security. Under the terms of the agreement, Cisco is paying $2.35 billion in cash and assumed equity awards for Duo. Duo Security was founded in 2010 by Dug Song (BS CS ) and Jonathan Oberheide (BS, MS, PhD CSE , , ) and went on to raise $121.M through several rounds of funding. The company has 700 employees with offices throughout the United States and in London, though the company has remained headquartered in Ann Arbor. [Full Story]

Related Topics:  Alumni  Cybersecurity  Entrepreneurship and Tech Transfer  

Sounding the Alarm on the Dangers of Electronic Voting

Prof. J. Alex Halderman explains the dangers inherent with electronic voting machines, especially those without paperbackup, in the BloombergTV interview with Emily Chang. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Voting systems in Wisconsin, a key swing state, can be hacked, security experts warn

This article at WisconsinWatch.org reports in detail on potential vulnerabilities in Wisconsin's voting system, including risks from Russian hacking. It reviews the response of Wisconsin politicians to this prospect as well as the viewpoints of computer scientists. Prof. J. Alex Halderman, an expert in computer, network, and election security, is highlighted in the story. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Safety in Numbers: Computer Scientist Races to Develop Unhackable Code to Protect Everyones Data

ECE alumnus Kurt Rohloff is co-founder of the cybersecurity start-up, Duality Technologies, and director of the NJIT Cybersecurity Research Center. [Full Story]

Related Topics:  Cybersecurity  

The 5 States Most Vulnerable to a 2018 Election Hack

13 states are still using some electronic voting systems without paper backup. Five states rely upon them exclusively. According to Prof. J. Alex Halderman, "If a sophisticated nation state wants to cause chaos on Election Day, theyre probably already in our systems." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Undocumented immigrants' privacy at risk online, on phones

Every day, undocumented immigrants in the U.S. face discrimination, surveillance, deportation, and other dangers. When it comes to their smartphones, immigrants struggle to apply instinctive caution, according to a study by a team of University of Michigan researchers that included CSE PhD student Allison McDonald. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  

Connected cars can lie, posing a new threat to smart cities

In the article in The Conversation, PhD candidate Qi Alfred Chen and Prof. Z. Morley Mao describe how vulnerabilities in intelligent infrastructure, such as the Intelligent Traffic Signal System being tested by the US Department of Transportation, can create opportunities for hackers to create chaos. [Full Story]

Related Topics:  Autonomous Vehicles  Cybersecurity  Graduate Students  Lab-Systems  Mao, Zhuoqing Morley  

Building a security standard for a post-quantum future

Chris Peikert, with a team of eleven other researchers, has submitted a cryptographic scheme as a proposed standard to the NIST Post-Quantum Cryptography project. Called FrodoKEM, this family of encryption algorithms is designed to be a conservative and practical implementation of one of the most-studied approaches in the post-quantum cryptography field. [Full Story]

Related Topics:  Cybersecurity  Peikert, Chris  Quantum Science and Technology  

Here's how hackers could cause chaos in this years US midterm elections

This article reviews areas of vulnerability in the US voting system and how these weaknesses can be addressed. Prof. J. Alex Halderman, an expert in computer, network, and election security, is highlighted in the story. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

I hacked an election. So can the Russians.

Professor Alex Halderman and the New York Times staged a mock election to demonstrate voting machine vulnerability. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Possession of ransomware is now a crime in Michigan

There were more than 1,300 reported cases of ransomware attacks in Michigan in 2017, according to FBI statistics. New legislation signed by the governor closes a loophole that hindered the pursuit of suspected cybercriminals. Professor Kang Shin weighs in on the usefulness of these laws and headaches that may arise. [Full Story]

Related Topics:  Cybersecurity  Shin, Kang G.  

CSE PhD student Matt Bernhard on the Facebook data breach

In this video, CSE PhD Student Matt Bernhard weighs in on the matter Facebook data harvesting, such as that done by Cambridge Analytica. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  

Inaugural ECE Willie Hobbs Moore Alumni Lecture: Dr. Isaac R. Porche III

Dr. Porche (PhD EE:S 1998) was the inaugural speaker for the ECE Willie Hobbs Moore Alumni Lecture. A senior engineer at the RAND Corporation, Porche talks on "Information-Age Conflict" as an expert in cybersecurity. [Full Story]

Related Topics:  Alumni  Cybersecurity  

Security of State Voter Rolls a Concern as Primaries Begin

This article describes steps being taken in Illinois, the lone state known to have its state election system breached in a hacking effort, regarding its election systems. It quotes Prof. J. Alex Halderman, who points out that many of the same weaknesses present in 2016 remain. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Election audits to debut in Mich. 2018 race

This article describes new measures to bolster security for Michigans 2018 midterm elections. Prof. J. Alex Halderman points out that additional progress can occur in the stat's process for auditing of paper ballots. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

U of M computer scientists might have solved mystery behind Cuba 'sonic attacks'

In this local news segment, Prof. Kevin Fu explains why the "sonic attacks" that poisoned diplomats in Cuba may have been the accidental effect of eavesdropping. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Cuba "sonic attacks" - a covert accident?

The purported "sonic attacks" that sickened U.S. and Canadian government workers in Cuba last year could have been an accidental side effect of attempted eavesdropping, says Prof. Kevin Fu, who with his colleagues reverse-engineered the attacks in a lab. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Pacemakers, defibrillators are potentially hackable

This article on the security of cardiac implants quotes Prof. Kevin Fu, who notes that limiting remote interactions would also address scenarios such as an old computer virus that unintentionally shuts down global operations of remote cardiac telemetry for hundreds of thousands of patients at once. [Full Story]

Related Topics:  Cybersecurity  Electronic devices  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

The Myth of the Hacker-Proof Voting Machine

This article describes the security holes that exist in today's electronic voting machines, including both the shortcomings of voting systems that do not provide paper backup and those of the systems that transmit electronic votes to counting centers. It quotes Prof. J. Alex Halderman, who points to flaws in the protections for vote transmission systems put forth by vendors of paperless systems. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Internet-scanning U-M startup pioneers new approach to cybersecurity

Ann Arbor-based Censys has launched based on work done over the past 5 years in Prof. J. Alex Halderman's lab. Censys is the first commercially available internet-wide scanning tool. It helps IT experts working to secure large networks, which are composed of a constantly changing array of devices ranging from servers to smartphones and internet-of-things devices. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

New bill could finally get rid of paperless voting machines

Prof. J. Alex Halderman is quoted on the the vulnerabilities that exist in voting machines, why paper backup is a practical solution, and the approaches that should be taken in auditing election results. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

DARPA Takes Chip Route to "Unhackable" Computers

This article in EE Times quotes Prof. Todd Austin on his DARPA-funded MORPHEUS project, which will use computer circuits that are designed to randomly shuffle data around a computer system in order to thwart hackers who are looking for the location of a bug or valuable data. [Full Story]

Related Topics:  Austin, Todd  Computer Architecture  Cybersecurity  Lab-Computer Engineering (CE Lab)  

A New Type of Computer Could Render Many Software Hacks Obsolete

This article quotes Prof. Todd Austin on his DARPA-funded MORPHEUS project, which will use computer circuits that are designed to randomly shuffle data around a computer system in order to thwart hackers who are looking for the location of a bug or valuable data. [Full Story]

Related Topics:  Austin, Todd  Computer Architecture  Cybersecurity  Lab-Computer Engineering (CE Lab)  

Unhackable Computer Under Development with $3.6M DARPA Grant

By turning computer circuits into unsolvable puzzles, a University of Michigan team aims to create an unhackable computer with a new $3.6 million grant from the Defense Advanced Research Projects Agency. Todd Austin, a professor of computer science and engineering, leads the project, called MORPHEUS. [Full Story]

Related Topics:  Austin, Todd  Computer Architecture  Cybersecurity  Lab-Computer Engineering (CE Lab)  

The Art of Cyber War with Isaac Porche

Isaac Porche (PhD EE:S 1998) is a senior engineer at the RAND Corporation, where he leads research to help Homeland Security and the government adopt proper cyber security tactics. In this interview, he shares the global state of cyber warfare, the threats to government computer systems, and how his time at Michigan led him to being on the frontlines of technological attacks. [Full Story]

Related Topics:  Alumni  Cybersecurity  Diversity and Outreach  

An armed robber's Supreme Court case could affect all Americans digital privacy for decades to come

Prof. HV Jagadish writes in this article for The Conversation about the data privacy challenges presented by a world in which our devices continuously record and track our activities. [Full Story]

Related Topics:  Big Data  Cybersecurity  Jagadish, HV  Lab-Systems  Mobile Computing  

Kevin Fu Elected IEEE Fellow for Contributions to Embedded and Medical Device Security

Prof. Fu is an expert on the subject of creating trustworthy embedded computing systems that are resistant to attack. He has served in several national leadership roles to advise government on science, technology, and policy to improve computer security and privacy. He is a cofounder of healthcare cybersecurity startup VirtaLabs [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Medical Device Security  

Prof. Chris Peikert Receives TCC Test of Time Award for Work in Lattice Cryptography

Chris Peikert, the Patrick C. Fischer Development Professor in Theoretical Computer Science, and his co-author Alon Rosen have received the TCC Test of Time Award for their paper on efficient collision-resistant hashing on cyclic lattices. The award is a recognition of a long line of works by Prof. Peikert and others who laid the foundations for practically efficient lattice-based cryptography. [Full Story]

Related Topics:  Cybersecurity  Lab-Theory of Computation  Peikert, Chris  

Securing the vote: How 'paper' can protect US elections from foreign invaders

This story on security problems with voting quotes Prof. J. Alex Halderman, who says that "Although there is no evidence that any past election in the United States has been changed by hacking, it is in my opinion only a matter of time until one is." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

VAuth tech feels your voice in your skin

This article describes VAuth, the new thechnology that supplements voice authorization developed in the lab of Prof. Kang G. Shin. [Full Story]

Related Topics:  Cybersecurity  Lab-Systems  Networking, Operating Systems, and Distributed Systems  Shin, Kang G.  

Duo Security raises $70 million at a valuation north of $1 billion

Duo Security, based in Ann Arbor, was founded by alums Jon Oberheide (CSE PhD 2011) and Dug Song (CS BS 1997) in 2009. Congrats to them! [Full Story]

Related Topics:  Alumni  Cybersecurity  

Why the Krack Wi-Fi Mess Will Take Decades to Clean Up

This article quotes Prof. Kevin Fu, who says "For the general sphere of IoT devices, like security cameras, we're not just underwater. We're under quicksand under water." [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Systems  

Wearables to boost security of voice-based log-in

Voice authentication is easy to spoof. New technology could help close this open channel. [Full Story]

Related Topics:  Cybersecurity  Lab-Systems  Networking, Operating Systems, and Distributed Systems  Shin, Kang G.  

Hacking North Korea is Easy. Its Nukes? Not So Much

This article reports on how difficult it is for hackers to invade North Korea's nuclear program. CSE research fellow Will Scott talks about the country's limited connections, and says that any successful attack would require a human agent working to manually sabotage target systems. [Full Story]

Related Topics:  Cybersecurity  

Manos Kapritsos and Collaborators Win USENIX Security Paper Award

A team of researchers including Prof. Manos Kapritsos has won a Distinguished Paper Award at the 2017 USENIX Security Symposium for Vale, a new programming language and tool that supports flexible, automated verification of high-performance cryptographic assembly code. [Full Story]

Related Topics:  Cybersecurity  Kapritsos, Manos  Lab-Systems  

In fight for free speech, researchers test anti-censorship tool built into the internet's core

This article describes an implementation of TapDance, a method of anticensorship deployment that is built into the very core of the internet itself. By building TapDance into the servers and routers that underpin the Internet, censorship would become impractical. TapDance's development has been led by Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

U.S. elections are an easier target for Russian hackers than once thought

This article on voting system security quotes Prof. J. Alex Halderman, who says of the prospect of election tampering that "the technical ability is there and we wouldn't be able to catch it. The state of technical defense is very primitive in our election system now." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Heres exactly how Russia can hack the 2018 elections

Vulnerabilities in our voting system need to be addressed swiftly, according to experts in the field, including Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Apps available for your smartphone could steal your personal information

WXYZ Detroit reports on work by UM researchers that has exposed dangerous open ports in mobile platforms that can be taken advantage of by hackers. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  Mao, Zhuoqing Morley  Mobile Computing  

Let's Encrypt Issues 100 Millionth Security Certificate

The Internet is more secure thanks to Let's Encrypt, the certificate authority founded by Prof. J. Alex Halderman and his collaborators. Since launching in Jan. 2016, Let's Encrypt has issued 100 million certificates. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Prof. J. Alex Halderman Testifies in Front of Senate Intelligence Committee on Secure Elections

Prof. J. Alex Halderman testified in front of the Senate Intelligence Committee as a part of the broader Russian hacking investigation. His remarks focused vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

How to prevent Russian hackers from attacking the 2018 election

In this commentary piece in the Chicago Tribune, Prof. J. Alex Halderman and Justin Talbot-Zorn make the case for a straightforward policy agenda to secure America's voting systems against the threat of hackers. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

If Voting Machines Were Hacked, Would Anyone Know?

In the article, Prof. J. Alex Halderman points out how electronic voting systems even those not connected to the Internet can be compromised. One path for hackers is to attack the computers that are used to program the ballots, which are later transferred to voting machines via memory cards. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Smartphone security hole: "Open port" backdoors are common

The College of Engineering reports on work by computer science security researchers which has revealed that so-called "open ports" are much more vulnerable to security breaches than previously thought. [Full Story]

Related Topics:  Cybersecurity  Lab-Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

Hundreds of popular Android apps have open ports, making them prime targets for hacking

This article reports on the work done by CSE researchers Yunhan Jack Jia, Qi Alfred Chen, Yikai Lin, Chao Kong, and Prof. Z. Morley Mao in characterizing a widespread vulnerability in popular Android apps. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

Open Ports Create Backdoors in Millions of Smartphones

This article reports on work by CSE researchers who have characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data by using open ports to create backdoors. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

An Obscure Flaw Creates Backdoors in Millions of Smartphones

CSE researchers have characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data, and also to install malware and to perform malicious code execution which could be used in large-scale attacks. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

Hacking with Sound Waves

CSE researchers have demonstrated a new way of using sound to interfere with devices containing accelerometers, such as smartphones and self-driving cars. This presents a new avenue for hackers to use in compromising devices to steal information or disrupt communication. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  Lab-Systems  

Why India Needs A Paper Trail For Free And Fair Elections

This article in the Indian edition of the Huffington Post, references the work that Prof. J. Alex Halderman and his collaborators did in 2010 to demonstrate vulnerabilities in India's "tamper-proof" electronic voting machines. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Courage to Resist: The High-Stakes Adventures of J. Alex Halderman

This story by Randy Milgrom at the UM College of Engineering profiles Prof. J. Alex Halderman and his work in the area of Digital Democracy. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Open Ports Act As Security Wormholes Into Mobile Devices

Computer science and engineering researchers at the University of Michigan have for the first time characterized a widespread vulnerability in the software that runs on mobile devices which could allow attackers to steal contact information, security credentials, photos, and other sensitive data, and also to install malware and to perform malicious code execution which could be used in large-scale attacks. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  Mao, Zhuoqing Morley  Mobile Computing  Networking, Operating Systems, and Distributed Systems  

The next cyberattack could render your anti-virus and encryption software useless

Researchers including Prof. Kevin Fu and CSE graduate student Timothy Trippel have demonstrated a new way of using sound to interfere with devices containing accelerometers, such as smartphones. This presents a new avenue for hackers to use in compromising devices to steal information or disrupt communication. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Lab-Systems  

Smartphone Accelerometers Can Be Fooled by Sound Waves

This article features work done by Prof. Kevin Fu and his collaborators in which they demonstrate a way to take control of or influence devices such as smartphones through the use of sound waves. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  Lab-Systems  

It's Possible to Hack a Phone With Sound Waves, Researchers Show

This article features work done by Prof. Kevin Fu and his collaborators in which they demonstrate a way to take control of or influence devices such as smartphones through the use of sound waves. The Department of Homeland Security is expected to issue a security advisory alert for affected chips. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Lab-Systems  

Sonic Cyber Attacks Show Security Holes in Ubiquitous Sensors

Sound waves can be used to hack into critical sensors used in a broad array of technologies including smartphones, automobiles, medical devices, and the Internet of Things, according to research performed by Prof. Kevin Fu, Prof. Peter Honeyman, CSE graduate student Timothy Trippel, and their collaborators at the University of South Carolina. [Full Story]

Related Topics:  Cybersecurity  Embedded Systems  Fu, Kevin  Graduate Students  Internet of Things  Lab-Computer Engineering (CE Lab)  Lab-Systems  

Professor Who Urged an Election Recount Thinks Trump Won, but Voting Integrity Still Concerns Him

This article in the Chronicle of Higher Education includes a Q and A with Prof. J. Alex Halderman on the 2016 presidential election recount and on the challenges ahead for election integrity. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Inside the Recount

This story provides an in-depth, inside view of how the recount effort for the 2016 presidential election - of which Prof. J. Alex Halderman was a primary participant - was sparked, how it came to focus on three states, what the results showed, and what we can learn from it all. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Our Voting System Is Hackable by Foreign Powers

This article reviews the vulnerabilities that currently exist in our voting system. It references Prof. J. Alex Halderman, who has stated that he and his students could have changed the results of the November election. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

The 2016 US Election Wasnt Hacked, but the 2020 Election Could Be

Prof. Alex Halderman is quoted in this article which reports on the recent Chaos Communication Congress. "Developing an attack for one of these machines is not terribly difficult," says Prof. Halderman. "I and others have done it again and again in the laboratory. All you need to do is buy one government surplus on eBay to test it out." [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Prof. Kevin Fu to deliver endowed Dr. Dwight Harken Memorial Lecture on medical device security

Prof. Kevin Fu has been selected to give the annual Dwight E. Harken Lecture during the AAMI 2017 Conference & Expo in Austin, TX, June 912. Prof. Fu directs the Archimedes Center for Medical Device Security and the Security and Privacy Research Group at Michigan and is also CEO and chief scientist of Virta Labs, Inc. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  Medical Device Security  

Five things that got broken at the oldest hacking event in the world

Chaos Communications Congress is the world's oldest hacker conference, and Europe's largest. Every year, thousands of hackers gather in Hamburg to share stories, trade tips and discuss the political, social and cultural ramifications of technology. This story quotes Prof. J. Alex Halderman, who with his student Matt Bernhard, has studied the security of the past US presidential election. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Trump Allowed to Join Fight Against Pennsylvania Recount

A battle over whether or not a recount of ballots cast in Pennsylvania during the recent presidential campaign is taking place. In the case made for a recount, hackers could have easily infected Pennsylvanias voting machines with malware designed to lay dormant for weeks, pop up on Election Day and then erase itself without a trace, according to Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Vote Recount Push Advances, but Reversing Trumps Win Is Unlikely

This article in the New York Times reports on the uneven progress toward recounts in three key states for the recent presidential election. Led by Green Party candidate Jill Stein, the recounts were inspired by a call from leading security experts, including Prof. J. Alex Halderman. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Computer scientists urge Clinton campaign to challenge election results

CNN reports that a group of top computer scientists, including Prof. J. Alex Halderman, have urged Hillary Clinton's campaign to call for a recount of vote totals in Wisconsin, Michigan and Pennsylvania. The computer scientists believe they have found evidence that vote totals in the three states could have been manipulated or hacked and presented their findings to top Clinton aides on a call last Thursday. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Trump election: Activists call for recount in battleground states

The BBC reports on the call by leading computer scientists, including Prof. J. Alex Halderman, for a recount of votes in the presidential election in three swing states. Their analysis shows that Clinton performed worse in counties that relied on electronic voting machines compared to paper ballots and optical scanners. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Want to Know if the Election was Hacked? Look at the Ballots

In this post, Prof. J. Alex Halderman sets the record straight regarding what he and other leading election security experts have actually been saying to the Clinton campaign and everyone else whos willing to listen. He describes a situation where malware could be a factor in the vote totals during the presidential election. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Experts Urge Clinton Campaign to Challenge Election Results in 3 Swing States

Leading computer security experts with an interest in election integrity, including Prof. J. Alex Halerman, have called for a recount of the votes cast in the presidential election in three key swing states. They believe they have found evidence that results in Wisconsin, Michigan, and Pennsylvania may have been manipulated. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Vulnerable connected devices a matter of "homeland security"

This article describes the security ramifications of unprotected IoT devices such as internet-connected cameras, video recorders on the larger Internet. It quotes Prof. Kevin Fu on the effort that would be required to secure this new ecosystem. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  

Professor to Congress: "Internet of Things security is woefully inadequate"

As the Internet of Things grows around us, so do the threat of cybersecurity breaches severe enough to shut down hospitals and other vital infrastructure. This is the message that Prof. Kevin Fu delivered to lawmakers at a congressional hearing this week. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

After Dyn cyberattack, lawmakers seek best path forward

In a hearing hosted by the House Energy and Commerce Committee, University of Michigan professor Kevin Fu, Level 3 Communications Chief Security Officer Dale Drew and computer security luminary Bruce Schneier briefed Congress on the challenges posed by insecure internet-connected devices and whether they believe the government can make a difference. This article provides a summary of the proceedings. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

Regulate cybersecurity or expect a disaster, experts warn Congress

The U.S. government must demand that all internet-connected devices have built-in security, according to experts including Prof. Kevin Fu who warned Congress that the country could soon face a disastrous, lethal cyberattack. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Internet of Things  Lab-Computer Engineering (CE Lab)  

Kevin Fu Testifies on the Role of Connected Devices in Recent Cyber Attacks

Prof. Kevin Fu testified before the House Energy and Commerce Committee on the role of connected devices in recent cyber attacks on Wednesday, Nov 16, 2016. Follow the link to see a video of the proceedings. [Full Story]

Related Topics:  Cybersecurity  Fu, Kevin  Lab-Computer Engineering (CE Lab)  

The Network Standard Used in Cars Is Wide Open to Attack

As automobiles grow increasingly computerized, the security of the network for in-vehicle communication is a growing security concern. New research by Prof. Kang G. Shin and graduate student Kyong-Tak Cho demonstrates that the controller area network (CAN) protocol implemented by in-vehicle networks has a new and potentially quite dangerous vulnerability. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  Networking, Operating Systems, and Distributed Systems  Shin, Kang G.  

How Safe is Your Smart Home?

The Smart Home sounds like a great idea. But is it an unsafe home? "I would be cautious, overall," says Prof. Atul Prakash. "The technology is relatively new. Hardware is probably a little bit ahead of the software at this point, and a lot of vulnerabilities we are seeing are primarily on the software side of things." Read more and listen to the full interview here. [Full Story]

Related Topics:  Cybersecurity  Lab-Systems  Prakash, Atul  

A Lot Of Voting Machines Are Broken Across America (But It's Totally Normal)

Forbes reports on numerous reports of broken machines causing epic queues and peeving voters. Matt Bernhard, CSE graduate student and an expert on the security of electoral systems, says that "This year isn't that different, other than I'm expecting higher turnout which may stress the infrastructure more." [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Lab-Systems  

US election: Experts keep watch over 'hack states'

"Unless the election is extraordinarily close, it is unlikely that an attack will result in the wrong candidate getting elected," suggest CSE graduate student Matt Bernhard and Prof. J. Alex Halderman. But they say the risk the election process could be disrupted by hackers should be taken extremely seriously. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

US Election Systems Seen 'Painfully Vulnerable' to Cyberattack

This article sheds light on potential cyberattacks during the U.S election. Some cybersecurity analysts warned that hackers of even moderate talent could possibly throw the results of the 2016 presidential election into chaos. Prof. Halderman hopes all the attention on voting-system vulnerabilities will motivate state governments to invest in cybersecurity for the 2020 elections. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Next Weeks Anticipated U.S. Election

This article discusses the vulnerabilities of direct recording electronic voting systems. It quotes Prof. J. Alex Halderman and his colleagues on the security of DREs. Twenty-nine states still use DREs and five states: Delaware, Georgia, Louisiana, New Jersey and South Carolina, use the easily compromised machines without a paper trail. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

Forget rigged polls: Internet voting is the real election threat

Prof. J. Alex Halderman and his contemporaries have been tireless in warning us of the security risks associated with internet voting. Will we listen? [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems  

The Security Challenges of Online Voting Have Not Gone Away

This guest post on IEEE Spectrum by CSE graduate student Matthew Bernhard, Prof. J. Alex Halderman, and Robert Cunningham, Chair of the IEEE Cybersecurity Initiative, lays out the details for the case against Internet voting. [Full Story]

Related Topics:  Cybersecurity  Graduate Students  Halderman, J. Alex  Lab-Systems  

How the 2016 Election Could Be Hacked (story+video)

Is our voting system really vulnerable to hackers? Professor of computer science, J. Alex Halderman, explains the situation to VICE News in this segment that originally aired on October 24. [Full Story]

Related Topics:  Cybersecurity  Halderman, J. Alex  Lab-Systems