Press

But some don’t think the new ban will actually prevent terrorist attacks. Nicholas Weaver, a researcher at the International Computer Science Institute at the University of California, Berkeley, told The Guardian: “If you assume the attacker is interested in turning a laptop into a bomb, it would work just as well in the cargo hold. If you’re worried about hacking, a cell phone is a computer.”

Some HTTPS inspection tools might weaken security
March 17, 2017 | Lucian Constantin, IDG News Service

Researchers from Google, Mozilla, Cloudflare, University of Michigan, University of Illinois Urbana-Champaign, University of California, Berkeley and the International Computer Science Institute recently conducted an investigation of HTTPS inspection practices. They found that more than 10 percent of HTTPS traffic that originates from the U.S. and reaches Cloudflare's content delivery network is being intercepted. So are 6 percent of connections to e-commerce websites.

What the Media Got Wrong About the Latest WikiLeaks Dump
March 17, 2017 | Brooke Gladstone and Bob Garfield, WNYC

Nicholas Weaver, a senior researcher at the International Computer Science Institute at the University of California Berkeley, talks with Bob and how the media got played by Wikileaks, and how to avoid that trap next time.

The real shocker in the WikiLeaks scoop
March 14, 2017 | David Ignatius, Washington Post

The dark side of this world exploded into view with WikiLeaks’ publication of the CIA toolkit. Some scary initial stories argued that the CIA could crack Signal and WhatsApp phone encryption, not to mention your toaster and television. But security experts Nicholas Weaver and Zeynep Tufekci have pushed back against those early claims, in the Lawfare blog and in the New York Times, respectively.

What the CIA WikiLeaks dump tells us: Encryption works
March 10, 2017 | Anick Jesdanun and Michael Liedtke, Associated Press

“We are in a world where if the U.S. government wants to get your data, they can’t hope to break the encryption,” said Nicholas Weaver, who teaches networking and security at the University of California, Berkeley. “They have to resort to targeted attacks, and that is costly, risky and the kind of thing you do only on targets you care about. Seeing the CIA have to do stuff like this should reassure civil libertarians that the situation is better now than it was four years ago.”

Reading Roundup: Truck Platoons, Cheek Vaccines, Wikileaks, Sotomayor
March 10, 2017 | Sarah Elizabeth Adler, California Magazine

“The real story on encryption is not, ‘Oh my God the CIA breaks encryption,’ but that encryption is so good that the CIA has to risk $1.5 million assets to compromise a target’s iPhone if they want to read his messages,” [Weaver] says, noting the high price of developing smartphone-infiltrating techniques.

"That the CIA hacks is like saying water is wet -- it's them doing their job," said Nicholas Weaver, senior researcher with the International Computer Science Institute at the University of California, Berkeley.

“They did not break Signal any more than looking at your phone over your shoulder breaks Signal,” said Nicholas Weaver, a computer security researcher at the International Computer Science Institute.

WikiLeaks disclosure exposes rapid growth of CIA digital operations — and agency vulnerabilities
March 8, 2017 | Greg Miller, Ellen Nakashima, and Julie Tate, Washington Post

“It’s not some huge crisis,” said Nicholas Weaver, a computer security researcher at the University of California at Berkeley. The CIA can purchase new exploits or turn to the NSA to help shore up its exposed archive. Buying its way back could be pricey, experts said. Exploits for Apple iPhones can go for $1 million or more.

WikiLeaks left key details unredacted in CIA leak
March 8, 2017 | Chris Bing, Cyberscoop

Another PDF file holds screenshots of an internal content management system used by the CIA, where the name of the last user to modify the page is clearly shown. Security researcher Nicholas Weaver noted the redaction mistake on Twitter.

Pages