Home > News > All News > Security and Privacy

Security and Privacy

News Feed

Hacked voting machine donated to Henry Ford museum

The machine was used by Prof. J. Alex Halderman for election cybersecurity research, and in a demonstration during which then-Senator Kamala Harris voted on it.

U-M spin-off Agita Labs releases always encrypted computing product

TrustForge, based on U-M research spearheaded by Austin and Bertacco, provides users with the ability to protect data using a process called sequestered encryption

Z. Morley Mao elected IEEE fellow for contributions to performance and security of internet routing and mobile systems

Prof. Mao and her students have played an important role in understanding the efficiency, security, and performance of a number of mobile systems.

Five ways to keep vaccine cold storage equipment safe from hackers

A medical security expert outlines the risks and how hospitals can protect themselves.

Her fight for your rights

Could censorship end the internet as we know it? Not if Roya Ensafi can help it.

Less nosy smart speakers

Technology could capture household information without recording speech.

Election lessons from Michigan

Election security expert J. Alex Halderman dissects Antrim County’s election debacle to help future contests go more smoothly.

First IFIP Workshop on Intelligent Vehicle Dependability and Security

The workshop, co-organized by a team including two EECS faculty, focused on ensuring the safety of Level 3 autonomous vehicles, where humans must be ready to take over control.

Hacking reality

Microphones that “hear” light; microprocessors that “tell” us secrets; self-driving cars that “see” fake objects; sensors that “feel” the wrong temperature. Our devices are under attack in new, increasingly sophisticated ways. Security researchers at CSE are exploring the limits of hardware and finding new, sobering vulnerabilities in our computers and homes.

After five years, Let’s Encrypt, a non-profit based on tech developed at Michigan, has helped to secure the internet

Today, over 225 million websites are protected by free certificates issued by Let’s Encrypt.

Major side-channel discovery wins NSA contest

The winning paper broke open a new area of investigation in hardware-based data leaks.

Censored Planet: Tracking internet censorship without on-the-ground participation

Censored Planet is releasing technical details for other researchers and for activists.

5 ways Americans can keep their vote secure and accurate

Expert advice for voting in an unprecedented election.

CSE researchers help organize 10th anniversary workshop on internet freedom

Prof. Roya Ensafi and PhD candidate Reethika Ramesh led organizing efforts for USENIX’s Tenth Workshop on Free and Open Communications on the Internet.

$1.8M DARPA project aims to protect cars, trucks and spacecraft from hackers

Ironpatch could head off growing danger of security vulnerabilities in vehicle systems.

New collaboration promises greater innovation in medical device security

The two organizations will connect their membership and partner networks to work on advancing security for life-saving devices.

New remote voting risks and solutions identified

The upcoming presidential election in the middle of a pandemic has jurisdictions exploring new technologies. They’re not secure.

IEEE security conference features six accepted papers from CSE researchers

The projects impact voting systems, physical sensors, integrated circuit fabrication, and multiple microarchitectural side-channel vulnerabilities.

Rackham Predoctoral Fellowship for design of robust, reliable and repairable software systems

Subarno Banerjee uses program analysis to improve software systems’ safety and security.

Autonomous vehicles can be fooled to ‘see’ nonexistent obstacles

Vehicles that perceive obstacles that aren’t really there could cause traffic accidents.

Todd Austin Named S. Jack Hu Collegiate Professor of Computer Science and Engineering

Prof. Austin is a creative, outside-the-box thinker who has produced a body of work that has had extraordinary impact in the area of computer architecture.

Real-time monitor tracks the growing use of network filters for censorship

The team says their framework can scalably and semi-automatically monitor the use of filtering technologies for censorship at global scale.

Not enough voters detecting ballot errors and potential hacks, study finds

Researchers carried out the first study on voter behavior with electronic assistive devices, found 93% missed incorrect ballots.

Researchers design new solution to widespread side-channel attacks

The proposal provides a chip-level safeguard against sensitive data being transmitted after it’s accessed.

How Let’s Encrypt doubled the percentage of secure websites in four years

A Q&A with J. Alex Halderman, who co-founded the nonprofit organization.

How Russia’s online censorship could jeopardize internet freedom worldwide

The nation is using inexpensive commodity equipment to block 170K domains on more than 1K privately-owned ISPs.

Researchers take control of Siri, Alexa, and Google Home with lasers

The newly discovered microphone vulnerability allows attackers to remotely inject inaudible and invisible commands into voice assistants using light.

Offensive vehicle security toolbox makes car hacking easier

The new system is designed to save security researchers time and effort spent reverse-engineering the message format of every vehicle they study.

New tool combats evolving internet censorship methods

Technology pioneered by Michigan researchers can circumvent many effective website blocking tools

Year of vulnerability hunting uncovers potential attacks on Intel Chips, RAM

All three of these attacks put users’ privacy at risk, exploiting new routes to sensitive data.

Remote attack on temperature sensors threatens safety in incubators and industry

The researchers demonstrated that an adversary could remotely manipulate the temperature sensor measurements without tampering with the targeted system or triggering automatic temperature alarms.

PET Award for making privacy policies easier to read

The research generated a chatbot to help users sift through important details in privacy policies.

Best paper award for analysis of a decade of malware reports

The research suggests that common blacklist-based prevention systems are ineffective.

Michigan’s new Election Security Commission holds inaugural meeting on U-M Campus

The meeting began the commission’s review and assessment of election security in Michigan.

Halderman co-chairs new commission to protect Michigan votes

The effort seeks to protect the integrity of every vote.

Election security: Halderman recommends actions to ensure integrity of US systems

In congressional testimony, professor urges $370M in federal funding to replace outdated machines.

Facebook Fellowship for research on web privacy, security, and censorship

McDonald works to develop better privacy and security tools for marginalized communities

Online censorship detector aims to make the internet a freer place

Censored Planet could provide new insight into the flow of online information

Study reveals new data on region-specific website blocking practices

A team of researchers unearthed new data on geographic denial of access to web content in a new paper.

A secure future for US elections starts in the classroom

A new special topics course on election cybersecurity gives students an examination of the past, present, and future of US elections.

Tyche: A new permission model to defend against smart home hacks

“The work is an important step towards understanding how to make tradeoffs between usability and security.”

Intel processor vulnerability could put millions of PCs at risk

Patches can provide protection.

Undocumented immigrants’ privacy at risk online, on phones

When it comes to their smartphones, immigrants struggle to apply instinctive caution, according to a study by a team of University of Michigan researchers.

Building a security standard for a post-quantum future

A large quantum computer could retroactively decrypt almost all internet communication ever recorded.

Zuckerberg Capitol Hill testimony: Engineering experts offer comments

U-M profs weigh new business model, European-style regulation

‘I hacked an election. So can the Russians.’

Professor Alex Halderman and the New York Times staged a mock election to demonstrate voting machine vulnerability.

Michigan researchers discover vulnerabilities in next-generation connected vehicle technology

The vulnerability allows an attacker to manipulate a new intelligent traffic control algorithm and cause severe traffic jams.

CSE PhD student Matt Bernhard on the Facebook data breach

In this video, CSE PhD Student Matt Bernhard weighs in on the matter Facebook data harvesting, such as that done by Cambridge Analytica.

Can sound be used as a weapon? 4 questions answered

What happened to people inside the U.S. Embassy in Havana?

Cuba ‘sonic attacks’: A covert accident?

‘We’ve demonstrated a scenario in which the harm might have been unintentional.’

Chat tool simplifies tricky online privacy policies

Automated chatbot uses artificial intelligence to weed through fine print

FCC repeals net neutrality: Engineering experts offer comments

A long-standing tenet of the internet was overturned today.

An armed robber’s Supreme Court case could affect all Americans’ digital privacy for decades to come

How much can your cellphone reveal about where you go?

Manos Kapritsos and collaborators win USENIX security paper award

Their paper introduces a new programming language and tool called Vale that supports flexible, automated verification of high-performance assembly code.

Prof. J. Alex Halderman testifies in front of senate intelligence committee on secure elections

His remarks focused on vulnerabilities in the US voting system and a policy agenda for securing the system against the threat of hacking.

Smartphone security hole

‘Open port’ backdoors are common.

Sonic cyber attacks show security holes in ubiquitous sensors

Michigan Engineering researchers discuss and demonstrate the sound-based attacks they leveled at the accelerometers found in everyday electronics.

Professor to Congress: ‘Internet of Things security is woefully inadequate’

Michigan Engineering professor Kevin Fu spoke in front of congress on Nov. 16, 2016.

Peter Honeyman receives USENIX Test of Time Award

The USENIX Test of Time Awards recognizes papers presented at its respective conference from at least 10 years ago that have had a lasting impact on their fields.

Several Michigan Papers Presented at 2016 USENIX Security Symposium

A total of five papers authored by CSE researchers were presented.

Researchers David Adrian and Alex Halderman receive Pwnie Award for work on DROWN attack

DROWN allows attackers to break encryption used to protect HTTPS websites and read or steal sensitive communications.

With over 7 million certificates issued, Let’s Encrypt aims to secure the entire web

In order to bring HTTPS to everyone, Prof. Halderman joined forces in 2012 with colleagues at Mozilla and the Electronic Frontier Foundation to found Let’s Encrypt, a non-profit certificate authority with the mission of making the switch to HTTPS vastly easier.

Two Michigan papers win top awards at IEEE Security and Privacy Symposium

One of the paper describes and demonstrates a malicious hardware backdoor. The other demonstrated security failings in a commercial smart home platform.

Michigan and Verisign researchers demonstrate new man-in-the-middle WPAD query attack

New security ramifications exist when laptops and smartphones configured for enterprise systems are used outside the enterprise in the realm of the wider web.

Hacking into homes: Security flaws found in SmartThings connected home system

New vulnerabilities form when hardware like electronic locks, thermostats, ovens, sprinklers, lights and motion sensors are networked and set up to be controlled remotely.

Passwords, privacy and protection: Can Apple meet FBI’s demand without creating a ‘backdoor’?

Prof. H.V. Jagadish sheds light on current issues regarding data privacy and technology.

Secure your website now: Let's Encrypt enters Public Beta

Let's Encrypt allows anyone to request a free website security certificate without needing an invitation.

Michigan Researchers Win the 2016 Applied Networking Research Prize

In their paper, the researchers present the first report on global adoption rates of SMTP email security extensions.

Computer Scientists Win Best Paper Award at ACM Conference on CCS for Exposing the Vulnerabilities of the Diffie-Hellman Key Exchange

Diffie-Hellman is a popular algorithm used for encrypted communications, including emails VPNs, HTTPS, and other protocols where a client and server negotiate a shared secret key for communication

J. Alex Halderman and Collaborators Receive NSF Cybersecurity Award to Develop Rapid-Response Architecture

This project strives to positively impact the availability and reliability of the Internet and provide the security community with tools, platforms, and comprehensive vulnerability measurement data.

Virta Labs Introduces PowerGuard™

Virta Laboratories was co-founded in part by Prof. Kevin Fu and former CSE postdoctoral researcher Denis Foo Kune.

Security Flaw in New South Wales Puts Thousands of Online Votes at Risk

Securing Internet voting requires solving some of the hardest problems in computer security, and even the smallest mistakes can undermine the integrity of the election result.

Computer science researchers aim to securely encrypt every website

A project is underway which will offer a free, automated, and easy process for converting webservers from HTTP to HTTPS that is implemented with a single command.

Computer Scientists Win Best Paper Award at 2014 ACM Internet Measurement Conference

The research team performed a comprehensive, measurement-based analysis of the impact of the recent Heartbleed vulnerability.

Yelin Kim wins Best Student Paper Award at ACM Multimedia 2014 for research in facial emotion recognition

She computationally measures, represents, and analyzes human behavior data to illuminate fundamental human behavior and emotion perception, and develop natural human-machine interfaces.

Iranian internet censorship system profiled for first time

Michael Bailey receives Research Faculty Recognition Award from OVPR

His research is focused on the security and availability of complex distributed systems.

Computer scientists win Best Paper Award at 21st USENIX Security Symposium

Halderman's "Securing Digital Democracy" opens on Coursera

Computer scientists named runners up for PET Award

Duo of CSE Alums Form and Grow Security Company in Ann Arbor

Serial entrepreneur Dug Song (CS BS 1997) and recent alum Jon Oberheide (CSE PhD 2011) founded security firm Duo Security in early 2010 and have rapidly grown their company to serve over 500 customers in 40+ countries around the world.

Researchers demonstrate firewall vulnerability in cell network

J. Alex Halderman to Teach Course on Electronic and Internet Voting through Coursera

The 5-week course will provide the technical background and public policy foundation that today's citizens need to understand the electronic voting debate.

Prof. J. Alex Halderman featured in PBS story on the security of internet voting

CSE Alum Jon Oberheide Named One of Forbes' 30 Under 30 in Technology