News -- Recent news about our lab below

Kimberly Ruth Wins the Mary Gates Research Scholarship 3.11.2017
Congratulations to UW Security Lab undergraduate Kimberly Ruth for winning the coveted Mary Gates Research Scholarship! The Mary Gates Scholarship is a highly competitive scholarship intended to facilitate the research experience of University of Washington undergraduate students. Kimberly is actively conducting research at the intersection of augmented reality and computer security, a research area led by security lab faculty member Franziska Roesner. In fact, Kimberly is a co-author of an upcoming paper on that topic, to appear at this year's IEEE Symposium on Security and Privacy in May 2017. Kimberly conducted that research during her freshman and sophmore years at UW. Her paper, co-authored with her PhD student mentor Kiron Lebeck and her faculty advisors Franziska Roesner and Yoshi Kohno, will appear on the UW Augmented Reality and Security page soon. Congratulations Kimberly!!
Enigma 2018 Announced 3.6.2017
Modeled after TED, the USENIX Enigma Conference is one of the hottest computer security conferences out there. Today it was announced that UW Security Lab professor Franziska Roesner will co-chair Enigma 2018. Stay tuned for an exciting Enigma 2018 program!
Ada Lerner to join the Wellesley College Computer Science Faculty 2.25.2017
A big congratulations to senior security lab PhD Student Ada Lerner! After receiving multiple tenure-track faculty offers from top liberal arts colleges, Ada has now decided to join the computer science faculty at Wellesley College. Quoting from Wikipedia, "According to the 2017 U.S. News and World Report rankings, Wellesley is ranked 3rd for liberal arts college and 1st for women's colleges." This is big news! Congratulations Ada! And congratulations Wellesley!
Franziska Roesner Wins the NSF CAREER Award 2.10.2017
Congratulations to Security and Privacy Lab Co-director Professor Franziska Roesner! Franzi has just received the National Science Foundation CAREER Award, for her work on computer security for augmented reality systems. As the National Science Foundation says, "the CAREER Award is the National Science Foundation's most prestigious awards in support of early-career faculty." Congratulations Franzi!
Security Lab PhD Student Eric Zeng Takes Home the TGIF Trophy 2.3.2017
Security and Privacy Lab PhD Student Eric Zeng won tonight's TGIF paper airplane contest. Eric spent years preparing for this contest, and created a masterful, long-flying paper airpline. In addition to building paper airplanes, Eric loves security and privacy research. Check out his upcoming IEEE Security and Privacy Europe paper, co-authored with PhD student colleague Ada Lerner and their advisor Franzi Roesner, here.
Franzi Roesner at Enigma 2017 2.1.2017
Some people call the USENIX Enigma Conference the hottest new computer security conference out there. Enigma is like a security-focused TED conference. Security and Privacy Lab co-director Professor Franzi Roesner was invited to speak this year, and she chose to speak about her work on computer security and privacy for journalists and lawyers. Her talk was an end-to-end tour through her work with journalists and lawyers, starting with formative interviews, continuing into the design and implementation of a new email encryption tool, and then covering more lessons through summative user evaluations.

If you're familiar with the classic paper "Why Johnny Can't Encrypt", then you will appreciate this comment from one Twitter follower: "I think that @franziroesner basically just made it possible for Johnny to encrypt!"

The video of her talk is not online yet, but it will likely be posted online here soon.

GREPSEC 2017 -- Security and Privacy for Women and Members of Underrepresented Groups 2.1.2017
GREPSEC is a workshop in security and privacy for women and members of underrepresented groups. It will be held in San Jose, California on May 20 and 21. Security and Privacy Lab co-director Yoshi Kohno is chairing the student application process. Please consider applying! The application deadline is March 2nd.
Security Lab Undergraduate Researcher Mitali Palekar Featured in CSE News 1.27.2017
Security and Privacy Undergraduate Researcher Mitali Palekar was featured in today's departmental Undergraduate Spotlight. Palekar is a sophomore from Cupertino, California who spent a portion of her childhood in Mumbai, India and is trained in Bharatanatyam, an Indian classical dance form. Mitali works with Security Lab Professor Franziska Roesner, alongside PhD student mentors Ada Lerner and Eric Zeng. Read the Undergraduate Spotlight about Mitali here.
Alex Takakuwa at the FIDO Alliance Meeting 1.24.2017
Security Lab PhD student Alex Takakuwa is currently focused on improving one of the most important (and challenging) aspects of computer security: authentication. Today Alex presented some of his work at the FIDO Alliance meeting in Vancouver, British Columbia, Canada. The FIDO Alliance is an industry association spearheading new efforts to improve authentication worldwide.
Yoshi to Judge the FTC Internet of Things Competition 1.4.2017
The US Federal Trade Commission just announced a competition focused on improving the security of Interent of Things devices. Security and Privacy Lab co-director Professor Yoshi Kohno is going to be one of the judges. If you're working on IoT security, we encourage you to submit!
Lab Ski Day! 12.15.2016
Of course we value high-quality, high-impact research. But we in the Security and Privacy Lab have many other interests as well. Sometimes we can be found playing board games, softball, or innertube water basketball. Today a subset of us decided to go skiing. Yay for near perfect conditions! We look forward to our next ski day soon!
CSE Pumpkin Carving 2016! 10.21.2016
The UW Computer Science and Engineering Department has an annual Pumpkin Carving TGIF. What a fun (and messy!) adventure! Check out the pumpkins we carved this year: image here.
Franzi Makes a Guest Appearance on "The Week in Law" 9.23.2016
Security and Privacy Lab co-director Professor Franzi Roesner makes another appearance today, this time on the Internet radio show This Week in Law. Franzi talked about her research studying the evolution of web tracking over the past 20 years. Check out her interview here:
Franzi Keynotes the Fremont Women in Tech Meeting 9.22.2016
Security and Privacy Lab co-director Professor Franzi Roesner gave the keynote at tonight's Fremont Women in Tech meeting. Franzi's talk focused on her innovative research on security and privacy for augmented reality systems.
Introducing General Paul 9.8.2016
Congratulations to UW CSE PhD student Paul Vines for passing his General Exam today. Next stop: PhD! Excellent work!
Web Tracking in the News 8.23.2016
A team from the UW CSE Security Lab has been intensively studying how web tracking has evolved over time. The team, including co-first authors Adam Lerner and Anna Kornfeld Simpson along with faculty members Franzi Roesner and Yoshi Kohno, presented their work at the USENIX Security Symposium a couple of weeks ago. Their research has been picked up by the popular press, including USA Today and TechCrunch, as well as IEEE Spectrum and radio and TV networks. Read their paper here or check out the project web page here here.
Franzi Roesner @ DARPA ISAT 8.16.2016
DARPA’s Information Science and Technology (ISAT) study group brings together roughly 30 of the top minds in academia and industry. Their task is to identify and explore emerging inflection points broadly related to computing in the context of national security. Members are not just leaders in their own fields, but leaders in all of information science and technology. UW CSE has an amazingly strong presence at ISAT, including Security Lab Professor Franzi Roesner. Read the CSE News article here.
Adam Lerner @ USENIX Security 8.12.2016
Adam Lerner gave a great and well-received talk today at the USENIX Security Symposium. The USENIX Security Symposium is one of the leading publication venues in the computer security research field. Adam presented a paper, co-authored with Anna Kornfeld Simpson (co-student first author) and faculty members Franzi Roesner and Yoshi Kohno, titled "Internet Jones and the Raiders of the Lost Trackers: An Archaeological Study of Web Tracking from 1996 to 2016". This research used the Wayback Machine's archive of the Internet to study the evolution of web tracking over time. Read the paper here and check out the associated web page here.
Anna Kornfeld Simpson presents at USENIX Security 8.11.2016
Anna Kornfeld Simpson presented at tonight's WIPs session at USENIX Security. Her paper on an archealogical study of web tracking from 1996-2016, with Adam Lerner, Franzi Roesner, and Yoshi Kohno, will be presented tomorrow. For tonight's talk, Anna presented some additional results about the evolution of the web over time.
Adam Lerner, PhD Candidate 7.26.2016
Congratulations to Adam Lerner for passing the UW CSE General Exam today! Next stop: final defense and dissertation filing. Great report and presentation! Congratulations Adam!
Gennie Gebhart to join the EFF 6.10.2016
Congratulations to Gennie Gebhart for graduating this year with a Master of Library and Information Science from the Information School! And double congratulations on joining the Electronic Frontier Foundation as a researcher! We will miss having you as part of the lab, and know that the larger security and privacy community is lucky to have you at the EFF!
Shrirang Mare to Join UW CSE as a Postdoc 5.31.2016
We are excited to announce that Shrirang Mare will join UW CSE in the fall as a postdoc. Shrirang is receiving his PhD from Dartmouth College, and his interests include security and privacy issues in pervasive computing, particularly in healthcare, usable security, and continuous authentication. At UW he will be working with Profs. Richard Anderson, Yoshi Kohno, and Franzi Roesner at the intersection of digital financial services and computer security. Welcome Shrirang!
Gennie Gebhart wins the iSchool Capstone Presentations Research Award 5.26.2016
Congratulations to Gennie Gebhart for winning this year's Information School 2016 Capstone Presentations Research Award! Among all the iSchool capstone projects, Gennie's research on security, privacy, and censorship received this highest recognition. Congratulations Gennie!
Miro Enev in Wired 5.25.2016
As part of his PhD Dissertation, lab alumnus Miro Enev studied whether a computer attached to a car's internal computer network could "fingerprint" (identify) the driver. Wired got excited about the work and interviewed Miro. See the resulting article here. A conference version of the upcoming paper, co-authored with lab member Alex Takakuwa, alumnus Karl Koscher, and faculty member Yoshi Kohno will appear at PETS 2016. Great job team!
Lucy Simko wins an NSF Graduate Research Fellowship 3.29.2016
Congratulations to UW CSE Security Lab member Lucy Simko! Lucy received one of this year's National Science Foundation (NSF) Graduate Research Fellowship. NSF's Graduate Research Fellowship Program supports outstanding student researchers pursuing Masters and doctoral degrees in science, technology, engineering and mathematics who demonstrate the potential to have a significant impact in their fields. Nearly 17,000 students applied for a total of 2,000 fellowships awarded nationwide. Receiving an NSF Fellowship is a huge honor. Congratulations Lucy!
Security Lab Alumnus Karl Koscher @ RSA 3.2.2016
UW CSE Security Lab alumnus Karl Koscher was an invited panelist today at the RSA conference, in San Francisco. Karl participated in a panel entitled "Do We Need Cyber-Ratings for the Auto Industry?" Karl drew on his deep expertise in automotive security. In 2010 and 2011 he, along with other UW and UCSD co-authors, published two of the first papers analyzing the computer security properties of modern automobiles. That work led to significant impact in both industry and governemnt, was covered in two NOVA TV episodes, and was featured on 60 Minutes.
Kiron Presents on Computer Security for Augmented Reality Systems at Hotmobile 2016 2.23.2016
Security Lab member Kiron Lebeck gave a great talk today at HotMobile 2016! The talk was about his work on computer security for future augmented reality systems, with Profs. Franzi Roesner and Yoshi Kohno. The paper is online here. The talk really was great -- everyone was leaning back and watching the talk, vs working on their computers :) . Great job Kiron!
Camille Invited to Speak at the NCWIT Aspiration Awards Ceremony in Kirkland, WA 2.22.2016
UW CSE Security Lab member Camille Cobb was invited to present to the National Center for Women and Information Technology (NCWIT) Aspirations Award winners this past weekend. The award ceremony was held at Google Kirkland, with roughly 20 young women award recipients present. Camille surveyed the broad field of computer security, and also offered a focused discussion of her work on computer security for developing world applications. Thank you Camille!
Yoshi at Enigma 1.25.2016
This year USENIX introduced a new conference: the Enigma. Some think that Enigma is destined to be one of the hottest new security conferences out there. This year USENIX invited Security Lab co-director Yoshi Kohno to speak about his work on security and privacy for the Internet of Things. Check out his talk, which will be online here.
Franzi Presents at the Roosevelt High School "Science and Society" Lecture Series 1.22.2016
Last night UW CSE Security Lab co-director Prof. Franzi Roesner presented to a crowded auditorium at Roosevelt High School, in Seattle. Roosevelt High School hosts a once-a-month "Science and Society" evening enrichment program for high school students and their parents. The goal of the lecture series is to get students thinking about the role of science, engineering, and technology in their own lives, be informed citizens, and get some ideas about STEM career paths. Franzi's talk, entitled "The invisible trail: Pervasive tracking in a connected age," covered her research on web privacy and web tracking.
Highlighting the Lab's Augmented Reality + Security Research 1.22.2016
Since 2013, the UW CSE Security Lab has helped lead the charge in tackling an emerging challenge: computer security for augmented reality devices. Today, the lab launched a new website focused on its augmented reality efforts. Readers can now track the lab's efforts on augmented reality and security here: Lab member Kiron Lebeck will present his latest research results on augmented reality security, with professors Franzi Roesner and Yoshi Kohno, at HotMobile 2016.
Security Lab Innertube Water Basketball Team Wins First Competition 1.19.2016
The Security Lab innertube water basketball team clinches a win for its first game of the season. The team benefited from an intense coaching session in advance of the game, thanks to the experience of seasoned innertube water basketball player and team captain Prof. Franzi Roesner. Also present for the first game were lab members and friends Camille Cobb, Yoshi Kohno, Kiron Lebeck, Lucy Simko, Alex Takakuwa, Paul Vines, and Ruthie Vines.
UW CSE launches Digital Financial Services Research Group to accelerate innovative banking solutions for developing regions 1.12.2016
UW CSE revolutionized data collection and analysis in low-resource settings with the creation of the Open Data Kit (ODK), a suite of free, open-source mobile tools. ODK – a project spearheaded by the late professor Gaetano Borriello – has been deployed in more than 40 countries to monitor elections, to conserve natural resources, to track health care outcomes, and much more. Now, UW CSE is poised to do for money management what we did for data with the launch of our new Digital Financial Services Research Group. The new effort is funded by the Gates Foundation, under the primary directorship of CSE faculty member Richard Anderson. Security Lab co-directors Yoshi Kohno and Franzi Roesner are co-leading the computer security elements of this new effort. Read more about this new group here.
UW CSE’s Franzi Roesner guides business and civic leaders along "the invisible trail" of online tracking 12.11.2015
The Technology Alliance hosts a monthly Discovery Series seminar, with the stated goal of inviting leading researchers to give talks that can help inform local business and civic leaders about new and important technical advances. UW CSE professor and security lab co-director Franzi Roesner gave this month's presentation. Franzi spoke about online tracking and smartphone security. Read more online here.
CSE Open House, K-12 Students, and SSL Certs 12.5.2015
The UW CSE Security Lab participated in today's CSE Open House, for visiting K-12 students. The lab's hosted activity: a sequence of cryptographic puzzles. Check out the puzzles here. And what did the students get, if they solved the puzzles? An SSL (Super Smart Learner) certificate. A big thank you to Anna Kornfeld Simpson, Adam Lerner, Lucy Simko, Eric Zeng, Camille Cobb, and Alex Takakuwa for preparing the puzzles and the SSL certificates.
Security Lab's Yoshi Kohno Speaks at the NSF 11.12.2015
The National Science Foundation hosts a periodic (once every few months, in general) invited lecture on computer security. UW CSE Security Lab co-director Yoshi Kohno gave this months invited lecture, on the topic of Computer Security and the Internet of Things.
Congratulations Alex! 11.4.2015
Congratulations Alex Takakuwa for delivering a great quals talk today! The quals talk is the key milestone for receiving an MS at UW, en route to a PhD. Congratulations Alex!
Security Lab members co-author policy primer on augmented reality 11.3.2015
UW CSE professors Yoshi Kohno and Franzi Roesner and Ph.D. alum Tamara Denning (now on the faculty at the University of Utah) are among the lead authors of a new white paper that examines policy issues associated with emerging augmented reality technologies. The paper is the first of its kind published by the UW's Tech Policy Lab, which brings together faculty and students from UW CSE, the School of Law, the iSchool and other units on campus to explore the potential implications of emerging technologies in a way that is useful for policy makers. More information available here.
Security Lab Highlighted by the National Science Foundation 10.23.2015
The National Science Foundation recently chose to highlight the efforts of UW CSE's Security Lab, and the grants of security lab faculty members Tadayoshi Kohno and Franziska Roesner, in an article entitled "Benefits and risks of the 'Internet of Things.'" Read the full article here.
Security Lab Puzzle Break 10.17.2015
The UW CSE Security Lab spent the afternoon locked in a room, for fun. We were locked in a room themed after "Twenty Thousand Leagues Under the Sea", and had to try to escape by solving puzzles. A lot of fun!
UW CSE Ph.D. alum Karl Koscher named runner-up for SIGSAC Doctoral Dissertation Award 10.16.2015
Security Lab alum Karl Koscher has been named runner-up for the second annual SIGSAC Doctoral Dissertation Award for Outstanding Ph.D. Thesis in Computer and Information Security for his UW Ph.D. thesis, “Securing Embedded Systems: Analyses of Modern Automotive Systems and Enabling Near-Real Time Dynamic Analysis.” The award was announced at the ACM Conference on Computer and Communications Security, the flagship annual conference of the ACM Special Interest Group on Security, Audit and Control (SIGSAC), held this week in Denver, Colorado. Congratulations Karl!
NOVA Visits Security Lab (again) 10.15.2015
NOVA visited the UW CSE Security Lab again, this time for its documentary CyberWar Threat, which aired last night. The UW CSE component begins around minute 29, and includes appearances by UW CSE security lab members and alumni Alexei Czseskis, Melody Kadenko, Tadayoshi Kohno, Karl Koscher, Temitope Oluwafemi, Franziska Roesner, Alex Takakuwa, Tariq Yusuf.
Paul at WPES 10.12.2015
UW CSE PhD student Paul Vines delivered a fabulous talk today at the Workshop on Privacy in the Electronic Society (WPES'15). Rook is a censorship-resistance platform for transferring data covertly between parties by hiding the data in the traffic of online games. You can read more about Rook here.
Congratulations Anna! 10.2.2015
Congratulations Anna Kornfeld Simpson for the great Quals Talk today! The Quals Talks is a major milestone in the UW CSE PhD process, and is what entitles a UW CSE graduate student to receive their masters degree en route to the PhD. Congratulations Anna for completing this major milestone!
Security Lab member Adam Lerner in the news 10.1.2015
The Daily Free Press has an article today entitled "U.K. researchers work to combat social media malware".

Security lab member Adam Lerner has a great quote in the article. Quoting from the article: "Adam Lerner, a current doctoral student in computer science at the University of Washington, said issues regarding network security, such as link shortening and user privacy in general, are an important area of research. 'Our daily lives are becoming connected to the Internet, which is the biggest network we’ve got,' Lerner said. 'Phones, cars, thermostats, you name it. Whenever something’s connected to a network, that network becomes a potential avenue of attack. In the same vein, more and more important aspects of our lives, both private and public, are taking place on the Internet, via these networked technologies. The goal of network security research … is to protect people and the things we care about from malicious behavior.'"

Great quote Adam!

UW CSE’s Franzi Roesner addresses NAE Frontiers in Engineering Symposium 9.10.2015
Every year, the National Academy of Engineering invites roughly 100 of the top engineers under the age of 45 from around the country to participate in its Frontiers of Engineering Symposium, a two-and-a-half day event focused on cutting-edge research in various fields of engineering. The 2015 symposium, which is taking place this week in Irvine CA, features a diverse range of topics, including the search for exoplanets, metamaterials, forecasting natural disasters, and cybersecurity and privacy.

It is an honor to be invited to the symposium, and an even higher honor to be invited to speak. This year, professor Franzi Roesner, co-director of UW CSE’s Security and Privacy Research Lab, delivered one of the opening talks of the program.

In her presentation, Computer Security and Privacy: Where Human Factors Meet Engineering, Franzi highlighted the challenge of designing technologies that match user expectations when it comes to security and privacy. She described a new model for granting permissions, “user-driven access control,” that removes the burden of making decisions from the user in favor of having the system automatically grant permissions based on how the user naturally interacts with existing applications.

2015 UW Engineering Lecture Series: All CSE, all the time! 9.1.2015
The 2015 UW Engineering Lecture Series – three evening public lectures sponsored by the UW Alumni Association – is all CSE this year! And, moreover, two out of three are from the Security Lab!

  • Wednesday October 7: Franzi Roesner, “The Invisible Trail: Pervasive Tracking in a Connected Age”
  • Wednesday October 21: Dieter Fox, “Our Robotic Future: Building Smart Robots that See in 3D”
  • Wednesday November 3: Yoshi Kohno (along with Batya Friedman from the Information School and Ryan Calo from the School of Law), “Responsible Innovation: A Cross Disciplinary Lens on Privacy and Security Challenges”
All lectures are at 7:30 p.m. in Kane Hall 130.
Introducing Dr. Oluwafemi 8.20.2015
Congratulations Dr. Temitope Oluwafemi! Dr. Oluwafemi presented his final PhD defense today and will be joining Intel's prestigious Engineering Leadership Program, where he will focus on the Internet of Things. Tope's dissertation was titled "Using Component Isolation to Increase Trust in Mobile Devices" and was co-advised by Security Lab faculty members Tadayoshi Kohno and Franziska Roesner. Congratulations Tope!
Ph.D. alum Karl Koscher in Wired: “Think twice about what you’re plugging into your car” 8.20.2015
Security Lab alum Karl Koscher, of 60 Minutes car hacking fame, is in the news once again for exposing the vulnerabilities of motor vehicle systems with a team at University of California, San Diego, where he is doing a postdoc with UCSD CSE professors and UW CSE Ph.D. alums Stefan Savage and Geoff Voelker.

This time, Karl and his fellow researchers demonstrate for Wired magazine and the USENIX security conference a new threat for motorists: common plug-in devices such as those provided by insurance firms to monitor a vehicle’s location, mileage and speed.

Read more in the Wired article here.

Congratulations Ian and Tope! 6.12.2015
Congratulations to security lab members Ian Smith and Tope Oluwafemi! Ian graduated today with a Masters degree in Computer Science & Engineering. Tope participated in the Electrical Engineering PhD graduation ceremony and hooding and is scheduled to give his final PhD defense talk later this summer. Congratulations to both of you for all that you have accomplished!
Great talk Kiron! 6.12.2015
Security lab member Kiron Lebeck gave a great Quals Talk today at UW CSE. The Quals Talk is a major milestone along the path to a PhD and what qualifies one to receive a Masters degree in Computer Science & Engineering, along with all the relevant coursework. Congratulations Kiron for this major milestone!
New Security Lab Soccer Shirts 6.4.2015
Security and Privacy lab co-director Yoshi Kohno was shocked today at soccer when everyone on the team entered the field wearing a shirt with his photo on it! What a fun surprise!

The first time this photo of Yoshi appeared on a shirt was in 2006, when UCSD decided to play a prank on UW and created "UCSD North -- Seattle Branch" shirts. Read more about that history here

Security Lab Alumnus Alexei Czeskis Speaks at Google I/O 5.29.2015
Security Lab alumnus Alexei Czeskis spoke today at Google I/O about Google's new Security Key. Quoting from the abstract, "Security Key is an inexpensive 2nd factor device which provides the user unphishable security for Google logins and for any other website which implements support. The user carries one device which works across all sites which support the open FIDO U2F protocol." Great work Alexei and colleagues!
Melody Wins College of Engineering Professional Staff Award 5.28.2015
UW CSE’s Melody Kadenko has received the 2015 UW College of Engineering Professional Staff Award.

Melody manages more than 100 research grants from multiple agencies. In her “spare time,” she mentors UW’s National Collegiate Cyberdefense Competition team, and shakes the tin cup to fund the CSE espresso room (appropriating a page from the NPR playbook: “We need $2500 before I quit sending email!”).

A faculty member writes, “Melody uses creativity and persistence to solve any kind of thorny research grant problem.”

A student writes, “Melody has been the single most useful person I’ve met since coming to UW.”

Congratulations Melody!! You totally deserved this!

Franzi Keynotes CSE ACM Research Night 5.26.2015
Security and Privacy lab co-director Franzi Roesner gave the opening remarks at today's ACM Research Night. ACM Research Night provides an opportunity for UW Computer Science & Engineering undergraduate students to learn what research is all about. Franzi began her talk by discussing her research in computer security and privacy. She then gave some valuable advice to future undergraduate researchers. Here's to undergraduate research!
Great talk Adam! 5.20.2015
Congratulations to Adam Lerner for a great talk at MobiSys 2015! Using a data set of 87 million scans from a mobile phone barcode scanning application, Adam and colleagues analyzed the use of QR codes in the wild. You can read more about this work here. Great job Adam!
Congratulations to Peter! 5.13.2015
Congratulations to Peter Ney! Peter successfully defended his quals project today. Next stop: Generals. Congratulations Peter! Great job!
"Shoot Yourself in the Foot with a Bucket of Legos" 4.8.2015
Sometimes it can be hard to know what your advisors are thinking. Apparently Yoshi was talking about how to avoid shooting yourself in the foot with a bucket of Legos during a research meeting with Kiron and fellow advisor Franzi. Maybe it made sense at the time? The quote was captured for posterity on Franzi's white board.
Anna Kornfeld Simpson Wins NSF Graduate Research Fellowship 3.31.2015
Congratulations to Anna Kornfeld Simpson, who won an NSF Graduate Research Fellowship!
Will Scott Receives Information Controls Fellowship 3.19.2015
Congratulations to Will Scott, who won an Open Technology Fund Information Controls Fellowship!

Learn about the Information Controls Fellowship here.

Kiron Wins TGIF Bridge Building Competition 3.13.2015
Lab member Kiron Lebeck and his group won this week's department TGIF competition, building the strongest gumdrop-and-toothpick bridge. These photos document the final collapse of the bridge.

Franzi Roesner Speaks at Pacific Science Center's Teen Science Cafe 3.11.2015
UW CSE Security Lab co-director Franzi Roesner spoke about the "security mindset" and about the privacy concerns associated with third-party web tracking at the Pacific Science Center's March Teen Science Cafe. Thanks to all of the attendees for their smart and insightful questions!
Anna Shares TGIF Chess Title; Kiron Swiftly Beats Yoshi 2.21.2015
Last night was the UW CSE TGIF Chess Competition. Lab member Anna Kornfeld Simpson tied for the grand prize, out of 16 total competitors. It was quite an amazing, intense competition. Lab member Kiron Lebeck also swiftly annihilated one of his advisors, Yoshi Kohno, as can be seen on the right. Yoshi's in check mate, but neither side lost any pieces in the battle. Immediately after his victory, lab member Tope Oluwafemi called Kiron to discuss research, as can also be seen in the photo.

Yoshi Kohno Awarded Endowed Professorship 2.15.2015
UW CSE Security Lab co-director Yoshi Kohno has been awarded the Short-Dooley endowed professorship. See the full announcement here. Congratulations Yoshi!
Catch 60 Minutes this Sunday to see UW CSE Cybersecurity Research in Action! 2.6.2015
Get a sneak peek at this Sunday’s 60 Minutes episode in which UW CSE researchers remotely compromise a car driven by Leslie Stahl, part of a segment examining cybersecurity threats and the Internet of Things. (See a photo of the set-up at right.)

During the segment featured in the CBS preview, the head of DARPA’s Information Innovation Office, Dan Kaufman, DARPA Program Manager Kathleen Fisher, and UW Ph.D. alum Karl Koscher demonstrate how hackers can control various functions of a motor vehicle. The demo is based on research conducted by a team from UW CSE (Alexei Czeskis, Yoshi Kohno, Karl Koscher and Franzi Roesner) and colleagues at the University of California, San Diego.

Get a sneak peek at the 60 Minutes episode in the CBS preview here – the preview is all UW CSE, all the time!

Read more about the automotive security collaboration between UW CSE and UCSD here.

Tune into your local CBS affiliate Sunday, February 8th at 7:00 pm to catch the full segment!

Congratulations Tope! 2.6.2015
Congratulations Temitope Oluwafemi! Tope passed his PhD General Exam today. Next step: His PhD Final Defense. Congrats Tope!
Lab Featured in U.S. Congressional Testimony 1.28.2015
National Science Foundation Assistant Director for CISE, Jim Kurose, testified to the House Science & Technology Subcommittee yesterday about cybersecurity. The report cites the UW CSE Security and Privacy lab efforts on computer security for automobiles and medical devices. Read the testimony here
FTC Report Cites Security Lab Work 1.27.2015
The US Federal Trade Commission -- like the UW CSE Security and Privacy Lab -- is interested in the Internet of Things. The FTC just released a report, titled "Internet of Things: Privacy and Security in a Connected World", that discusses UW CSE Security and Privacy research and quotes lab member Yoshi Kohno.
Franzi Wins the UW CSE Dissertation Award 1.1.2015
The UW CSE Security and Privacy Lab's co-director, Professor Franzi Roesner, was honored with the UW CSE William Chan Memorial Dissertation Award. Congratulations Franzi! Very well deserved!
Yoshi Joins the National Academies Forum on Cyber Resilience 12.23.2014
The Forum on Cyber Resilience is a newly-established National Academies roundtable. Professor Yoshi Kohno, UW CSE Security and Privacy lab co-director, joins as an inaugural member. The Forum on Cyber Resilience will facilitate and enhance the exchange of ideas among scientists, practitioners, and policy makers concerned with urgent and important issues related to the resilience of the nation's computing and communications systems, including the Internet, other critical infrastructures, and commercial system.
UW CSE Open House for Middle and High School Students 12.6.2014
On Saturday December 6, more than 450 middle school and high school students and their families visited UW CSE for the annual UW Computing Open House, kicking off Computer Science Education Week.

Security and Privacy Lab PhD students Anna Kornfeld Simpson, Paul Vines, and Peter Ney hosted a session on computer security. Their room was filled with interested students! Thanks Anna, Paul, and Peter for helping inspire the next generation of computer scientists!

Happy Holidays! 12.5.2014
Today was the departmental holiday party. Security and Privacy lab PhD student Paul Vines asked Dr. CSE how to interpret his advisor's use of the word "interesting." We all found that to be a very interesting question. This slide gives Dr. CSE's guidelines for "How to Interpret Professorese".

The faculty and student skits were awesome, as always.

Microsoft CTO Satya Nadella visits UW CSE 11.25.2014
Microsoft CEO Satya Nadella spent 90 minutes in UW CSE this morning. He discussed research and departmental trajectories with faculty and students, including with Security and Privacy lab professor Franzi Roesner.
Master Paul Vines 11.21.2014
UW CSE Security and Privacy PhD student Paul Vines defended his quals project today, the key research milestone for receiving his Masters degree in Computer Science & Engineering. Great job Paul!
Tope Oluwafemi's invited article in The Conversation 11.18.2014
UW Security and Privacy lab researcher Temitope Oluwafemi publishes an invited article in The Conversation about computer security and the Internet of Things.

Check out the article here:

Ian Smith, interviewed regarding cell site simulators 11.15.2014
In an article entitled, "Tacoma Police Change How They Seek Permission to Use Cellphone Tracker," The News Tribune quotes UW CSE's Ian Smith. Quoting from the article:

"Ian Smith is a security researcher in the University of Washington Computer Science & Engineering Security and Privacy Lab and has studied cell site simulators and similar devices.

"... Cellphone companies have the ability to access that kind of information now, Smith said. Cell site simulators give that capability to anyone who knows how to use them, including the police, he said."

Read more here:

Introducing Dr. Karl Koscher 8.22.2014
Congratulations Dr. Karl Koscher for a very successful final defense! UCSD is very fortunate to be having you join their team!
UW CSE Professor Yoshi Kohno runs Session 1 of the Stanford Cybersecurity Bootcamp for the U.S. Congress 8.18.2014
UW CSE Professor Yoshi Kohno was invited to run Session 1 at the Stanford Cybersecurity Bootcamp for U.S. Congressional Staffers. The session focused on threat modeling and developing the security mindset.
Franzi's ShareMeNot incorporated into the EFF Privacy Badger 7.21.2014
The EFF just released a new online privacy tool, called Privacy Badger, to help protect against third-party tracking on the web.

The EFF worked with Franzi Roesner to integrate her ShareMeNot functionality into Privacy Badger. Privacy Badger uses the ShareMeNot techniques to handle social media widgets.

To quote from the EFF Press Release: "EFF wishes to thank Professor Franziska Roesner at the University of Washington for exceptional work in enhancing Privacy Badger's widget-handling algorithms."

Security Lab's Karl Koscher featured on German TV 7.19.2014
UW CSE Security Lab's Karl Koscher is featured on German TV. See Karl's interview starting around minute 6. Great job Karl! The video also includes clips of UW CSE Security Lab members and alumni Alexei Czeskis, Tadayoshi Kohno, and Franzi Roesner. Read more about the UW CSE automotive security effort, in collaboration with UCSD, here.
Prof. Roxana Geambasu wins Microsoft Research Faculty Fellowship 6.24.2014
Congratulations to Roxana Geambasu for winning a highly coveted Microsoft Research Faculty Fellowship!! This is a very high honor! Roxana is a Columbia University professor and past UW CSE PhD student. To quote from the Microsoft web page: "Each year since 2005, Microsoft Research has recognized innovative, promising new faculty members from a number of research institutions to join the ranks of Microsoft Research Faculty Fellows." And: "We are pleased to announce the 2014 Faculty Fellows, seven young professors from the following five regions: Latin America and the Caribbean; Europe, the Middle East, and Africa; the United States and Canada; Australia and New Zealand; and Korea, Hong Kong, Taiwan, and Singapore." Congratulations Roxana!
Graduation 2014!6.15.2014
Congratulations to Franzi, Karl, and Tammy for walking today as part of your PhD graduations! We are very proud of all the UW CSE graduates!
Introducing Prof. Dr. Tamara Denning 6.14.2014
Congratulations Prof. Dr. Tamara Denning for a very successful final defense!
Introducing Prof. Dr. Franzi Roesner 6.14.2014
Congratulations Prof. Dr. Franzi Roesner for a very successful final defense!
Introducing Dr. Miro Enev 5.27.2014
Congratulations to Dr. Miro Enev for a very successful final defense!
Prof. Tamara Denning to join Utah School of Computing faculty 5.18.2014
Congratulations to Prof. Tamara Denning! Prof. Denning will be joining the University of Utah's School of Computing as a tenure-track Assistant Professor. Congratulations to the University of Utah too, which is very fortunate to be getting Prof. Denning! Prof. Denning has done some amazing and visionary work in the field of computer security and human-computer interaction. She is scheduled to receive her PhD from the University of Washington in June.
Prof. Franzi Roesner to join UW CSE faculty 5.1.2014
We are very excited to say that Franzi Roesner has accepted a tenure-track faculty position within the University of Washington Computer Science and Engineering Department! UW was very fortunate to get Prof. Roesner, as she had numerous other very attractive offers. Prof. Roesner will bring huge strengths and a new, permanent perspective to the UW CSE computer security and privacy efforts. We are all very excited about this! And congratulations to Prof. Roesner too!
Alisha Saxena to represent Central Puget Sound at 2014 Intel International Science & Engineering Fair 4.14.2014
Alisha Saxena, a senior from Interlake High School, was named the First Runner-Up in the 2014 Central Sound Regional Science & Engineering Fair. Alisha’s project, "Analyzing and Preventing Quick Response Code Based Malware and Phishing Attacks for Smartphones," was conducted in UW CSE's Security and Privacy Research Laboratory, where she has been mentored by Ph.D. student Franzi Roesner and professor Yoshi Kohno.

In addition to being named First Runner-Up, Alisha also won first place in the Computer Science category and the Intel Excellence in Computer Science award. We reported in December on Alisha’s recognition as a Winner in the 2014 National NCWIT Award for Aspirations in Computing.

Alisha and the Grand Champion – Meera Srinivasan, a junior at Interlake High School – will receive an all-expense-paid trip to represent the Central Puget Sound region at the 2014 Intel International Science & Engineering Fair in Los Angeles this May.

Congratulations, Alisha!

Roxana Geambasu wins NSF CAREER Award 3.10.2014
Congratulations to Columbia University professor (and UW CSE PhD alum) Roxana Geambasu for winning the prestigious U.S. National Science Foundation CAREER Award! To quote the NSF web page, the CAREER award is "the National Science Foundation's most prestigious awards in support of junior faculty who exemplify the role of teacher-scholars through outstanding research, excellent education and the integration of education and research within the context of the mission of their organizations. Such activities should build a firm foundation for a lifetime of leadership in integrating education and research." Congratulations Roxana!
Franzi Roesner's Snapchat paper well received at Financial Crypto 3.3.2014
UW CSE PhD student Franzi Roesner gave a great talk today at Financial Crypto 2014. The talk focused on her work analyzing the usage of Snapchat. (More info in her paper,
Alisha Saxena recognized in 2014 National NCWIT Award for Aspirations in Computing competition 12.15.13
Congratulations to Alisha Saxena of Bellevue's Interlake High School, who has been named a Winner in the 2014 National NCWIT Award for Aspirations in Computing.

Alisha, a hugely accomplished student who is a National Merit Semifinalist, is conducting research in UW CSE's Security and Privacy Research Laboratory, where she is being mentored by Franzi Roesner and Yoshi Kohno.

UW CSE Security Lab at the FTC Internet of Things Workshop 11.19.2013
As a lab, we are very excited about the FTC's Internet of Things workshop, which is going on today. The focus of the workshop is on security and privacy, and the four panels are on: the smart home, connected health and fitness, connected cars, and privacy and security -- topics that we have been working on at UW for years now.

In his opening remarks, Keith Marzullo from the NSF included a slide on exemplar security and privacy projects for cyber-physical systems. The slide listed five example projects, three of which come from the UW CSE Security and Privacy Research Lab. Keith discussed UW's work on analyzing the security and privacy properties of wireless implantable medical devices and, in particular, he cited our Oakland 2008 paper (in collaboration with UMass and BIDMC). He then went on to cite our experimental security analyses of a modern car, which appeared at Oakland 2010 and USENIX Security 2011 (in collaboration with UCSD). And, finally, he discussed the lab's collaborative work with Howard Jay Chizeck (UW EE department) on secure telerobotics.

Tamara Denning presents Control-Alt-Hack at ACM CCS 2013 11.7.2013
Congratulations to Tammy Denning for a great talk at ACM CCS 2013, where she presented her paper "Control-Alt-Hack: The Design and Evaluation of a Card Game for Computer Security Awareness and Education." Elements of the game drew from some of Tammy's other projects, e.g., her research on medical device security and computer security for devices in the home. (More info on Tammy's web page, .)
UW CSE Ph.D. alum Roxana Geambasu is runner-up for inaugural SIGOPS Dennis M. Ritchie Doctoral Dissertation Award 11.5.2013
The Dennis M. Ritchie Doctoral Dissertation Award was created by the computer systems research community in 2013 to recognize research in software systems and to encourage the creativity that Dennis Ritchie embodied, providing a reminder of Ritchie's legacy and what a difference one person can make in the field of software systems research.

At the ACM Symposium on Operating Systems Principles today, UW CSE Ph.D. alumna Roxana Geambasu, a professor in the Computer Science Department at Columbia University, was recognized as runner-up in the inaugural Ritchie Award competition.

Roxana received her PhD from UW CSE in 2011.

Franzi Roesner at "Rising Stars" 11.4.2013
Congratulations to Franzi Roesner for giving the opening talk at MIT's invitation-only "Rising Stars in EECS" conference:

Franzi focused her presentation on her systematic evaluation of the web tracking ecosystem, but she also briefly touched on some of her other areas of computer security research, including: automotive computer security, permission granting in modern operating systems, secure embedded UIs, and security and privacy for augmented reality systems. Franzi's web page is here:

Home Automation Security -- and Light Bulbs! 10.22.2013
Last week Temitope Oluwafemi presented his work on analyzing the security of an unlikely target -- the CFL light bulbs attached to home automation systems. The light bulbs were not designed for network connectivity. But, by connecting them to home automation-controlled dimmers, they can become reachable by unauthorized parties. The paper answers questions about the possibility to remotely compromise light bulbs, cause fires, seizures and other physical injuries. Fortunately, no fires were started, but we did pop/char some bulbs. It is available here: (This work was also with Sidhant Gupta, Shwetak Patel, and Tadayoshi Kohno, and appeared at the Learning from Authoritative Security Experiment Results (LASER) workshop.)
Launching the Companion "Tech Policy Lab" 9.12.2013
The UW Tech Policy Lab is a unique, interdisciplinary collaboration that aims to enhance technology policy through research, education, and thought leadership. The new venture -- enabled by a founding gift of $1.7 million from Microsoft -- brings together experts from the University's School of Law, Information School, and Computer Science and Engineering.

The Tech Policy Lab was launched Thursday evening at an event keynoted by University of Washington President Michael Young, Microsoft Executive Vice President and General Counsel Brad Smith, and Microsoft Corporate Vice President and Head of Microsoft Research Peter Lee, plus the three UW co-directors of the Lab: Ryan Calo from the School of Law, Batya Friedman from the Information School, and Yoshi Kohno from Computer Science and Engineering.

Learn more about the Tech Policy Lab here. See photographs of the launch event here. Read a Seattle Times article here.

Introducing Dr. Czeskis 8.19.2013
Congratulations to Dr. Alexei Czeskis! Dr. Czeskis defended his PhD thesis, titled "Practical, Usable, and Secure Authentication and Authorization on the Web", today. Google is very fortunate to have Dr. Czeskis join their team!
Franzi Roesner presents LayerCake to a packed room 8.14.2013
UW CSE Security Lab member Franzi Roesner presented LayerCake today to a packed room at USENIX Security 2013. In the photo, everyone is paying attention and fully engaged 20 minutes into the talk! LayerCake is a modified version of Android that supports secure UI embedding. Franzi brought some LayerCake phones with her, and lots of people also joined her for a demo after the talk. The source code for LayerCake is available.
Four PhD Candidates to Graduate in 2013-2014 8.13.2013
The UW CSE Security Lab is looking forward to the 2013-2014 academic year! Security Lab members Tamara Denning, Miro Enev, Karl Koscher, and Franzi Roesner (alphabetically) are scheduled to graduate with their PhDs this academic year. They will join the list of lab alumni, which includes Roxana Geambasu, now a professor at Columbia University in New York, and Alexei Czeskis, who will defend next week and join Google's world-class security team in Mountain View.

Tammy's interests are in the human aspects of computer security and privacy, with a focus on emerging technologies; past areas of work include security for implantable medical devices, the security of consumer technologies in the home, and security awareness and education. Her web page:

Miro works on applying machine learning methods to quantitatively understand and defend against privacy and security risks in emerging technologies, with a focus on smart sensor environments. His web page:

Karl works on securing embedded systems through evaluating existing systems (such as automobiles) and developing new tools and techniques to help secure these systems. His web page:

Franzi's work has focused on security and privacy issues in the domains of third-party web tracking, permission granting in modern operating systems (such as smartphones), secure embedded user interfaces, and most recently, emerging augmented reality platforms. Her web page:

Senator Murray visits the UW CSE Security Lab 8.6.13
U.S. Senator Patty Murray visited UW CSE today for a discussion of cybersecurity issues with professors Yoshi Kohno and Ed Lazowska. Following the briefing, graduate students Karl Koscher, Franzi Roesner, and Alexei Czeskis demonstrated the security vulnerabilities of modern automobiles by controlling all aspects of a recent-model sedan from an Internet-connected laptop by exploiting vulnerabilities in the car's telematics unit.
UW Security Lab releases LayerCake, a modified version of Android 7.26.2013
UW Security Lab's Franzi Roesner just released LayerCake, a modified version of Android that supports secure application embedding. Learn about LayerCake on the LayerCake web page, The paper behind this work will appear at USENIX Security 2013.
PhD Hooding of Security Lab's Alexei Czeskis 6.15.2013
Congratulations to Alexei Czeskis! His advisor, Yoshi Kohno, hooded him at today's UW CSE graduation ceremony. Alexei is scheduled to defend his PhD disseration on August 19, 2013.
Shift - Leben in der digitalen Welt 6.10.13
UW CSE Security Lab member Franzi Roesner stars in another German TV show about automobile security. See the video here, around 2:15 and again around 4:00.
Security Lab research presented at Sunday's "Cool Jobs" panel at the Seattle Science Festival 6.7.2013
The 2013 Seattle Science Festival is the region's only large-scale, community-wide celebration of science and technology. It brings hands-on exhibits, shows, demonstrations and performances to venues throughout the Pacific Northwest. All events provide experiences that educate, engage and inspire an interest in science and technology and stimulate imagination and innovation. The festival runs June 6-16, 2013.

SSF features a "cool jobs" series where attendees can learn, first-hand, from successful and dynamic professionals in some of the most promising fields in science and technology. CSE's Oren Etzioni, Yoshi Kohno (Security Lab), and Helene Martin will join's Hadi Partovi in a panel that highlights the opportunities in computer science: this Sunday, June 9th, from 7:00 to 9:00 pm, at the Seattle Public Library (Central Library) in the Microsoft Auditorium. (The event is free, but registration is required.)

Additional information here.

UW wins Pacific Rim Collegiate Cyber Defense Competition for 6th consecutive year! 3.26.2013
For the sixth year in a row, the University of Washington has won the Pacific Rim Collegiate Cyber Defense Competition. Next month the team will head to San Antonio in an attempt to win their third consecutive National Collegiate Cyber Defense Competition crown.
Control-Alt-Hack appears at's internal security conference 3.17.2013
Amazonians got an opportunity to play Control-Alt-Hack after a day of internal training. Control-Alt-Hack is a computer security-themed card game that is designed to be both fun and educational.
UW wins Hawaiian "Big Splash" Cyber Defense Competition 3.11.2013

Batman's Kitchen, an interdisciplinary team involving students from CSE, the iSchool, EE, and pre-engineering, won the Hawaiian "Big Splash" Cyber Defense Competition held 8-10 March 2013. See the UW CSE News site for more information.

UW Security Lab's Yoshi Kohno profiled in Columns 3.7.2013
CSE professor Yoshi Kohno is profiled in the March issue of Columns, UW's alumni magazine.

"Kohno's experiments are the stuff of science fiction movies: using a kid's Erector Set to spy on its owner, tracking a runner using his mileage monitor or even hackers taking over a car while it's driving and forcing it to brake to a stop. The only difference between Hollywood make-believe and reality is that this white hat hacker doesn't need special effects to make them reality."

Read the full article here.

Insecurity of the ORCA regional transit not-so-smart card 2.13.2013

Since its inception, UW CSE researchers have raised concerns regarding the security and privacy aspects of Seattle's ORCA ("One Regional Card for All") regional transit smartcard.

Now "there's an app for that" -- FareBot, which enables any NFC-equipped Android phone to extract the data from ORCA (and similar transit smartcards in San Francisco, Singapore, and Japan).

FareBot, created by Seattle software developer Eric Butler, builds upon work by UW CSE's Karl Koscher.

Crosscut reports on the app today in two articles.

"The Geeks Who Cracked the ORCA Card" ; "Smart card: What your ORCA never forgets" ; FareBot

Wenn Automation zum Risiko wird 1.22.2013
Listen to Security Lab member Franzi Roesner discuss automotive computer security on a German radio station here (between 12:10 and 15:50). Franzi and colleagues at UW and UCSD experimentally discovered exploitable security vulnerabilities in a modern automobile.
SensorSift: Balancing Privacy and Utility in Sensor Data 1.14.2013
The rapid growth of sensors and algorithmic reasoning are creating an important challenge to find balance between user privacy and functionality in smart applications. To address this problem Miro Enev and collaborators have developed a quantitative framework called SensorSift which we recently published and have now made available as open source!

At the heart of our contribution is an algorithm which transforms raw sensor data into a 'sifted' representation which minimizes exposure of user defined private attributes while maximally exposing application-requested public attributes. We envision multiple applications using the same platform, and requesting access to public attributes explicitly not known at the time of the platform creation. Support for future-defined public attributes, while still preserving the defined privacy of the private attributes, is a central challenge that we tackle.

Control-Alt-Hack appears at a National Science Foundation meeting 1.10.2013
Security Lab's Tammy Denning presented a keynote talk and lead a play session of Control-Alt-Hack at an NSF meeting. Thanks Zachary Peterson for the photo! Control-Alt-Hack is a computer security-themed card game that is designed to be both fun and educational.
HUFFPOST TV: "'Homeland': Brody Helps Nazir Kill Someone; Producers Talk Shocking Exit And What's Next" 12.12.2012

Season 2, Episode 10 of Showtime's "Homeland," titled "Broken Hearts," was inspired by the Security Lab's research on the computer security properties of modern pacemakers and defibrillators.

Read all about it here.

GeekWire's Gift Guide: 13 great geeky gifts from Seattle 12.12.2012
GeekWire picked the UW CSE Security Lab's Control-Alt-Hack card game as one of "13 great local gifts for geeks". Read the article here.
Auto-Elektronik: Wie Hacker manipulieren konnen 12.6.2012
Security Lab's Franzi Roesner discusses automotive computer security on a German TV show. The segment starts around minute 5:20 of this video.
UW CSE Security Lab releases the "Control-Alt-Hack" card game 12.3.2012
Control-Alt-Hack is a computer security-themed card game designed to be entertaining, give a glimpse into white hat hacking, and highlight some of the more surprising aspects of computer security. It targets kids age 14 and up. It's fun, and also educational / awareness-building.

Read the UW C4C press release here.

Alexei and Franzi win People's Choice Awards at the UW CSE Industry Affiliates Meeting 10.24.2012
Congratulations to Alexei Czeskis and Franzi Roesner for winning the People's Choice Awards at the annual UW CSE Industry Affiliates Meeting! Alexei presented a poster titled "Origin-Bound Certificates: A Fresh Approach to Strong Client Authentication for the Web". Franzi presented a poster titled "User Interface Toolkit Mechanisms for Securing Interface Elements".
Security Lab's Tamara Denning hosts Cory Doctorow for a Q&A visit 10.23.2012
UW CSE Security Lab member Tamara Denning hosts science fiction author, activist, journalist and blogger Cory Doctorow for a technically-flavored Q&A session.
UW CSE Security Lab's Yoshi Kohno joins Neal Stephenson for a discussion of REAMDE 10.18.2012
UW CSE Security Lab's Yoshi Kohno joins author Neal Stephenson, Bethan Cantrell, and Greg Lastowka at the UW School of Law for a discussion of Stephenson's latest book, REAMDE. The discussion was moderated by Ryan Calo. Watch a video of the discussion here.
UW CSE's security lab featured on David Pogue's PBS NOVA Science NOW 10.17.2012

David Pogue’s PBS NOVA Science NOW featured the work of UW CSE Security and Privacy Research Lab as the final segment of the episode “Can Science Stop Crime?”

Those featured include UW CSE faculty member Yoshi Kohno, UW CSE Ph.D. alum Dan Halperin, and UW CSE Ph.D. students Karl Koscher, Franzi Roesner, Alexei “Crash” Czeskis – and the work of these and others.

Watch this 12-minute PBS NOVA Science NOW segment!

Watch Can Science Stop Crime? on PBS. See more from NOVA scienceNOW.

UW CSE's Yoshi Kohno (and really the whole Security Lab) to be featured Wednesday on PBS TV NOVA scienceNOW 10.13.2012
The Seattle Times describes this Wednesday’s PBS TV NOVA scienceNOW:

“For most people, computer security means just that: Keeping viruses off your desktop or laptop, your PC or your Mac.

“But when Tadayoshi Kohno thinks of computers and security, he thinks about the vulnerabilities inherent in a whole range of devices that are increasingly connected wirelessly to the Internet, to cellphones or to each other.

“A computer scientist at the University of Washington, Kohno has proved that you can hack and take over the circuitry of a pacemaker, an implantable defibrillator, a child’s toy, a mileage-tracking device for runners, and -- perhaps most chilling of all -- a car.

“Kohno, 34, is so good at what he does that government regulators and manufacturers habitually beat a path to his door, in the UW’s computer science and engineering department, where he is an associate professor.

“Kohno will be featured Wednesday on PBS’s NOVA scienceNOW, in an episode that examines whether science can help solve crime.”

Read more here. Watch NOVA scienceNOW on PBS TV on Wednesday (in Seattle, 10 p.m. on KCTS-9)!

Security Lab's Alexei Czeskis interviewed about White House network breach 10.9.2012
Alexei Czeskis, a Ph.D. student in UW CSE’s Security and Privacy Research Lab, is interviewed by The Voice of Russia – American Edition.

“After news surfaced over the weekend that a U.S. government computer network was breached by hackers, computer security experts have weighed on the situation, calling it ‘a game between defenders and attackers.’ …

“Host Jessica Jordan spoke with Alexei Czeskis, a Ph.D. candidate in the Security and Privacy Research Lab at the University of Washington, to learn more about the hacking and computer security.”

Listen to the interview here.

Security Lab's Tamara Denning wins 2012 Intel Ph.D. Fellowship 10.1.2012
UW CSE Ph.D. student Tamara Denning, who works with professor Yoshi Kohno in UW’s Security and Privacy Research Lab, has been named on of 18 recipients of 2012 Intel Ph.D. Fellowships. Tamara was one of 3 of the 18 to win special recognition of her research at a technical poster session for all of the awardees.

Meet Tamara and the other 2012 Intel Ph.D. Fellowship winners here. Learn about Tamara’s work here.

"The vulnerability of high-tech cars" 8.22.2012
American Public Media writes:

“Any computer hooked up to the Internet is a potential victim of malicious hackers.

“Of course, it’s one thing to be hacked on a desktop PC, it’s quite another to be hacked in your car, traveling at 70 miles an hour, with a computer that controls your brakes and steering.

“Yoshi Kohno is part of a research team studying car computer security at the University of Washington. He says don’t freak out. Yet. ‘Right now, my grad students are the only people who are likely to hack your car.’”

Middle school girls visit UW CSE 7.7.2012
On Friday June 29, a group of middle school girls spent the morning in UW CSE, followed by an afternoon visit to In UW CSE, the students were hosted by Crystal Eney, Caitlin Harding, and Victoria Wagner, and participated in activities including “Computer Science Unplugged” (Allison Obourn), sustainability sensing (Eric Larson), and computer security (Karl Koscher).

The girls were participating in G2CS – Girls Gather for Computer Science – a 4-week summer program.

Security Lab's Alexei Czeskis on American Public Media's "Marketplace" 6.8.2012
UW CSE Ph.D. student Alexei Czeskis was interviewed on American Public Media’s “Marketplace” concerning a program in San Antonio to track students within their high schools using RFID.

Alexei Czeskis studies RFID privacy issues at the University of Washington’s Security and Privacy Research Lab. He says it’s hard to predict the consequences of collecting all this data on our children.

“‘We don’t know what it could be used for in the future,’ he says, ‘and that could be something good or it could be something really bad. For example, maybe it’s foreseeable that when these students apply to college for admission, colleges might be able to request this type of data. Those kinds of things could have implications for students further on in their lives.’”

Listen to the story here.

Moog Google doodle hack by CSE Security Lab's Karl Koscher 5.25.2012

TNW reports:

“Earlier in the week we reported on the pretty epic interactive Google doodle that was an homage to Dr Robert Moog. The super cool landing page allowed visitors to mess around with a virtual Moog synthesizer and then share their noisy creation with others as an application recorded and played back the sounds (On a virtual reel-to-reel no less!)

“One smart engineer is all it takes to push a project further of course. Karl Koscher is a Ph.D. student studying computer security at the University of Washington, and he told TNW …”

Read the post and try it out here.

Security Lab's Franzi Roesner wins "Best Practical Paper" award at IEEE Symposium on Security and Privacy 5.23.2012
UW CSE Security Lab Ph.D. student Franzi Roesner has been recognized with the “Best Practical Paper” award at the IEEE Symposium on Security and Privacy. The paper, “User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems,” was co-authored with UW CSE professor Yoshi Kohno, UW CSE Ph.D. alumnus and Microsoft Research staff member Alex Moshchuk, Microsoft Research staff members Bryan Parno and Helen Wang, and Microsoft staff member Crispin Cowan.

Congratulations to Franzi and her co-authors!

UW CSE repeats as National Collegiate Cyber Defense Competition Champs! 4.22.2012
UW CSE has just won the 2012 National Collegiate Cyber Defense Competition, repeating 2011's performance.

Team members Mick Ayzenberg, Henry Baba-Weiss, Ian Finder, Karl Koscher, Landon Meernik, Miles Sackler, Cullen Walsh, and Lars Zornes -- coached by Jake Appelbaum and advised by Melody Kadenko -- qualified for the National competition by winning the Pacific Rim Regionals last month. Hearty congratulations to these folks, and also to Barbara Endicott-Popovsky of UW's iSchool for encouraging a UW-wide focus on cybersecurity.

See an excellent UW News article here. See a Seattle Times article previewing the competition here. Wall Street Journal MarketWatch article on the competition here. Seattle Times article on the competition here. Other press, out the wazoo: Sacramento Bee; PR Newswire; Infosec Island; Sys-Con Media; KHQ Spokane; KFVS Eklville; KYTX Tylor Longview; splunk.

"UW cyber stars defending their title" 4.21.2012
The Seattle Times previews the National Collegiate Cyber Defense Competition:

"Somewhere in Texas right now, 30 hackers known as the Red Team are attacking a computer network called Go Mommy, using every trick to try to bring it to its knees.

"Among the defenders: Eight computer-science students from the University of Washington, working to repel the attack -- quite possibly while humming the 'Angry Birds' theme song.

"This is the world of college cybersecurity competitions, where a dose of black humor underscores an atmosphere of extreme suspicion, and the hackers dish out clever pop-culture references while trying to break the student networks with a bag of dirty tricks.

"The UW team is one of the best in the country. It's one of 10 teams competing in the National Collegiate Cyber Defense Competition in San Antonio this weekend as the defending champs, having won the competition for the first time last year."

Read more here.

UW rocks at the Fifth Annual Pacific Rim Regional Collegiate Cyber Defense Competition 3.25.2012
Last year, UW surprised itself by winning the National Collegiate Cyber Defense Competition. It is perhaps not so surprising, then, that the UW team -- composed entirely of CSE students -- rocked at this weekend's Fifth Annual Pacific Rim Regional Collegiate Cyber Defense Competition, winning a return ticket to the nationals. UW's score exceeded the combined scores of the second, third, and fourth place teams.

Congratulations to team members Mick Ayzenberg, Henry Baba-Weiss, Ian Finder, Karl Koscher, Landon Meernik, Cullen Walsh, Lars Zornes, Miro Enev (grad alternate), Max Sherman (undergrad alternate), Miles Sackler (Team Captain), Melody Kadenko (Team Advisor), and Jake Appelbaum (Team Co-Advisor).

Team Advisor Melody Kadenko says: "I am SO PROUD of them!!! Further, it proves that it's not necessarily our team training and practice that can account for so many wins (since we don't do much of that). It's the CSE curriculum that teaches our students how to analyze, find solutions, think abstractly. The only thing left to teach during training/practice is how to not have a meltdown when something goes horribly wrong, and how to keep the profanity to a minimum when judges are present."

Go team!

Security Lab's Franzi Roesner wins Microsoft Research Ph.D. Fellowship 1.25.2012
Franzi Roesner is one of the twelve winners (from 198 nominees) of this year's Microsoft Research Ph.D. Fellowship competition.

Franzi is a UW CSE Ph.D. student working with Yoshi Kohno in the areas of security, privacy, and systems. She was an undergraduate at UT Austin.

Congratulations Franzi!

Security Lab's Alexei Czeskis on The Voice of Russia: "Chinese hack into US Chamber of Commerce" 12.29.2011
"The break-in is one of the boldest known infiltrations in what has become a regular confrontation between US companies and Chinese hackers.

"Bradley Shear, George Washington University professor and Attorney At Law with the Law Office of Bradley S. Shear, LLC, Alexei Czeskis, Security and Privacy Research Lab with the Department of Computer Science & Engineering at the University of Washington, and Paul Rosenweig, Principal with Red Branch Consulting and a visiting fellow at Heritage, talk about this complex operation, which involved at least 300 internet addresses."

Listen to the story here.

Security Lab's Yoshi Kohno on American Public Media: "Could that new toy robot be hacked?" 12.29.2011
"Look, I'm not trying to freak you out here. Well, OK, maybe a little. But think about it: We have computers all over the place. Your laptop or desktop PC; maybe you have a tablet too, maybe a smartphone. And it doesn't stop there. Your car might be computerized, your kitchen, the toys your kids got for Christmas. If any of those computers are connected to any kind of network, there exists an issue of security ...

"Yoshi Kohno is an associate professor of computer science and engineering at the University of Washington. He and his team figured out how to break into a car's internal, computer network. They were able to control the brakes and turn the car on and off. They also fiddled around with a commercially available toy robot. 'One of the things we found is that as soon as we turned this toy robot on, it advertises a wireless ad hoc network that anyone can connect to,' Kohno says ...

"Kohno's team has been looking into something far more serious than a toy robot: implanted medical devices. 'We found that a person using their own equipment could wirelessly communicate with a pacemaker or defibrillator and change its settings, turn on and off therapies, and in fact make it issue a large shock,' he says."

Listen to the full story here.

Jeff Bezos @ UW CSE 12.18.2011
Jeff Bezos spent several hours in UW CSE labs on December 16 -- discussing ubiquitous computing and sensing with Shwetak Patel and students; the future of search with Oren Etzioni; and the security of computer-controlled personal devices (such as automobiles) with Yoshi Kohno and students; as well as discussing future directions for the computer science field with Ed Lazowska and Hank Levy.
What's on TV? Find Out From the Powerline 10.24.2011
Recently, Miro Enev traveled to CCS 2011 to present his work with Sidhant Gupta on uncovering the depth of information leakage available on the modern powerline. The paper suggests that it is possible to tell what someone is watching on a TV by collecting a short period of unintentionally generated electromagnetic interference (EMI) from any wall socket in a home (not just the socket connected to the TV). This research was based on in-lab and in-home experiments with 8 TVs ranging in size, technology, and manufacturer, and a dataset of 20 movies plus over-the-air broadcasts. Miro and Sidhant also demonstrated the ability to train a neural network to predict the EMI of a television without need for physical access to the device. Full details in the paper. UW faculty members Shwetak Patel and Tadayoshi Kohno were also involved.
Franzi Roesner Wins the Madrona Prize Runner Up Award for ShareMeNot 10.19.2011
Earlier this year UW CSE security researcher Franzi Roesner released ShareMeNot -- a Firefox plugin designed to help users avoid unwanted tracking by third party social media buttons on the Web while still allowing the user to use those buttons when they wish. ShareMeNot handles the Facebook Like button, the Google +1 button, and others.

Last night Franzi presented a poster of her work at the annual UW CSE Industrial Affiliates meeting. The Madrona Venture Group was extremely impressed by Franzi's work and awarded her the Madrona Prize Runner Up Award. Congratulations Franzi!

UW's Karl Koscher to co-Keynote WESS 10.13.2011
UW CSE's Karl Koscher is headed to Taiwan to give the opening talk at the 6th Workshop on Embedded Systems Security (WESS 2011) along with UCSD PhD student (and UW undergraduate alumnus) Steve Checkoway. Karl and Steve will be presenting their recent research results on automotive computer security, co-authored with UW's Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Yoshi Kohno and UCSD's Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage. You can read about their research at
A Pwning Shirt 9.16.2011
Members of the UW Security and Privacy Lab surprised Yoshi with his new, most favorite shirt ever! Thank you Alexei, Franzi, Karl, Miro, and Tammy!
Combating Search-Result Poisoning at Usenix Security 2011 8.14.2011
The paper titled deSEO: Combating Search-Result Poisoning was published last week at Usenix Security 2011. It describes how malware and viruses are spread through the poisoning of popular search keywords, and develops tools to help search engines fight the problem.

The paper was authored by John P. John and Arvind Krishnamurthy from UW, in collaboration with researchers at MSR, Silicon Valley.

The Security Lab is Now on Twitter 8.13.2011
The UW Security and Privacy Lab is now on Twitter. Follow us at!/uw_cse_seclab.
Comprehensive Experimental Analyses of Automotive Attack Surfaces at Usenix Security 2011 8.10.2011
The UW-UCSD collaborative project on automotive security has just published their second paper entitled "Comprehensive Experimental Analyses of Automotive Attack Surfaces" at Usenix Security 2011. The results in this paper were previously presented before a National Academy of Sciences committee on automotive safety (3.13.2011).

On the UW side, this effort was led by Karl Koscher, Alexei Czeskis, and Franziska Roesner (along with faculty member Yoshi Kohno). On the UCSD side, this effort was led by Stephen Checkoway, Damon McCoy, Brian Kantor, and Danny Anderson (along with faculty members Hovav Shacham and Stefan Savage).

A video of the Usenix Security talk is online here.

UW Security and Privacy Research Lab Members Wear Their Waivers on Their Backs 8.5.2011
In order to look their best at Defcon and Usenix Security, members of the UW CSE Security and Privacy Research Lab equipped themselves with t-shirts displaying the text of the waiver they were required to sign before testing their "analyzed automobile" on the runway at Blaine Airport.

We can confirm that no damage was done by the car at Blaine Airport. We are not so sure about the impact of these t-shirts at Defcon and Usenix Security.

ShareMeNot -- Protecting Against Tracking from Third-party Social Media Buttons 7.28.2011
Cory Doctorow at BoingBoing is reporting on Franzi Roesner's latest project, ShareMeNot. Cory writes: "[ShareMeNot is] a Firefox Add-On that defangs social media buttons like the Facebook 'Like' button (and others) so that they don't transmit any information about your browsing habits to these services until (and unless) you click on them. That means that merely visiting a page with a Like or a Tweet or a +1 button (like this one) doesn't generate a data-trail for the companies that operate those services, but you still get the benefit of the buttons, that is, if you click them, they still work. Smart." Also involved are UW CSE faculty members Yoshi Kohno and David Wetherall.
UW MSR Summer Institute on Consumer, Cloud Security 7.25.2011
Each year, UW Computer Science and Engineering and Microsoft Research host a Summer Research Institute in Computer Science, bringing together dozens of the world's top researchers for several days to discuss an important emerging topic.

This year's UW-MSR Summer Research Institute is taking place July 24-27 at Suncadia Resort, located in the Cascades, ninety minutes southeast of Seattle. The topic is "Security and Privacy for a Consumer, Cloud World." The goal is to identify new directions for consumer and cloud computing, discuss the challenges for protecting security and privacy in a consumer and cloud computing world, and explore directions for mitigating those challenges. The Institute brings together researchers and practitioners from diverse but relevant areas such as computer security, cryptography, mobile systems, cloud computing, systems and networking, and HCI. The organizers are Yoshi Kohno (UW CSE), David Molnar (MSR), and Helen Wang (MSR).

This is the fifteenth UW-MSR Summer Research Institute. Learn more about this year's UW-MSR Summer Research Institute here.

Congratulations Professor Geambasu! 5.16.2011

UW CSE PhD Student Roxana Geambasu has just accepted a tenure-track faculty position in the Department of Computer Science at Columbia University. Congratulations Professor Roxana!!

Helping Design Privacy Preserving Medical Data Registry for Washington State 5.16.2011

Alexei Czeskis and Jacob Appelbaum are helping to design a privacy preserving registry for the Washington State medical marijuana data. Their effort was recently mentioned a Seattle Weekly article, available here.

Jake and Alexei have been working directly and indirectly with a variety of stakeholders like the Washington State ACLU, legislators, law enforcement, and Cannabis Defense Coalition to make sure that a technology can be designed to meet the variety of needs and the (sometimes conflicting) goals. Jake's and Alexei's work have helped inform the technical language in Senate Bill SB 5073 and more recently -- SB 5955.

Alexei Jacob
UW CSE Security Team Receives Recognition 5.13.2011

The UW CSE Security Competition Team was recognized at the 2011 VISA Global Security Summit in Washington DC. Besides high ranking VISA security personnel, the former NSA and CIA chief, the former Attorney General, a four start General, personnel from the US Secret Service, and others were present.

The team was also recently featured in The Christian Science Monitor. The story is available in the magazine and online here.

KIRO FM Features the UW CSE Security Team 4.20.2011
The UW CSE Security Competition Team was featured today in a story on 97.3 KIRO FM. You can read the article here and can also listen to the full audio interview here.
"Keypad" wins Eurosys 2011 Best Student Paper 4.13.2011
"Keypad: An auditing file system for theft-prone devices," a paper describing a new file system that enhances data security on mobile devices, has been named Best Student Paper at this year's EuroSys 2011 conference. The paper was authored by UW CSE graduate students Roxana Geambasu and John P. John and UW CSE faculty members Steve Gribble, Yoshi Kohno, and Hank Levy.


UW CSE Security Competition Team Wins Nationals! 4.10.2011
The UW CSE computer security competition team consisting of Alexei Czeskis (team captain), Karl Koscher (team co-founder), Ian Finder, Mary Pimenova, Cullen Walsh, Baron Oldenburg, Conrad Meyer, and Mark Jordan -- coached by Melody Kadenko -- just won the National Collegiate Cyber Defense Competition!

The finals, held April 9 and 10, featured 9 teams from across the nation -- the winners of 9 regional competitions.


Update (4.11.2011): The Seattle Times just wrote an article about the team's win.

Update (4.13.2011): UW Today also wrote an article about the team.

Karl Koscher Wins Ford Fellowship 4.1.2011
UW CSE Security Lab member Karl Koscher just won the College of Engineering Ford Motor Company Fellowship. Congratulations Karl!
Detecting Certificate Authority Compromises and Web Browser Collusion 3.23.201
From Freedom to Tinker: "Today, the public learned of a previously undisclosed compromise of a trusted Certificate Authority -- one of the entities that issues certificates attesting to the identity of "secure" web sites. Last week, Comodo quietly issued a command via its certificate revocation servers designed to tell browsers to no longer accept 9 certificates. ...

"This implied that the certificates were likely malicious, and may even been used by a third-party to impersonate secure sites. ...

"Clearly, something exceptional happened behind the scenes. Security hacker Jacob Appelbaum did some fantastic detective work using the EFF's SSL Observatory data and discovered that all of the certificates in question originated from Comodo -- perhaps from one of the many affiliated companies that issues certificates under Comodo's authority via their 'Registration Authority' (RA) program. Evidently, someone had figured out how to successfully attack Comodo or one of their RAs, or had colluded with them in getting some invalid certs."

Jacob Appelbaum is a UW Security and Privacy Lab researcher and a Tor developer. You can read more about Jacob's discoveries here.

UW CSE Security Competition Team Wins Regionals! 3.20.2011
The UW CSE cyber defense competition team just won regionals! Congratulations to team members Alexei Czeskis (team captain), Ian Finder, Mark Jordan, Karl Koscher, Conrad Meyer, Baron Oldenburg, Mary Pimenova, and Cullen Walsh!

Update (4.7.2011): The Seattle Times has written an article about the team: "A team of eight University of Washington students will wage war this weekend against an expert force, defending their territory with stealth tactics and on-the-fly invention. But there are no physical weapons involved. There's not even a physical battleground. For the fourth year in a row, the team will compete in the National Collegiate Cyber Defense Competition, in which teams from around the country attempt to shield a computer system from professional hackers aiming to cause havoc ranging from stealing trade secrets to turning home pages into random YouTube videos."

Read the full article here.

Comprehensive Experimental Analyses of Automotive Attack Surfaces Presented Before the National Academy of Sciences 3.13.2011
Congratulations to Karl Koscher, Alexei Czeskis, and Franziska Roesner, and their University of California at San Diego collaborators Steve Checkoway, Damon McCoy, Brian Kantor, and Danny Anderson, whose study of the vulnerability of modern cars to remote compromise was picked up by the press after being presented to the National Academy of Sciences. (We understand some faculty at UW and UCSD were involved as well.)

The Associated Press and The New York Times broke the story, with additional coverage at Technology Review, PCWorld, Slashdot, Jamie Zawinski’s blog, Boing Boing, and The Volokh Conspiracy. More information at the CEASS site.

The 2011 CPDP Multidisciplinary Privacy Award 2.1.2011
UW security and privacy researchers had a strong showing at the 2011 Computers, Privacy & Data Protection conference in Brussels, Belgium, winning both the Multidisciplinary Privacy Award award and an honorable mention.

The goal of the CPDP multi-disciplinary privacy research award is to promote the need for and reward the results of multidisciplinary research, with the participation of the representative of diverse constituencies engaged in the investigation of the new ideas in data protection. Any paper published or accepted for publication in 2010 was eligible to win.

UW CSE grad student Alexei Czeskis and alumni Iva Dermendjieva and Hussein Yapit won the award for their work on balancing privacy and value tensions in mobile parenting technologies (published at SOUPS 2010 with co-authors Alan Borning, Batya Friedman, Brian Gill, and Tadayoshi Kohno). Alexei, pictured on the right, went to Belgium to receive the award.

UW CSE PhD student Tamara Denning won an honorable mention for her work on analyzing human values and security for wireless implantable medical devices (published at CHI 2010 with co-authors Alan Borning, Batya Friedman, Brian Gill, Tadayoshi Kohno, and William Maisel).


Identity Theft in the Electronic Age 1.26.2011
UW security research Karl Koscher is featured in 16:9, Canada's version of 60 Minutes. Karl is seen discussing his research on the security and privacy properties of the new US Passport Cards and Enhanced Drivers Licenses. Also featured in the video is UW PhD student Emily Fortuna. EDL
Transparent Tor Access Point 12.21.2010
Jacob Appelbaum's new vision -- to create a "home Internet with anonymity built in" -- is featured in MIT's Technology Review magazine. Jacob is a UW security and privacy lab research scientist and core Tor developer. His key idea is to integrate the Tor anonymity system directly into wireless routers, thereby making strong privacy more accessible to the general public. UW security researcher Alexei Czeskis and others from the Tor community are also participating in this project. Good luck Jacob and Alexei with this new direction! tor
Jacob in NY Times Magazine 12.17.2010
The New York Times Magazine has a detailed article on online anonymity and the Tor project. UW security researcher and Tor developer Jacob Appelbaum is extensively quoted. Originally funded by the U.S. Department of Defense, Tor now helps protect the privacy of hundreds of thousands of people around the world. Jacob
Skein Chosen as SHA-3 Finalist 12.10.2010
The U.S. National Institute of Standards and Technology (NIST) has selected the Skein cryptographic hash function as one of five finalists in its SHA-3 competition. The winner will become the new U.S. hash function standard. Sixty-four proposed hash function designs were submitted to NIST when the competition began two years ago. Skein was designed by a team of cryptographers and computer security experts, including UW's Yoshi Kohno. (If you look closely, you'll notice that the team photo was taken in the beautiful halls of the UW Paul G. Allen Center for Computer Science & Engineering.) skein logo
Awards at UW CSE Industrial Affiliates Meeting 10.28.2010
The annual UW Computer Science & Engineering Industrial Affiliates Meeting took place on October 27th and 28th. On the 27th, more than 100 representatives from Affiliates companies participated in a day of research presentations, and more than than 250 Seattle-area alumni joined for an evening of posters. There were also awards. UW security and privacy lab PhD students Karl Koscher, Alexei Czeskis, and Franzi Roesner won an award for their poster on car security, and PhD student Roxana Geambasu and graduate student Amit Levy won an award for their poster on Comet: An Active Distributed Key-Value Store.

The photo at the right, taken by UW CSE faculty member Bruce Hemingway, shows (from left) Karl, Alexei, and Franzi discussing their poster with an attendee.

Five New Types of Cyber Attacks 10.18.2010
An article at AolNews warns of five new classes of cyber attacks, research into two of which were pioneered by UW security and privacy lab researchers. In 2008 UW researchers, in collaboration with the University of Massachusetts Amherst and the Beth Israel Deaconess Medical Center, published an award-winning paper at the 2008 IEEE Symposium on Security and Privacy evaluating the computer security risks and challenges with implantable medical devices. Earlier this year, UW and UC San Diego researchers published a paper at the 2010 IEEE Symposium on Security and Privacy describing the results of an extensive experimental analysis of a modern car. This research is forward-looking. No known threats have manifested to date, and UW researchers are now focused on developing defenses for futures medical devices and automobiles.
New York Times Magazine: Does the Web Ever Forget? 7.25.2010
The New York Times Magazine has an excellent article discussing the consequences of a Web that never forgets. What happens when the innocent emails and Facebook posts you send today suddenly resurface 10 or 20 years later? Is there any way for users to proactively control the lifetimes of data stored on third-party Web services, like GMail, Facebook, and Flicker? Last year UW security and privacy researchers Roxana Geambasu and Amit Levy, along with faculty members Yoshi Kohno and Hank Levy, published an award-winning paper at 2009 USENIX Security describing a new approach for empowering users with such control. Their new direction direction, called Vanish, is featured in this article.
Security Lab Reunion at Oakland 2010 5.18.2010
The IEEE Symposium on Security and Privacy ("The Oakland Conference") is one of the flagship conferences for the computer security and privacy research community. Today all UW CSE affiliates (students, faculty, alumni, affiliate faculty) at Oakland decided to wear their UW CSE T-shirts. There was an impressive number of us there!

In the photo: Roxana Geambasu (UW CSE Ph.D. student), Tammy Denning (UW CSE Ph.D. student), David Molnar (MSR, teaching in UW CSE), Alexei Czeskis (UW CSE Ph.D. student), Franzi Roesner (UW CSE Ph.D. student), Stefan Savage (UW CSE Ph.D. alumnus, now UCSD CSE faculty), Steve Checkoway (UW CSE B.S. alumnus, now UCSD CSE Ph.D. student), Damon McCoy (UW CSE Ph.D. intern, now UCSD CSE postdoc), Karl Koscher (UW CSE Ph.D. student), Tadayoshi Kohno (UW CSE faculty), Gabriel Maganis (UW CSE B.S. alumnus, now UCD Ph.D. student), Charlie Reis (UW CSE Ph.D. alumnus, now Google Seattle), Miro Enev (UW CSE Ph.D. student), Vitaly Shmatikov (UW CSE B.S. alumnus, now UT Austin faculty).

Experimental Security Analysis of a Modern Automobile 5.16.2010
UW security and privacy researchers Karl Koscher, Alexei Czeskis, Franzi Roesner, Shwetak Patel, and Yoshi Kohno, along with collaborators from the University of California San Diego led by (UW alumnus!) Stefan Savage, describe the results of an extensive experimental security analysis of a modern car in their paper at the 2010 IEEE Symposium on Security and Privacy. More information at the Center for Automotive Embedded Systems Security Web site and in articles in The New York Times, New Scientist, Technology Review, PC World, TechFlash, and Popular Mechanics.
CNN: Scientists Work to Keep Hackers Out of Implanted Medical Devices 4.16.2010
This week UW security researcher Tamara Denning presented her study of patients, pacemakers, and security defenses at CHI 2010. A CNN reporter was in the audience and decided to write an article about her work. Tammy used semi-structured interviews with cardiac device patients to provide a scientifically-informed understanding of how different security solutions for wireless implantable medical devices interact with patients' values. This work was in collaboration with Seattle Pacific University and the Beth Israel Deaconess Medical Center. The CNN article also features UW's 2008 experimental security analysis of an implantable cardiac defibrillator (in collaboration with UMass and BIDMC) and discusses the points made in a recent New England Journal of Medicine perspective article (also in collaboration with BIDMC).