Category: Uncategorized

Jeff Bezos spent several hours in UW CSE labs on December 16 — discussing ubiquitous computing and sensing with Shwetak Patel and students; the future of search with Oren Etzioni; and the security of computer-controlled personal devices (such as automobiles) with Yoshi Kohno and students; as well as discussing future directions for the computer science field with Ed Lazowska and Hank Levy.

Recently, Miro Enev traveled to CCS 2011 to present his work with Sidhant Gupta on uncovering the depth of information leakage available on the modern powerline. The paper suggests that it is possible to tell what someone is watching on a TV by collecting a short period of unintentionally generated electromagnetic interference (EMI) from any wall socket in a home (not just the socket connected to the TV). This research was based on in-lab and in-home experiments with 8 TVs ranging in size, technology, and manufacturer, and a dataset of 20 movies plus over-the-air broadcasts. Miro and Sidhant also demonstrated the ability to train a neural network to predict the EMI of a television without need for physical access to the device. Full details in the paper. UW faculty members Shwetak Patel and Tadayoshi Kohno were also involved.

Earlier this year UW CSE security researcher Franzi Roesner released ShareMeNot — a Firefox plugin designed to help users avoid unwanted tracking by third party social media buttons on the Web while still allowing the user to use those buttons when they wish. ShareMeNot handles the Facebook Like button, the Google +1 button, and others.

Last night Franzi presented a poster of her work at the annual UW CSE Industrial Affiliates meeting. The Madrona Venture Group was extremely impressed by Franzi’s work and awarded her the Madrona Prize Runner Up Award. Congratulations Franzi!

UW CSE’s Karl Koscher is headed to Taiwan to give the opening talk at the 6th Workshop on Embedded Systems Security (WESS 2011) along with UCSD PhD student (and UW undergraduate alumnus) Steve Checkoway. Karl and Steve will be presenting their recent research results on automotive computer security, co-authored with UW’s Alexei Czeskis, Franziska Roesner, Shwetak Patel, and Yoshi Kohno and UCSD’s Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage. You can read about their research at http://www.autosec.org/faq.html.

Members of the UW Security and Privacy Lab surprised Yoshi with his new, most favorite shirt ever! Thank you Alexei, Franzi, Karl, Miro, and Tammy!

The paper titled deSEO: Combating Search-Result Poisoning was published last week at Usenix Security 2011. It describes how malware and viruses are spread through the poisoning of popular search keywords, and develops tools to help search engines fight the problem.

The paper was authored by John P. John and Arvind Krishnamurthy from UW, in collaboration with researchers at MSR, Silicon Valley.

The UW Security and Privacy Lab is now on Twitter. Follow us at https://twitter.com/#!/uw_cse_seclab.

The UW-UCSD collaborative project on automotive security has just published their second paper entitled “Comprehensive Experimental Analyses of Automotive Attack Surfaces” at Usenix Security 2011. The results in this paper were previously presented before a National Academy of Sciences committee on automotive safety (3.13.2011).

On the UW side, this effort was led by Karl Koscher, Alexei Czeskis, and Franziska Roesner (along with faculty member Yoshi Kohno). On the UCSD side, this effort was led by Stephen Checkoway, Damon McCoy, Brian Kantor, and Danny Anderson (along with faculty members Hovav Shacham and Stefan Savage).

A video of the Usenix Security talk is online here.

In order to look their best at Defcon and Usenix Security, members of the UW CSE Security and Privacy Research Lab equipped themselves with t-shirts displaying the text of the waiver they were required to sign before testing their “analyzed automobile” on the runway at Blaine Airport.

We can confirm that no damage was done by the car at Blaine Airport. We are not so sure about the impact of these t-shirts at Defcon and Usenix Security.

Cory Doctorow at BoingBoing is reporting on Franzi Roesner’s latest project, ShareMeNot. Cory writes: “[ShareMeNot is] a Firefox Add-On that defangs social media buttons like the Facebook ‘Like’ button (and others) so that they don’t transmit any information about your browsing habits to these services until (and unless) you click on them. That means that merely visiting a page with a Like or a Tweet or a +1 button (like this one) doesn’t generate a data-trail for the companies that operate those services, but you still get the benefit of the buttons, that is, if you click them, they still work. Smart.” Also involved are UW CSE faculty members Yoshi Kohno and David Wetherall.