February 1, 2023

Vulnerability reporting is dysfunctional

By Kevin Lee, Ben Kaiser, Jonathan Mayer, and Arvind Narayanan In January, we released a study showing the ease of SIM swaps at five U.S. prepaid carriers.  These attacks—in which an adversary tricks telecoms into moving the victim’s phone number to a new SIM card under the attacker’s control—divert calls and SMS text messages away […]

Berkeley releases report on barriers to cybersecurity research

I’m pleased to share this report, as I helped organize this event. Researchers associated with the UC Berkeley School of Information and School of Law, the Berkeley Center for Law and Technology, and the International Computer Science Institute (ICSI) released a workshop report detailing legal barriers and other disincentives to cybersecurity research, and recommendations to […]