Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn
October 20, 2022 | Brian Krebs, Krebs on Security
Press
Nicholas Weaver, a researcher for the International Computer Science Institute at University of California, Berkeley, suggested another explanation for the recent glut of phony LinkedIn profiles: Someone may be setting up a mass network of accounts in order to more fully scrape profile information from the entire platform. “Even with just a standard LinkedIn account, there’s a pretty good amount of profile information just in the default two-hop networks,” Weaver said. “We don’t know the purpose of these bots, but we know creating bots isn’t free and creating hundreds of thousands of bots would require a lot of resources.”
Embattled Helium is attempting a second act as a crypto-powered mobile network
September 27, 2022 | Leo Schwartz, Fortune
The question, as Nova Labs pushes into 5G, is whether the company can pull off an ambitious, new project while its other is mired in turmoil. For critics like Nicholas Weaver, a researcher at Berkeley’s International Computer Science Institute, Helium Mobile isn’t a new attempt to create a decentralized wireless network, but a distraction.
The surveillance industry is heading towards a squeeze
September 18, 2022 | Ctech
"The industry is heading towards a squeeze. Revenue is declining over time and the cost of exploit is going up until an inflection point is reached at which point the industry is no longer profitable,” said Dr. Bill Marczak, Research Scientist at ICSI and Research Fellow at Citizen Lab.
Crypto’s massive marketing efforts have drawn few new investors
August 24, 2022 | Steven Zeitchik, Washington Post
“That the cryptocurrency space, despite a ton of advertising, has run out of new suckers is not all that surprising to me,” said Nicholas Weaver, a computer-security expert from the University of California at Berkeley who has often raised both a financial and ethical case against crypto investment.
Erik Prince wants to sell you a “secure” smartphone that’s too good to be true
August 19, 2022 | Patrick Howell O'Neill
“Words and phrases like ‘government-grade’ and ‘impenetrable’ are rightly mocked online by the computer security community because we know that they’re used to fool people,” says Nicholas Weaver, a cybersecurity researcher at the International Computer Science Institute.
Treasury cracks down on a tool that helped launder billions
August 9, 2022 | Tim Starks with research by Aaron Schaffer, Washington Post
“This is potentially a big deal, as Tornado Cash is the heart of a huge fraction of the crime in the cryptocurrency ecosystem, and this decision makes all that criminal activity explicitly tainted for anyone who touches the U.S. financial system, which is all real-money cryptocurrency exchanges,” Nicholas Weaver, a computer security expert from the University of California at Berkeley, told me via email.
Experian, You Have Some Explaining to Do
July 11, 2022 | Brian Krebs, Krebs on Security
Nicholas Weaver, a researcher for the International Computer Science Institute at University of California, Berkeley, said Experian has no real incentive to do things right on the consumer side of its business. That is, he said, unless Experian’s customers — banks and other lenders — choose to vote with their feet because too many people with frozen credit files are having to deal with unauthorized applications for new credit.
DEA Investigating Breach of Law Enforcement Data Portal
May 12, 2022 | Brian Krebs, Krebs on Security
Also reported in Washington Post on May 13, 2022 at https://www.washingtonpost.com/politics/2022/05/13/biden-administration-is-refining-trump-era-cyber-order/
From the standpoint of individuals involved in filing these phony EDRs, access to databases and user accounts within the Department of Justice would be a major coup. But the data in EPIC would probably be far more valuable to organized crime rings or drug cartels, said Nicholas Weaver, a researcher for the International Computer Science Institute at University of California, Berkeley.
Your Phone May Soon Replace Many of Your Passwords
May 7, 2022 | Brian Krebs, Krebs on Security
“It is a really, really good step forward, and I’m delighted to see this,” Weaver said. “Taking advantage of the phone’s strong authentication of the phone owner (if you have a decent passcode) is quite nice. And at least for the iPhone you can make this robust even to phone compromise, as it is the secure enclave that would handle this and the secure enclave doesn’t trust the host operating system.”
Apple, Meta, and Discord All Handed User Data Over to Hackers. Now What?
April 5, 2022 | Josephine Wolff, Slate
As Berkeley security researcher Nicholas Weaver put it in an interview with Krebs, “It’s a fundamentally unfixable problem without completely redoing how we think about identity on the Internet on a national scale.”