CyLab researchers design privacy icon to be used by California law
The state of California has proposed an official icon to include next to opt-out text—a blue stylized toggle icon developed by researchers from Carnegie Mellon University’s CyLab and the University of Michigan’s School of Information. Users may begin seeing the new stylized icon at the bottom of websites’ footers early next year.
Finally: a usable and secure password policy backed by science
After nearly a decade of studies, the passwords research group in Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords that maintains balance between security and usability—one backed by hard science.
picoCTF to hold 2020 Mini Competition in October
In celebration of National Cybersecurity Awareness Month, picoCTF will be holding a mini competition during the month of October. The competition will consist of series of cybersecurity challenges of intermediate difficulty in the topics of reverse engineering, forensics, web, and binary exploitation problems.
IoT labels will help consumers figure out which devices are spying on them
A team of CyLab researchers have developed a prototype security and privacy “nutrition label” that performed well in user tests. To develop the label, the team consulted with a diverse group of 22 security and privacy experts across industry, government, and academia.
Provably-secure code incorporated into Linux kernel
This month, code from the provably correct and secure “EverCrypt” cryptographic library, which CyLab’s Bryan Parno and his team helped develop and release last year, was officially incorporated into the Linux kernel — the core of the Linux operating system.
Why people delay software updates, despite the risks
In a study published in the latest issue of the Journal of Cybersecurity, a team of CyLab researchers found that the time-cost of updates and individuals’ risk preferences have a significant impact on whether or not a user applies a software update, and how long it takes them to do so.
CMU’s big showing at RSA 2020
The Human Element” was the theme of this year’s RSA Conference in San Francisco, which featured CyLab Director Lorrie Cranor talking about usable security research as a warm-up act for magician duo Penn & Teller.
New infrastructure will enhance privacy in today’s Internet of Things
A team of Carnegie Mellon researchers just launched the IoT Assistant, an app that informs users about what IoT technologies are around them and what data they are collecting. An accompanying cloud-based portal allows IoT owners to register their devices to the infrastructure.
“Hacked! An Escape Room Experience” puts you in cybercriminals’ shoes
“Hacked! An Escape Room Experience” will hold one session per day January 28 – 30 from 2:00 – 3:00 p.m. in the Cohon University Center. Each session can handle up to 50 participants, and all students, staff, or faculty at CMU are eligible to participate.