2025
June
Mireshghallah advises keeping some information safe from chatbots
The Washington Post
EPP/CyLab’s Niloofar Mireshghallah spoke to The Washington Post about best practices for keeping your personal information safe when conversing with AI chatbots like ChatGPT or Claude. Mireshghallah advises users to bear in mind that their conversations can be saved and reviewed by the company that produced a chatbot, so they should avoid sharing any sensitive information.
Gueye and Kearns quoted on African cybersecurity training
Dark Reading
CyLab’s Megan Kearns and CMU-Africa’s Assane Gueye were quoted in Dark Reading about new cybersecurity training initiatives in Africa. “We have more students interested in the field today, but the shortage is stark and likely to be worse as digitization takes place,” said Gueye. “Students don’t have to be either-or; they can be both software engineers and cybersecurity professionals.”
May
Cranor discusses passkey security
CNET
CyLab Director Lorrie Cranor was quoted by CNET about Microsoft’s move to using passkeys instead of passwords for all new accounts. “From a security perspective, it is great to see them being pushed out to consumers, but I do have some concerns about their usability, especially in cases where consumers have multiple devices or lose or upgrade a device,” Cranor said. “Shared accounts and devices may also be problematic.”
Cranor quoted on iris-scanning technology
The Washington Post
CyLab Director Lorrie Cranor was quoted by The Washington Post about World’s iris-scanning, “proof of human” technology, which launched in six U.S. storefronts last week. While World is working to create a network of unique World IDs to distinguish between humans and robots, Cranor questioned why an iris scan was necessary. “Now I have features from the scan of my iris encrypted and stored on my phone, but if somebody else gets access to my phone or if a robot takes over my phone, does that mean that they can demonstrate that they’re human or maybe even me?” Cranor said.
April
Cranor quoted on access to data in cases of theft
The Washington Post
CyLab Director Lorrie Cranor was quoted by the Washington Post about how the owners of stolen Apple products cannot regain access to their data. “You do have to provide a variety of information to sign up for an Apple account, and people could be required to provide things like police reports to show that they reported their phones stolen,” Cranor says. “I find it odd that Apple is fighting this without explaining their rationale.”
Cranor discusses Gmail cybersecurity
Dark Reading
CyLab Director Lorrie Cranor spoke with Dark Reading about the importance of securing one’s devices and accounts, regardless of encryption protections companies like Gmail install in their software. “While Gmail uses encryption in transit, if supported by the recipient’s server, it is not currently end-to-end encrypted, which means that there is the potential of exposing that sensitive data on both Google’s servers and the recipient’s servers,” Cranor explains.
Cranor quoted on the importance of appropriate security of government communications
POLITICO
CyLab Director Lorrie Cranor was quoted in POLITICO on government officials’ alleged recent flaunting of communication security protocols. National security advisor Mike Waltz has been under fire for a myriad of alleged violations, such as discussing sensitive issues on non-governmental channels such as Gmail and Signal, as well as accidentally adding a journalist to a sensitive Signal chat. These discussions have been condemned for violating government records acts, as well as for their security risks. Cranor was quoted on the necessity of keeping government communications secure against attackers. “Communication systems approved for government officials meet security requirements and government records management requirements. Attackers frequently target government officials and attempt to gain access to their messages as well as break into their accounts so that they can impersonate them. So, appropriate security is important.”
Cranor quoted on Signal group chat
The Wall Street Journal
CyLab Director Lorrie Cranor was quoted in The Wall Street Journal about how employees often prioritize convenience over security at work. “We see this pattern all the time, where users just want to get their job done and their view is that somebody else should be worrying about the security part,” said Cranor.
March
Scheffler quoted on data protection and access
CNN
CyLab/EPP’s Sarah Scheffler was quoted by CNN about data protection, in response to Apple users losing access to Advanced Data Protection. “One of the very few ways to make sure that your data can’t be leaked if a company is breached is to make sure that the company (itself) doesn’t have it,” Scheffler explains.
2024
October
Carley discusses how misinformation can spread
Associated Press
CyLab’s Kathleen Carley was quoted by the Associated Press about the dangers of misinformation, particularly pertaining to false claims of election fraud and how that may impact overseas voters. “Laying the groundwork for a conspiracy theory means that you need to weave many claims together,” Carley explained. “In that sense, this story about UOCAVA lays the groundwork for, and would help substantiate, a conspiracy theory around Democrats stealing the election.”
September
Brumley discusses social security number breach and cybersecurity
Time
ECE’s David Brumley spoke with Time about the hack in April that resulted in SSN data from the NPD being leaked. “We are not talking about a startup here,” Brumley said. “Looking forward, we have to have higher standards for the custodians of our data.”
August
Fanti and Sowon suggest improving the way governments regulate technology
Atlantic Council
ECE/CyLab’s Giulia Fanti and CyLab’s Karen Sowon were among the co-authors of an article in Atlantic Council suggesting ways in which governments could more effectively regulate new technologies while avoiding setbacks. They detail efforts of governments around the world that have had unintended consequences affecting millions of people, and argue that these consequences may have been avoided had policymakers had approached the problems like products designers do, and balanced security, privacy, and usability.
July
Carley discusses new tools designed to curb the spread of disinformation online
Pittsburgh Post-Gazette
CyLab/EPP’s Kathleen Carley spoke with the Pittsburgh Post-Gazette about the need to improve detection of inaccurate or misleading content online. In recent years, digital spaces have seen a significant increase in the spread of disinformation and the use of deepfake technology. New detection tools such as Trustnet and MUSE aim to help users spot inaccurate information, but the process still depends on the trustworthiness of intermediate messengers. “There has been an increased use of deepfakes and disinformation in every election this year around the world,” Carley said. “It’s not only a U.S. problem.”