Check back here regularly for details of events held by our group and coverage of our work in the press.

Seminar Series

In the Security and Privacy Seminar Series, we have the following upcoming talks:

Please contact if you would like to give a talk.

For more information, visit the Computer Security Seminar web page including previous talks.



Past Events

Northrop Grumman Prizes in Cyber Security 2016/17

Northrop Grumman is a global aerospace and defense technology company. It was named as the fifth-largest defense contractor in the world in 2015. Northrop Grumman is interested in building a strategic relationship with Schools across the University. As part of this, and their commitment to promoting cyber security education in the UK, they have generously provided funding to support students on our MSc Cyber Security, resulting in a series of prizes for students that demonstrate excellent academic performance.

The prizes were presented by Dr Ian Batten (MSc Programme Director) at a reception event for the School of Computer Science Master's graduations on 7 December 2017.

The following prizes were awarded:

Most Innovative Project: Dominic Fraise (MSc Computer Science)

Dominic implemented ideas in a research paper to develop a particular kind of blockchain that makes decryptions accountable. This included learning new concepts and implementing algorithms which were only vaguely described in the literature. His supervisor, Prof. Mark Ryan, described it as “a huge achievement for a "conversion" student.”

Most Technically Brilliant Project: Kerry Murdock (MSc Cyber Security)

Kit’s project involved conducting a very detailed analysis of the Amazon Echo. Her work was of a publishable quality, and involved learning and applying a lot of new techniques. Her supervisor, Dr David Oswald, said “I for sure would call it “technically brilliant”.”

Best Project Demonstration: Yifan Wu (MSc Advanced Computer Science)

Yifan developed a blockchain eVoting project, handling advanced cryptographic concepts which he demonstrated very well. His supervisor, Dr David Galindo, said that his demonstration was very engaging and even included a video component to show how the system worked.

Highest Project Mark: Alexander Stevens (MSc Cyber Security)

Alex's project involved taking what his supervisor, Dr Ian Batten, described as an "incredibly vague idea" and extrapolting it into a fantastic piece of work. He extended and implemented these ideas across an impressive range of settings, rightly earning a very high mark.

Highest Overall MSc Mark: Alexander Stevens (MSc Cyber Security

Alex also performed consistently well across all his modules, including both coursework and exams. His final grade for his MSc reflects Alex's high level of effort, understanding and achievement.

Dominic Fraise prize Yifan Wu prize

RISE: Research Institute in Secure Hardware and Embedded Systems

Birmingham joins new £5m UK Hardware Security Institute

Mark Ryan, Flavio Garcia and David Oswald

Researchers from the University of Birmingham travelled to Queen's University Belfast for the launch of a new £5m multi-university Research Institute to improve hardware security and reduce vulnerability to cyber threats.

Funded by EPSRC and the National Cyber Security Centre (NCSC), the Research Institute in Secure Hardware and Embedded Systems (RISE) is the fourth cyber security institutes in the UK and will be a global hub for research and innovation in hardware security over the next five years.

RISE will tackle the global problem of cyber threats through four initial component projects, which will be led by UK research partners from Queen's University Belfast, the University of Cambridge, University of Bristol and University of Birmingham. These universities are all recognised by NCSC and EPSRC as Academic Centres of Excellence in Cyber Security Research.

An advisory board will also be created to allow member companies and stakeholders to engage with the research and to inform future funding calls around the Institute's research challenges.

The new Research Institute will increase our understanding of hardware security technology, leading to pioneering new approaches and fostering collaboration between leading researchers, the National Cyber Security Centre and industry partners to make the UK a more resilient nation.

Professor Philip Nelson, Chief Executive of EPSRC

I'm delighted to see the formation of our latest Research Institute, RISE, concentrating on the potential of new hardware security technologies. The inclusion of hardware-based security capabilities in commodity devices could be a game changer in our fight to reduce the harm of cyberattacks and so I'm really pleased to see a strong set of initial research projects.

Dr Ian Levy, NCSC Technical Director

Professor Maire O'Neill, a leading cryptography expert at Queen's University, has been selected as Director of RISE and will work towards increasing the nation's academic capability in all fields of hardware security.

The Internet of Things has led to increased demand for hardware security research and innovation with growing security needs in embedded and networking devices, as well as in cloud services. An increase in the use of smart devices means that there are now many new attack methods and surfaces for criminals and hackers to exploit. Recent attacks against personal computers, mobile devices, smart meters, home automation devices and network-connected cars have posed serious security and privacy issues.

Counterfeit devices are also an issue, which could lead to cloned hardware and further attack surfaces for hackers.

There is huge demand for hardware security research and innovation. RISE is in an excellent position to become the go-to place for high quality hardware security research. A key aim is to bring together the hardware security community in the UK and build a strong network of national and international research partnerships. We will also work closely with leading UK-based industry partners and stakeholders, transforming research findings into products, services and business opportunities, which will benefit the UK economy.

Professor O'Neill, Queen's University Belfast

User-controlled hardware security anchors: evaluation and design

The Research Institute project at Birmingham will focus on user-controlled hardware security anchors. The main contribution of this research will involve leveraging current and future hardware components to establish a secure interface between the user and the systems they are using. This will improve security, privacy and trust in a range of devices, and our researchers will work closely with industry partners to directly contribute to improving tomorrow’s commercial off-the-shelf products.

Birmingham's main industrial partner in the project will be HP Inc., building on their established relationship with cyber security at Birmingham. Professor Mark Ryan, lead investigator at Birmingham on the RISE project, also holds the HP Research Chair in Cyber Security. Industry involvement in the project and the Research Institute will be essential in generating impact to ensure the next generation of hardware devices are secure.

"Putting security at the hardware level of systems is attractive because it is less vulnerable to being altered or circumvented. Our contribution to the institute will consist of evaluating hardware-based security mechanisms, and building on them to create secure authentication mechanisms."

Professor Mark Ryan

With the increasingly hostile threat environment it is important to build cyber resilience from the hardware up. HP applies this approach to its own products, developing some of the most secure printers and PCs in the world. HP’s involvement in the project to make authentication more secure through hardware is part of our ongoing investment in the HP Research Chair at Birmingham University, and reflects our commitment to help drive cyber-security research forward.

Simon Shiu, Security Lab Director, HP Labs Bristol

From New South Wales to Wales, UK

David Galindo and Mark Ryan

Welsh Government consultation on democratic reform

Dr David Galindo and Professor Mark Ryan, with Dr George Theodorakopoulos (Cardiff University) and Areeq Chowdhury (WebRoots Democracy) published a joint submission to the Welsh Government's consultation on democratic reform. The publication relates directly to the question of remote online voting, an area in which the University of Birmingham holds significant expertise. The report makes the case for pilots of online voting in Welsh elections, setting out three recommendations:

  • The Welsh Government should commence pilots of remote online voting option in local council and Welsh Assembly elections within the next five years.
  • Pilots of online voting should be undertaken alongside the development of an online voting certification framework.
  • In order to obtain the benefits of electronic voting, the Welsh Government should proceed with pilots of remote online voting and not stand-alone electronic voting machines.

Professor Mark Ryan and Dr David Galindo said:

Technologies to fully realise this notion of voter verifiability are still under development. They have been used for professional association elections and university elections, and now they are beginning to be used for large-scale political elections in Estonia and in New South Wales, Australia. We believe that Welsh Assembly elections would be an appropriate place to trial them in the UK.

Areeq Chowdhury said:

First time voters in the 2021 Welsh Assembly elections will be the first generation of voters born in the 2000s. They will not recall a world before smartphones and social media. As time goes on, a digital democracy will become an expectation instead of an aspiration. It is time we looked at how best we can bring this about and online voting will play an important part of that.

Dr George Theodorakopoulos said:

Wales’ digital transformation cannot be complete if online voting is unavailable as an option to the electorate. Empowering Welsh citizens cannot be limited to comparing energy prices online. Wales is right now in a unique position to be a Western European pioneer in digital democracy, and the government is the only body that can rightfully enable this change.

Academic Centre of Excellence in Cyber Security Research

The University of Birmingham has been recognised as an NCSC-EPSRC Academic Centre of Excellence in Cyber Security Research (ACE-CSR) for another five years.

The National Cyber Security Centre (NCSC), part of GCHQ, is the UK’s authority on cyber security. It combines world-class academic research with industrial innovation to reduce the cyber security risk to the UK by improving its cyber security and cyber resilience.

Its recognition of Birmingham as an ACE-CSR signifies the consistently high-quality research being conducted in the Security and Privacy group at the University.

The group has expanded greatly in recent years, reflecting the University's continued commitment to supporting world-leading research into cyber security issues affecting industry, government and society.


Professor Mark Ryan, Head of the Security and Privacy group at the University of Birmingham, said:

‘Everything we do in the future will involve digital technology, whether it's driving a car or turning on a light switch. This will create new opportunities and new risks. Therefore it's really important to research the fundamentals and implementations of cyber security.

‘Our renewed recognition as an ACE-CSR is a welcome acknowledgement of the importance of our contribution to cyber security research.’

Over the next five years, the Security and Privacy Group will continue to build on its current reputation with exciting new projects and collaborations in areas such as automotive security, the Internet of Things, Industrial Control Systems and post-quantum cryptography.

The announcement was made today by the Minister for the Cabinet Office, the Rt Hon. Ben Gummer MP, who said:

'Britain has to stay one step ahead of the often invisible cyber wars taking place on our networks, in our homes, and across our infrastructure. We can only do that with truly ground-breaking research. It is critical that the entire UK maintains its strength in this area, from London to Lancaster and from Belfast to Edinburgh.'

Chris Ensor, Deputy Director for Cyber Security Skills and Growth at the NCSC, added:

'It’s fantastic to see so many leading universities committed to trailblazing improvements to the UK’s cyber security research, and it is particularly good to see Scotland represented for the first time.

'At the NCSC, we are absolutely committed to maintaining and improving our already strong reputation as a global leader in cutting edge research, and look forward to collaborating with these establishments to make the UK the safest place to live and work online.

'These universities conduct world class cyber security research and this initiative will improve the way academics, government and business work together – benefiting the whole of the country.'

HP Research Chair in Cyber Security - Launch Event

Mark Ryan

At a launch event held in the School of Computer Science on 3 November 2016, Professor Mark Ryan was inaugurated as the HP Research Chair in Cyber Security. The position marks a five-year strategic partnership between HP and the University of Birmingham, to conduct world leading research that will tackle the future architectures and protocols for the increasing range of connected devices that forms the Internet of Things (IoT).

Mark Ryan HP Research Chair in Cyber Security

Professor Ryan said of the research: 'The internet of things is going to bring a new wave of innovation, affecting how the physical world and the digital world interact. Figuring out how to support privacy and security for users in this setting is a huge task. This research chair is a great opportunity to work with a company that can complement the skills of academics and help bring theoretical ideas into practical realities.'

'Increasing pervasiveness of technology means cyber security will become even more important and challenging. It is a top priority to invest now in research and partnerships to address this issue,' said Simon Shiu, Director of HP’s Security Lab. 'Academia, business and government each have different contexts, experiences and skillsets. It is critical for us to work together to successfully address our shared future cyber security challenges. This new Chair is a critical step forward.'

Research Chair launch

The launch event was attended by senior members of the College of Engineering and Physical Sciences, academics from the School of Computer Science - including the Security and Privacy group - as well as staff from HP and government representatives from the new National Cyber Security Centre. The research chair represents a key partnership in ensuring that academia and industry work together for a cyber secure future for all of society.

Public Debate: Is Social Media Making Us Anti-social?

Mark Ryan

UoB Debating Society

Take a look at your phone.

Who’s message are you waiting for? Has that one person checked your Snapchat story? Why is there a blue tick by that Whatsapp message but no reply? How many likes did your last Instagram get?

What could all this mean?
From the birth of Facebook, a networking site initially designed for college students and now has users of all ages all over the world, to the immediate and almost compulsive necessity to Snapchat what you’re doing and who you’re with, social media has constantly evolved and adapted to our needs, changing what it means to be interactive and “digitally active”.

Social media can be an impressive tool in expanding our world, and the opportunities that lie in it. Whether you’re looking for a job using a LinkedIn account, or relying on handy DIY ways to make your room look amazing with Pinterest, social media has slowly weaved its way to become an integral and fundamental part of our lives. It can take us across the world to explore new cultures and societies, give us first hand perspectives of those living in conflict, and keep us informed with understanding how decisions where we are can impact an entire way of life on the other side of the world. Social media can connect families dispersed around the world, with face-to-face video chat and instant photo messaging, finally uniting humans across borders, and even those outside the planet. (Major Tim Peake and the ISS)

But what if all these connections and social networks are simply a case of smoke and mirrors? How many of your Facebook friends do you actually know and talk to? How many of your Instagram followers are real people? It could be argued that social media creates an artificial interpretation of what real life is, and uses it to absorb us into our phones, stifled by advertisements in a world of marketing, and the pressures of inadequacy caused by false reality. Studies have found it to limit emotion, empathy, and understanding of how humans naturally communicate with one another, and leaves us vulnerable to greater cybercrime, and a lack in privacy.

With the continuous expansion of social media, the balance between real life experiences and those oriented by a screen is teetering dangerously. What if social media has corrupted a natural human way of life and is slowly morphing us into automation, fuelling our greed for more content, more information, more attention and more media at our very own fingertips?

Whether the future of digital reality remains significantly valuable to us, or users become increasingly disillusioned with it remains a question to be answered.

The approaching public debate will discuss these issues and more.

The first public debate of the University of Birmingham Debating Society's 2016/2017 season will be on the theme of social media, and will feature experts from the College of Engineering and Physical Science, including the Security and Privacy group.

Professor Mark Ryan will be speaking in opposition to the motion 'social media has made us anti-social', bringing in considerations of privacy to warn of potential exploitation by corporate and state interests while supporting the revolutionary new modes of community and social interaction enabled by social media.

For more information, see the event page and the UoB Debating Society.

Best Paper Award

ATC 2016

Michael Denzel and Mark Ryan

In July 2016, Security and Privacy PhD student Michael Denzel travelled to Toulouse to present his paper 'Smart-Guard: Defending User Input from Malware' - written in conjunction with Professor Mark Ryan (University of Birmingham) and Alessandro Bruni (University of Copenhagen) - at the 13th IEEE International Conference on Advanced and Trusted Computing. The paper received the Best Paper Award for the conference.

ATC 16 Best Paper Award

Outstanding Supervision

EPS Award for Excellence in Doctoral Research Supervision

Professor Mark Ryan of the Security and Privacy Group received the 2016 Award for Excellence in Doctoral Research Supervision in the College of Engineering and Physical Sciences, University of Birmingham.

As a research-intensive university, Birmingham is committed to carrying out research that is world-leading in terms of its originality and distinctiveness, significance and rigour. The University recognises that the role of the academic supervisor is crucial for successful completion of high-class doctoral research and acknowledges this in the annual Awards for Excellence in Doctoral Research Supervision.

This annual award is presented to an academic nominated by current and past research students for outstanding supervision of high-quality doctoral research at the University. Professor Ryan was nominated by current PhD Student Jiangshan Yu, along with former students Ben Smyth and Alessio Lomuscio. Pro-Vice Chancellor Tim Softley presented the award at a ceremony on 24th June 2016.

Professor Ryan said: “To me, it’s a recognition of the huge commitment I have to helping PhD students, and the many hours I have worked late into the evening helping them refine their research ideas and assisting to articulate them on paper.”

Congratulations to Mark for this recognition of his continued dedication to our doctoral students!

Mark Ryan EPS Doctoral Supervision Award

Computer Science Distinguished Seminar Series

Adrian Perrig, ETH Zurich

Towards Deployment of a Next-Generation Secure Internet Architecture

The Security and Privacy group was pleased to host the inaugural Computer Science Distinguished Seminar, inviting Adrian Perrig from ETH Zurich to speak about future internet architectures that include security by design. Adrian also spent time discussing technical and social aspects his research with members of the group, as well as offering his insight on projects being undertaken at Birmingham.


The Internet has been successful beyond even the most optimistic expectations. It permeates and intertwines with almost all aspects of our society and economy. The success of the Internet has created a dependency on communication as many of the processes underpinning the foundations of modern society would grind to a halt should communication become unavailable. However, much to our dismay, the current state of safety and availability of the Internet is far from commensurate given its importance.

Although we cannot conclusively determine what the impact of a 1-day, or 1-week outage of Internet connectivity on our society would be, anecdotal evidence indicates that even short outages have a profound negative impact on governmental, economic, and societal operations. To make matters worse, the Internet has not been designed for high availability in the face of malicious actions by adversaries. Recent patches to improve Internet security and availability have been constrained by the current Internet architecture, business models, and legal aspects. Moreover, there are fundamental design decisions of the current Internet that inherently complicate secure operation.

Given the diverse nature of constituents in today's Internet, another important challenge is how to scale authentication of entities (e.g., AS ownership for routing, name servers for DNS, or domains for TLS) to a global environment. Currently prevalent PKI models (monopoly and oligarchy) do not scale globally because mutually distrusting entities cannot agree on a single trust root, and because everyday users cannot evaluate the trustworthiness of each of the many root CAs in their browsers.

To address these issues, we propose SCION, a next-generation Internet architecture that is secure, available, and offers privacy by design; that provides incentives for a transition to the new architecture; and that considers economic and policy issues at the design stage.

Adrian Perrig is a Professor at the Department of Computer Science at ETH Zürich, Switzerland, where he leads the network security group. He is also a Distinguished Fellow at CyLab, and an Adjunct Professor of Electrical and Computer Engineering, and Engineering and Public Policy at Carnegie Mellon University. From 2002 to 2012, he was a Professor of Electrical and Computer Engineering, Engineering and Public Policy, and Computer Science (courtesy) at Carnegie Mellon University; From 2007 to 2012, he also served as the technical director for Carnegie Mellon's Cybersecurity Laboratory (CyLab). He earned his Ph.D. degree in Computer Science from Carnegie Mellon University under the guidance of J.D. Tygar, and spent three years during his Ph.D. degree at the University of California at Berkeley. He received his B.Sc. degree in Computer Engineering from EPFL. He is a recipient of the NSF CAREER award in 2004, IBM faculty fellowships in 2004 and 2005, the Sloan research fellowship in 2006, the Security 7 award in the category of education by the Information Security Magazine in 2009, the Benjamin Richard Teare teaching award in 2011, and the ACM SIGSAC Outstanding Innovation Award in 2013. Adrian's research revolves around building secure systems -- in particular secure future Internet architectures.

Adrian Perrig


Our research deals with issues that are relevant for all parts of society and the work within our group often appears in the press relating to topical concerns over security and privacy. Filter by research area.

Applied Cryptography

Formal Protocol Verification

Wireless Technology

Embedded Devices and IoT Security

Automotive Security


Cloud Security

Security and Privacy for Society

Cyber Security Education

Check back soon for more press coverage, select another research area, or follow us on Twitter to stay up to date with cutting edge research in cyber security and privacy.

The Guardian

Blockchain is this year's buzzword - but can it outlive the hype?

30 January 2018

As part of an article on the transformative potential of blockchain technologies, David Galindo comments on the possibility of replacing conventional mediators by providing transparency and accountability.


British Airways is tracking the faces of flyers as they move through Heathrow Terminal 5 - and it’s got privacy advocates in a spin

26 January 2018

In the wake of issues surrounding trials of facial recognition at airport gates, Garfield Benjamin comments on the privacy implications and research into accountable use of personal data.


Radio 5 Live Breakfast

10 January 2018

Flavio Garcia talks about issues in automotive security. [segment begins at ~52mins]


Marketplace Morning Report

4 January 2018

Ian Batten responds to the Meltdown vulnerability that affects Intel chips used on most modern computers, explaining who will be at risk in practice.


Intel Says Range of Chips Vulnerable to Hack, Denies ‘Bug’

3 January 2018

This article, including a quote by Ian Batten, discusses the scale of the Meltdown vulnerability that affects major chip vendors such as Intel. First in a seris on the security flaw, the piece focuses on Intel's response to the revelation of the attack including software patches to fix the issue.


Man-in-the-middle flaw left smartphone banking apps vulnerable

7 December 2017

This article contains coverage of a possible attack found by our researchers that affects smartphone apps from major banks. The vulnerability lies in certificate pinning, normally meant to prevent impersonation attacks, and was found using newly developed semi-automated tools.


New Security Protocol Seeks to Ensure Messages are Truly Private

28 September 2017

Covering research conducted with colleagues in Luxembourg and Oxford, this article highlights Mark Ryan's work developing the DECIM protocol to protect end-to-end encryption in messaging services from man-in-the-middle attacks.

Computer Scientists address gap in messaging privacy

27 September 2017

Describing Mark Ryan's work developing solutions to current weaknesses in end-to-end encryption protocols for messaging apps by detecting endpoint compromise, this article emphasises the formal security analysis that verifies the DECIM protocol.

American Banker

The mobile app security hole that should keep bankers up at night

1 May 2017

Emphasising the transatlantic impact of our work, this news item covers vulnerabilities in banking apps found by our researchers, involving certificates, TLS and man-in-the-middle attacks.


Hackable implanted medical devices can kill patients

5 December 2016

This article discusses the attack found by our researchers involving the interception and reverse-engineering of signals to medical implant devices from up to five meters away using standard equipment.


'Fatal' flaws found in medical implant software

1 December 2016

Reports on flaws in 10 different types of medical devices with potentially fatal consequences, discovered by Flavio Garcia and Tom Chothia with collaborators at University of Leuven, Belgium.

The Register

Fatal flaws in ten pacemakers make for Denial of Life attacks

1 December 2016

This article reports on research undertaken by Flavio Garcia and Tom Chothia with colleagues at KU Leuven that exposes wireless attack on implantable medical devices and pacemakers.

SC Magazine

Birmingham cyber-sec chair demonstrates business-academic collaboration

10 November 2016

This article covers the launch of Professor Mark Ryan's Research Chair in Cyber Security, sponsored by leading device manufacturer HP, which will develop new research in the cyber-physical systems of the IoT.

Computer Weekly

HP sponsors cyber security research chair at Birmingham University

9 November 2016

This article situates the five-year HP-funded Research Chair in Cyber Security for Professor Mark Ryan in the context of the UK government's cyber security agenda. The research will address key challenges in cyber security.

LA Times

Millions of cars' keyless entry systems can be hacked, security experts find

12 August 2016

As they flew to Texas to present their research at the USENIX Security 2016 conference, Flavio Garcia and David Oswald's research into vulnerabilities in car keyless entry systems travelled ahead of them to be featured in the LA Times.


'Millions' of Volkswagen cars can be unlocked via hack

12 August 2016

This article describes the work of Flavio Garcia and David Oswald in exposing the risks to millions of car owners posed by vulnerabilities in keyless entry. The article was in the top 5 most read on the BBC news site.


A New Wireless Hack Can Unlock 100 Million Volkswagens

10 August 2016

Two researchers from the Security and Privacy Group - Flavio Garcia and David Oswald - release the news of vulnerabilites in car keyless entry systems that enable wireless attacks. This can be achieved with cheap hardware in only 60 seconds and could potentially affect millions of car owners.

SC Magazine

US gov vulnerability disclosure requires oversight, says new report

20 June 2016

Flavio Garcia comments on a paper calling for the US government to overhaul its disclosure policies. Drawing on issues of research ethics, privacy and the improvement of cyber security systems, Dr Garcia argues that transparency and accountability are needed to ensure vulnerabilities are not misused by criminals or governments.


Midlands Cyber Crime Breakfast 2016

8 March 2016

Ian Batten represents the University of Birmingham at this event focused on defending businesses against cyber crime by identifying common vulnerabilities and explaining what businesses can do to protect themselves.


GCHQ summer school will pay students £250 per week

19 January 2016

In an article on GCHQ's summer school scheme, including quotes from the Security and Privacy group's Mark Ryan, highlights the current cyber security skills gap and one scheme that aims to overcome this.


Leeds Beckett University and Birmingham University On The Frontline Against Cyber Attacks

1 January 2016

As part of the government's £1.9 billion scheme to combat cyber attacks in the context of terrorist threats, this article focuses on a scheme by Leeds Beckett University and the University of Birmingham that will develop new tools for cyber security education.

Computer Weekly

The Higher Education Academy gives universities £500,000 to develop cyber security specialists

23 December 2015

In the wake of the government-identified skills gap in cyber security in the UK, the article highlights the large influx of funding from the HEA as well as focusing on a specific example of work being undertaken by new Birmingham's Security and Privacy group in conjunction wiht Leeds Beckett that aims to promote cyber security to students.

Parliament UK

Draft Investigatory Powers Bill Joint Committee - timeline

30 November 2015

Tracking the progress of the proposed bill concerning law enforcement powers to invade the privacy of online communications, Professor Mark Ryan features on the expert panel giving evidence to inform politicl and public debate of this contentious issue.

The Guardian

Security flaw affecting more than 100 car models exposed by scientists

18 August 2015

Following up on the previous banning of research publication concerning vulnerabilities in car electronic security systems, this article on the eventual release of the data details the resolution of the legal struggles and the security implications for car owners and manufacturers.

The Independent

Car-hacking scandal: How a security loophole left thousands of vehicles vulnerable to thieves

18 August 2015

Emphasising the real-world rise in hi-tech car theft, this article defends Security and Privacy Birmingham researchers' rights to publish and focuses on the car manufacturers' attempts to block the work that exposed a comparatively simple hack of a major car locking system.

The Telegraph

Thousands of cars vulnerable to keyless theft, according to researchers

18 August 2015

Responding to a previous article detailing the injunction against Birmingham researchers publishing their work, this article lists the makes and models of cars at risk, emphasising the genuine risks revealed by the real-world impact of the academic research.


Car immobiliser easy to crack, say researchers

14 August 2015

Emphasising the 'trivial' nature of the attack, this article explains the research conducted by Flavio Garcia of the Security and Privacy Group that exposed weaknesses in major car manufacturers' electronic locking systems, which had previously led to the research being banned from publication.

Debating Europe

What would save the music industry from digital piracy?

26 June 2015

Contributing to the debate of online piracy and privacy in the music industry, Tom Chothia of the Security and Privacy group outlines the complete lack of privacy underpinning the internet, as well as mentioning some ways users can go about choosing to add secure functions to their own computers.


Maybe Online Voting Isn’t A Pipe Dream After All

22 May 2015

Hailing the breakthrough as a "100% hacker-proof technique", this article goes on to emphasise the complexity of the system, stating that it "isn't remotely easy to use". Drawing on this discussion of the practicalities of such a system, the article focuses on the specific challenges presented by implementing an online voting system in the US.

The Daily Dot

The key to making online voting safe

17 May 2015

Focusing on the potential application of online voting in the US, this article discusses political implications before suggesting the need to expand the research in terms of further funding and testing as well as introducing businesses to work on developing hardware.

The Conversation

Online voting is convenient, but if the results aren’t verifiable it’s not worth the risk

14 May 2015

Written by University of Birmingham researchers working on the project, this discussion by academics in a popular media setting introduces the key issues surrounding the research and its application, emphasising the importance and risks of verifiable results for online voting.


Online democracy by 2020? University reveals e-voting security breakthrough

5 May 2015

Hailing the breakthrough as a scientific achievement and meeting the demands of a digital UK, this article looks towards the longer term practicalities and the need to balance security with usability

The Telegraph

Voting by computer could be standard within a decade

4 May 2015

This article frames the discussion of online voting in the context of replacing conventional paper voting methods, discussing the use of online voting to remove the possibility of rigging in paper systems versus the possible rigging of online voting through malware inserted directly into computers by foreign manufacturers. It also highlights the use of online voting to achieve a private ballot for blind voters as well as encouraging turnout among younger voters.

SC Magazine

Credit card style e-voting system could beat electoral fraud

4 May 2015

This article suggests that secure online voting is 20-30 years away, and cites Jeremy Epstein of SRI International who suggests the need to separate the technical issues from political factors.

Herald Scotland

E-voting devices could be ready for use in general elections by 2020

30 April 2015

Bringing a Scottish perspective to the issue of online voting in UK elections, this article focuses on the hardware involved in the Du-Vote system, emphasising the use of a separate, credit card-sized device.


Election 2015: How feasible would it be to introduce online voting?

27 April 2015

This article situates the research in its feasability for UK elections, in the context of current modes of online registration as well as considering financial and political factors. Discussing the impact of online voting on turnout, it cites the Estonian system, for which in 2005 4.9% of voters definitely would not have voted without internet voting.

The Conversation

How to protect yourself when GCHQ goes for your webcam

3 March 2014

As more and more devices are being connected the the Internet of Things, our homes are becoming increasingly under threat from hackers and government agencies. With the news of GCHQ intercepting and storing webcam images, Dr Tom Chothia of the Security and Privacy Group explains the security implications of connected devices and offers advice on how to protect your privacy.

The Conversation

University’s bitcoin gimmick masks accountability problem with online currency

22 January 2014

University of Birmingham researchers explore issues of accountability, privacy and crime with bitcoin, in the context of the University of Cumbria offering students to pay their tuition fees in the unregulated digital currency.

The Conversation

Digital democracy lets you write your own laws

16 December 2013

At the founding of the Commission on Digital, researchers from the Security and Privacy Group consider the impact of technologies in "Parliament 2.0" and future visions of participation in digital political systems.

The Conversation

Explainer: how do you destroy a hard drive?

23 August 2013

With the news of a dispute between The Guardian newspaper and GCHQ over a laptop used to store files provided by NSA whistleblower Edward Snowden, Dr Tom Chothia of the University of Birmingham explains the problems of storing and deleting information that resulted in the newspaper destroying its hard drive.

International Business Times

Car Hacking Study Blocked By England’s High Court, Would Reveal Ways To Unlock Porsches, Lamborghinis And Bentleys

31 July 2013

Focusing on the blocking of publication by a UK high-court, this article adds an international perspective to the potential impact of attacks-based security research on manufacturers and consumers, while acknowledging that Security and Privacy Birmingham researchers had already given the manufacturers reasonable disclosure of their findings.

The Guardian

Car hacking scientists agree to delay paper that could unlock Porsches

30 July 2013

Following on from a previous article detailing legal action seeking to ban Birmingham researchers from releasing their work on car security, this piece outlines the agreement reached to delay publishing material on ignition key cryptography that could expose Porsches and other cars to hacking and hijacking.


At VW's request, English court censors Usenix Security presentation on keyless entry systems for luxury cars

27 July 2013

Cyberculture author and privacy commentator Cory Doctorow highlights the imposition of restrictions on research by UK courts at the behest of car manufacturers, emphsaising that the companies were seeking to hide their incompetence and cover up the risks to which they had exposed their customers.

The Telegraph

Academic banned from publishing Porsche security codes

27 July 2013

Focusing on the impact for high-end luxury car manufacturers, this article defends the intentions of Birmingham researchers while acknowledging the potential criminal misuse of the research that led to a controversial high court injunction against publishing.

3G protocols come up short in privacy, say researchers

11 October 2012

Focusing on a paper written by the Security and Privacy group in collaboration with Technische Universitat Berlin and Deutsche Telekom Laboratories, this article explains the background of 3G and highlights the methods and findings of the research with a view to improving future mobile standards.

New Scientist

Honeytrap reveals mass monitoring of downloaders

4 September 2012

Emphasising the speed and scale of monitoring of BitTorrent downloads, this article briefly explains how peer-to-peer protocols work and describes the research undertaken by Security and Privacy Birmingham's Tom Chothia that uncovered the "massive monitoring" of popular downloads.


BitTorrent study finds most file-sharers are monitored

4 September 2012

This article highlights the surprising findings of Tom Chothia in a study on monitoring of file sharing, focusing on the speed and scale of monitoring as well as the kinds of organisations undertaking the monitoring, with implications for copyright enforcement and mass legal action.


Researchers: Your IP is logged within 3 hours of downloading a torrent

4 September 2012

Discussing a study by Birmingham researchers that uncovered large-scale monitoring of BitTorrent file sharing, the article highlights the length of time monitoring has occured whilst noting that tracking is focused on the most popular torrents, before questioning the purpose and potential use of the monitoring.

The Engineer

Automatic Vote Counting

26 May 2010

This article explores the potential of earlier collaborations between the University of Birmingham and the University of Surrey, with a combined physical and cryptographic approach to increasing the security, privacy and verifiability of vote counting through digitisation and automation.

The Register

Defects in e-passports allow real-time tracking

26 January 2010

Linking research conducted at Birmingham that exposed traceability attacks in e-passports with previous developments exposing the risks of embedding RFID in passports, this article goes on to question the security of e-passports in general.