Steven Murdoch
LightNews LightNews
steven.murdoch.is
Steven Murdoch
@steven.murdoch.is
1.2K followers 220 following 92 posts
Professor of Security Engineering; Head of UCL Information Security Research Group @sec.cs.ucl.ac.uk; Director Open Rights Group. 🐘 https://mastodon.social/@sjmurdoch 🐦 @sjmurdoch 🌍 https://murdoch.is/
Posts Replies Media Videos
steven.murdoch.is
UCL Computer Science are hiring Section Managers to support the development and delivery of teaching, research, and strategy within their section. I’ll be leading the Foundational Computer Science section, where the InfoSec group is based. www.ucl.ac.uk/work-at-ucl/...
August 12, 2025 at 11:14 AM
Reposted by Steven Murdoch
sec.cs.ucl.ac.uk
“$5 Wrench Attacks: When Cryptocurrency Crime Get Physical”, a post on Bentham’s Gaze by Marilyne Ordekian discussing when XKCD comics become reality – www.benthamsgaze.org/2025/07/22/5...
Actual actual reality: nobody cares about his secrets. (Also, I would be hard-pressed to find that wrench for $5.)
July 22, 2025 at 5:18 PM
steven.murdoch.is
I am recruiting mental-health experts (clinical psychologists and psychiatrists) for an in-person workshop in London to discuss a mobile app for mental health care. Participants will receive £500+expenses for their time. If you might be interested please email [email protected]
June 6, 2025 at 1:42 PM
Reposted by Steven Murdoch
sec.cs.ucl.ac.uk
On our new paper published at IEEE Security and Privacy – “A Privacy Framework for Research Using Social Media Data”, a summary by Kyle Beadle. www.benthamsgaze.org/2025/05/15/a...
A Privacy Framework for Research Using Social Media Data
Social media data enables researchers to understand current events and human behavior with unprecedented ease and scale. Yet, researchers often violate user privacy when they access, process, and stor...
www.benthamsgaze.org
May 15, 2025 at 2:00 PM
steven.murdoch.is
AI-based scam checkers are gaining popularity but I would be cautious in following their advice unless the company is willing to stand behind it. For example, Metro Bank makes bold claims but the fine print absolves them of any responsibility for errors. www.metrobankonline.co.uk/ways-to-bank...
13.7. The AI-generated content and information is provided for general information purposes only and is not intended to constitute or substitute legal or other professional advice of any kind whatsoever. The AI-generated content and information is not intended or implied to be a substitute for professional advice. 13.8. You are encouraged to confirm any information obtained from or through Silver with other sources and review all information provided. Please do not disregard professional advice or delay seeking advice because of something you have read on our website or in the AI-generated content and information. 13.9. We make no representations about the suitability, reliability, timeliness, comprehensiveness, and accuracy of the AI-generated content and information, and other content produced by Silver.
April 14, 2025 at 2:04 PM
steven.murdoch.is
I have an open PhD position at @sec.cs.ucl.ac.uk on applying traffic-analysis resistance techniques to protect industrial control systems. Full funding is available for home-fee status students (deadline 15 April). www.ucl.ac.uk/security-cri...
April 7, 2025 at 8:11 PM
Reposted by Steven Murdoch
openrightsgroup.org
Whisper it, the showdown over Apple encryption is THIS WEEK ⏱️

🤐 A secret tribunal will hear the appeal against the government’s order to carve a backdoor into Apple’s encrypted services.

🛑 Our cybersecurity and privacy shouldn’t be decided in the shadows.

www.computerweekly.com/news/3666203...
Secret London tribunal to hear appeal in Apple vs government battle over encryption | Computer Weekly
The decision by home secretary Yvette Cooper to issue a Technical Capability Notice requiring Apple to give UK law enforcement and intelligence services “backdoor” access to data stored by Apple’s cus...
www.computerweekly.com
March 11, 2025 at 4:57 PM
steven.murdoch.is
Until now, the UK government recommended that individuals at high risk, like legal professionals, enable Apple Advanced Data Protection (ADP). Apple disabled ADP following government pressure, and now the NCSC quietly deleted their guidance recommending ADP.
March 6, 2025 at 4:10 PM
steven.murdoch.is
The article refers to the Investigatory Powers Tribunal, but I can’t see any description of how this falls into the type of complaints the IPT handles. Can anyone more qualified work out what’s actually going on?
openrightsgroup.org Open Rights Group @openrightsgroup.org · Mar 4
🚨 BREAKING 🚨

Apple appeals the UK government’s order to backdoor its encrypted services.

The fight to save encryption continues. Why? Backdoors are a gift for criminals and predators.

We must keep our personal data and family photos secure. We need encryption.

www.theverge.com/news/623977/...
Apple reportedly challenges the UK’s secretive encryption crackdown
Apple’s appeal could reportedly be heard as soon as this month.
www.theverge.com
March 4, 2025 at 8:29 PM
Reposted by Steven Murdoch
matthewdgreen.bsky.social
So here’s a simple request to Apple. Apple iMessage needs to enable “disappearing messages.” And they need to do it soon. blog.cryptographyengineering.com/2025/03/01/d...
Dear Apple: add “Disappearing Messages” to iMessage right now
This is a cryptography blog and I always feel the need to apologize for any post that isn’t “straight cryptography.” I’m actually getting a little tired of apologizing for i…
blog.cryptographyengineering.com
March 1, 2025 at 5:03 PM
Reposted by Steven Murdoch
openrightsgroup.org
🚨 APPLE WITHDRAWS ENCRYPTION TECH FROM UK 🚨

The Home Office’s actions have deprived millions of Britons from accessing a security feature.

UK citizens will be at higher risk of their personal data and family photos falling into the hands of criminals and predators ‼️

www.bbc.co.uk/news/article...
Apple pulls data protection tool after UK government security row
Customers' photos and documents stored online will no longer be protected by end to end encryption.
www.bbc.co.uk
February 21, 2025 at 4:24 PM
Reposted by Steven Murdoch
openrightsgroup.org
Encryption IS online safety 💡

Keeping data secure is key when hackers are skilled at unpicking accounts.

So why does the UK government want to make us unsafe by ordering a backdoor to Apple encrypted services?

✍️ Sign to save encryption this #SaferInternetDay.

you.38degrees.org.uk/petitions/ke...
Keep our Apple data encrypted
It is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud. Encryption keeps...
you.38degrees.org.uk
February 11, 2025 at 1:22 PM
Reposted by Steven Murdoch
michae.lv
Now hiring in law & tech @ucllaws.bsky.social!
Lecturer/Assoc Prof in IP & IT law: intersection of platform reg, emerging tech, copyright/designs.

Join me @bernardkeenan.bsky.social Orla Lynskey @alinatrapova.bsky.social Ilanah Fhima, Matt Fisher, Robin Jacob & friends
www.ucl.ac.uk/work-at-ucl/...
We are looking to appoint to one or more posts in IP/IT Law, as Associate Professor or Lecturer in Law. Applications from colleagues who can also teach in other subject areas, including French Law, are most welcome. The closing date for applications is 28 February 2025. Interviews will likely take place in the week(s) commencing 05 and 12 May 2025. About you Successful candidates will be expected to engage in world leading research, and to contribute to the Faculty’s development and advancement of both intellectual property and information technology law and policy, and other areas of law falling within their subject matter expertise. It is also expected that the post-holders will contribute to all aspects of the academic life of the Faculty and University. The Faculty has a particular interest in recruiting scholars with research interests in copyright law, platform regulation, enforcement with and through technology, and the intersection of emerging technologies with other IP rights such as designs. UCL Laws faces growing demand for teaching and engagement on IP and IT issues from other parts of the university, as well as in executive education, and we particularly welcome applicants with interest and experience of teaching contested legal topics to technologists, creatives and other non-lawyers. Reflecting the broad strength of the Faculty, we welcome scholars from a wide array of approaches to these issues — socio-legal, comparative, doctrinal, empirical, historical and/or theoretical and interdisciplinary approaches. Applicants should, however, pay particular attention to how their work illustrates their capacity for depth and rigour in a fast-moving field prone to superficial analysis.
February 10, 2025 at 1:25 PM
steven.murdoch.is
Why is it still possible to write a date where the day of the week doesn’t match the day of the month? This doesn’t need AI; a regular expression would do. I want a big red underline if I ever write “Thursday 5 February”. Has someone patented this and spoiled it for everyone?
February 5, 2025 at 5:19 PM
Reposted by Steven Murdoch
meredithmeredith.bsky.social
Thinking about this classic recently, which is available free here:

monoskop.org/images/d/df/...
Cover of Electronic Civil Disobedience and Other Unpopular Ideas by Critical Art Ensemble.
February 4, 2025 at 9:19 AM
steven.murdoch.is
The government is reviewing the legal presumption that electronic evidence is reliable. I was one of several experts to comment on this news. www.computerweekly.com/news/3666183...
Review of legal rule on computer evidence long overdue, say Post Office scandal victims | Computer Weekly
Computer Weekly talks to people who suffered miscarriages of justice at the hands of flawed computer evidence as well as experts in law and IT, as the government commits to review the legal presumptio...
www.computerweekly.com
January 24, 2025 at 2:24 PM
steven.murdoch.is
It’s worth noting that the TikTok ban doesn’t itself target TikTok but instead makes app stores and hosting providers liable for distributing TikTok. I can understand why intermediaries are the focus, but this seems to set a different precedent that imposing liabilities on TikTok itself.
January 17, 2025 at 6:14 PM
steven.murdoch.is
My take on the AI Action Plan – good: encouraging APIs and standardisation; bad: focus on dataset release rather than controlled access (anonymisation has a poor track record for rich data); concerning: prioritisation of novelty over doing the right thing. www.gov.uk/government/p...
AI Opportunities Action Plan
Recommendations for the government to capture the opportunities of AI to enhance growth and productivity and create tangible benefits for UK citizens.
www.gov.uk
January 13, 2025 at 6:52 PM
steven.murdoch.is
I spoke to @fattoquotidiano.bsky.social on whether British police have the capability to extract data from a @grapheneos.org phone without the passcode. As far as is publicly disclosed, Cellebrite can’t break the protection but less is known about competing forensics tools.
January 10, 2025 at 1:16 PM
Reposted by Steven Murdoch
sec.cs.ucl.ac.uk
Funded opportunity for a PhD studentship on Trustworthy Machine Learning in the UCL InfoSec Research Group. Further details are in the thread below (application deadline 28 January).
fbpierazzi.bsky.social Fabio Pierazzi @fbpierazzi.bsky.social · Dec 19
[1/5] #Opportunity to Apply for a Fully-Funded PhD in Trustworthy ML for Malware Detection at UCL CS @sec.cs.ucl.ac.uk

Deadline: Jan 28, 2025

Are you passionate about ML and Systems Security? Are you curious to understand root causes performance decay of ML-based malware detection over time?
January 6, 2025 at 3:36 PM
Reposted by Steven Murdoch
saweis.net
Tour of WebAuthn by Adam Langley:
www.imperialviolet.org/tourofwebaut...
A Tour of WebAuthn
www.imperialviolet.org
December 23, 2024 at 7:16 PM
Reposted by Steven Murdoch
openrightsgroup.org
Open Rights Group is hiring 🚀

Our Operations Manager is going on maternity leave in March 2025. We're looking for someone who can ensure that ORG continues to run smoothly behind the scenes.

Find out more and apply now.

⏰ Closes 17 December, 9am
🗓️ 14 months FT
➡️ app.beapplied.com/apply/xvezly...
Hiring: ORG Recruitment
December 4, 2024 at 9:47 AM
Reposted by Steven Murdoch
susansegfault.bsky.social
Big privacy/digital tech policy event in London this Thurs - Scrambling for Safety (sign ups here: www.eventbrite.co.uk/e/scrambling... and online here: www.eventbrite.co.uk/e/scrambling...). Critical talks + panels on Chat Control, Online Safety Bill, and AI in govt. Pic of my sleepy dog unrelated.
Unrelated picture of a sleeping Corgi
November 25, 2024 at 11:49 AM
Reposted by Steven Murdoch
openrightsgroup.org
Open Rights Group fights to protect digital rights 🦾

Becoming a member helps us to campaign, lobby, go to court – whatever it takes to challenge restrictions to our human rights.

Join the movement today ⬇️

#DigitalRightsAreHumanRights

www.openrightsgroup.org/join/
Become a member
Open Rights Group is the UK’s largest grassroots digital rights campaigning organisation, fighting to protect everyone’s rights to privacy and free speech online.
www.openrightsgroup.org
November 17, 2024 at 3:37 PM
Reposted by Steven Murdoch
alecmuffett.bsky.social
3rd edition of Ross Anderson’s Security Engineering now freely available for download | Light Blue Touchpaper
https://alecmuffett.com/article/110651
#RossAnderson #SecurityEngineering
3rd edition of Ross Anderson’s Security Engineering now freely available for download | Light Blue Touchpaper
Thanks, Ross. We miss you.
alecmuffett.com
November 15, 2024 at 8:10 AM