Please note: This talk will take place in DC 1304 and online.
Thomas Ristenpart, Professor
Department of Computer Science, University of Toronto
Computer security is traditionally about the protection of digital systems from adversaries such as criminals or governments. In this talk, I will explore interpersonal threat models, in which the adversary is a member of the victim’s social circles — an intimate partner, family member, or other close acquaintance — and who seeks to cause harm to the victim, not just their technology. Such known-adversary threat models are a widespread and increasingly severe problem, and their study opens up a new frontier for computer security research and practice.
This perspective has emerged from my research and advocacy in the context of interpersonal abuse contexts such as intimate partner violence (IPV) and human trafficking. Our research details the multifaceted and damaging ways in which abusers exploit technology to harass, impersonate, threaten, monitor, intimidate, and otherwise harm their target via spyware, social media, tracking tools, account compromise, and more. To make progress, I take an advocate-scientist approach that blends ongoing evidence-based design and delivery of clinics that directly assist survivors suffering tech abuse; systemic advocacy for new laws and policies; and basic research into how to design technology to improve its security in the face of known-adversary threats. The latter requires understanding and resolving complex tensions between known-adversary and traditional threat models, with result being principled reworkings of some of our most fundamental security tools to increase security and safety for all users.
The talk will include discussion of physical, sexual, and emotional violence.
Bio: Thomas Ristenpart is a professor at the University of Toronto. He has been faculty at Cornell Tech and the department of computer science at Cornell University since May, 2015, and before that spent four and a half years as an assistant professor at the University of Wisconsin-Madison. He completed his PhD at UC San Diego in 2010.
His research spans a wide range of computer security topics, with recent focuses including digital privacy and safety in interpersonal violence, anti-abuse mitigations for encrypted messaging systems, improvements to authentication mechanisms including passwords, and topics in applied and theoretical cryptography. His work is routinely featured in the media and has been recognized by numerous distinguished paper awards, three ACM CCS test-of-time awards, one USENIX Security test-of-time award, an Advocate of New York City award, an NSF CAREER Award, and a Sloan Research Fellowship.
To attend this talk in person, please go to DC 1304. You can also attend virtually on Zoom.