No Coffee, No Research
of the employees at CISPA drink coffee
drink 1-3 cups of coffee a day
drink their coffee with milk (or milk substitute) and/or sugar/sweetener
prefer filter coffee
drink neither capsule/french press nor coffee with pods
Coffee cups were photographed for the campaign
Our collection of coffee cups at CISPA is every bit as diverse as the people who work and do research here. It is not uncommon for ideas on research projects to be born over a chat at the coffee machine in our kitchens. That's why we thought it was time to get our researchers to join us at the coffee table and ask them questions over a cup of joe. Questions like: 'What are passkeys, anyway?' 'Will processors ever be truly secure?' or 'Do all people have the same needs when it comes to IT security and privacy?' Have fun watching our coffee chats!
Has Olaf Scholz ever called you to give you election tips? No? Lucky you! In the US state of New Hampshire in January 2024, many voters supposedly had US President Joe Biden on the phone, advising them not to go to the primaries. These kinds of fake calls, so-called robocalls, have become a popular election-campaign tool in the USA. There are also large numbers of AI-generated videos, images, and texts circulating worldwide. For us humans, these so-called deepfakes are almost impossible to recognize. Automated detection methods could and should help us in the future, says CISPA researcher Lea Schönherr in the latest episode of our interview series “No Coffee, No Research”. However, due to the rapid development of generative AI, these methods often reach their limits and are not yet robust enough. So, what can we do? Stay persistent and keep on researching—just like Lea.
"That new technologies come with challenges is not uncommon. The question is how to deal with them."
Lea Schönherr has been a Tenure-Track Faculty at CISPA since 2022. Prior to that, she worked at Ruhr University Bochum (RUB) in the DFG Excellence Cluster "Cyber Security in the Age of Large-Scale Adversaries" (CASA).
Lea conducts research in information security with a focus on adversarial machine learning. She earned her PhD in 2021 from Ruhr University Bochum, where she was supervised by Professor Dr.-Ing. Dorothea Kolossa in the Cognitive Signal Processing group. She received two scholarships from UbiCrypt (DFG Graduate School) and CASA (DFG Excellence Cluster).
He’s the worst nightmare of every CPU manufacturer’s security division: CISPA-Faculty Dr. Michael Schwarz! Whenever there’s a new CPU on the market, his and his team’s work of poking and prodding begins, revealing vulnerabilities and bugs along the way. Riding on his third coffee of the day, he tells us why one of the biggest advantages of our computers, their versatility, is what makes them more susceptible to bugs. He also discusses how the CPU market is about to change and why showing the world how to break an already released CPU can be a complicated ethical question. Get yourself a coffee and prepare for a ride through the world of hardware security!
"We can't assume we're the smartest people in the world and no one else will find these vulnerabilities."
Michael Schwarz has been with CISPA since 2020. He has been awarded the Austrian research prize, the ‘Award of Excellence’, for his dissertation ‘Software-based Side-Channel Attacks and Defenses in Restricted Environments’ at TU Graz. Since January 1, 2024, he has been tenured, i.e. a Faculty for life.
Michael Schwarz specialises in side-channel attacks in microarchitectures and in system security. He was part of one of the research teams that in the past found the Meltdown, Spectre, Fallout, LVI and ZombieLoad vulnerabilities in processors, among others.
"In the morning, one or two cups, and then another four or five throughout the day... CISPA researcher Ben Stock certainly lives up to the name of our series with his coffee consumption—and, of course, also with his research on web security. When asked how secure emails actually are, his clear response was: 'So-so.' He pointed out several reasons for this: no standard end-to-end encryption, insufficient security measures on the part of email providers, making emails the perfect tool for phishing attacks, and the lack of consistent security measures across different mail servers. Phew. Thankfully, Ben also offers tips on how we as users can at least protect ourselves a little."
"Emails are more or less a public space."
Dr. Ben Stock is a tenured Faculty at CISPA. Prior to that, he completed the tenure track at CISPA and was a research group leader and previously postdoctoral researcher at the Center for IT-Security, Privacy and Accountability at Saarland University in the group of Michael Backes. Before joining CISPA, he was a PhD student and research fellow at the Security Research Group of the University Erlangen-Nuremberg, supervised by Felix Freiling. During that time, he was fortunate enough to join Ben Livshits and Ben Zorn at Microsoft Research in Redmond for an internship.
Ben's research interests lie within Web Security, Network Security, Reverse Engineering, and Vulnerability Notifications.
If you’ve ever used AI tools such as ChatGPT, you might have wondered sometimes: where does that machine gets all its knowledge of the world from? Well, Franziska knows the answer: it learns it from your data. The data you leave on the internet, voluntarily or involuntarily. In terms of privacy, that is not ideal, as Machine learning models can leak private data. Which is especially critical in fields such as medicine. Luckily, Franziska and her team are working on improving the privacy of machine learning models, while also making sure their predictions are as accurate as possible. And also luckily, her research is heavily fueled by coffee! We brewed her a fresh one and asked her about her work.
"This process of turning data into machine learning models is to some degree invertable, so we can to some degree get out what data is inside that model."
Franziska is a Tenure Track Faculty at CISPA since 2023 and is co-leader of the SprintML lab for secure, private, robust, interpretable and trustworthy machine learning. Previously, she was a Postdoctoral Fellow at the Vector Institute for Artificial Intelligence. She completed her PhD at the Free University of Berlin and was a research associate at the Fraunhofer Institute for Applied and Integrated Security (AISEC).
Franziska's research focuses on the intersection of trustworthy machine learning (ML) and data protection from the perspective of individual users and data owners.
She enjoys traveling a lot, often bringing her PhD students along. The reason: as a usable security researcher, it's important for her to examine IT security mechanisms from various perspectives and test their practical applicability. This raises the question: Whose practical needs should security features actually meet, and do all people have the same privacy and security requirements? Her clear answer is: "No." The interplay between society, individuals, and technology is complex and still poorly understood in some cultures and regions of the world. According to Katharina, the socio-technical problems that arise can only be solved through intensive research, immersing oneself in different cultures, and maintaining an open-minded perspective.
"Science must build bridges."
Dr. Katharina Krombholz has been researching at CISPA (Center for IT-Security, Privacy, and Accountability) since 2018. Before that, she was a Senior Researcher at SBA Research in Vienna. She completed her doctoral thesis with distinction in Vienna in 2016.
Katharina Krombholz is leader of the Usable Security group at CISPA. Her research focuses on users and looks for ways to design technical solutions for real-life application and threat scenarios and to research what user reality looks like and what users' needs are in the first place.
Tobias is a science editor with a focus on digital media, especially video, photography and podcasting. He joined CISPA in 2019.
Annabelle is a science editor with a focus on text and podcast production. She joined CISPA in 2021.