COINS@SWITS Uppsala 2014 

We attended the SWITS seminar with a COINS delegation also this year. SWITS is the Swedish Network of IT Security Students, in many ways a network of Ph.D. students and faculty like COINS. Berglind Smaradottir, Vivek Agrawal, and Yi-Ching Liao joined from COINS. SWITS organised its annual seminar for the 14th time. It is held […]

Winter is back 

I traveled to Finse this week to attend the annual FRISC Finse winter school in information security. On Wednesday morning, it started to snow, and since Finse is 1,200m above sea level, the snow did not vanish on my way to the seminar. I took the bus from Gjøvik, connected in Fagernes, crossed Tonsåsen und […]

Gary McGraw at HiG 

Gary McGraw gave a guest lecture on software security at HiG. The lecture was titled „Cyber War, Cyber Peace, Stones, and Glass Houses“. He stressed that the focus of the security (research/operations) community was too much on incident handling and offensive capabilities instead of building secure systems. The lecture was inspiring and entertaining, put software […]

Scatter plot for Ph.D. student progress 

I experimented with the statistics we have on Ph.D. students in COINS to find out whether there could be meaningful indicators for progress. A coarse approach to measure progress (or efficiency) is to start with equating a Ph.D. training with 5,400 hours. Most students take more time, but normalised time is 180 ECTS = 5,400 […]

Why is there just one woman in the room? 

Recently, I brought my daugthers to a project meeting. They do not attend school yet, and are at an age where they ask a lot of questions. „Why is there just one woman in the room? Will there come more women later?“ were questions to which I did not have a good answer. Out of eighteen […]

We cannot resolve our billing issues, so we just cancel your account 

For the SKYLINE project, I had created several accounts with IaaS cloud service providers. They would all bill based on the amount of resources consumed, so having the account dormant after completion of the project should have been no big deal. A year later, I got three emails from OpSource on the same day: Credit Card […]


I was in Stavanger this week, combining a lot of activities. Monday was for meetings. We had the steering committee for the Norwegian network-based COINS Research School of Computer and Information Security, followed by a meeting in the standing committee of the Forum for Research and Innovation in Security and Communications. In the afternoon, I […]

Students win prize for best bachelor thesis 

Earlier this year, I supervised a group of students on their bachelor thesis. They developed a key logger to advance research in behavioural biometrics. Now they won the Eureka prize for best bachelor thesis at HiG. Congratulations, Magnus, Robin and Lasse!


I attended MyPhD last week to explore their concept of Ph.D. student workshops and to learn from their experience. MyPhD is an informal network of professors and Ph.D. students in applied IT security in Germany. There is no legal entity for the network and collaboration happens because of a common will to bring together students […]

Mobile phone security 

I was recently asked by Computerworld to contribute some statements on security of and our dependency on mobile phones. The first response I got was an email by a former student on a Sunday afternoon that my name appeared in an article on It turned out that they cited a Computerworld article that had […]