I am Nick Merrill, a research scientist at the U.C. Berkeley Center for Long-Term Cybersecurity (CLTC).

My work

Generative art (2012-2014). I did a lot of art with Processing. (After college, I almost took a job at Sosolimited, but I decided to go to grad school at Berkeley instead.). My favorite project from this period is probably Lykkemat. Runners up: mind-controlled Reddit reader, neural network diffusion visualizer called nasty. (Scaleable neural networks, a la Geoff Hinton, were brand new then).

Ph.D.

I attended the U.C. Berkeley School of Information for my PhD.

Brain-computer interface (2013-2018). High off the Lykkemat project, I spent a lot of time building brain-computer interfaces, often with surprisingly cheap components. I worked on the Passthought project during my Ph.D. under John Chuang. Our crowning achievement was probably three-factor, single-step authentication using in-ear EEG.

Mind stuff (2014-2018). Since I was building stuff that could scan the brain, I started wondering: could machines ever read the mind? This was the subject of my dissertation, and roughly, I decided that the answer is yes, of course they can. But (1) engineers will have to decide what they think the “mind” is first, and (2) whatever they decide, the things they build will go on to shape social narratives, which will then feed back into future engineers’ beliefs, and so on. So, our notion of what the mind is shapes our notion of what technology can read it, and vice versa, and likely always has been. See a high-level explainer here.

Center for Long-Term Cybersecurity

In 2018, I became the inaugural postdoctoral fellow at the U.C. Berkeley Center for Long-Term Cybersecurity. After my postdoc, I stayed on as a research scientist, where I ran the Daylight Lab.

Security games (2018-2020). I developed easy-to-learn games as a security tool. From that work, I developed a game called Adversary Personas, which is now used by the U.S. Cybersecurity and Infrastructure Security Agency, Taiwan’s Ministry of Digital Affairs, and Meta. You can read some (independly authored) research on this technique here.

MLFailures (2019-). I noticed that students were graduating from Berkeley, going on to build AI models at some of the biggest companies in the world, but never got any hands-on experience with assuring the models they built are safe or fair! With Sam Greenberg and Inderpal Kaur, I developed the MLFailures Mini-Bootcamp—a series of lectures and Python labs designed to train the next generation of students to identify, discuss, and address the risks posed by machine learning algorithms. I taught this bootcamp yearly in Josh Blumenstock’s INFO 251 class. I also teach it three or four times a year to a mix of mid-to-senior-level U.S. congressional aides and Executive Branch officials (previously through the Wilson Center, now through SeedAI).

Internet Atlas (2020-). In 2018, Steve Weber, my postdoc advisor came to me with something like, “Hey, people are talking about internet fragmentation—what’s going on?” The answer turned out to be very interesting and complicated. Geopolitical dynamics shape the internet and vice versa. Also, due to weak antitrust enforcement in the U.S., the whole internet is run by, like, five companies (including ones you’ve never heard of), and an outage in any one would probably turn the whole internet off. This work took me to Taiwan, where I studied the dynamics of Taiwan’s internet during an invasion. Data from this project hydrates the Internet Society’s Pulse dashboard. My favourite project so far is probably Inside the Internet, co-authored with Tejas Narechania.

Secure Clean Energy (2024-). Ann Cleaveland, the executive director of CLTC, asked, “What does the clean energy transition mean for cybersecurity?” (She actually asked *several* times, but I always thought I was so busy... Eventually, something flipped, and I knew I had to work on the question). With a grant from OpenPhilanthropy, the Secure Clean Energy project was born. Small but mighty, this substack is (as far as I know) the premier resource on the intersection between cybersecurity and the clean energy transition.

ewweh ṭuuxi huyyuwiš (brighter days lie ahead)