(Source: Varsity) This has implications for institutions like U of T. “If an attacker successfully gets malware on a U of T device, that malware could use these vulnerabilities to steal passwords or keys being used on that device,” said David Lie, a software securityexpert and professor in the Department of Electrical and Computer Engineering.