The Munk School of Global Affairs & Public Policy in the Faculty of Arts & Science at the University of Toronto invites applications for a full-time tenure stream position in the area of Information Security. The appointment will be at the rank of Assistant Professor, with an exp … | Continue reading
We confirm that two members of Serbian civil society were targeted with spyware earlier this year. Both have publicly criticized the Serbian government. We are not naming the individuals at this time by their request. The Citizen Lab’s technical analysis of forensic artifacts was … | Continue reading
On June 14, 2022, Bill C-26, an Act respecting cybersecurity, amending the Telecommunications Act and making consequential amendments to other Acts, was introduced into Parliament for the first reading by Canada’s Minister of Public Safety, Marco Mendicino. Hearings on Bill C-26 … | Continue reading
As part of our ongoing project monitoring changes to Chinese search censorship, we tracked changes to censorship following Li Keqiang’s death across seven Internet platforms: Baidu, Baidu Zhidao, Bilibili, Microsoft Bing, Jingdong, Sogou, and Weibo. We found that some keyword com … | Continue reading
This report offers 29 recommendations to the draft legislation in an effort to correct its secrecy and accountability deficiencies, while also suggesting amendments which would impose some restrictions on the range of powers that the government would be able to wield. It is impor … | Continue reading
R3D, with technical support from the Citizen Lab, has determined that Mexican journalists and a human rights defender were infected with Pegasus between 2019 and 2021. | Continue reading
We identified a network of 885 websites and attributed these websites with high confidence as having been used by the United States (US) Central Intelligence Agency (CIA) for covert communication. | Continue reading
Since our report in August 2021, we find that Apple has eliminated their Chinese political censorship in Taiwan. However, Apple continues to perform broad, keyword-based political censorship outside of mainland China in Hong Kong, despite human rights groups’ recommendations for … | Continue reading
In this report, we describe how activists and dissidents living in Canada are impacted by digital transnational repression. We conclude that digital transnational repression has a serious impact on these communities, including their ability to undertake transnational advocacy wor … | Continue reading
Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infec … | Continue reading
On September 28, the Citizen Lab published an analysis of COVID-19 data collection practices. In this post, we discuss the significance of the findings with report authors. | Continue reading
Front Line Defenders’ analysis indicated that six devices belonging to six Palestinian human rights defenders were hacked with Pegasus, a spyware developed by the cyber-surveillance company NSO Group. Both the Citizen Lab and Amnesty International’s Security Lab independently con … | Continue reading
Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus opera … | Continue reading
In this report, we undertake a preliminary comparative analysis of how different information technologies were mobilized in response to COVID-19 to collect data, the extent to which Canadian laws impeded the response to COVID-19, and the potential consequences of reforming data p … | Continue reading
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and W … | Continue reading
We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for H … | Continue reading
Within mainland China, we found that Apple censors political content including broad references to Chinese leadership and China’s political system, names of dissidents and independent news organizations, and general terms relating to religions, democracy, and human rights. And ac … | Continue reading
Citizen Lab's peer review of Amnesty International's forensic techniques to identify Pegasus spyware concludes they are sound. | Continue reading
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty Intern … | Continue reading
In its most recent response to the Citizen Lab regarding the The Great iPwn report, NSO Group extended an invitation to meet and discuss the Citizen Lab’s concerns and NSO Group’s “program” in more detail. We do not believe this invitation is made in good faith and have declined … | Continue reading
A comparative analysis of security, privacy, and censorship issues in TikTok and Douyin, both developed by ByteDance. | Continue reading
Government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, … | Continue reading
Circles is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe, and is affiliated with NSO Group, which develops the oft-abused Pegasus spyware. Using Internet scanning, we … | Continue reading
This report examines algorithmic technologies that are designed for use in criminal law enforcement systems, including a human rights and constitutional law analysis of the potential use of algorithmic policing technologies. | Continue reading
On September 1st, the Citizen Lab and the International Human Rights Program at the University of Toronto’s Faculty of Law released a report that investigated the use and human rights implications of algorithmic policing practices in Canada. This document provides a summary of th … | Continue reading
As a follow-up to our March 2020 report, we conducted daily tests on WeChat and collected 2,174 censored keywords between January to May 2020. This data provides a view into how narratives and messaging on the pandemic are controlled and molded on social media in China. | Continue reading
The encroachments to OTF highlight why independent and transparent funding sources for research and development on Internet freedom are so important. Providing this type of support within a large government organisation can be difficult. OTF was an example of how to do that right … | Continue reading
Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report hig … | Continue reading
This document provides a summary of the Citizen Lab's WeChat surveillance research findings, as well as questions and answers from the resesearch team. | Continue reading
WeChat communications conducted entirely among non-China-registered accounts are subject to pervasive content surveillance that was previously thought to be exclusively reserved for China-registered accounts. | Continue reading
This report examines the encryption that protects meetings in Zoom and finds that they have made their own encryption scheme and has significant weaknesses. | Continue reading
The analysis of YY and WeChat indicates broad censorship—blocking sensitive terms as well as general information and neutral references—potentially limiting the public’s ability to access information that may be essential to their health and safety. | Continue reading
New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDO … | Continue reading
Citizen Lab senior researcher John Scott-Railton discuss why WhatsApp is suing NSO Group after discovering their spyware was used to target 1,4000 users—100 of whom were members of civil society—and why this is a significant bellwether. | Continue reading
This is the first documented case of one-click mobile exploits used to target Tibetan groups, and reflects an escalation in the sophistication of digital espionage threats targeting the community. | Continue reading
In this work, we study how Tencent implements image filtering on WeChat. We found that Tencent implements realtime, automatic censorship of chat images on WeChat based on what text is in an image and based on an image’s visual similarity to those on a blacklist. Tencent facilitat … | Continue reading
The report includes technical elements associated with stalkerware applications, marketing activities, and compliance with Canadian privacy legislation. | Continue reading
Using Endless Mayfly as an illustration, this highlights the challenges of investigating & addressing disinformation from research & policy perspectives. | Continue reading
A new paper by the Citizen Lab investigates how Chinese censorship reaches independent developers and reveals that, while developers include censorship lists in open source projects, there is little apparent similarity in these blacklists, raising several questions about their or … | Continue reading
An investigation revealing that Mexican soda tax supporters were targeted with NSO Group's government-exclusive spyware and exploit framework. | Continue reading
Ahmed Mansoor was targeted by NSO Group, an Israel-based “cyber war” company that sells Pegasus, a government-exclusive “lawful intercept” spyware product. | Continue reading
In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations. | Continue reading
This report analyzes the information control practices related to a national crackdown on Chinese rights lawyers and activists on two leading Chinese social media networks. We document the Search filtering on Weibo, China’s Twitter-like service, as well as keyword and image censo … | Continue reading