We analyze the system Amazon deploys on the US “amazon.com” storefront to restrict shipments of certain products to specific regions. We found 17,050 products that Amazon restricted from being shipped to at least one world region. - While many of the shipping restrictions are rel … | Continue reading
The Munk School of Global Affairs & Public Policy in the Faculty of Arts & Science at the University of Toronto invites applications for a full-time tenure stream position in the area of Information Security. The appointment will be at the rank of Assistant Professor, with an ant … | Continue reading
The Munk School of Global Affairs & Public Policy in the Faculty of Arts & Science at the University of Toronto invites applications for a full-time tenure stream position in the area of Social Sciences and Digital Technologies. The appointment will be at the rank of Assistant Pr … | Continue reading
On November 14, 2024, The Citizen Lab’s Irene Poetranto will participate in the panel “What the World Can Learn from Indonesia’s Democracy” hosted by the Asian Institute, Munk School of Global Affairs & Public Policy at the University of Toronto. | Continue reading
On November 13, 2024, The Citizen Lab’s director Ron Deibert will deliver a keynote titled “Digital parasites: Mapping the new frontiers of espionage, subversion, and Dark PR” at The Hague Program’s 2024 Conference on International Cyber Security. Visit the The Hague Program to l … | Continue reading
In an interview with CTV Kitchener, The Citizen Lab’s director Ron Deibert discusses the U.S. Department of Commerce’s decision to remove Sandvine from the Entity List. | Continue reading
Under the general direction of The Citizen Lab Director and the Administrative Director, Citizen Lab, and reporting to the Systems and Security Technical Lead, the System and Security Administrator manages the security support needs of The Citizen Lab, carrying out a range of inf … | Continue reading
In an article for the Harvard Kennedy School’s Misinformation Review, Gabrielle Lim, doctoral fellow at The Citizen Lab, and co-authors Irene Pasquetto (University of Maryland) and Samantha Bradshaw (American University), discuss the complex challenges facing the field of misinfo … | Continue reading
The Citizen Lab’s director Ron Deibert is presenting a paper, co-authored with senior legal researcher Siena Anstis, at the Knight First Amendment Institute at Columbia University’s event Regardless of Frontiers: First Amendment & Exchange of Ideas Across Borders. | Continue reading
微信有超過十億每月活躍使用者,我們分析了微信使用的主要網路協定 MMTLS 的安全和隱私特性,並發佈了首篇公開的研究報告。 | Continue reading
微信是一款具有多种功能的应用程序。之前,我们研究了小程序的隐私问题及其监视以及审查文本和图像消息。本研究重点研究微信的网络加密协议及其安全性。 | Continue reading
微信是一個具有許多功能的應用程式。之前我們研究過圍繞小程式的隱私問題,以及微信對文字和圖片訊息的監視及審查。在這項研究中,我們主要關注微信的網路加密協定及其安全性。 | Continue reading
Research FAQ for the full report "Should We Chat, Too? Security Analysis of WeChat’s MMTLS Encryption Protocol" | Continue reading
This report performs the first public analysis of MMTLS, the main network protocol used by WeChat, an app with over one billion users. The report finds that MMTLS is a modified version of TLS, however some of the modifications have introduced cryptographic weaknesses. | Continue reading
Microsoft’s Digital Crimes Unit takes legal action to dismantle Russia-based threat actor COLDRIVER following a joint investigation by The Citizen Lab and Access Now. In August, The Citizen Lab, jointly with Access Now, in collaboration with First Department, Arjuna Team, and RES … | Continue reading
In a recent article published in the peer-reviewed journal Globalizations, The Citizen Lab’s Siena Anstis, senior legal researcher, and Émilie LaFlèche, former legal intern, examine how digital abuse against women exacerbates the sexism and patriarchal structures that exist in th … | Continue reading
Apple has decided to drop its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could risk revealing the security methods used to combat commercial surveillance tools. | Continue reading
We are excited to announce a new book, Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy, by Ronald Deibert, director and founder of The Citizen Lab, will hit shelves on February 4, 2025. | Continue reading
Lex Gill, a lawyer and fellow at the Citizen Lab, is scheduled to give a talk at the CBC Ideas event at Crow’s Theatre on September 15. The discussion, moderated by CBC Ideas host Nahlah Ayed, will delve into themes of justice, defiance, and ideas for building a better world. The … | Continue reading
In an article published by the Tahrir Institute for Middle East Policy, Citizen Lab senior researcher Noura Aljizawi discusses the leak of personal data of Syrian refugees in Türkiye and the severe impact on their lives. | Continue reading
The Citizen Lab’s Emile Dirks will present at the upcoming APSA 2024 Annual Meeting & Exhibition as part of a panel discussing how autocrats and aspiring autocrats capture social institutions and stifle counter-mobilization. At the event, Dirks will present a working paper co-aut … | Continue reading
Join the Citizen Lab and the UC Berkeley Centre for Long-Term Cybersecurity for a webinar where researchers Noura Al-Jizawi, Gözde Böcü, and Nicola Lawford will present their research, "Enhancing Cybersecurity Resilience for Transnational Dissidents." | Continue reading
In an article for Lawfare, the Citizen Lab's senior research associate Kate Robertson analyzes how, in its current form, the draft treaty is poised “to become a vehicle for complicity in the global mercenary spy trade.” | Continue reading
A sophisticated spear phishing campaign has been targeting Western and Russian civil society. In collaboration with Access Now, and with the participation of numerous civil society organizations, we uncover this operation and link it to COLDRIVER, a group attributed by multiple g … | Continue reading
In this talk at the DEF CON 32 convention on August 11, Jeffrey Knockel and Mona Wang will discuss how any network eavesdropper may read the keystrokes of popular Chinese IME keyboard users. | Continue reading
United States Vice President Kamala Harris is at the center of an online disinformation storm after President Joe Biden’s endorsement. Sexual slurs, doctored images and disinformation surged online as she emerged as the Democratic frontrunner for the upcoming US elections. “We sh … | Continue reading
In response to a call for input issued by the United Nations Special Rapporteur on counter-terrorism and human rights, Emile Dirks, research associate at the Citizen Lab, prepared a written submission underlining the legal and human rights implications of the collection and usage … | Continue reading
The Citizen Lab’s director Ron Deibert and researchers Lex Gill and Noura Al-Jizawi are slated to speak at CBC Ideas Week, part of the Stratford Festival, on July 18 and July 20. In panel discussions moderated by CBC Ideas’ host Nahlah Ayed, they will explore efforts throughout h … | Continue reading
Activists and dissidents living in Canada are impacted by digital transnational repression (DTR) – a tool used by authoritarian governments to continue to harass and intimidate individuals online, even after leaving their country of origin. Join this online event hosted by the Mo … | Continue reading
“What separates benign foreign influence from malign interference? And if foreign-owned platforms like TikTok are used for both interference and influence, how should we respond?” In this piece for Brookings, Diana Fu, associate professor of political science at the University of … | Continue reading
The annual Privacy Enhancing Technologies Symposium (PETS) 2024 is underway in Bristol, UK and online, a gathering of privacy experts from around the world to discuss recent advances and new perspectives on research in privacy technologies. On July 16, former Citizen Lab Open Tec … | Continue reading
In response to the United Nations’ call for input to the report of the Special Rapporteur, we made a submission underlining the challenges faced by women human rights defenders (WHRDs) who live in exile or in the diaspora, and the threats they encounter. | Continue reading
https://youtu.be/Jsa0NKiryNM | Continue reading
The Citizen Lab, Munk School of Global Affairs & Public Policy, University of Toronto, is hiring an Informatics Security Analyst and Network Administrator. Reporting to the Systems and Security Technical Lead, the incumbent is responsible for carrying out a range of system and ne … | Continue reading
The Parliament of Canada is expected to move forward with Bill C-26, which aims to improve the country’s cyber readiness. In an opinion piece for the Globe and Mail, the Citizen Lab’s Kate Robertson and Ron Deibert caution that the federal bill has the potential to jeopardize the … | Continue reading
In a joint investigation with Access Now, we found that seven Russian and Belarusian-speaking independent journalists and opposition activists based in Europe were targeted and/or infected with NSO Group’s Pegasus mercenary spyware. | Continue reading
重要:我們建議所有使用者立即更新他們所使用的輸入法軟體以及作業系統。並建議高風險使用者停止使用任何輸入法提供的雲端建議功能,改為使用完全離線的輸入法,以避免資料外洩。 | Continue reading
重要:我们建议所有用户立即更新所使用的输入法软件以及操作系统。并建议高风险用户停止使用任何输入法提供的云端建议功能,改为完全离线的输入法,以避免数据外泄。 本文是完整版报告的摘要翻译。 重要发现 我们分析了常见云端拼音输入法的安全性,包含百度、荣耀、华为、讯飞、OPPO、三星、腾讯等九家厂商,并分析了它们发送用户输入内容到云端的过程是否含有安全缺陷。 分析结果指出,九家厂商中,有八家输入法软件包含严重漏洞,使我们得以完整破解厂商设计用于保护用户输入内容的加密法。亦有部分厂商并未使用任何加密法保护用户输入内容。 综合本研究和我们先前研究中发现的搜狗输入法漏 … | Continue reading
We analyzed third-party keyboard apps Tencent QQ, Baidu, and iFlytek, on the Android, iOS, and Windows platforms. Along with Tencent Sogou, they comprise over 95% of the market share for third-party keyboard apps in China. This is an FAQ for the full report titled "The not-so-sil … | Continue reading
In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine apps identified containe … | Continue reading
Emile Dirks, Research Associate at the Citizen Lab, prepared a written submission for the Congressional-Executive Commission on China (CECC) about the state of human rights in the country. The CECC was established by Congress in October 2000, with the legislative mandate to monit … | Continue reading
The recommendations call for an elaboration of the definition of biometric data, guidelines on what constitutes as sensitive biometric data types, and the usage of biometric data processing. | Continue reading
A network of at least 123 websites operated from within the People’s Republic of China while posing as local news outlets in 30 countries across Europe, Asia, and Latin America, disseminates pro-Beijing disinformation and ad hominem attacks within much larger volumes of commercia … | Continue reading
As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society. | Continue reading
We are pleased to announce that The Citizen Lab is hiring a Communication Strategist. Reporting to the Director of Administration, Citizen Lab and working under the general direction of the Director, Citizen Lab, the Communication Strategist develops the strategic plan for increa … | Continue reading
The Citizen Lab co-founded the program with OTF and has been a host organization since its inception. We welcome proposals from fellowship candidates for research projects related to our current thematic areas and applications are open to people from a variety of backgrounds and … | Continue reading
In a new study, Citizen Lab sheds light on the massive security threats facing Latin Americans. Citizen Lab and Open Technology Fund (OTF) fellow Beau Kujath in collaboration with SocialTIC finds that mobile applications in Latin America puts millions of users at a security and p … | Continue reading
Siena Anstis, Senior legal advisor at The Citizen Lab in a recent publication in the prestigious peer review journal International and Comparative Law highlights the urgent need for an international treaty to tackle digital transnational repression. | Continue reading