重要:我們建議所有使用者立即更新他們所使用的輸入法軟體以及作業系統。並建議高風險使用者停止使用任何輸入法提供的雲端建議功能,改為使用完全離線的輸入法,以避免資料外洩。 | Continue reading
重要:我们建议所有用户立即更新所使用的输入法软件以及操作系统。并建议高风险用户停止使用任何输入法提供的云端建议功能,改为完全离线的输入法,以避免数据外泄。 本文是完整版报告的摘要翻译。 重要发现 我们分析了常见云端拼音输入法的安全性,包含百度、荣耀、华为、讯飞、OPPO、三星、腾讯等九家厂商,并分析了它们发送用户输入内容到云端的过程是否含有安全缺陷。 分析结果指出,九家厂商中,有八家输入法软件包含严重漏洞,使我们得以完整破解厂商设计用于保护用户输入内容的加密法。亦有部分厂商并未使用任何加密法保护用户输入内容。 综合本研究和我们先前研究中发现的搜狗输入法漏 … | Continue reading
We analyzed third-party keyboard apps Tencent QQ, Baidu, and iFlytek, on the Android, iOS, and Windows platforms. Along with Tencent Sogou, they comprise over 95% of the market share for third-party keyboard apps in China. This is an FAQ for the full report titled "The not-so-sil … | Continue reading
In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine apps identified containe … | Continue reading
Emile Dirks, Research Associate at the Citizen Lab, prepared a written submission for the Congressional-Executive Commission on China (CECC) about the state of human rights in the country. The CECC was established by Congress in October 2000, with the legislative mandate to monit … | Continue reading
The recommendations call for an elaboration of the definition of biometric data, guidelines on what constitutes as sensitive biometric data types, and the usage of biometric data processing. | Continue reading
A network of at least 123 websites operated from within the People’s Republic of China while posing as local news outlets in 30 countries across Europe, Asia, and Latin America, disseminates pro-Beijing disinformation and ad hominem attacks within much larger volumes of commercia … | Continue reading
As part of a collaborative investigation led by Access Now, Citizen Lab researchers conducted forensic analysis of iPhones belonging to members of Jordan-based civil society. | Continue reading
We are pleased to announce that The Citizen Lab is hiring a Communication Strategist. Reporting to the Director of Administration, Citizen Lab and working under the general direction of the Director, Citizen Lab, the Communication Strategist develops the strategic plan for increa … | Continue reading
The Citizen Lab co-founded the program with OTF and has been a host organization since its inception. We welcome proposals from fellowship candidates for research projects related to our current thematic areas and applications are open to people from a variety of backgrounds and … | Continue reading
In a new study, Citizen Lab sheds light on the massive security threats facing Latin Americans. Citizen Lab and Open Technology Fund (OTF) fellow Beau Kujath in collaboration with SocialTIC finds that mobile applications in Latin America puts millions of users at a security and p … | Continue reading
Siena Anstis, Senior legal advisor at The Citizen Lab in a recent publication in the prestigious peer review journal International and Comparative Law highlights the urgent need for an international treaty to tackle digital transnational repression. | Continue reading
The Munk School of Global Affairs & Public Policy in the Faculty of Arts & Science at the University of Toronto invites applications for a full-time tenure stream position in the area of Information Security. The appointment will be at the rank of Assistant Professor, with an exp … | Continue reading
We confirm that two members of Serbian civil society were targeted with spyware earlier this year. Both have publicly criticized the Serbian government. We are not naming the individuals at this time by their request. The Citizen Lab’s technical analysis of forensic artifacts was … | Continue reading
On June 14, 2022, Bill C-26, an Act respecting cybersecurity, amending the Telecommunications Act and making consequential amendments to other Acts, was introduced into Parliament for the first reading by Canada’s Minister of Public Safety, Marco Mendicino. Hearings on Bill C-26 … | Continue reading
As part of our ongoing project monitoring changes to Chinese search censorship, we tracked changes to censorship following Li Keqiang’s death across seven Internet platforms: Baidu, Baidu Zhidao, Bilibili, Microsoft Bing, Jingdong, Sogou, and Weibo. We found that some keyword com … | Continue reading
This report offers 29 recommendations to the draft legislation in an effort to correct its secrecy and accountability deficiencies, while also suggesting amendments which would impose some restrictions on the range of powers that the government would be able to wield. It is impor … | Continue reading
R3D, with technical support from the Citizen Lab, has determined that Mexican journalists and a human rights defender were infected with Pegasus between 2019 and 2021. | Continue reading
We identified a network of 885 websites and attributed these websites with high confidence as having been used by the United States (US) Central Intelligence Agency (CIA) for covert communication. | Continue reading
Since our report in August 2021, we find that Apple has eliminated their Chinese political censorship in Taiwan. However, Apple continues to perform broad, keyword-based political censorship outside of mainland China in Hong Kong, despite human rights groups’ recommendations for … | Continue reading
In this report, we describe how activists and dissidents living in Canada are impacted by digital transnational repression. We conclude that digital transnational repression has a serious impact on these communities, including their ability to undertake transnational advocacy wor … | Continue reading
Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infec … | Continue reading
On September 28, the Citizen Lab published an analysis of COVID-19 data collection practices. In this post, we discuss the significance of the findings with report authors. | Continue reading
Front Line Defenders’ analysis indicated that six devices belonging to six Palestinian human rights defenders were hacked with Pegasus, a spyware developed by the cyber-surveillance company NSO Group. Both the Citizen Lab and Amnesty International’s Security Lab independently con … | Continue reading
Our forensic analysis of two iPhones belonging to Hubbard found evidence of Pegasus infections in July 2020 and June 2021. Notably, these infections occurred after Hubbard reported in January 2020 that we found that he was targeted in 2018 by the Saudi Arabia-linked Pegasus opera … | Continue reading
In this report, we undertake a preliminary comparative analysis of how different information technologies were mobilized in response to COVID-19 to collect data, the extent to which Canadian laws impeded the response to COVID-19, and the potential consequences of reforming data p … | Continue reading
While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and W … | Continue reading
We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for H … | Continue reading
Within mainland China, we found that Apple censors political content including broad references to Chinese leadership and China’s political system, names of dissidents and independent news organizations, and general terms relating to religions, democracy, and human rights. And ac … | Continue reading
Citizen Lab's peer review of Amnesty International's forensic techniques to identify Pegasus spyware concludes they are sound. | Continue reading
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty Intern … | Continue reading
In its most recent response to the Citizen Lab regarding the The Great iPwn report, NSO Group extended an invitation to meet and discuss the Citizen Lab’s concerns and NSO Group’s “program” in more detail. We do not believe this invitation is made in good faith and have declined … | Continue reading
A comparative analysis of security, privacy, and censorship issues in TikTok and Douyin, both developed by ByteDance. | Continue reading
Government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, … | Continue reading
Circles is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe, and is affiliated with NSO Group, which develops the oft-abused Pegasus spyware. Using Internet scanning, we … | Continue reading
This report examines algorithmic technologies that are designed for use in criminal law enforcement systems, including a human rights and constitutional law analysis of the potential use of algorithmic policing technologies. | Continue reading
On September 1st, the Citizen Lab and the International Human Rights Program at the University of Toronto’s Faculty of Law released a report that investigated the use and human rights implications of algorithmic policing practices in Canada. This document provides a summary of th … | Continue reading
As a follow-up to our March 2020 report, we conducted daily tests on WeChat and collected 2,174 censored keywords between January to May 2020. This data provides a view into how narratives and messaging on the pandemic are controlled and molded on social media in China. | Continue reading
The encroachments to OTF highlight why independent and transparent funding sources for research and development on Internet freedom are so important. Providing this type of support within a large government organisation can be difficult. OTF was an example of how to do that right … | Continue reading
Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report hig … | Continue reading
This document provides a summary of the Citizen Lab's WeChat surveillance research findings, as well as questions and answers from the resesearch team. | Continue reading
WeChat communications conducted entirely among non-China-registered accounts are subject to pervasive content surveillance that was previously thought to be exclusively reserved for China-registered accounts. | Continue reading
This report examines the encryption that protects meetings in Zoom and finds that they have made their own encryption scheme and has significant weaknesses. | Continue reading
The analysis of YY and WeChat indicates broad censorship—blocking sensitive terms as well as general information and neutral references—potentially limiting the public’s ability to access information that may be essential to their health and safety. | Continue reading
New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDO … | Continue reading
Citizen Lab senior researcher John Scott-Railton discuss why WhatsApp is suing NSO Group after discovering their spyware was used to target 1,4000 users—100 of whom were members of civil society—and why this is a significant bellwether. | Continue reading
This is the first documented case of one-click mobile exploits used to target Tibetan groups, and reflects an escalation in the sophistication of digital espionage threats targeting the community. | Continue reading