Research News

Citizen Lab’s latest research publications.

Cashless Society, Cached Data: Are Mobile Payment Systems Protecting Chinese Citizens’ Data?

This research series presents an in-depth examination of mobile payment systems, a rapidly evolving form of financial technology. We will provide an overview of how they are used in China–where they are taking off faster than anywhere else in the world–and what implications their security and data protection practices may have for millions of users, by presenting a case study on Alipay.

Bill Marczak co-authors “Social Engineering Attacks on Government Opponents”

Citizen Lab Senior Research Fellow Bill Marczak has co-authored a paper titled “Social Engineering Attacks on Government Opponents: Target Perspectives,” along with Vern Paxson of UC Berkeley.

Cyber Stewards in Global Information Society Watch 2016 publication

Several Cyber Stewards Network Partners have contributed to the 2016 Global Internet Society Watch on Economic, Social, and Cultural Rights on the Internet, a publication with 46 country reports and other topics.

Tibetans blocked from Kalachakra at borders and on WeChat

From January 2 to 13 2017, His Holiness the Dalai Lama is holding a popular Tibetan Buddhist teaching called Kalachakra in Bodh Gaya, India. Increased restrictions from the government of China has barred Tibetans in Tibet from attending the teachings. This report documents blocking of Kalachakra-related keywords on WeChat revealing how restrictions on the ritual extend online.

Cyber Stewards Network Partners published reports and interviewed in the media

Citizen Lab’s Cyber Steward Network Partners from Asia and Latin America have released reports and been interviewed in the media on key censorship and cybersecurity issues.

Paradigm Initiative Nigeria releases “2016 Digital Rights in Africa” report

Citizen Lab Cyber Stewards Network partner Paradigm Initiative Nigeria (PIN) has released the 2016 Digital Rights in Africa report, reviewing government restrictions on Internet freedom this past year. The report analyzes 11 documented shutdowns across the continent, and a number of legislative developments that threaten digital rights.

“一APP两制”:微信如何区别审查中国及海外用户

多伦多大学公民实验室的最新报告揭露了微信平台的审查机制。微信是中国腾讯控股有限公司旗下的即时通讯应用,目前是中国最受欢迎的聊天软件之一,也是全球排名第四的最流行聊天软件

One App, Two Systems: How WeChat uses one censorship policy in China and another internationally

In this report we provide the first systematic study of keyword and website censorship on WeChat, the most popular chat app in China

It’s Parliamentary: KeyBoy and the targeting of the Tibetan Community

In this report we track a malware operation targeting members of the Tibetan Parliament that used known and patched exploits to deliver a custom backdoor known as KeyBoy. We analyze multiple versions of KeyBoy revealing a development cycle focused on avoiding basic antivirus detection.

Security for the High-Risk User

Citizen Lab Senior Research Fellow John Scott-Railton has published an updated version of his “Security for the High-Risk user” paper, first published in the IEEE Security & Privacy in spring 2016. The updates were made based on new evidence of attacks against two-factor and account recovery SMSes, underlining the need for innovation in two-factor authentication.