The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security. Learn more »

In Focus

The Million Dollar Dissident: NSO Group’s iPhone Zero-Days used against a UAE Human Rights Defender

This report describes how a government targeted an internationally recognized human rights defender, Ahmed Mansoor, with the Trident, a chain of zero-day exploits designed to infect his iPhone with sophisticated commercial spyware.

A Tough Nut to Crack: A Further Look at Privacy and Security Issues in UC Browser

In this report we analyze Windows and Android versions of web browser UC Browser, and find they transmitted personally identifiable information with easily decryptable encryption and were vulnerable to arbitrary code execution during software updates

Group5: Syria and the Iranian Connection

This report describes a malware operation against the Syrian Opposition. We name the operator Group5, and suspect they have not been previously-reported. Group5 used “just enough” technical sophistication, combined with social engineering, to target computers and mobile phones with malware.

Research News

Keep Calm and (Don’t) Enable Macros: A New Threat Actor Targets UAE Dissidents

This report describes a campaign of targeted spyware attacks carried out by a sophisticated operator, which we call Stealth Falcon. The attacks have been conducted from 2012 until the present, against Emirati journalists, activists, and dissidents.

Jon Penney publishes paper on the “chilling effects” of online surveillance

In “Chilling Effects: Online Surveillance and Wikipedia Use,” Citizen Lab Research Fellow Jon Penney analyzes the fall of traffic to Wikipedia articles about terror groups and their techniques after the Snowden revelations.

Every Step You Fake: Final Report released

Citizen Lab research partner Open Effect today announced the release of the full report detailing our year-long research collaboration into the privacy and security of wearable fitness tracking devices.

研究发现百度浏览器存在安全与隐私问题

多伦多大学公民实验室的最新报告揭露了百度浏览器存在的多处隐私与安全问题。百度浏览器是基于中国的一款移动浏览器,拥有数百万的用户,而报告反映的隐私与安全问题很可能会至用户的沟通于风险中。

More Research...

Lab News

Andrew Hilts in Globe and Mail on fitness tracker report

Citizen Lab Research Fellow Andrew Hilts was interviewed by the Globe and Mail regarding Access My Info’s fitness tracker report, titled “Every Step You Fake,” in which the privacy and security safeguards of eight popular wearable fitness tracker devices was studied.

Masashi Crete-Nishihata on Chinese censorship of Tibetan content

In an interview with the Daily Dot, Citizen Lab Research Manager Masashi Crete-Nishihata commented on the challenges Tibetans face in using social media and other online tools to spread content considered politically sensitive by the Chinese government.

Claudio Guarnieri on alleged NSA-affiliated Equation Group hack

A group calling itself the Shadow Brokers has claimed to have hacked an elite cyberattack organization associated with the U.S National Security Agency (NSA), and is offering the stolen technology to the highest bidder. Citizen Lab Senior Research Fellow Claudio Guarnieri discussed the credibility of the claims with The Wired.

Citizen Lab research in Alhurra and VICE

Citizen Lab’s research were featured in programs on Middle Eastern democracy by Alhurra and the world of online mercenaries offering hacking services by VICE, respectively.

More Lab News...

Get Connected




Events