The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security. Learn more »

In Focus

The Kids are Still at Risk: Update to Citizen Lab’s “Are the Kids Alright?” Smart Sheriff report

A second audit of South Korea’s Smart Sheriff application reveals that there are numerous unresolved vulnerabilities that put minor children and parental users of the application at serious risk.

Information Controls during Military Operations: The case of Yemen during the 2015 political and armed conflict

This report provides a detailed, mixed methods analysis of Information controls related to the Yemen armed conflict, with research commencing at the end of 2014 and continuing through October 20, 2015. The research confirms that Internet filtering products sold by the Canadian company Netsweeper have been installed on and are presently in operation in the state-owned and operated ISP YemenNet, the most utilized ISP in the country.

Targeted Malware Attacks against NGO Linked to Attacks on Burmese Government Websites

This report analyzes a campaign of targeted attacks against an NGO working on environmental issues in Southeast Asia. Our analysis reveals connections between these attacks, recent strategic web compromises against Burmese government websites, and previous campaigns targeting groups in the Tibetan community.

Research News

여전히 위험에 처해있는 아이들: 시티즌랩의 스마트보안관 보고서 “우리의 아이들은 안전한가”에 대한 업데이트

두 번째 스마트보안관 감사에서 해당 앱의 자녀용과 부모용을 사용하는 이용자들을 심각한 위험에 노출시키는 취약점이 무수히 해결되지 않은 채 남아있음이 확인되었다.

Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance

Citizen Lab Postdoctoral Fellow Christopher Parsons published a paper titled “Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance” in Media and Communication. The paper explores how dominant theories of privacy grapple with the pervasive mass surveillance activities undertaken by western signals intelligence activities, including those of the NSA, CSE, GCHQ, GCSB, and ASD.

An Analysis of the International Code of Conduct for Information Security

As the United Nations General Assembly begins its milestone 70th session, international digital security is high on the agenda. One starting point for discussion is likely to be the International Code of Conduct for Information Security (the “Code”). This analysis explores how the Code has developed over time, impetus behind the changes made, and the potential impact of the Code on international human rights law and its application. It is accompanied by an interactive comparison of the 2015 and 2011 versions of the Code.

تماس از لندن: فیشینگ رمز عبور دو مرحله‌ای از ایران

این گزارش به کمپین رو به رشد حملات فیشینگ علیه کاربران در گستره ایران و حداقل یک حمله به یک فعال غربی می‌پردازد. این حمله‌ها تلاش دارند تا امنیت مضاعفی که از طریق رمز عبور دو مرحله‌ای در گوگل فراهم شده است را دور بزنند و به شکل گسترده‌ای مبتنی بر تماس‌های تلفنی و تلاش برای ورود در زمان حقیقی از سوی مهاجم است. جالب اینجاست که این حمله‌ها عموما با یک تماس تلفنی از کشور انگلستان شروع می‌شده و هکرها به یکی از دو زبان فارسی و یا انگلیسی ارتباط برقرار می‌کرده‌اند.

More Research...

Lab News

Research on Hacking Team and Finfisher highlighted in Motherboard

Citizen Lab surveillance research on Hacking Team and FinFisher highlighted in articles on Motherboard, the Varsity, and the New York Times.

Citizen Lab research cited in Freedom House report

Freedom House has released their “Freedom on the Net 2015” report, placing China at the bottom of a ranking comprising 65 countries. The report cites the Citizen Lab’s research on China, specifically on chat application censorship and targeted threats.

EngageMedia and partners organize RightsCon Southeast Asia

Citizen Lab Cyber Stewards Network partner EngageMedia partnered with Access and the Foundation for Media Alternatives (FMA) to organize RightsCon Southeast Asia from March 24-25, 2015. The conference, held in Manila, brought together over 600 participants from the region and across the world.

EngageMedia co-hosted event on Thai Internet legislation

Citizen Lab Cyber Stewards Network partner EngageMedia co-hosted a public forum in Bangkok on October 17, together with the Foundation for Internet and Civic Culture, discussing the pending Internet laws in Thailand.

More Lab News...

Get Connected