The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada focusing on advanced research and development at the intersection of Information and Communication Technologies (ICTs), human rights, and global security. Learn more »

In Focus

Between Hong Kong and Burma: Tracking UP007 and SLServer Espionage Campaigns

In this research note, we analyze a malware campaign targeting Hong Kong democracy activists. Two new malware families are used in the campaign that we name UP007 and SLServer. Previous reports have shown overlap in the tactics, tools, and procedures used in this campaign in other operations targeting groups in Burma, Hong Kong, and the Tibetan community.

WUP! There It Is: Privacy and Security Issues in QQ Browser

This report describes privacy and security issues with the Windows and Android versions of QQ Browser. Our research shows that both versions of the application transmit personally identifiable data without encryption or with easily decrypted encryption, and do not adequately protect the software update process.

Shifting Tactics: Tracking changes in years-long espionage campaign against Tibetans

This report describes the latest iteration in a long-running espionage campaign against the Tibetan community. We describe how the attackers continuously adapt their campaigns to their targets, shifting tactics from document-based malware to conventional phishing

Research News

Jon Penney publishes paper on the “chilling effects” of online surveillance

In “Chilling Effects: Online Surveillance and Wikipedia Use,” Citizen Lab Research Fellow Jon Penney analyzes the fall of traffic to Wikipedia articles about terror groups and their techniques after the Snowden revelations.

Every Step You Fake: Final Report released

Citizen Lab research partner Open Effect today announced the release of the full report detailing our year-long research collaboration into the privacy and security of wearable fitness tracking devices.

研究发现百度浏览器存在安全与隐私问题

多伦多大学公民实验室的最新报告揭露了百度浏览器存在的多处隐私与安全问题。百度浏览器是基于中国的一款移动浏览器,拥有数百万的用户,而报告反映的隐私与安全问题很可能会至用户的沟通于风险中。

여전히 위험에 처해있는 아이들: 시티즌랩의 스마트보안관 보고서 “우리의 아이들은 안전한가”에 대한 업데이트

두 번째 스마트보안관 감사에서 해당 앱의 자녀용과 부모용을 사용하는 이용자들을 심각한 위험에 노출시키는 취약점이 무수히 해결되지 않은 채 남아있음이 확인되었다.

More Research...

Lab News

Access My Info launched in Hong Kong

Access My Info (AMI), a web tool used to submit disclosure requests to telecommunications providers on the data they collect and share with third parties about their customers, launched in Hong Kong.

Cyber Stewards Network partner ICT Watch wins 2016 WSIS Award

Citizen Lab’s Cyber Stewards Network Partner ICT Watch is one of the winners of the 2016 WSIS Champion Projects Award, for their project titled ‘Internet Sehat’ (Internet Healthy) Toward Indonesian Information Society.

Jon Penney publishes paper on the “chilling effects” of online surveillance

In “Chilling Effects: Online Surveillance and Wikipedia Use,” Citizen Lab Research Fellow Jon Penney analyzes the fall of traffic to Wikipedia articles about terror groups and their techniques after the Snowden revelations.

Christopher Parsons on the RCMP’s BlackBerry encryption key

Recent reports have indicated that the Royal Canadian Mounted Police (RCMP) has had a key to unlock encrypted messages sent between BlackBerry users since 2010. Citizen Lab Postdoctoral Fellow Christopher Parsons commented on the significance of the revelations in an interview with VICE Motherboard.

More Lab News...

Get Connected




Events