Jeffrey Knockel

Tibetans blocked from Kalachakra at borders and on WeChat

From January 2 to 13 2017, His Holiness the Dalai Lama is holding a popular Tibetan Buddhist teaching called Kalachakra in Bodh Gaya, India. Increased restrictions from the government of China has barred Tibetans in Tibet from attending the teachings. This report documents blocking of Kalachakra-related keywords on WeChat revealing how restrictions on the ritual extend online.

“一APP两制”:微信如何区别审查中国及海外用户

多伦多大学公民实验室的最新报告揭露了微信平台的审查机制。微信是中国腾讯控股有限公司旗下的即时通讯应用,目前是中国最受欢迎的聊天软件之一,也是全球排名第四的最流行聊天软件

One App, Two Systems: How WeChat uses one censorship policy in China and another internationally

In this report we provide the first systematic study of keyword and website censorship on WeChat, the most popular chat app in China

Harmonized Histories? A year of fragmented censorship across Chinese live streaming applications

In this report, we reverse engineer three popular live streaming platforms (YY, Sina Show, and 9158) and find keyword lists used to censor chat messages. Tracking changes to the keyword lists over the past year gives an inside look into how these applications implement censorship

A Tough Nut to Crack: A Further Look at Privacy and Security Issues in UC Browser

In this report we analyze Windows and Android versions of web browser UC Browser, and find they transmitted personally identifiable information with easily decryptable encryption and were vulnerable to arbitrary code execution during software updates

Every Step You Fake: Final Report released

Citizen Lab research partner Open Effect today announced the release of the full report detailing our year-long research collaboration into the privacy and security of wearable fitness tracking devices.

WUP! There It Is: Privacy and Security Issues in QQ Browser

This report describes privacy and security issues with the Windows and Android versions of QQ Browser. Our research shows that both versions of the application transmit personally identifiable data without encryption or with easily decrypted encryption, and do not adequately protect the software update process.

Baidu’s and Don’ts: Privacy and Security Issues in Baidu Browser

This report describes privacy and security issues with Baidu Browser, a web browser for the Windows and Android platforms. Our research shows that the application transmits personal user data to Baidu servers without encryption and with easily decryptable encryption, and is vulnerable to arbitrary code execution during software updates via man-in-the-middle attacks. Much of the data leakage is the result of a shared Baidu software development kit, which affects hundreds of additional applications.

Citizen Lab at the Internet Freedom Festival

March 1-6 – Valencia, Spain

Security and Privacy Issues in Several Leading Wearable Fitness Tracking Devices

A new report describing major security and privacy issues in several leading wearable fitness tracking devices and accompanying mobile applications. The research examined offerings by Apple, Basis, Fitbit, Garmin, Jawbone, Mio, Withings, and Xiaomi.