Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories, and advocacy. This report highlights several clusters of targets. In future reports, we will provide more details about specific clusters of targets and Dark Basin’s activities.
WeChat communications conducted entirely among non-China-registered accounts are subject to pervasive content surveillance that was previously thought to be exclusively reserved for China-registered accounts.
This report examines the encryption that protects meetings in the popular Zoom teleconference app. We find that Zoom has “rolled their own” encryption scheme, which has significant weaknesses. In addition, we identify potential areas of concern in Zoom’s infrastructure, including observing the transmission of meeting encryption keys to China.
The analysis of YY and WeChat indicates broad censorship—blocking sensitive terms as well as general information and neutral references—potentially limiting the public’s ability to access information that may be essential to their health and safety.
Titled Reset: Reclaiming the Internet for Civil Society, the five lectures will be delivered online, streamed on CBC Radio’s IDEAS, and published as a book by House of Anansi Press in September.
The Citizen Lab is pleased to announce a fellowship program on issues related to surveillance, digital security, and race.
The encroachments to OTF highlight why independent and transparent funding sources for research and development on Internet freedom are so important. Providing this type of support within a large government organisation can be difficult. OTF was an example of how to do that right. Losing that example will be a loss not only to the practitioners and researchers that have grown through the support of OTF but the wider community of marginalized people they support.
Targets were sent emails disguised as important communications, such as official summonses, bearing links to malicious software disguised as important documents. If opened, targets’ computers would have been infected with NetWire, a piece of commodity malware.
On May 7 2020, the Citizen Lab published a report that documents how WeChat (the most popular social app in China) conducts surveillance of images and files shared on the platform and uses the monitored content to train censorship algorithms. This document provides a summary of the research findings and questions and answers from the research team.
In what follows, I first provide a summary of the Citizen Lab’s recent investigation into the security of Zoom’s video conferencing application, and the company’s responses. I then discuss a broader range of digital security risks that are relevant to the work-from-home routines that MPs and their staff are following. Finally, I conclude with six recommendations.
Citizen Lab senior researcher John Scott-Railton discusses why WhatsApp is suing NSO Group after discovering their spyware was used to target 1,400 users—100 of whom were members of civil society—and why this is a significant bellwether.
