In response to the United Nations’ call for input to the report of the Special Rapporteur, we made a submission underlining the challenges faced by women human rights defenders (WHRDs) who live in exile or in the diaspora, and the threats they encounter.
The Citizen Lab, Munk School of Global Affairs & Public Policy, University of Toronto, is hiring an Informatics Security Analyst and Network Administrator. Reporting to the Systems and Security Technical Lead, the incumbent is responsible for carrying out a range of system and network administration duties which include assisting in the management and oversight of… Read more »
The Parliament of Canada is expected to move forward with Bill C-26, which aims to improve the country’s cyber readiness. In an opinion piece for the Globe and Mail, the Citizen Lab’s Kate Robertson and Ron Deibert caution that the federal bill has the potential to jeopardize the security of telecommunications for everyone in Canada…. Read more »
In a joint investigation with Access Now, we found that seven Russian and Belarusian-speaking independent journalists and opposition activists based in Europe were targeted and/or infected with NSO Group’s Pegasus mercenary spyware.
重要:我們建議所有使用者立即更新他們所使用的輸入法軟體以及作業系統。並建議高風險使用者停止使用任何輸入法提供的雲端建議功能,改為使用完全離線的輸入法,以避免資料外洩。
重要:我们建议所有用户立即更新所使用的输入法软件以及操作系统。并建议高风险用户停止使用任何输入法提供的云端建议功能,改为完全离线的输入法,以避免数据外泄。
We analyzed third-party keyboard apps Tencent QQ, Baidu, and iFlytek, on the Android, iOS, and Windows platforms. Along with Tencent Sogou, they comprise over 95% of the market share for third-party keyboard apps in China. This is an FAQ for the full report titled “The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers.”
In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine apps identified contained vulnerabilities that could be exploited to completely reveal the contents of users’ keystrokes in transit. We estimate that up to one billion users could be vulnerable to having all of their keystrokes intercepted, constituting a tremendous risk to user security.
Emile Dirks, Research Associate at the Citizen Lab, prepared a written submission for the Congressional-Executive Commission on China (CECC) about the state of human rights in the country. The CECC was established by Congress in October 2000, with the legislative mandate to monitor human rights and the development of the rule of law in China,… Read more »
