Irene Poetranto


Pay No Attention to the Server Behind the Proxy: Mapping FinFisher’s Continuing Proliferation

This post describes the results of Internet scanning we recently conducted to identify the users of FinFisher, a sophisticated and user-friendly spyware suite sold exclusively to governments. We devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers. Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher. In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources.

Researchers Find Major Security and Privacy Issues in Smart Sheriff Parental Monitoring Application

The Citizen Lab at the Munk School of Global Affairs, University of Toronto is releasing a new report, “Are the Kids Alright? Digital Risks to Minors from South Korea’s Smart Sheriff Application.” The report details results of two independent audits of the privacy and security of Smart Sheriff, a parental monitoring application that has been promoted by the South Korean government.

시티즌랩 연구진, 한국의 청소년 유해정보 차단 앱에서 중요한 보안 및 프라이버시 문제점 발견

오늘 토론토 대학교 뭉크스쿨 글로벌상황연구소 산하 시티즌랩 (Munk School of Global Affairs, Citizen Lab)에서는 새로운 보고서 “우리의 아이들은 안전한가? 청소년들을 디지털 위험에 노출시키는 한국의 스마트보안관 앱(Are the Kids Alright? Digital Risks to Minors from South Korea’s Smart Sheriff Application)”을 발표한다. 동 보고서는 한국 정부가 권장하는 유해정보 차단 소프트웨어인 “스마트보안관”의 프라이버시 보호 정도 및 보안성에 대한 독립적인 두 건의 감사 결과를 상세하게 서술하고 있다.

Jon Penney on Canada’s Bill C-51

In an article published in the Institute for Research on Public Policy’s (IRPP) “Policy Options” blog, Research Fellow Jon Penney observed that the debate on Canada’s Bill C-51 Anti-Terror law has been “contentious and ranging, yet few commentators have drawn on experience or expert voices elsewhere to understand its implications.”

Citizen Lab at RightsCon 2015

The Citizen Lab will be hosting two sessions, “Asia Chats” and “Filtering Free Expression,” at the RightsCon 2015 conference in Manila, Philippines.