Jeffrey Knockel

Articles

Unmasked: COVID-KAYA and the Exposure of Healthcare Worker Data in the Philippines

COVID-KAYA, a platform used by frontline healthcare workers in the Philippines to collect and share COVID-19 cases with the Philippines Department of Health, contained vulnerabilities in both the web and Android apps that allows for unauthorized users to access private data about the app’s users, and potentially patient data.

“未阅先焚” 2: 微信如何实现实时审查用户对话中的敏感图片

本报告延续上一篇针对微信朋友圈图片过滤技术的研究,分析微信如何在聊天功能中实现实时图片过滤。微信是中国腾讯控股有限公司旗下的即时通讯应用,目前是中国最受欢迎的聊天软件之一,也是全球排名第四的最流行聊天软件。朋友圈是微信上最常用的功能之一,其中图片是用户最期望看到的内容分享形式。

(Can’t) Picture This 2: An Analysis of WeChat’s Realtime Image Filtering in Chats

In this work, we study how Tencent implements image filtering on WeChat. We found that Tencent implements realtime, automatic censorship of chat images on WeChat based on what text is in an image and based on an image’s visual similarity to those on a blacklist. Tencent facilitates this realtime filtering by maintaining a hash index of MD5 hashes of sensitive image files.

The Predator in Your Pocket: A Multidisciplinary Assessment of the Stalkerware Application Industry

This report was collaboratively written by researchers from computer science, political science, criminology, law, and journalism studies. As befits their expertise, the report is divided into several parts, with each focusing on specific aspects of the consumer spyware ecosystem, which includes: technical elements associated stalkerware applications, stalkerware companies’ marketing activities and public policies, and these companies’ compliance with Canadian federal commercial privacy legislation.