Citizen Lab's latest news and announcements.

China: Spat with Google won’t affect relations with U.S.

Ron Deibert commented on Google’s March 22 blog post which states that the company will end its censorship of by re-directing internet users to Deibert predicts that as a result, China might further block Google from indexing within China’s information space, strengthening the country’s “Great Firewall of China.” If such steps are taken, the Chinese government would contribute to regionalization of the Internet.

From CNN

Are we risking an Internet arms race?

Ron Deibert is featured here regarding his comments at a panel discussion, dubbed the Role of Internet Giants in Totalitarian States, at York University’s Toronto-based Schulich School of Business on Tuesday, March 16, 2010. He discusses the shift from criminal to political espionage that constitutes the current “arms race in cyberspace.”


Risking Security: Policies and Paradoxes of Cyberspace Security

In this article published in International Political Sociology Deibert and Rohozinski analyze cyberspace security concepts, which they argue can be divided into two related dimensions, articulated as “risks”: risks to the physical realm of computer and communication technologies (risks to cyberspace); and risks that arise from cyberspace and are facilitated or generated by its technologies, but do not directly target the infrastructures per se (risks through cyberspace). They argue that the contrasts between how governments view the domains has led to contradictory tendencies and paradoxical outcomes.

India’s cyber-defenses full of holes

KOLKATA – It’s reminiscent of an action movie. The year is 2017 and two rival countries – India and China – are fighting a war. The conflict is not being fought with guns, tanks and aircraft but computers, bots, viruses and Trojans. The soldiers are not troops, but hackers.

The scenario was enacted by the Indian military last year in a cyber-warfare simulation called the “Divine Matrix”. Officially, the likelihood of a Chinese cyber-strike has since been played down. This is a big mistake, experts say, given the poor state of India’s cyber-security.

From Asia Times Online

Researchers Split Over Google’s Hackers

Villeneuve points out that McAfee has been most vocal about how the hackers accessed their victims’ networks, moved between servers and planted hidden software. Damballa, meanwhile, says it has focused on the spyware samples themselves and the so-called “command and control” servers that the software communicated with to receive orders and steal data.

“When these researchers argue about whether the hackers are sophisticated or not sophisticated, they’re looking at different pieces of the puzzle,” says Villeneuve. “The truth is that no one’s providing enough detail to make any kind of complete comparison or analysis possible.”

Google gripe shows Ottawa’s cybersecurity ‘vacuum’

CTV News has featured Ron Deibert, Director of the Citizen Lab, in an article regarding the political impact of the recently publicized Google attacks, and the “vacuum in Canadian policy around cyberspace.” The article also includes the Canadian policy recommendations outlined in Deibert’s recent publication to the Canadian International Council entitled “China’s Cyberspace Control Strategy: An Overview and Consideration of Issues for Canadian Policy.” Deibert further recommends the establishment of an international cyberspace treaty to set the rules of cyberspace in a fair and open forum.

From CTV News

The Aurora Mess

The data about Aurora has always felt just a little off for me. Maybe its that everyone writing about it just has their own piece of the puzzle to analyse, without the detail required to accurately link the pieces together.

When it comes to the command and control infrastructure, maybe it’s that some obfuscated the domain names while others published them, but with a domain on the blog post that’s not in technical write up. Maybe it is that some have significantly bigger lists than others (that include duplicates as well as the root domain for a dynamic dns provider that hands out sub-domains).

From Nart Villeneuve

ONI Bulletin: Sex, Social Mores, and Keyword Filtering

Microsoft recently added a new layer of complexity to the ongoing debate regarding the filtering and censorship practices of U.S. search engines via its own search engine, Bing. ONI testing reveals liberal filtering by Bing in one of the most censored regions in the world: the Arab countries.

Microsoft’s Bing, which tailors its search engine to serve different countries and regions and offers its services in 41 languages, has a filtering system at the keyword level for users in several countries. 1 Users in the Arab countries2—or, as termed by Microsoft—“Arabian countries”—are prevented from conducting certain search queries in both English and Arabic.

ONI testing reveals that Microsoft filters Arabic and English keywords that could yield sex- or LGBT-related images and content.

From OpenNet Initiative

Bing Dinged on Arab Sex Censorship

At a time when Google is promising to end search censorship in China, a new report has now revealed that Microsoft censors its Bing search engine returns in Arab countries even more heavily than the countries themselves do using national Internet filters. The study covered the United Arab Emirates, Syria, Algeria, and Jordan, and found heavy censorship of anything relating to sex.

From MIT Review

The “Kneber” Botnet, Spear Phishing Attacks and Crimeware

Targeted attacks, known as “spear phishing,” are increasingly exploiting government and military themes in order to compromise defense contractors in the Unites States. [1] In 2009, the Washington Post reported that unknown attackers were able to break into a defense contractor and steal documents pertaining to the Joint Strike Fighter being developed by Lockheed Martin Corp. [2] Google was compromised in January 2010 along with other hi-tech companies and defense contractors. [3] The problem is becoming increasingly severe. [4] In fact, the Department of Defense recently released a memo with plans to protect unclassified information passing through the networks of various contractors. [5] The memo recognizes the severity of the ongoing threat and seeks to:

Establish a comprehensive approach for protecting unclassified DoD information transiting or residing on unclassified DIB information systems and networks by incorporating the use of intelligence, operations, policies, standards, information sharing, expert advice and assistance, incident response, reporting procedures, and cyber intrusion damage assessment solutions to address a cyber advanced persistent threat. [5]

From Nart Villeneuve