Research News

Citizen Lab's latest research publications.

Baidu’s and Don’ts: Privacy and Security Issues in Baidu Browser

This report describes privacy and security issues with Baidu Browser, a web browser for the Windows and Android platforms. Our research shows that the application transmits personal user data to Baidu servers without encryption and with easily decryptable encryption, and is vulnerable to arbitrary code execution during software updates via man-in-the-middle attacks. Much of the data leakage is the result of a shared Baidu software development kit, which affects hundreds of additional applications.

Packrat: Seven Years of a South American Threat Actor

This report describes an extensive malware, phishing, and disinformation campaign active in several Latin American countries, including Ecuador, Argentina, Venezuela, and Brazil. The nature and geographic spread of the targets seems to point to a sponsor, or sponsors, with regional, political interests. The attackers, whom we have named Packrat, have shown a keen and systematic interest in the political opposition and the independent press in so-called ALBA countries (Bolivarian Alternative for the Americas), and their recently allied regimes.

شركة كندية تحجب الانترنت في منطقة حرب لصالح جماعة متمردة يمنية خاضعة لعقوبات من الامم المتحدة

تقوم شركة فلترة محتوى انترنت كندية بحجب محتوى الانترنت خلال الصراع المسلح في اليمن بطلب من الجماعة المتمردة (الحوثيون) وذلك حسب تقرير جديد من مركز ستيزن لاب في جامعة تورونتو.

Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance

Citizen Lab Postdoctoral Fellow Christopher Parsons published a paper titled “Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance” in Media and Communication. The paper explores how dominant theories of privacy grapple with the pervasive mass surveillance activities undertaken by western signals intelligence activities, including those of the NSA, CSE, GCHQ, GCSB, and ASD.