Reports and Briefings

Back to Research News

Citizen Lab reports and research briefs

Canada’s Quiet History Of Weakening Communications Encryption

This article, written by Postdoctoral Fellow Christopher Parsons and CIPPIC Staff lawyer Tamir Israel, analyzes how successive federal governments of Canada have actively sought to weaken the communications encryption available to Canadians. The article covers regulations imposed on mobile telecommunications providers, state authorities’ abilities to compel decryption keys from telecommunications providers writ large, and Canada’s signals intelligence agency’s deliberate propagation of flawed encryption protocols.

The Governance of Telecommunications Surveillance

The report, authored by Postdoctoral Fellow Christopher Parsons, examines how contemporary telecommunications surveillance is governed in Canada. He concludes that serious failures in transparency and accountability indicate that corporations are failing to manage Canadians’ personal information responsibly and that government irresponsibility surrounding accountability strains its credibility and aggravates citizens’ cynicism about the political process.

A Chatty Squirrel: Privacy and Security Issues with UC Browser

UC Browser is the most popular mobile web browser in China and India, boasting over 500 million users. This report provides a detailed analysis of how UC Browser manages and transmits user data, particularly private data, during its operation. Our research was prompted by revelations in a document leaked by Edward Snowden on which the Canadian Broadcasting Corporation (CBC) was preparing a story.

啰嗦的松鼠:UC浏览器的隐私与安全问题

UC浏览器是一种移动浏览器,它目前拥有超过5亿的注册用户,是中国和印度最受欢迎的手机浏览器。在《啰嗦的松鼠:UC浏览器的隐私与安全问题》这一报告中,公民实验室(Citizen Lab)发现中文和英文安卓版UC浏览器中存在多个隐私及安全漏洞, 并讨论了它们的重要性。

China’s Great Cannon

This post describes our analysis of China’s “Great Cannon,” our term for an attack tool that we identify as separate from, but co-located with, the Great Firewall of China. The first known usage of the Great Cannon is in the recent large-scale novel DDoS attack on both GitHub and servers used by GreatFire.org.

Behind the Syrian Conflict’s Digital Frontlines

Citizen Lab Research Fellow John Scott-Railton is one of the authors of a report entitled “Behind the Syrian Conflict’s Digital Frontlines,” released today by FireEye, that documents a hacking operation that successfully breached the Syrian opposition.

Malware Attack Targeting Syrian ISIS Critics

This report describes a malware attack on a Syrian citizen media group critical of Islamic State of Iraq and Syria (ISIS). Though we are unable to conclusively attribute the attack to ISIS or its supporters, a link to ISIS is plausible. The malware used in the attack differs substantially from campaigns linked to the Syrian regime, and the attack is against a group that is an active target of ISIS forces. In the interest of highlighting a developing threat, this post analyzes the attack and provides a list of Indicators of Compromise.