Report
The second post in this series examines a Chinese mobile payment app feature increasingly covered in foreign media: testing of what may one day be a nationwide official social credit system to replace its traditional analog counterpart. Our exploration of potential security, privacy, and other issues of such a system is meant to raise questions that can inform discussions about how it will evolve.
This research series presents an in-depth examination of mobile payment systems, a rapidly evolving form of financial technology. We will provide an overview of how they are used in China–where they are taking off faster than anywhere else in the world–and what implications their security and data protection practices may have for millions of users, by presenting a case study on Alipay.
From January 2 to 13 2017, His Holiness the Dalai Lama is holding a popular Tibetan Buddhist teaching called Kalachakra in Bodh Gaya, India. Increased restrictions from the government of China has barred Tibetans in Tibet from attending the teachings. This report documents blocking of Kalachakra-related keywords on WeChat revealing how restrictions on the ritual extend online.
In this report we provide the first systematic study of keyword and website censorship on WeChat, the most popular chat app in China
In this report we provide the first systematic study of keyword and website censorship on WeChat, the most popular chat app in China
In this report we track a malware operation targeting members of the Tibetan Parliament that used known and patched exploits to deliver a custom backdoor known as KeyBoy. We analyze multiple versions of KeyBoy revealing a development cycle focused on avoiding basic antivirus detection.
In this report, we reverse engineer three popular live streaming platforms (YY, Sina Show, and 9158) and find keyword lists used to censor chat messages. Tracking changes to the keyword lists over the past year gives an inside look into how these applications implement censorship
In this post, we critically examine the Government of Canada’s proposal to indiscriminately access subscriber identity information that is possessed by telecommunications service providers. We conclude by arguing that the government has failed to justify its case for such access to the information.
In this report, we confirm the use of the services of Canadian company Netsweeper, Inc. to censor access to the Internet in the Kingdom of Bahrain.
This report investigates the surveillance capabilities of IMSI Catchers, efforts by states to prevent information relating to IMSI Catchers from entering the public record, and the legal and policy frameworks that govern the use of these devices. The report principally focuses on Canadian agencies but, to do so, draws comparative examples from other jurisdictions. The report concludes with a series of recommended transparency and control mechanisms that are designed to properly contain the use of the devices and temper their more intrusive features.
