این سند ترجمه غیررسمی بخشهای منتخب گزارش، بهویژه مقدمه، خلاصهای اجمالی از یافتههای ما و توصیههای سیاستگذاری است. این متن ترجمهای کامل از گزارش نیست و ممکن است بهعنوان ترجمه غیررسمی حاوی خطاهایی باشد. هدف این ترجمه، تنها ارائه درکی کلی از پژوهش ما است. در صورت وجود هرگونه مغایرت یا ابهام، نسخه انگلیسی این… Read more »
هذه الوثيقة هي ترجمة غير رسمية لأجزاء مختارة من التقرير، ولا سيما المقدمة، وملخص رفيع المستوى لنتائجنا، وتوصياتنا المتعلقة بالسياسات. وهي ليست ترجمة كاملة للتقرير، وباعتبارها ترجمة غير رسمية، فقد تفتقر إلى الدقة في بعض أجزائها. لا تهدف هذه الترجمة إلا إلى تقديم فهم عام لأبحاثنا. وفي حالة وجود أي تباين أو غموض، يتم الاحتكام… Read more »
This report performs the first public analysis of MMTLS, the main network protocol used by WeChat, an app with over one billion users. The report finds that MMTLS is a modified version of TLS, however some of the modifications have introduced cryptographic weaknesses.
Apple has decided to drop its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could risk revealing the security methods used to combat commercial surveillance tools.
We are excited to announce a new book, Chasing Shadows: Cyber Espionage, Subversion, and the Global Fight for Democracy, by Ronald Deibert, director and founder of The Citizen Lab, will hit shelves on February 4, 2025.
A sophisticated spear phishing campaign has been targeting Western and Russian civil society. In collaboration with Access Now, and with the participation of numerous civil society organizations, we uncover this operation and link it to COLDRIVER, a group attributed by multiple governments to the Russian Federal Security Service (FSB).
The annual Privacy Enhancing Technologies Symposium (PETS) 2024 is underway in Bristol, UK and online, a gathering of privacy experts from around the world to discuss recent advances and new perspectives on research in privacy technologies. On July 16, former Citizen Lab Open Technology Fund (OTF) Information Controls Fellowship Program fellow Benjamin Mixon-Baca will be… Read more »
In a joint investigation with Access Now, we found that seven Russian and Belarusian-speaking independent journalists and opposition activists based in Europe were targeted and/or infected with NSO Group’s Pegasus mercenary spyware.
In this report, we examine cloud-based pinyin keyboard apps from nine vendors (Baidu, Honor, Huawei, iFlyTek, OPPO, Samsung, Tencent, Vivo, and Xiaomi) for vulnerabilities in how the apps transmit user keystrokes. Our analysis found that eight of the nine apps identified contained vulnerabilities that could be exploited to completely reveal the contents of users’ keystrokes in transit. We estimate that up to one billion users could be vulnerable to having all of their keystrokes intercepted, constituting a tremendous risk to user security.
Emile Dirks, Research Associate at the Citizen Lab, prepared a written submission for the Congressional-Executive Commission on China (CECC) about the state of human rights in the country. The CECC was established by Congress in October 2000, with the legislative mandate to monitor human rights and the development of the rule of law in China,… Read more »
