公民實驗室2020年5月7日發布報告指出，中國最流行的社交媒體軟件微信是對平台上的文檔和圖像內容實施監控，並使用監控所得的數據訓練其審查系統。本文是對該報告的概述，以及與研究團隊的一些常見問答。

On May 7 2020, the Citizen Lab published a report that documents how WeChat (the most popular social app in China) conducts surveillance of images and files shared on the platform and uses the monitored content to train censorship algorithms. This document provides a summary of the research findings and questions and answers from the research team.

In what follows, I first provide a summary of the Citizen Lab’s recent investigation into the security of Zoom’s video conferencing application, and the company’s responses. I then discuss a broader range of digital security risks that are relevant to the work-from-home routines that MPs and their staff are following. Finally, I conclude with six recommendations.

يفحص هذا التقرير التشفير الذي يحمي الاجتماعات في تطبيق Zoom الرائج. وجدنا أن Zoom لديه نظام تشفير “خاص به” ، ويحتوي على نقاط ضعف كبيرة. بالإضافة إلى ذلك حددنا نقاط تثير القلق في البنية التحتية لـ Zoom ، بما في ذلك نقل مفاتيح التشفير للاجتماعات عبر الصين.

This report examines the encryption that protects meetings in the popular Zoom teleconference app. We find that Zoom has “rolled their own” encryption scheme, which has significant weaknesses. In addition, we identify potential areas of concern in Zoom’s infrastructure, including observing the transmission of meeting encryption keys to China.

New York Times journalist Ben Hubbard was targeted with NSO Group’s Pegasus spyware via a June 2018 SMS message promising details about “Ben Hubbard and the story of the Saudi Royal Family.” The SMS contained a hyperlink to a website used by a Pegasus operator that we call KINGDOM. We have linked KINGDOM to Saudi Arabia. In 2018, KINGDOM also targeted Saudi dissidents including Omar Abdulaziz, Ghanem al-Masarir, and Yahya Assiri, as well as a staff member at Amnesty International.

This comprehensive Toronto Star profile provides an overview of the Citizen Lab’s work, impact, and history, mapping our journey from a initial Ford Foundation grant to an organization with 18 staff and a dozen research fellows.

As part of our investigation into the incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East, and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses.

English العربية Español   ¿Qué es esto? Esta página está destinada ÚNICAMENTE para los usuarios de Android que han recibido una notificación oficial sobre la posibilidad de haber sido objetivo de un ataque en un incidente relacionado con el software espía desarrollado por NSO Group ocurrido en la primavera del 2019. Si no has recibido… Read more »

English العربية Español ما هذا؟ هذه الصفحة مخصصة فقط لمستخدمي Android الذين تلقوا اتصالًا رسميًا باستهداف محتمل في حادثة تتعلق ببرامج التجسس الخاصة بـ NSO Group والتي حدثت في ربيع عام 2019. في حال لم يتم التواصل معك، فمن المرجح ألا تكون هذه النصيحة مناسبة لك. إذا كنتكنت تبحث عن نصائح عامة حول كيفية رفع… Read more »