In this post we examine how the Great Firewall of China is implementing DNS tampering and HTTP request filtering on KakaoTalk and LINE domains, which is disrupting service of the applications as a result. We find that Flickr and OneDrive are also blocked through DNS tampering. We also analyze recent changes to the LINE keyword filtering list.

Citizen Lab Research Fellow Jason Q. Ng was interviewed by VICE podcast’s Reihan Salam.

This project is a large-scale comparison of the three services, matching thousands of Chinese-language Wikipedia articles with their in-China counterparts, in order to identify the “content gaps” in the two baike. The difficulties of identifying traditional cases of information control in environments with distributed oversight like online enclopedias will be discussed. The research methodology and some of the initial results (including tables of possibly censored articles) will also be presented.

Working with the just-released China Chats keyword list, Jason Q. Ng extended The Citizen Lab/UNM’s analysis by checking whether each of the 4,256 keywords was blocked from searching on Sina Weibo. This report includes further analysis and examination of other potential censorship tactics by Weibo revealed in the data.

In this collaborative study between the Citizen Lab and Department of Computer Science at the University of New Mexico we examine the implementation of censorship and surveillance in two IM clients maintained by two different Chinese companies. For a period of more than a year and a half, we downloaded and decrypted the censorship and surveillance keyword lists used by the client software of two IM programs used in China: TOM-Skype and Sina UC.

In April 2010, China Telecom’s network announced incorrect paths to 50,000 IP prefixes, referred to as a “hijack”. The politically sensitive nature of some of the IP prefixes that were hijacked brought this incident to the attention of the US government. It raises many important questions about how we characterize and reason about large-scale routing incidents when they occur.

Citizen Lab Senior Researcher Sarah McKune attended the Conference on China and Cybersecurity hosted by the Naval War College and the University of California Institute on Global Conflict and Cooperation in UC San Diego, La Jolla, CA.

In this article, the Globe and Mail reports on the existence of a foreign entity that has been trying to steal data from more than 70 organizations including two Canadian government departments and the World Anti-Doping Agency in Montreal. The series of incidents were reported by McAfee, which claims to have access to log files from a command and control server used in the attacks. “Operation Shady Rat,” the company’s report on the affair, was released on Wednesday. The attackers have not been identified, however, some commentators are directing suspicions towards China given that the list of targets includes the United Nations, governments in the West and Southeast Asia, military-defence contractors, and international sports bodies that were hit around the time of the 2008 Beijing Olympics.

Recent attacks on three U.S. defense contractors could be tied to cyberespionage campaigns waged from China, several security experts told CNET.

“The reality is, part of the basis of U.S. hegemony…has been the ability to leverage command of signals intelligence to have perspective on the motivations and activities of others. Cyberspace has equalized that, so all of a sudden we’re in a competitive intelligence environment,” said Rafal Rohozinski, a principal at SecDev who did research on targeted attacks on Tibet and others with supposed links to China. Those attacks were detailed in a “GhostNet” report in 2009.

“China has made no secret that they see cyberspace as the domain that allows them to compete with the U.S.,” Rohozinski said.

For full original article, see here