Asia Pacific
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities.
In this explainer, we discuss the findings of our comparative analysis of security, privacy, and censorship issues in TikTok and Douyin.
A comparative analysis of security, privacy, and censorship issues in TikTok and Douyin, both developed by ByteDance.
On December 21, 2020 the Citizen Lab released a report that discovered issues with three COVID-related applications in Indonesia and the Philippines. This document provides a summary of the research findings and questions and answers from the research team.
As part of the Citizen Lab’s research into the security and privacy of applications, we report on issues we discovered with three COVID-related applications in Indonesia and the Philippines – PeduliLindungi, StaySafe PH, and COVID-KAYA.
On December 7, 2020, the Citizen Lab published a report that investigates Huawei, 5G technologies, and Canadian telecommunications issues. Drawing exclusively on open-source reporting, it finds that Canada does not have a Huawei problem, per se; it has a 5G strategy problem that is linked to the Government of Canada lacking a principle-driven set of integrated industrial, cyber security, and foreign policy strategies. This document provides a summary of the research findings and questions and answers from the research team.
Circles is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe, and is affiliated with NSO Group, which develops the oft-abused Pegasus spyware. Using Internet scanning, we found a unique signature associated with the hostnames of Check Point firewalls used in Circles deployments, enabling us to identify Circles deployments in at least 25 countries.
COVID-KAYA, a platform used by frontline healthcare workers in the Philippines to collect and share COVID-19 cases with the Philippines Department of Health, contained vulnerabilities in both the web and Android apps that allows for unauthorized users to access private data about the app’s users, and potentially patient data.
This document provides an explainer to a new report from Citizen Lab and the International Human Rights Program at the University of Toronto’s Faculty of Law on the use and human rights implications of algorithmic policing practices in Canada.
As a follow-up to our March 2020 report, we conducted daily tests on WeChat and collected 2,174 censored keywords between January to May 2020. This data provides a view into how narratives and messaging on the pandemic are controlled and molded on social media in China.
