This report describes the results of two independent security audits of Smart Sheriff, one by researchers who collaborated at the 2015 Citizen Lab Summer Institute (held at the Munk School of Global Affairs, University of Toronto), and the other by the auditing firm Cure53. The combined audits identified twenty-six security vulnerabilities in recent versions of Smart Sheriff (versions 1.7.5 and under). These vulnerabilities could be leveraged by a malicious actor to take control of nearly all Smart Sheriff accounts and disrupt service operations.

This article, written by Postdoctoral Fellow Christopher Parsons and CIPPIC Staff lawyer Tamir Israel, analyzes how successive federal governments of Canada have actively sought to weaken the communications encryption available to Canadians. The article covers regulations imposed on mobile telecommunications providers, state authorities’ abilities to compel decryption keys from telecommunications providers writ large, and Canada’s signals intelligence agency’s deliberate propagation of flawed encryption protocols.

At the  2015 USENIX Free and Open Communications on the Internet (FOCI) workshop, held in Washington DC on August 10, Citizen Lab and collaborators present three papers.

The papers include: investigation of censorship and surveillance on China’s most popular social video platforms, an updated analysis of China’s Great Canon, and examination of securing cookie-based identifiers from passive surveillance.

This research note outlines what we know about the use of Hacking Team’s Remote Control System (RCS) by South Korea’s National Intelligence Service (NIS). The note synthesizes information found in publicly leaked materials, as well as our own research.

UC Browser is the most popular mobile web browser in China and India, boasting over 500 million users. This report provides a detailed analysis of how UC Browser manages and transmits user data, particularly private data, during its operation. Our research was prompted by revelations in a document leaked by Edward Snowden on which the Canadian Broadcasting Corporation (CBC) was preparing a story.

This document describes key identifiers used by mobile devices, highlights some identifiers that are accessible, and often collected, by various parties and the risks associated with the widespread transmission and use of these identifiers.

In an internal report obtained by the Toronto Star, the Canadian Security Intelligence Service (CSIS) states that the spy agency cannot keep up with threats from state-sponsored hackers. Citizen Lab Postdoctoral Fellow Christopher Parsons told the Toronto Star the report, along with cases like the cyber attack of the NRC by Chinese sponsored hackers, point to the militarization of the Internet.

This post describes our analysis of China’s “Great Cannon,” our term for an attack tool that we identify as separate from, but co-located with, the Great Firewall of China. The first known usage of the Great Cannon is in the recent large-scale novel DDoS attack on both GitHub and servers used by GreatFire.org.

According to state media organization People’s Daily, Apple agreed to Chinese government “security checks.” Citizen Lab Research Fellow Jason Q. Ng expressed concern that this practice may set a trend of compliance to such demands amongst other firms.

Hundreds of members of the Tibetan community are being targeted by email-based malware attacks that leverage the March 10 Tibetan Uprising anniversary as a theme. This report analyzes two March 10 related attacks. One using a new malware family we call MsAttacker , and another using the ShadowNet malware family and command and control infrastructure related to previous campaigns that targeted the Tibetan community.