"citizen lab"

Security Planner: a peer-reviewed tool to help you figure out your personal digital security plan

The University of Toronto's Citizen Lab (previously) is one of the most effective, most trustworthy expert groups when it comes to investigating the abuse of computers to effect surveillance and sabotage, so the launch of Security Planner, the Lab's peer-reviewed tool that guides you through the creation of a personal security plan, is a game-changing event. Read the rest

Israeli firm Cyberbit illegally spied on behalf of Ethiopia's despots, then stored all their stolen data on an unencrypted, world-readable website

Researchers from the University of Toronto's amazing Citizen Lab (previously) have published a new report detailing the latest tactics from the autocratic government of Ethiopia, "the world's first turnkey surveillance state" whose human rights abuses have been entirely enabled with software and expertise purchased on the open market, largely from companies in western countries like Finfisher and Hacking Team. Read the rest

CIPPIC: Standing Guard for Canadians' Digital Rights

NAFTA 2.0, the return of the TPP, mobile phone surveillance, copyright term extension, class actions targeting movie downloads: Canadians' digital liberties have never been under more pressure than they are today. Digital liberties matter to Canadians. CIPPIC, Canada's public interest tech law clinic, stands on guard for Canadians' digital liberties.

In an engineering paper, bunnie Huang and Ed Snowden describe a malware-resistant hardware Iphone privacy overlay

In July 2016, Andrew "bunnie" Huang and Edward Snowden presented their research on journalist-friendly mobile surveillance resistance at the first MIT Media Lab Forbidden Research conference; a little over a year later, they have published an extensive scholarly paper laying out the problems of detecting and interdicting malware in a mobile device, and presenting a gorgeously engineered hardware overlay that can be installed in an Iphone to physically monitor the networking components and report on their activity via a screen on a slim external case. Read the rest

Investigators into mass murder of Mexican student teachers were attacked with NSO's government spyware

In 2014, 43 students from Mexico's Ayotzinapa Rural Teachers' College went missing in Iguala, in the state of Guerrero: they had been detained by police, who turned them over to a criminal militia, who are presumed to have murdered them. Read the rest

Israeli company's spyware used to target corruption-fighting journalists and lawyers in Mexico

The NSO Group is an Israeli firm that describes itself as a "cyber warfare" company, dealing exclusively to governments, including the famously corrupt and dysfunctional government of Mexico. The NSO Group is presently for sale, with a $1 billion pricetag. Read the rest

Journalism After Snowden: essays about a free press in a surveillance state

Journalism After Snowden: The Future of the Free Press in the Surveillance State is a new essay collection from Columbia Journalism Review Books with contributions from Ed Snowden, Alan Rusbridger (former editor-in-chief of The Guardian); Jill Abramson (former New York Times executive editor; Glenn Greenwald, Steve Coll (Dean of Columbia Graduate School of Journalism), Clay Shirky, Cass Sunstein, and Julia Angwin. Read the rest

Cyberarms dealer's weapons used against Mexican soda-tax activists

NSO is an Israel cyberarms dealer, which buys or researches vulnerabilities in software and then weaponizes them; claiming that these cyberweapons will only be used by democratic governments and their police forces to attacks serious criminals and terrorists -- a claim repeated by its competitors, such as Italy's Hacking Team and Gamma Group. Read the rest

How governments and cyber-militias attack civil society groups, and what they can do about it

The University of Toronto's Citizen Lab (previously) is one of the world's leading research centers for cybersecurity analysis, and they are the first port of call for many civil society groups when they are targeted by governments and cyber-militias. Read the rest

China's We Chat "shadow-bans" messages with forbidden keywords, but only for China-based accounts

The University of Toronto's Citizen Lab (previously) continues its excellent work, this time with a deep investigative piece on a sneaky form of censorship in China's popular We Chat service, where messages posted to group chats that contain words on a government blacklist are made invisible to other participants in the chat, while the original poster still sees it, giving the illusion that everyone's read the controverial message but no one found it worth commenting upon. Read the rest

Canadian government has turned "consultation" on warrantless mass surveillance into a sales-job

The old Canadian Conservative government of Stephen Harper had many controversial policies (cough climate denial cough), with mass surveillance powers very near the top of the charts. Read the rest

Not just Yemen: Canadian cyberarms dealer Netsweeper also helped censor the net in Bahrain

Netsweeper is a litigious cyberarms dealer that threatened to sue the University of Toronto's Citizen Lab when its researchers outed the company for its work in helping Yemen's despotic regime censor the internet; later, the company dropped its lawsuit. Read the rest

Iranians connected to phishing attempt on tortured Syrian activist

Former Syrian National Council vice-president Nour Al-Ameer fled to Turkey after being arrested and tortured by the Assad regime -- that's when someone attempted to phish her and steal her identity with a fake Powerpoint attachment purporting to be about the crimes of the Assad regime. Read the rest

Censorship company drops bogus lawsuit against researchers who outed them

Netsweeper sells "internet filtering technology" -- a tool that spies on users' internet traffic and censors some of what they see -- that is used by governments to control their populations, including the government of Yemen, which uses it to block its citizens' access to material critical of its policies. Read the rest

Baidu browser isn't just a surveillance tool, it's a remarkably sloppy one

Chinese Internet giant Baidu -- a combination between Google, Facebook and Twitter, with key investments in many companies, including Uber -- makes its own Windows/Android browser, long believed to be a de facto surveillance tool. Read the rest

Help wanted: malware researcher for U of T's Citizenlab

Ronald Deibert from the University of Toronto's Citizenlab (previously) sez, "The Citizen Lab at the Munk School of Global Affairs, University of Toronto has a job posting for a security researcher/malware analyst. Read the rest

"Iranian hackers" target activists

Motherboard reports on hilariously insistent efforts made by mystery correspondents to trick people into thinking they are news reporters.

The campaign uses sophisticated techniques to get around the extra protection provided by Gmail’s two-factor authentication, which requires a password and a token to log in, as detailed in a new report published on Thursday by Citizen Lab, a research group at the University of Toronto's Munk School of Global Affairs. While the report doesn’t conclusively point fingers, victims and experts alike think the campaign was likely led by hackers with direct links to the Iranian government or the Iranian Revolutionary Guard Corps (IRGC).

The sheer persistence of the "hacker" raised a red flag for one recipient, who got a phone call asking them if they'd received an email: “That's when I started to get suspicious—no journalist is THAT demanding,” she said.

This behavior actually makes me think it was a PR person!

The “journalist” then sent the same email, but this time using a Gmail account. The first email was made to look like it was from a Reuters account. There were still no questions in the body, and, once again, it included the phishing link.

“And that's when I knew something weird was going on,” York said, adding that she started “trolling him” by saying she wasn’t going to be able to open the attachment because that’s bad security practice.

At that point, the alleged journalist “got angry” and frustrated, even demanding, “This is from my personal address! Just open it!”

“It was sort of pathetic at that point,” York said, and she stopped answering the phone.

Read the rest

Previous PageNext page

:)