Citizen Lab Wins Press Freedom Award for Defense of Internet

The Citizen Lab is the recipient of this year’s press freedom award of the Canadian Committee for World Press Freedom (CCWPF), The 13th annual Press Freedom Award goes to a Canadian person or group who has defended or advanced the cause of freedom of expression. The Citizen Lab team, based at the Munk Centre for International Studies at the University of Toronto, was selected for its ongoing dedication to free expression online through work that exposes cases of Internet censorship and espionage around the world.

From CNBC
Continue reading

Citizen Lab Recipient of Canadian Journalists for Free Expression (CJFE) 2010 Vox Libera Award

The Citizen Lab is proud and humbled by the announcement that we are the recipient of the Canadian Journalists for Free Expression (CJFE) 2010 Vox Libera Award. The announcement stated “The Citizen Lab was selected for its dedication to free expression and access to information online. World leaders in the field of “hacktivism,” the Citizen Lab’s members focus their research on documenting cases of internet espionage and censorship around the world, reinforcing the idea that the Internet should remain a safe, public domain”.

From Digital Journal

Psiphon wins Index on Censorship Economist New Media Award

We were very pleased to hear that Psiphon was the recipient of the Economist New Media Award at the Index on Censorship 2009 Free Expression Award Ceremony in London yesterday.

Details here. Although we are proud to win the award, we feel that this award belongs to the others on the shortlist as well. In particular, it is noteworthy that nominee Hoder is still imprisoned in Iran for merely expressing his opinions.

Tracking GhostNet

Dear Friends and Colleagues

Please find below a link to Tracking GhostNet: Investigating a Cyber Espionage Network, the second major report from the Information Warfare Monitor – a joint project of the SecDev Group (Ottawa) and the Citizen Lab (Munk Centre for International Studies, University of Toronto).

Tracking GhostNet: Investigating a Cyber Espionage Network

This report documents the GhostNet – a suspected cyber espionage network of over 1,295 infected computers in 103 countries, 30% of which are high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs.

The report can be downloaded here.

For security reasons, we have redacted parts of the report until affected parties can be notified by the relevant authorities. A full uncensored report will be released in one week.

A New York Times story by John Markoff about the report is here.

This report is the culmination of a 10 month investigation of alleged Chinese cyber spying against Tibetan institutions. It documents a vast suspected cyber espionage network of over 1,295 infected computers in 103 countries, referred to in the report as GhostNet. Close to 30% of the infected hosts are considered high-value political and economic targets, and include computers located at ministries of foreign affairs, embassies, international organizations, news media, and NGOs.

The capabilities of the attack tools used by the GhostNet system were far-reaching, and include the ability to retrieve documents, and turn on web cameras and audio systems. The investigation was able to conclude that Tibetan computer systems were compromised by multiple infections that gave attackers unprecedented access to potentially sensitive information, including documents from the private office of the Dalai Lama.

While our analysis reveals that numerous politically sensitive and high value computer systems were compromised in ways that circumstantially point to China as the culprit, we do not know the exact motivation or the identity of the attacker(s), or how to accurately characterize this network of infections as a whole. One of the characteristics of cyber-attacks of the sort we document here is the ease by which attribution can be obscured. Regardless of who or what is ultimately in control of GhostNet, it is the capabilities of exploitation, and the strategic intelligence that can be harvested from it, which matters most. This report underscores the growing capabilities of cyber attacks, the ease by which cyberspace can be used as a vector for signals intelligence, and the importance of taking information security seriously by security professionals and policy makers worldwide. We look forward to your comments.

Profile of the Citizen Lab

Aired on CBC Radio-Canada’s “Une Heure Sur Terre”
November, 2008

The program provides an overview of the Lab, our research on information warfare, Nart Villeneuve’s Skype report, the OpeNet Initiative, and our psiphon circumvention software project.

Beating Internet Censorship the Canadian Way

from PC World

…”What we’re trying to do with psiphon is build a technology that supports that original notion of innovation that drove the Internet,” explains Lab Director Ronald Deibert.

“[T]he guarantee of uninterrupted access to free information” is what is at stake, says Professor Deibert, whose background and training as a political scientist – not a computer scientist – shows through clearly.

The Citizen Lab started in 2001, as a research and development centre for “politically-motivated hacktivists.” Among other activities, it operates the Open Net Initiative, collaborating with organizations around the world on matters of online access, cyber security and Internet censorship.

Read more here.

Breaching Trust

I am pleased to announce our release of a major investigative report, Breaching Trust: An analysis of surveillance and security practices on China’s TOM-Skype platform, written by Nart Villeneuve, Psiphon Fellow, the Citizen Lab, at the Munk Centre for International Studies, the University of Toronto.

The full report can be downloaded here.

John Markoff of the New York Times has just released a story about the report, which will appear in tomorrow’s paper, but can be found online here.

Major Findings of this report are as follows:

  • The full text chat messages of TOM-Skype users, along with Skype users who have communicated with TOM-Skype users, are regularly scanned for sensitive keywords, and if present, the resulting data are uploaded and stored on servers in China.
  • These text messages, along with millions of records containing personal information, are stored on insecure publicly-accessible web servers together with the encryption key required to decrypt the data.
  • The captured messages contain specific keywords relating to sensitive political topics such as Taiwan independence, the Falun Gong, and political opposition to the Communist Party of China.
  • Our analysis suggests that the surveillance is not solely keyword-driven. Many of the captured messages contain words that are too common for extensive logging, suggesting that there may be criteria, such as specific usernames, that determine whether messages are captured by the system.

As my colleague Rafal Rohozinski and I say in the foreword to the report, “If there was any doubt that your electronic communications – even secure chat – can leave a trace, Breaching Trust will put that case to rest. This is a wake up call to everyone who has ever put their (blind) faith in the assurances offered up by network intermediaries like Skype. Declarations and privacy policies are no substitute for the type of due diligence that the research put forth here represents.”