Planet Netsweeper

Internet filtering technologies play a critical role in shaping access to information online. Whether we are connecting to the Internet from our homes, coffee shops, libraries, or places of work, software that inspects, manages, and/or blocks our communications has become commonplace. When used at the level of large, consumer-facing Internet Service Providers (ISPs), Internet filtering technologies can have significant human rights impacts. A growing number of governments employ Internet filtering systems at this scale in order to undertake national-level censorship of the Internet. Filtered content ranges from pornography, hate speech, and speech promoting or inciting violence, to political opposition websites, news websites, websites affiliated with various religions, and everything in-between. The growing responsibilities among network operators to filter content, either within private enterprises or on public networks, have given rise to a large and lucrative market. One industry report estimated the value of the web content filtering market at $3.8 billion USD by 2022. While network operators can manually configure their infrastructure to block specific websites or applications, the task can be time- consuming, complicated, and ineffective. Internet filtering companies provide professional services to ISPs and other clients to take care of this responsibility. Typically, Internet filtering companies dynamically categorize Internet resources and then let their clients choose pre-selected content categories or services that they wish to block. Customers can also add custom lists of their own to content that is filtered or blocked. In the hands of authoritarian regimes, such professional services can limit the ability of citizens to communicate freely and help impose opaque and unaccountable controls on the public sphere

The Endoplasmic Reticulum Stress Response in Neuroprogressive Diseases: Emerging Pathophysiological Role and Translational Implications

The endoplasmic reticulum (ER) is the main cellular organelle involved in protein synthesis, assembly and secretion. Accumulating evidence shows that across several neurodegenerative and neuroprogressive diseases, ER stress ensues, which is accompanied by over-activation of the unfolded protein response (UPR). Although the UPR could initially serve adaptive purposes in conditions associated with higher cellular demands and after exposure to a range of pathophysiological insults, over time the UPR may become detrimental, thus contributing to neuroprogression. Herein, we propose that immune-inflammatory, neuro-oxidative, neuro-nitrosative, as well as mitochondrial pathways may reciprocally interact with aberrations in UPR pathways. Furthermore, ER stress may contribute to a deregulation in calcium homoeostasis. The common denominator of these pathways is a decrease in neuronal resilience, synaptic dysfunction and even cell death. This review also discusses how mechanisms related to ER stress could be explored as a source for novel therapeutic targets for neurodegenerative and neuroprogressive diseases. The design of randomised controlled trials testing compounds that target aberrant UPR-related pathways within the emerging framework of precision psychiatry is warranted

Behind Blue Coat: Commercial Filtering in Syria and Burma

Produced by the Citizen Lab at the Munk School of Global Affairs, University of Toronto.Citizen Lab research into the use of commercial filtering products in countries under the rule of authoritarian regimes has uncovered a number of devices manufactured by U.S.-based Blue Coat Systems in Syria and Burma. Although Blue Coat has recently acknowledged the presence of their devices in Syria, this brief contributes to previous findings of devices in the country, documents additional devices in use in Syria, and identifies Blue Coat devices actively in use in Burma. This brief urges Blue Coat to investigate these claims and take action to prevent the further use of its technology in Syria and Burma

QQ浏览器存在的隐私与安全隐患

The authors would like to thank Sarah McKune and Masashi Crete-Nishihata for assistance and peer review on this report.This report describes privacy and security issues with the Windows and Android versions of QQ Browser. Our research shows that both versions of the application transmit personally identifiable data without encryption or with easily decrypted encryption, and do not adequately protect the software update process.Jeffrey Knockel’s research for this project was supported by the Open Technology Fund’s Information Control Fellowship Program and Adam Senft’s research from the John D. and Catherine T. MacArthur Foundation (Ronald J. Deibert, Principal Investigator)

阅读报告的主要发现

The Citizen Lab would like to thank Seth Hardy from Lookout for assistance with this report.This report describes privacy and security issues with Baidu Browser, a web browser for the Windows and Android platforms. Our research shows that the application transmits personal user data to Baidu servers without encryption and with easily decryptable encryption, and is vulnerable to arbitrary code execution during software updates via man-in-the-middle attacks. Much of the data leakage is the result of a shared Baidu software development kit, which affects hundreds of additional applications.Jeffrey Knockel’s research for this project was supported by the Open Technology Fund’s Information Control Fellowship Program. Sarah McKune’s research was supported by a grant from the Open Society Foundations (Ronald J. Deibert, Principal Investigator), and Adam Senft’s from the John D. and Catherine T. MacArthur Foundation (Ronald J. Deibert, Principal Investigator)

A Tough Nut to Crack: A Further Look at Privacy and Security Issues in UC Browser

Thanks to Andrew Hilts, Sarah McKune, Jason Ng and Masashi Crete-Nishihata for assistance with this report.In this report we analyze Windows and Android versions of web browser UC Browser, and find they transmitted personally identifiable information with easily decryptable encryption and were vulnerable to arbitrary code execution during software updatesJeffrey Knockel’s research for this project was supported by the Open Technology Fund’s Information Control Fellowship Program and Adam Senft’s research from the John D. and Catherine T. MacArthur Foundation (Ronald J. Deibert, Principal Investigator). This material is based upon work supported by the U.S. National Science Foundation under Grant Nos. #1314297, #1420716, #1518523, and #1518878

Targeted Malware Attacks against NGO Linked to Attacks on Burmese Government Websites

Thanks to John Scott-Railton for comments on the post.This report analyzes a campaign of targeted attacks against an NGO working on environmental issues in Southeast Asia. Our analysis reveals connections between these attacks, recent strategic web compromises against Burmese government websites, and previous campaigns targeting groups in the Tibetan community

Behind Blue Coat: An Update from Burma

Produced by the Citizen Lab at the Munk School of Global Affairs, University of Toronto.Citizen Lab research into the use of commercial filtering products in countries under the rule of authoritarian regimes has previously documented the use of devices manufactured by U.S.-based Blue Coat Systems in Syria and Burma. In Behind Blue Coat: Investigations of commercial filtering in Syria and Burma, we identified Blue Coat devices in Burma through the error messages, hostnames and filtering behaviour on Burmese Internet service provider (ISP) Yatanarpon Teleport. Additional evidence gathered by the Citizen Lab from Burma since the publication of that report has provided further confirmation that Blue Coat’s devices are presently in use in the country

Pay No Attention to the Server Behind the Proxy: Mapping FinFisher’s Continuing Proliferation

Special thanks to Citizen Lab colleagues Morgan Marquis-Boire and Claudio Guarnieri, as well as Ron Deibert and Masashi Crete-Nishihata. Special thanks to the Open Technology Fund. Thanks to Vern Paxson and Jason Passwaters.This post describes the results of Internet scanning we recently conducted to identify the users of FinFisher, a sophisticated and user-friendly spyware suite sold exclusively to governments. We devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers. Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher. In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources