Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] New Citizen Lab series of research posts on Asia chats

Tom Ritter tom at ritter.vg
Fri Nov 15 08:05:04 PST 2013


I've been super impressed with the recent Citizen Lab work. I wanted
to pull out a couple choice quotes for folks who may have only skimmed
this.

------------

Citizen Lab researchers verified that LINE chat traffic is sent
unencrypted over 3G networks on the latest version of the client. This
behaviour is unusual given the fact that the client does encrypt chat
traffic over wifi connections.

I found a couple additional bits on this on Twitter via thegrugq:
 - http://www.telecomasia.net/blog/content/line-vulnerable-man-middle-attack
 - "LINE is used by the Thai Democrat party for their internal comms.
It's terrible."

------------

Reverse engineering of the most recent Android version of LINE
revealed that when the user’s country is set to China during
installation of the application it will enable censorship
functionality by downloading a list of censored words from Naver’s
server, and then block the transmission of any messages that contain
any of those keywords. ... The presence of censorship functionality
has been confirmed as far back as v3.4.2, released on January 18 2013,
using APK files found at AndroidDrawer. ... In our analysis, we were
able to retrieve two lists from the server: Version 20 (223 keywords)
and 21 (370 keywords), which suggests that there have been at least 21
iterations of the keyword block list. ... Citizen Lab Research Fellow
Jason Q. Ng has translated both the original keyword list discovered
by @hirakujira, and the latest versions we extracted from Chinese to
English and describes the context behind them. The first keyword list
discovered by @hirakujira is described in a series of blog posts (full
list available here) and the most recent keyword list uncovered by
Citizen Lab and translated by Ng is available here. The first keyword
list from @hirakujira contains content related to domestic Chinese
politics, human rights, and sensitive political events–many of which
are rather obscure and only mentioned in media known for being
critical of the CPC.

------------


-tom

On 14 November 2013 15:13, Ronald Deibert <r.deibert at utoronto.ca> wrote:
> Dear Lib Tech.
>
> I am pleased to announce the publication of a new series of research reports
> on censorship and surveillance on mobile messaging applications in Asia.
> Details are below.
>
> Cheers
> Ron
>
>
> Asia Chats: Analyzing Information Controls and Privacy in Asian Messaging
> Applications
>
> The Citizen Lab at the Munk School of Global Affairs, University of Toronto
> is proud to announce the launch of Asia Chats: a project analyzing
> information controls and privacy in mobile messaging applications used in
> Asia.
>
> Across Asia, a new class of instant messaging (IM) mobile applications are
> rapidly growing in popularity and amassing enormous user bases. These
> applications encompass more than text, voice, and video chat as they offer
> social networking platforms that include expressive emoticons and stickers
> (known as “emoji”), photo and video sharing, e-commerce, gaming, and other
> features that provide a more sophisticated user experience than previous
> generations of IM clients.  These applications are dominating their
> respective domestic marketplaces, but are also keenly expanding into markets
> in countries across Asia and beyond the region.
>
> Currently, the three most popular chat applications developed by companies
> based in Asia are WeChat (developed by Tencent holdings Ltd based in China),
> LINE (developed by LINE Corporation based in Japan, which is a subsidiary of
> South Korea-based Naver Corporation), and KakaoTalk (developed by Kakao
> Corporation based in South Korea).
>
> The swift growth of these applications and aggressive strategies to attract
> international user bases raise questions regarding the kind of governmental
> pressures the companies may face in particular jurisdictions to implement
> censorship or surveillance features and provide user data and how they will
> respond to these pressures.
>
> This series will begin with a focus on WeChat, LINE, and KakaoTalk. Reports
> will include analysis based on our technical investigation of censorship or
> surveillance functionality, assessment of privacy issues surrounding these
> application’s use and storage of user data, and comparison of the terms of
> service and privacy policies of the applications.
>
> The first report in this series by Seth Hardy (Senior Security Analyst,
> Citizen Lab) examines the implementation of regionally-based keyword
> censorship in LINE for users based in China.
>
> This analysis reveals that when the user’s country is set to China during
> installation of the LINE application it will enable censorship functionality
> by downloading a list of censored words from Naver’s server, and then block
> the transmission of  any messages that contain any of those keywords.
>
> Today we release the following outputs:
>
> Asia Chats project framing post
>
>
> Detailed technical report of regionally-based keyword censorship in LINE by
> Seth Hardy (Senior Security Analyst, Citizen Lab)
>
>
> Keyword list translated from Chinese to English with contextual descriptions
> by Jason Q. Ng (Research Fellow, Citizen Lab)
>
>
> Blog series by Jason Q. Ng on context behind the blocked keywords on LINE
>
>
> LINE Region Code Encrypter Tool developed by Seth Hardy and Greg Wiseman
> (Senior Data Visualization Developer, Citizen Lab) for changing regions in
> the LINE client to disable regionally-based keyword censorship in the
> application.
>
>
> For media enquiries please contact us at info at citizenlab.org or +1 416 946
> 8903
>
> Asia Chats Research Team
>
> Contextual, Legal and Policy Research: Masashi Crete-Nishihata, Andrew
> Hilts, Irene Poetranto, Jason Q. Ng, Adam Senft, Aim Sinpeng.
>
> Technical Research: Jakub Dalek, Seth Hardy, Katie Kleemola,  Byron Sonne,
> Greg Wiseman.
>
> Ronald Deibert
> Director, the Citizen Lab
> and the Canada Centre for Global Security Studies
> Munk School of Global Affairs
> University of Toronto
> (416) 946-8916
> PGP: http://deibert.citizenlab.org/pubkey.txt
> http://deibert.citizenlab.org/
> twitter.com/citizenlab
> r.deibert at utoronto.ca
>
>
>
>
> --
> Liberationtech is public & archives are searchable on Google. Violations of
> list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
> change to digest, or change password by emailing moderator at
> companys at stanford.edu.



More information about the liberationtech mailing list