Dear Libtech The Citizen Lab has published a new report this morning, called "Pay No Attention to the Server Behind the Proxy: Mapping FinFisher’s Continuing Proliferation." The research is a continuation of several prior reports of ours that attempt to map the infrastructure of FinFisher, a notorious purveyor of commercial spyware which we have found linked to countries with poor human rights records.
Although marketed as a tool for fighting crime, the spyware has been involved in a number of high-profile surveillance abuses. Between 2010 and 2012, Bahrain’s government used FinFisher to monitor some of the country’s top law firms, journalists, activists, and opposition political leaders. Ethiopian dissidents in exile in the United Kingdom and the United States have also been infected with FinFisher spyware. In our new report, we devise a method for querying FinFisher’s “anonymizing proxies” to unmask the true location of the spyware’s master servers. Since the master servers are installed on the premises of FinFisher customers, tracing the servers allows us to identify which governments are likely using FinFisher. In some cases, we can trace the servers to specific entities inside a government by correlating our scan results with publicly available sources. Our results indicate 32 countries where at least one government entity is likely using the spyware suite, and we are further able to identify 10 entities by name. Here is a link to the map of the country findings: https://citizenlab.org/wp-content/uploads/2015/10/image00.jpg Our full report is here: https://citizenlab.org/2015/10/mapping-finfishers-continuing-proliferation/ Authors: Bill Marczak, John Scott-Railton, Adam Senft, Irene Poetranto, and Sarah McKune Associated Press: http://bigstory.ap.org/article/a46ad09bfcc142909deaadfac7504b8a/despite-exposure-new-nations-joining-cyberespionage-game Motherboard: http://motherboard.vice.com/read/researchers-find-impossible-to-trace-spyware-in-32-countries All the best, Ron Ronald Deibert Director, the Citizen Lab Munk School of Global Affairs University of Toronto (416) 946-8916 PGP: http://deibert.citizenlab.org/pubkey.txt http://deibert.citizenlab.org/ twitter.com/citizenlab twitter.com/rondeibert r.deib...@utoronto.ca
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
