Tweet

Stanford Internet Observatory

13 Feb, 8 tweets, 3 min read

@joinClubhouse

📢 我们Tech team 和 China and Tech research teams今天新发表的研究成果: 我们研究了@joinClubhouse app’s 数据安全措施和中国大陆用户的潜在风险.

🔗 cyber.fsi.stanford.edu/io/news/clubho…

以下是我们的发现👋🧵⤵️

(1/8)

1. AgoraIO, 一家位于上海的初创企业，一般被猜测为Clubhouse提供了后端平台

(2/8)

@joinClubhouse

2. @joinClubhouse用户ID（而不是用户名，更像是唯一的序列号）是通过Internet以纯文本格式传输的，因此很容易被拦截。聊天室ID（再次不是房间名称，更像是序列号）也以明文形式传输。

(3/8)

任何互联网流量观察者都可以轻松地在共享聊天室中匹配ID，以查看谁在与谁聊天。对于中国大陆用户，甚至在政府封锁Clubhouse之前，这令人不安。

(4/8)

@agoraIO

3. @agoraIO可能会（但不一定）提供用户的原始音频。 AgoraIO表示它不存储客户音频，但《中华人民共和国网络安全法》可能会迫使该公司合作移交用户数据

(5/8)

@joinClubhouse

4. @joinClubhouse 用户权限中说明它“暂时”在其自己的服务器上记录用户音频。不清楚服务器在哪里，或“临时”服务器有多长时间。如果服务器在美国，则中国政府不太可能获得对其的合法访问权限

(6/8)

5. 中国政府可以惩罚中国大陆会所用户，但我们（和他们）可能不知道这件事-中国审查制度是复杂的，有时是不可见的。我们还将讨论为什么中国现在禁止了该应用程序

(7/8)

@elegant_wallaby

感谢我们的团队做出的分析@elegant_wallaby @jackhcable @noUpside @alexstamos @debutts @Riana_Crypto

(8/8)

• • •

Missing some Tweet in this thread? You can try to force a refresh

This Thread may be Removed Anytime!

Twitter may remove this content at anytime! Save it as PDF for later use!

More from @stanfordio

Stanford Internet Observatory

@stanfordio

13 Feb

@joinClubhouse

📢 New work out today from our Tech team & China research team: @joinClubhouse app recently became popular in 🇨🇳. We looked at its data security practices & found a potential risk to mainland Chinese users.

🔗 cyber.fsi.stanford.edu/io/news/clubho…

Here are our key findings 👋🧵⤵️

(1/8)

@AgoraIO

(1) .@AgoraIO, a Shanghai-based startup, provides the backend platform to Clubhouse. This has been widely suspected.

(2/8)

@joinClubhouse

(2) .@joinClubhouse user IDs (not their username — more like a unique serial number) are transmitted in plaintext over the internet, making them trivial to intercept. Chatroom IDs (again, more like serial number) also transmitted in plaintext.

(3/8)

Read 8 tweets

Stanford Internet Observatory

@stanfordio

28 Jan

1/ 📢 Out Today: A new report on the contours of Parler. Our team examines growth dynamics (non) moderation policies, and platform growth in 🇧🇷 and 🇸🇦 .

🔗 and 🧵⤵️

cyber.fsi.stanford.edu/io/news/sio-pa…

2/ Our analysis pulled data from three snapshots of Parler’s roughly 29 months online. We looked at metrics from the API to map join dates and linguistic patterns on the site.

3/ Parler has roughly 800 moderators, but their moderation practices were purely reactive and did little to filter out spam or fraud accounts.

Read 9 tweets

Stanford Internet Observatory

@stanfordio

8 Oct 20

@Facebook

🚨Today SIO released assessments of 7 #TakedownThursday info ops removals. On @Facebook 1 network attributed to US consultancy Rally Forge & 1 attributed to the Islamic Movement in 🇳🇬. From @TwitterSafety 5 separate networks attributed to 🇮🇷🇸🇦🇨🇺🇹🇭🇷🇺 🧵⤵️
cyber.fsi.stanford.edu/io/news/twitte…

2\ The Rally Forge network was an astroturfing operation involving fake accounts (some w/AI-gen faces) that left thousands of comments on FB, Twitter, & Instagram. Clients included Turning Point Action and Inclusive Conservation Group, a pro-hunting org cyber.fsi.stanford.edu/io/news/oct-20…

3\ The 🇳🇬 network is linked to the Islamic Movement in Nigeria. With fake accounts, it advocated for the release from prison of IMN leader Sheikh Ibrahim El-Zakzaky. cyber.fsi.stanford.edu/io/news/islami…

Read 8 tweets

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Share this page!

Stanford Internet Observatory

Try unrolling a thread yourself!

More from @stanfordio

Stanford Internet Observatory

Stanford Internet Observatory

Stanford Internet Observatory

Did Thread Reader help you today?

Like this author's thread?