I am a Senior Research Fellow at Citizen Lab, a co-founder of Bahrain Watch, and a Postdoctoral Researcher at UC Berkeley, where I received my PhD in Computer Science under the advisorship of Vern Paxson. My work focuses on novel technological threats to Internet freedom, including new censorship and surveillance tools. My expertise is in Internet scanning and conducting digital investigations. Coverage of my work has been featured in Vanity Fair, the New York Times, the Washington Post, on CNN, and on Larry King.
2016-2017: Exposing Government Hacking of Mobile
Phones
I discovered
the first-ever
iPhone zero-day remote jailbreak seen in-the-wild (the
Trident), sold exclusively to governments by Israeli
cyber-warfare company NSO Group, and used to infect targets with
spyware (Pegasus) through links in SMS text messages. In 2016,
the spyware
was used
against UAE dissident Ahmed Mansoor. In 2017, Citizen Lab
colleague John Scott-Railton and I discovered that Mexican
activists, journalists, and
politicians had
also been targeted with NSO's Trident and Pegasus. The
findings sparked a scandal,
#GobiernoEspĂa, in Mexico.
2016: Documenting a Targeted Internet Access Disruption
In June 2016,
traditional Internet measurement techniques failed to establish
evidence of reported Internet disruptions targeted at protest
areas in the Bahraini village of Duraz. In response, I
performed
a measurement study and provided the first-ever technical
evidence for
a deliberate
small-scale landline and mobile Internet disruption. The study
involved comparing signaling messages received from cell towers
in Duraz both before and during the disruption, and remotely
scanning Bahrain's Internet space for landline connections
exhibiting abnormal packet loss.
2015: Discovering a Nation-State DDoS
Infrastructure
In 2015, together with my Berkeley
colleague Nick Weaver, I discovered
the Great
Cannon, an attack tool that hijacks users' connections to
Chinese websites and enlists their computers in DDoS attacks
against websites. The Great Cannon was employed
in massive
DDoS attacks against pages on Amazon and GitHub providing
access to political content banned in China. We found that the
Great Cannon is collocated with China's Great Firewall,
suggesting government attribution. Subsequent reporting
confirmed that the Great Cannon
was developed
by the Chinese Government.
2013-2014: Blocking Bahrain's Deadly Tear Gas
In
the wake
of revalations
that Bahrain's Ministry of Interior had killed dozens of
residents of predominantly anti-government villages by firing
tear gas projectiles directly at their bodies, or into their
homes as they slept, I designed and helped lead a successful
international campaign
that blocked
a shipment of 3 million tear gas canisters from South Korea
to Bahrain.
The #StopTheShipment
campaign involved
the first-ever
leaked documents from the Bahrain Ministry of Interior's
Purchasing Directorate, as well as collaborations with lawyers,
activists, journalists, and South Korean NGOs.
You can contact me via email at [email protected], using this PGP key.
You can also find me on Twitter as @billmarczak.