Mona Wang is an ICFP fellow working with Citizen Lab to conduct an in-depth analysis of the WeChat application’s security and privacy practices.
With over 1.2 billion monthly active users, WeChat is the most popular messaging and social media platform in China, and third in the world. For vulnerable populations that must use WeChat (for instance, domestic journalists and foreign correspondents, grassroots and diaspora activists), precise threat modelling is of utmost importance. This kind of risk assessment requires a more granular security and privacy analysis, to understand the shape and nature of the risks.
During her fellowship, Mona will reverse-engineer WeChat’s custom transport-layer encryption protocol and provide tooling for other researchers to intercept and decrypt network traffic. She will use this tooling to perform an in-depth security and privacy review of the application, including analysis of popular MiniPrograms on the WeChat application ecosystem.