Welcome to WebmasterWorld Guest from 18.232.171.18

Forum Moderators: open

Kazakhstan now intercepts all HTTPS traffic to protect its citizens

     
2:20 pm on Jul 20, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Nov 13, 2016
posts:1193
votes: 280



Starting Wednesday, July 17, 2019, the Kazakhstan government has started intercepting all HTTPS internet traffic inside its borders.
/.../
Kazakh users trying to access the internet since yesterday have been redirected to web pages that contained instructions on how to install the government's root certificate in their respective browsers.
/.../
Ministry officials said the measure was "aimed at enhancing the protection of citizens, government bodies and private companies from hacker attacks, Internet fraudsters and other types of cyber threats."

[zdnet.com...]
2:45 pm on July 20, 2019 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member graeme_p is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Nov 16, 2005
posts:2980
votes: 201


This is a weakness of the way https works that has always worried me. Anyone with a root certificate can intercept traffic.
8:26 pm on July 20, 2019 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Nov 25, 2003
posts:1336
votes: 429


Kazakhstan actually announced they intended this back in 2015/2016 when they submitted request to Mozilla for root inclusion.
* Add Root Certification Authority of the Republic of Kazakhstan (root.gov.kz) [bugzilla.mozilla.org]
At that time there was sufficient public outcry from internal organisations as well as external that it was shelved. Until things quieted down...

Regarding current event: MITM on all HTTPS traffic in Kazakhstan [bugzilla.mozilla.org].

From Vice Minister: Installing a “security certificate” is a matter for users [rus.azattyq.org], a RFE/RL (Radio Free Europe / Radio Liberty) site, 19-July-2019. Quotes via Google translate:

An official in Nur-Sultan on Friday, July 19, against the background of large-scale criticism on the Web, assured journalists that users do not have to install the “security certificate” distributed by the authorities to access the Internet. Vice-Minister of Digital Development, Innovation and Aerospace Industry of Kazakhstan Ablaykhan Ospanov said that the norm obliging operators to provide users with the ability to install a technical safety certificate on their devices is in the law on communications.

Over the past few days, users of a number of Kazakhstani mobile operators received messages proposing to install a special certificate in order to avoid “problems with access to certain Internet resources”. The operators explained this recommendation as “measures to prevent cyber attacks”. The call to install a government-issued certificate "for each device" caused outrage among users.

....

Earlier this month, a local cybersecurity group issued reports of "major incidents" related to the possible leakage of personal data of Kazakhstanis, including the discovery of an unknown database "with full information of 11 million people" on the Web. Last week, local media reported that a number of Kazakhstani resources were subjected to “hacker attacks”. It was also reported that the passwords of dozens of users could fall into the hands of third parties as a result of the appearance on the Network of a site that duplicates the Internet banking site.

Mobile operators 'proposals for installing a “trusted QazNet certificate” were also preceded by an extensive advertising campaign in the Kazakhstan segment of the Network of selected Kazakhstan-based Internet resources, the appearance of which critics described as the authorities' desire to further regulate the Internet space.

If it's not corporations it's governments, six of one half dozen of the other, brothers of a feather...
11:41 pm on July 20, 2019 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15756
votes: 828


to protect its citizens
Funny, I just this moment put up a wholly unrelated post under the title “you keep using that word” ...
2:45 am on July 21, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:July 29, 2007
posts:2011
votes: 211


Improve your personal security by letting us watch you fam!
8:00 am on July 21, 2019 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Nov 13, 2016
posts:1193
votes: 280


I wonder how many countries will follow...
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members