Skip to main content

Black Listed News
Trending Articles:
Trending Articles:

Google, Mozilla, and Apple are using this one weird trick to block Kazakhstan's surveillance of its own citizens

Published: August 21, 2019
Share | Print This


Source: Boing Boing

Google and Mozilla are making changes to their respective web browsers to try and thwart the notoriously corrupt government of Kazakhstan's efforts to launch a surveillance operation against its own citizens.

Google (Chrome), Mozilla (Firefox), and now Apple (Safari) are all blocking a root certificate from the Kazakhstan government in their browsers which could be used to intercept encrypted traffic that goes to and Facebook, Gmail, Twitter, or any other news or communication app people might be using there.

Google and Mozilla were first to take action. Later today, an Apple spokesperson began telling reporters that Safari is now also blocking the root certificate as well.

“We have taken action to ensure the certificate is not trusted by Safari and our users are protected from this issue,” said the unnamed Apple spokesperson.

Better late than never, but these moves by US-based tech companies are too late to protect all Kazakh users from harm. The Kazakhstan government launched the root certificate last month, and since then, the government has been able to monitor the encrypted internet activity of any users who installed it.

From Engadget's Amrita Khalid:

 

The nation forced ISPs to cooperate by making it mandatory for all customers to install the certificate in order to gain access to the internet.

Turns out that the root certificate was a Trojan Horse. It allowed the Kazakhstan government to perform a "man-in-the-middle" or MitM attack against HTTPS connections to a list of 37 domains, including Facebook, Twitter, Google and more, according to a study published by University of Michigan's Censored Planet. Normally, HTTPS websites are encrypted in a way that ISPs or governments won't be able to access it. In the case of Kazakhstan, the MitM attack broke the encryption in these sites, allowing the government to freely spy on private internet activity.

Both the Chrome and Firefox browsers in Kazakhstan will bar the illicit certificate before users can even download it. Mozilla will block Kazakhstan's root certificate with OneCRL, which Firefox has been using to revoke certificates since 2015. Previously, users who accessed the internet in Kazakhstan received a message on their smartphone or computer asking them to install the root certificate.

Now when Firefox detects the certificate in Kazakhstan, it will instead block the connection and display an error message. "Research shows that many users click through errors without understanding what they mean, leaving them no better off than if there were no warning at all. We believe this is the appropriate response because users in Kazakhstan are not being given a meaningful choice over whether to install the certificate and because this attack undermines the integrity of a critical network security mechanism," said Mozilla's Senior Director of Trust & Safety Marshall Erwin in an email to Engadget.

Read more: Google and Mozilla to block web surveillance in Kazakhstan [image: shutterstock]

Related Articles:

On Wednesday, Google and Mozilla announced they would block an encryption certificate the Kazakhstan government has forced citizens to download. The certificate allows authorities to intercept Facebook, Twitter, Google, and other passwords of the 18 million people in the country. But now with two of the main browser makers pushing back, that surveillance will be more difficult for the government to carry out.

Share This Article...



Image result for patreon

Emigrate While You Still Can!

Loading...


Image result for patreon


PLEASE DISABLE AD BLOCKER TO VIEW DISQUS COMMENTS

Ad Blocking software disables some of the functionality of our website, including our comments section for some browsers.





Login with patreon to gain access to perks!

SIGN UP TO GET BLACKLISTED NEWS DELIVERED RIGHT TO YOUR INBOX

Enter your email address:





More Blacklisted News...

Blacklisted Radio
Blacklisted Nation
On Patreon
On Gab
On Twitter
On Reddit
On Facebook
Blacklisted Radio:
Republic Broadcasting
Podcasts on Youtube
Podcasts on Demand
On Iheart Radio
On Spreaker
On Stitcher
On iTunes
On Tunein

Our IP Address:
198.245.55.242

Sponsors:
Garden office

good
longboard
brands


Advertise Here...






BlackListed News 2006-2019
Privacy Policy