BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Taser Company Axon Is Selling AI That Turns Body Cam Audio Into Police Reports
European Commission Launches Another TikTok Probe
Election 2024: Championing Proactive Cybersecurity To Fortify National Security
Malvertising Slips Through: Boosting Digital PR And Ad Safety Is Vital
Why You Should Change How You Make Calls On Your iPhone
Jake Davis Shares The Secrets Behind Epic Wildlife Photography
Edit Story
InnovationCybersecurity

Apple, Google And Mozilla Block Kazakh Government Surveillance

Emma Woollacott
Senior Contributor
Opinions expressed by Forbes Contributors are their own.
Following
This article is more than 4 years old.

Apple, Google and Mozilla have moved to prevent

Getty

from intercepting internet traffic, by blocking a root certificate used by the Kazakh government.

Last month, the government ordered all internet service providers in the country to force users to install a root certificate on all devices and in every browser. This, it said, was for 'the protection of citizens, government bodies and private companies from hacker attacks, internet fraudsters and other types of cyber threats'.

However, according to Censored Planet, which monitors global internet disruption at the University of Michigan, that root certificate was essentially a Trojan horse.

It allows the authorities to intercept and decrypt HTTPS traffic  to 37 domains, including Facebook, Google and Twitter.

"So far, the attack appears to affect a fraction of connections passing through the country’s largest ISP, Kazakhtelecom (AS 9198 KazTelecom). This means some, but not all, of the Kazakh Internet population is affected," the researchers write.

"Although the interception is not yet occurring country-wide, it appears the government is both willing and potentially capable of widespread HTTPS interception in the near future."

Since then, the Kazakh government is believed to have stopped demanding that the certificate be installed and has allowed internet users to delete it.

However, it's not the first time that Kazakhstan has attempted to introduce internet surveillance. In 2015, it tried to get a root certificate included in Mozilla’s trusted root store program - but was denied when Mozilla realised what it intended.

And the country has a track record when it comes to censorship, with regular internet shutdowns and individual site blocks.

As a result, fearing that the government could restart surveillance at any time, Apple, Google and Mozilla have banned the new root certificate in Chrome, Firefox, and Safari.

"People around the world trust Firefox to protect them as they navigate the internet, especially when it comes to keeping them safe from attacks like this that undermine their security," says Marshall Erwin, senior director of trust and security at Mozilla.

"We don’t take actions like this lightly, but protecting our users and the integrity of the web is the reason Firefox exists."

Follow me on Twitter
Emma Woollacott
Emma Woollacott