Jump to content

Kazakhstan man-in-the-middle attack

From Wikipedia, the free encyclopedia

In 2015, the government of Kazakhstan created a root certificate which could have enabled a man-in-the-middle attack on HTTPS traffic from Internet users in Kazakhstan. The government described it as a "national security certificate". If installed on users' devices, the certificate would have allowed the Kazakh government to intercept, decrypt, and re-encrypt any traffic passing through systems it controlled.[1][2]

In July 2019, Kazakh ISPs started messaging their users that the certificate, now called the Qaznet Trust Certificate,[3] issued by the state certificate authority the Qaznet Trust Network, would now have to be installed by all users.[4][5]

Sites operated by Google, Facebook and Twitter appeared to be among the Kazakh government's initial targets.[6]

On August 21, 2019, Mozilla and Google simultaneously announced that their Firefox and Chrome web browsers would not accept the government-issued certificate, even if installed manually by users.[7][8] Apple also announced that they would make similar changes to their Safari browser.[6] As of August 2019, Microsoft has so far not made any changes to its browsers, but reiterated that the government-issued certificate was not in the trusted root store of any of its browsers, and would not have any effect unless a user manually installed it.[9]

In December 2020, the Kazakh government attempted to re-introduce the government-issued root certificate for a third time.[10] In response to this, browser vendors again announced that they would block any such attempt by invalidating the certificate in their browsers.[11]

References

[edit]
  1. ^ Nurmakov, Adil (2015-12-05). "Experts Concerned Kazakhstan Plans to Monitor Users' Encrypted Traffic". Digital Report. Retrieved 2019-07-18.
  2. ^ Nichols, Shaun (3 Dec 2015). "Is Kazakhstan about to man-in-the-middle diddle all of its internet traffic with dodgy root certs?". The Register. Retrieved 2019-07-18.
  3. ^ "Kazakh government will intercept the nation's HTTPS traffic". IT PRO. 19 July 2019. Retrieved 2019-08-21.
  4. ^ Afifi-Sabet, Keumars (19 July 2019). "Kazakh government will intercept the nation's HTTPS traffic". IT PRO. Retrieved 2019-07-19.
  5. ^ Raman, Ram Sundara; Evdokimov, Leonid; Wustrow, Eric; Halderman, Alex; Ensafi, Roya (July 23, 2019). "Kazakhstan's HTTPS Interception". Censored Planet. University of Michigan. Retrieved 2019-08-21.
  6. ^ a b Paris, Martine (2019-08-21). "Google and Mozilla block Kazakhstan root CA certificate from Chrome and Firefox". VentureBeat. Retrieved 2019-08-21.
  7. ^ Thayer, Wayne (2019-08-21). "Protecting our Users in Kazakhstan". Mozilla Security Blog. Retrieved 2019-08-21.
  8. ^ Whalley, Andrew (2019-08-21). "Protecting Chrome users in Kazakhstan". Google Online Security Blog. Retrieved 2019-08-21.
  9. ^ Brodkin, Jon (2019-08-21). "Google, Apple, and Mozilla block Kazakhstan government's browser spying". Ars Technica. Retrieved 2019-08-22.
  10. ^ Cimpanu, Catalin. "Kazakhstan government is intercepting HTTPS traffic in its capital". ZDNET. Retrieved 2020-12-18.
  11. ^ Moon, Mariella (2020-12-18). "Tech giants will block Kazakhstan's web surveillance efforts again". Engadget. Retrieved 2020-12-18.