In Kazakhstan, the Internet Backdoors You (csoonline.com) 94
itwbennett writes: Kazakhstan passed a law that would require citizens to install a certificate on their personal computers and mobile devices that would allow the government to snoop and capture web traffic, passwords, financial details. Telecom.kz posted the news to their website on November 30, but by December 4 the press release had been removed from the website. This is just the latest example of government overreaching. Recently we've seen the Turkish government attempt to block access to social media sites. And let's not forget Thailand's attempt to roll out their own man-in-the-middle implementation.
Re: (Score:3, Insightful)
Well, then it's a good fucking thing nobody said Russia.
Re: (Score:3)
Re: (Score:3)
A moose bit my sister once ... it was very painful.
Re: (Score:2)
Was your sister OK?
Re: (Score:2)
We apologize for the fault in the comments. Those responsible have been sacked.
Re: (Score:2)
A moose bit my sister once ... it was very painful.
We must keeel this squirrel and moose!
Soviet Russia, Russia and Kazakhstan (Score:3)
Yakov Smirnoff [wikipedia.org] started this genre of jokes back in the 60s. At the time, Russia was usually conflated w/ the Soviet Union (just like England to this day is conflated w/ the United Kingdom). His usage of the term 'Soviet Russia' meant the USSR, rather than the RSFSR. Since Kazakhstan was a part of the USSR, this genre of jokes could remain relevant for this case.
At any rate, this is by no means the worst to hit Kazakhstan. Nor are Borak caricatures of that country. The worst thing that could ever
Re: (Score:2)
And Tsarist Russia as well. Putin is running for Tsar.
Re: (Score:2)
ah ha, that's so right it's wrong. Or so much horse flesh dragged along behind the unstoppable juggernaut of a cart.
Tsar Putin - but of course! Except, why would Putin want to limit himself to the powers and capabilities of a mere Tsar?
And as for Putin being in the running ... well only if you mean "Putin is standing still, awaiting the unanimous demand of the people's of the RF that he take up the new post of hereditary First Secretary for life.
I just realised - I don't know i
Cold War, Soviets and Russia (Score:3)
The mistake that both Bush 41 and Clinton 42 made was that they allowed their State Departments to continue to keep Russia in the adversaries column, long before Putin surfaced. Letting Russia fester and supporting secessionist movements there like the Chechens was a bi-partisan sin. But the biggest issue w/ them is that they never realized that Islam replaced Communism as the free world's #1 enemy, and is even more lethal than either Nazism or Communism
Most of the stans are still pretty similar to thei
Re: (Score:3)
I agree. Removing those was a mistake. In case of Libya, Gadaffi had already ended his WMD program and was on the mend: there was no good reason to take him down. There wasn't a good reason to remove Mubarak either - Cici today is just Mubarak w/ another face. I oppose Assad being removed - I agree w/ the Russians and Trump here.
As for Iraq, it was fine to destroy Saddam's military and reduce their support to terror groups like Hamas. Bringing democracy to Iraq has made it a de-facto Shia theocracy,
Re: (Score:2)
I think a large number of right wing Senators had a something to do with it as well.
Re: (Score:3)
I am aware that Putin does not know his borders, but Kazakhstan is not Russia.
He knows his borders. Just in his mind if you are a former Soviet state then you are (or should be) actually part of Russia. He's kind of like China, in that the borders they think they have don't really line up with the maps everyone else is using.
Re: (Score:2)
And in a fine example of global cooperation and friendship Turkey took the time out of their busy day to help the Russian pilots re-calibrate their GPS system coordinates to demark the Turkish border.
Re:In Russia, you (Score:4, Informative)
Kazakhstan basically consists of northern part - Russian Southern Siberia and southern part - Kazakhstan proper - and has been separated from Russia by Stalin in 1936. The northern part was part of Russia and inhabited by Russians during about 400 years after fall of Golden Horde. If you look at Google Maps you see that northern part has mostly Russian names and the southern one - Kazakh ones.
Re: (Score:2)
And the difference to the NSA is? (Score:3)
I bet that there, the government has the legal authority to do this, so what's the big deal? Here we have that pesky thing called the constitution, and the government still does the same even though they knew it was sketchy at best, but probably illegal.
Peter.
Re: (Score:2)
I bet that there, the government has the legal authority to do this, so what's the big deal? Here we have that pesky thing called the constitution, and the government still does the same even though they knew it was sketchy at best, but probably illegal.
Peter.
Oops, the NSA already has their cert installed in Firefox, IE, Chrome, and other web browsers as well by default:
http://security.stackexchange.... [stackexchange.com]
So this is an issue of Kazakhstan just catching up to the US.
Re: (Score:2)
GCHK and NSA (Score:2)
look on in envy ...
I visited the ISP's web site to try to see exactly what is supposed to be loaded onto a machine, but I don't read their language.
Re: (Score:2)
I lost the web site link, try again [telecom.kz]
I don't know about you... (Score:2, Insightful)
...but if I were a competent intelligence agency, I'd buddy up with a CA that has its root in all the major browsers, and MITM by redirecting traffic to my servers, once I'd obtained a warrant from a judge for targetted surveillance. IOW, I'd take a reasonable interpretation of the US Constitution's 4th amendment.
If, OTOH, I just wanted to spy on all my citizens, perhaps collecting data to make sure everyone can be identified as a criminal in future if needed, I'd do as described in the article. IOW, I'd be
Seems pretty lame (Score:2)
Re: (Score:3)
Ultimately, there's probably a more-than-just-implied idea that your ass will get dragged off to jail or shot if you fail to comply.
The same thing which happens in all such regimes, and the same thing the US is trying to achieve -- failure to comply with state security is a crime.
Make no mistake about it, this is the exact same direction Western countries are heading, because they all make the same argument that the state requires unfettered access to monitor us.
Re: (Score:3)
Sure there is criminals (and pseudo-criminals like me - as a teen I cracked software and hacked and just never got caught) always know how to rig the system. In this case, install the root certificate on your desktop. Bypass Method 1, use a VM: Download VirtualBox, create a Linux VM, and do all your browsing from in there, since that browser isn't rooted. You could even delete the VM when you're done and it may be possible to create a sandbox'ed browser. You've obeyed the law and bypassed it. Method 2, tunn
Re: (Score:2)
Not only is that horrible English, it's horrible SPAM. I keep seeing you goobers try to SPAM this site with almost on-topic posts. Your peers do a better job at this forum posting gig than you do. You? You need to be fired. Also, the person who authored the page? They need to learn the fucking language. The last paragraph is borderline retarded.
I take that back, the last paragraph is retarded. Also, all scripts and ads are blocked by default so someone paid for bandwidth that will not be of any value to the
Re: (Score:2)
when the laws are technically incompetent, the only real de facto law of the land is technical competency. for good ends or bad ends
technical illiterates, good and bad, beware in such a land
Re: (Score:2)
No, the real de facto law of the land still boils down to men with guns and how willing they are to use them.
And I'm pretty sure in Kazakhstan, the law is being enforced by technical illiterates.
Beware the clever guy who thinks his technical literacy will trump the men with guns who don't give a crap about your own perceived awesomeness.
Even in the US, that won't get you very far.
Re: Seems pretty lame (Score:1)
I always found it funny that tech-heads could believe technical prowess might beat violence. High school should have taught them better. How many nerds have suffered hell at the hands of bullies all the while fantasizing about convoluted plans of revenge that would never work, and kept being beaten up? The same mindset is seen now: the unwillingness to understand that lawmakers backed by hosts of violent people trump your "tech-savvyness" each and every time.
Re: (Score:2)
even when you can frame them for online chatter they never committed and use the violent thugs against themselves?
before the gun comes out of the holster, there is information and perception
own the information, change the perception, own the actions of the thugs
Re: (Score:2)
not much of a student of history huh?
Re: (Score:2)
No need to, it enforced itself. They simply MITM all TLS traffic, and then the peons have three choices:
Choice 1) you install the certificate, your traffic is snooped
Choice 2) you don't install the certificate, your browser throws up certificate warnings, you accept them, your traffic is snooped
Choice 2) you don't install the certificate, your browser throws up certificate warnings, you don't accept them, no traffic to snoop
Re: (Score:3)
Choice 1b) you install the certificate, your traffic is snooped, but knowing this to be the case you tunnel a real TLS connection inside the MITM'd connection. (Secure TLS via a compromised TLS VPN.)
One of the nice things about encryption is that it's composable. Outer layer compromised? No problem; just add another layer inside. As long as they allow any information to be communicated, there will always be room for an encrypted communication channel, though it may need to be disguised with steganography.
Re: (Score:2)
Doing that, of course, will be illegal and will be rare enough to make you stand out as a target.
Re: (Score:3)
It could be made illegal, of course, but the communication itself was probably illegal anyway. It would only stand out if implemented poorly, however. Done properly it will just look like an unknown (proprietary) binary protocol, which isn't particularly uncommon. They can't possibly have the manpower necessary to reverse-engineer every unknown data format they happen to intercept, and it would be easier and cheaper to ban the Internet entirely than to enforce a rule that their subjects use only registered
Re: (Score:2)
I would agree - if you installed the certificate, you've obeyed the law to the letter. Just because they didn't think of VPNs and such to work around the authority doesn't mean you are breaking the law, it means they did a shitty job of defining a law to control something and they didn't fully understand how it works. The US does this all the time. The US also seems to think it can write international law regulating the internet (most of these, like COPA were killed by the court system, at least).
And yeah,
Re: (Score:2)
They just have to know where the source was and come to your house. They don't have to crack the encryption. They just need to notice it and decide they want to pay you a friendly visit. Then, to crack the encryption, they use the monkey wrench. They control the pipes. If you put something in the pipes that stands out they don't need to know what it is, they just need to know you did it and aren't fond of monkey wrenches.
Thailand, huh? (Score:1)
that's not a man, baby. "Tranny in the middle" attack is more like it.
Meanwhile in Kazakhstan... (Score:2)
Kazhakstan CNN ads (Score:2)
Good news for linux :) (Score:2)
Re: (Score:2)
I was hoping to see this.
Very nice NOT!
This differs from Google (Score:2)
and a host of other corporations exactly how? In time the pigs look like the humans and the humans look like the pigs....
It must be a Borat approved certificate! (Score:2, Insightful)
Borat Sagdiyev, after returning to KZ from trying to score Pam Anderson...is now in charge of certs for KZ.
Great Success! (Score:4, Funny)
Browser Learnings of Public Key for make benefit glorious nation of Kazakhstan!
That wouldn't work (Score:1)
That resembles a very old joke: "Hello! I'm a very silly virus: my author is a fool and had made me impotent. Please copy me to all your friends manually to allow me to spread."
Cert Pinning (Score:2)
This sounds like it'll only work if they also ban Cert Pinning: https://en.wikipedia.org/wiki/... [wikipedia.org]