Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Government Network Privacy Security The Internet Technology

Tech Giants Will Block Kazakhstan's Web Surveillance Efforts Again (engadget.com) 47

Apple, Google, Microsoft and Mozilla have teamed up to block the Kazakhstan government's attempts to force its citizens to install a "national security certificate" on every internet-capable device in the country. "That government-issued root certificate would allow authorities to keep tabs on people's online traffic, essentially becoming a back door to access citizens' data," reports Engadget. From the report: In its announcement, Mozilla said it was recently informed that ISPs in Kazakhstan have recently started telling customers that they're required to install the digital certificate to be able to access foreign websites. ZDNet reported earlier this month that Kazakh IPS have been cutting people's access to websites like Google, Twitter, Facebook, Instagram and Netflix unless they install the certificate.

When users in Kazakhstan who complied with their ISPs' demand try to access websites on their devices, they'll get an error telling them that the certificate shouldn't be trusted. The companies are also encouraging those users to research the use if VPN or the Tor Browser for web browsing and to change the passwords for their accounts.
The Kazakhstan's government made a similar attempt back in 2015 and then again in 2019, but tech giants did what they're doing now to put a stop to those plans.
This discussion has been archived. No new comments can be posted.

Tech Giants Will Block Kazakhstan's Web Surveillance Efforts Again

Comments Filter:
  • by Rosco P. Coltrane ( 209368 ) on Friday December 18, 2020 @08:35PM (#60847016)

    Here we see how big data is now in a position to dictate an entire country's policy. That scares me just as much as Kazakhstan's dictatorship.

    • by Linux Torvalds ( 647197 ) on Friday December 18, 2020 @09:01PM (#60847060)

      Be afraid of the party who has the guns. That's not Google.

      • Yea. Only the US Govt is allowed to spy on people.

        Seriously, can you see these companies standing up to the NSA like this? Snowden had his life ruined just for showing that the NSA did stuff like this.

      • by rtb61 ( 674572 ) on Friday December 18, 2020 @11:17PM (#60847318) Homepage

        How many rich arseholes in the war industrial complex have guns, there never do the fighting, they send others. The politicians do no decide who fights and dies, the corporations controlling the politician does. Google evil is as evil does, is one of those controlling corporations. It silences peace talk and promotes corporate war talk, it is as evil as it gets.

      • I thought ~everyone in the USA had a gun, including Google.

      • Be afraid of the party who has the guns. That's not Google.

        No, that's not simplistic. It's that google and others have a lot of power. Power in and of itself is neutral but it can be used for good or ill. In this case it's good.

        The "guns" argument is more or less irrelevant. Large companies can essentially buy laws which means buying the cooperation of those with guns without the need to actually own any of those messy things themselves. Ho many guns does the MAFIAA own? Not many yet somehow they have the p

        • by gtall ( 79522 )

          So what you are saying is that corporations own the right wing gun nuts. Sounds about right.

          • So what you are saying is that corporations own the right wing gun nuts. Sounds about right.

            As opposed to the left-wing nuts who say the government should be the only entity allowed to own guns...and then say that same government is racist, sexist, xenophobic, authoritarian, should be allowed to control personal finances and be the sole arbiter for healthcare.

            Yeah, no cognitive dissonance there.

            • As opposed to the left-wing nuts who say the government should be the only entity allowed to own guns... and be the sole arbiter for healthcare.

              Well, you have to admit, there is a horrific sort of consistency there.

    • Here we see how big data is now in a position to dictate an entire country's policy. That scares me just as much as Kazakhstan's dictatorship.

      This is nothing about big data and is actually 100% how SSL was designed. A certificate is being used improperly so it is being revoked but any browser that cares for your security. This applies equally for Comrade Ivan trying to get you to log into to www.paaypal.com, when agent Smith installed a bypass cert on your laptop at starbucks as you ran up to get your latte, or when Tokayev tries to fuck over his entire country.

    • Tech giants can prevent the use of root certificates that are used for man-in-the-middle. The always had that ability, and we can only applaud them for using it, even if the root certificate is created by a nation state.
  • Excellent news! (Score:5, Insightful)

    by prisoner-of-enigma ( 535770 ) on Friday December 18, 2020 @08:48PM (#60847032) Homepage

    This is truly wonderful news! It's about time companies like Apple, Google, etc. stood up to China and their oppressive surveillance state! Why just the other day I... ...wait, they're doing this to Kazakhstan (population ~19 million) whilst turning a blind eye to China (population 1.4 billion)? And they're calling themselves champions of freedom?

    Does anyone else sense this is a marketing stunt or is it just me?

    • Re:Excellent news! (Score:4, Insightful)

      by Rosco P. Coltrane ( 209368 ) on Friday December 18, 2020 @08:59PM (#60847056)

      turning a blind eye to China

      That's called not biting the hand that feeds you.

      • turning a blind eye to China

        That's called not biting the hand that feeds you.

        It's also called crass hypocrisy, followed by shallow virtue signaling.

    • by jonwil ( 467024 )

      Is China forcing everyone in the country to install a man-in-the-middle root certificate that intercepts all web traffic? Is the USA doing that?

      • They (China) don't really have to.

      • Is China forcing everyone in the country to install a man-in-the-middle root certificate that intercepts all web traffic? Is the USA doing that?

        China doesn't have to. They have their "Great Firewall of China" in place and laws that effectively ban the private use of VPN's to circumvent it. They can sniff any traffic they want anytime they want. Do something they don't like and you'll find yourself either "disappeared" to one of their forced labor camps or, at the very least, your "social credit score" will be downgraded to the point where you can't even order a cup of coffee. Travel? Cameras are everywhere. Spending? Tracked and monitored.

    • China doesn't force break SSL certificates. They firewall which is not something Google, Apple or MS can do anything about by using one of the standard security mechanisms in SSL.

    • It's a marketing stunt.

    • Does China force people to install root certificates?
  • Nope, you can't have a government do what the tech giants have laid claim to.

    • Is Google forcing everyone in the country to install a man-in-the-middle root certificate that intercepts all web traffic? Is the Apple, maybe? How 'bout Microsoft?
      • No, Google, Apple, and Microsoft give us cookies. And we like cookies, right?

      • Just installed Chrome and checked the certificate list. I was forced me to accept over 300 certificates from entities I don't know and for which there is no readily available means to check owners. So, the answer is you don't know, but most likely yes and not only one certificate.

        • > So, the answer is you don't know, but most likely yes and not only one ^HHH I have no idea how certificates work Is all you needed to say.
    • Nope, you can't have a government do what the tech giants have laid claim to.

      This isn't anything to do with tech giants. Literally the open internet and it's security protocols were designed to do precisely this: revoke SSL certificates used inappropriately.

  • They're a nation state. Just buy an existing CA and issue certificates as required...

    • Because then the browser makers will blacklist that CA just as swiftly.

      If the CAs don't follow the rules set forth by the CA/Browser Forum (like, y'know, not intercepting traffic and spying on people), then the browsers are well within their rights to do so.

  • https://blog.mozilla.org/netpo... [mozilla.org] Jeez, I shouldn't have to Google this in a Slashdot post.
  • Your local ISP won't have much pull when you've got a StarLink basestation in your back yard. You should probably cover it in a camo net tho
    • I mean yes but. If, day, 80% of the population winds up with a StarLink base station, that serves their porposes as well. It's good for an operessive regime to ensure everyone is breaking the law. That way you can crack down on anyone you like with a veneer of law and order because you found a law they're breaking.

  • It wouldn't surprise me if we find out soon.
  • Comment removed based on user account deletion

Any sufficiently advanced technology is indistinguishable from magic. -- Arthur C. Clarke

Working...