Apple and other tech companies ban Kazakhstan’s malicious HTTPS certification

Apple along with Google, Microsoft, and Mozilla today banned their web browsers from a malicious certificate used by the Kazakh government to block HTTPS traffic coming from the capital of Nur-Sultan, a major the city of the country.

As reported by ZDNet, the certificate was first used on December 6 when local authorities forced internet providers to ban Nur-Sultan residents from accessing foreign websites without a specific certificate issued by the government.

Access to popular websites such as Google, Twitter, YouTube, Instagram, and Netflix has been blocked. To access them, users needed to submit the specific government certificate. The Kazakh government has said it was simply “conducting a cybersecurity training exercise for government agencies, telecommunications and private companies. ”

Officials said cyberattacks targeting the “Kazakhstan section of the internet” grew 2.7 times during the COVID-19 pandemic as the main reason for launching the exercise. However, the government’s definition made no technical sense, as credentials cannot prevent major cyber attacks and are usually only used to encrypt and protect traffic from third-party viewers. .

However, as of today, Safari, Chrome, Edge, and Firefox have suspended the malicious certificate issued by the local government. While this prevents Nur-Sultan citizens from accessing foreign websites, it also prevents the government from leaking user data.

FTC: We use revenue earning affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news: