Apple, Google, Microsoft, and Mozilla are banning MakM HTTPS certification from Kazakhstan

Close web browser on LCD screen with thin focus on https padlock

Close a web browser on an LCD screen with shallow focus with light shining through https padlock. Internet security, SSL certificate, cybersecurity, search engine and web browser concepts

Getty / iStockphoto Images

Browser makers Apple, Google, Microsoft, and Mozilla have today banned root certification used by the Kazakhstan government to stop and decrypt HTTPS traffic for capital city dwellers. of the country, the city of Nur-Sultan (formerly Astana).

The certificate had been in use since December 6, 2020, when Kazakh officials forced local internet service providers to prevent Nur-Sultan residents from accessing foreign sites unless there was a specific digital certificate. which the government imposed on their machines.

While users could access most overseas-hosted sites, access to sites such as Google, Twitter, YouTube, Facebook, Instagram, and Netflix was restricted, unless their credentials were submitted. in.

Kazakh officials justified their actions by saying they were conducting a cybersecurity training exercise for government agencies, telecoms, and private companies.

Officials said cyberattacks targeting the “Kazakhstan section of the internet” grew 2.7 times during the COVID-19 pandemic as the main reason for launching the exercise.

However, the government’s definition made no technical sense, as credentials cannot prevent major cyber attacks and are usually only used to encrypt and protect traffic from third-party viewers. .

Following today ‘s ban, even if the certificate has been submitted by users, browsers such as Chrome, Edge, Mozilla, and Safari have refused to use it, preventing Kazakh officials from capturing user data.

Today’s ban also marks the second time that all four browser makers have banned a certificate issued by the Kazakh government for one-to-one attacks (MitM). They blocked the first one in August 2019, a certificate used to block traffic for various Russian and English social media sites.