What just happened? All the major browsers have come together to block the root certificate used by the government to monitor users’ Internet traffic. The certificate targeted citizens living in Nur-Sultan, the capital of Kazakhstan, who were unable to access foreign websites such as Google, Twitter, Instagram and Netflix until they had the certificate installed on their devices. Would have
The certificate allegedly allowed the Kazakh government to block and decrypt HTTPS traffic – it essentially monitors citizens’ Internet use. The government claimed that the certificates were being used as part of a cyber security training exercise. ZDNet “The government’s explanation undermines the technicality, as certificates cannot prevent public cyber-attacks and are usually only used to encrypt and secure traffic from third-party inspectors,” it said.
The four major browser makers – Apple, Google, Microsoft, and Mozilla – have now blocked authentication in their respective software. This means that after the ban, even if Nur-Sultan’s users have installed certificates on their devices, the brassers will refuse to use them – meaning users’ data will be safe, and not in the hands of Kazakh authorities.
This is not the first time that four companies have teamed up to make the Internet a safer place. In August 2019, the same certificate used to block traffic to various Russian and English-speaking social media sites in Kazakhstan was also blocked.