Kazakhstan government intercepts nationwide HTTPS traffic to re-encrypt with a govt-issued root …

Many Enterprises do this, which gives them the ability to intercept banking and retail transaction as well as check that file you’ve sent via Facebook Messenger. It comes down to trust. Do you trust your employer (most people would say: probably not), do you trust your government (definitely not)? If forced to used a ‘compromised’ computer, I use a mobile device for all personal transactions and bypass the enterprise all together. This doesn’t work if the government gets involved. What would you do?…:

On Wednesday, July 17, 2019, the Kazakhstan government started intercepting internet traffic within its borders. The government further instructed all the ISPs to force their users to install a government-issued root certificate by Quaznet Trust Network on all devices and in every browser.

With the help of this security root certificate, the local government agencies will be able to decrypt users’ HTTPS traffic, sneak into their content, re-encrypt it with the government’s own certificate, and later send it to its destination; thus allowing for the possibility of a nation-wide man-in-the-middle (MITM) attack.

Since Wednesday, all internet users in Kazakhstan have been redirected to a page instructing users to download and install the new certificate, be it in their desktops or on their mobile devices.

[…]

Original article here