In Kazakhstan, the Internet Backdoors You

itwbennett writes: Kazakhstan passed a law that would require citizens to install a certificate on their personal computers and mobile devices that would allow the government to snoop and capture web traffic, passwords, financial details. Telecom.kz posted the news to their website on November 30, but by December 4 the press release had been removed from the website. This is just the latest example of government overreaching. Recently we've seen the Turkish government attempt to block access to social media sites. And let's not forget Thailand's attempt to roll out their own man-in-the-middle implementation.

Re:In Russia, you

Well, then it's a good fucking thing nobody said Russia.

I don't know about you...

...but if I were a competent intelligence agency, I'd buddy up with a CA that has its root in all the major browsers, and MITM by redirecting traffic to my servers, once I'd obtained a warrant from a judge for targetted surveillance. IOW, I'd take a reasonable interpretation of the US Constitution's 4th amendment.

If, OTOH, I just wanted to spy on all my citizens, perhaps collecting data to make sure everyone can be identified as a criminal in future if needed, I'd do as described in the article. IOW, I'd be the Kazakhstan government.

if I were extremely incompetent, OTOH, I'd do something like only outlawing end to end encryption, and design some magic wand to enable myself access to all servers on the Internet across the planet. IOW, I'd be the UK government.

It must be a Borat approved certificate!

Borat Sagdiyev, after returning to KZ from trying to score Pam Anderson...is now in charge of certs for KZ.