Jump to content
Login new information ×
Login new information

Kazakhstan Will Require All Citizens to Install a Backdoor on Their Devices

Batu69

By Batu69
in Security & Privacy News

Recommended Posts

Batu69

Batu69

Posted
Posted

The backdoor must be installed starting with January 1, 2016

 

In one of the most stupid thing a country's government can ever do, Kazakhstan's elected officials passed a law that says that all Internet users shall install a "national security certificate" starting with January 1, 2016.

 

All certificates will be distributed through local Kazakh telcos, and the country's biggest ISP has already announced the procedures on their site. Following the intense local and international backlash regarding this update, the Kazakhtelecom page has been taken down (Google Cache version here).

 

By forcing all Internet users to install their national "security" certificates, the local government effectively has a backdoor on each device, allowing it to sniff encrypted Internet traffic.

 

Of course, this certificate can also be abused by cyber-criminals, who can use it to perform man-in-the-middle attacks, especially for collecting financial details transmitted via online payments.

 

Technology firms may force the government to drop its plan

 

The national security certificates will have to be installed by each user, on all types of devices, including tablets and smartphones, not just desktops and laptops.

 

If Kazakhstan decides to go through with this plan, users in Kazakhstan will be in the same unfortunate position as Lenovo or Dell clients, who in recent months have been exposed in similar incidents, with Lenovo and Dell shipping devices with root certificates in the famous Superfish and eDellRoot scandals.

 

Fortunately for Kazakh Internet users, companies like Microsoft, Google, or Apple have the power to block certificates by issuing security updates to disable these certs inside their operating systems (Windows, Android, OS X, or iOS).

 

Despite all their malicious intentions, the Kazakhstan government may find itself and its users blackballed from the Internet if these companies decide to issue security updates specifically targeting those certificates.

 

For now, in spite of the huge international criticism, Kazakhstan has not announced if it plans to go through with its initial plan.

 

News source

 

Link to comment
Share on other sites
  • Replies 6
  • Views 1.1k
  • Created
  • Last Reply
go0gle

go0gle

Posted
Posted

 

Is this an ominous sign of things to come?

 

yup

 

 

and when that day will came I will stop using all digital devices which communicate threw internet :angry:  and I hope all people will do the same, showing that the power is still in our hands ;)

Link to comment
Share on other sites
go0gle

go0gle

Posted
Posted

once again proof of concept...governments do stupid things     and are in fact .....stupid

 

it is we who are stupid, because we do what governments are telling to us to do without questions :( .

Link to comment
Share on other sites
straycat19

straycat19

Posted
Posted

If you run windows you already have a backdoor and a frontdoor as far as that goes.  If you are on the internet you have an ISP and that can be a backdoor...you have heard of sniffers, right?  So what difference does it make?  I won't mention the special microsoft software that allows any windows computer to be hacked within 3 minutes if it is online.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...