
Kazakhstan to MitM all HTTPS traffic starting Jan 1 - out_of_protocol
http://telecom.kz/en/news/view/18729
======
kazakh
Kazakh here. Fuck, what do we do? Any suggestions other than trying to raise
awareness?

To give some context, the reason why they are getting away with such brute
methods is that the most people wouldn't understand the full implication. I
would be surprised if this would prove difficult to enforce - the first thing
an ordinary person would do when, say, Facebook wouldn't load is to call up
the Kazakhtelecom's support and the support guy would tell them to "press that
button that says 'I trust this certificate'" and they would comply. There also
hasn't been an uproar re government snooping into private citizens'
communication, the kind that US had with Snowden etc., so a lot of people are
likely to accept the "for your own security" talk at face value without much
skepticism. It's also unlikely that even heightened awareness will inspire
much backlash, as there is no real track record of grassroots organizing, even
when the government tightens the screws. To its credit, the government has
been quite skillful at balancing at just below the limit of pissing people off
enough to make them go to the streets for the last twenty years (soaring oil
prices in the last decade helped as well).

~~~
patcheudor
What do you do? You immediately reach out to Apple, Google, Facebook, Twitter,
Box, Dropbox, Tumblr, and any other popular platform which has mobile apps.
You ask, or down-right demand they implement certificate pinning in their apps
so they will fail when middled with the government provided certificate. This
will in turn break access to those platforms via mobile apps which will result
in very real and direct impact to citizens who will then hopefully wake up and
pressure the government to roll-back the program or at least put exceptions in
place. You continue this strategy with banks, etc., until it becomes clear to
the government that this plan will not work. Note that cert pinning for mobile
and desktop apps should have happened long ago & this might be the perfect
opportunity to drive it to happen.

~~~
asymmetric
Down-right demand? With what authority? It sounds like you're confusing these
corporations for governments, as if they had to enforce your human rights..

~~~
patcheudor
The authority of the free market. Did web PKI develop because of governments?
No. In fact, quite the contrary. Similarly, if consumers are educated and
aware of the weaknesses of current cryptography controls in light of new
threats such as governments requiring the installation of their own root CA so
they can middle the connection, maybe they'll drive demand for better
controls, controls which already exist.

~~~
pmlnr
> The authority of the free market

That only works in some areas of the world, where a, there is a somewhat free
market; b, the free market idea exists in the first place.

As always, like in Perl, there are other ways of doing things; free market is
not a universal law.

------
kaizendad
I really appreciate how they're doing this. The Chinese built up an amazing
infrastructure for the Great Firewall; the Kazakhs just say "install our
cert!" The Chinese spend billions and have to stay ahead of all of their
citizens' clever new ideas at all times; the Kazakhs spend a few hundred and
just need to point guns at their citizens until they install a cert.

Sure, it's going to be difficult to enforce, but it should also be quite
cheap.

~~~
dujiulun2006
Chinese govt is also capable of doing this. Best part? We even have our
trusted* root certificate!

Could this get any "better"? Sure! We can even MITM all the OUTGOING https
traffic if we want! #GitHubDDoS

* Recently un-trusted by Apple and Mozilla. [https://support.apple.com/en-us/HT204938](https://support.apple.com/en-us/HT204938)

~~~
duncan_bayne
I really don't understand how that sort of behaviour doesn't constitute an act
of war.

Imagine if China sent saboteurs in-country to physically destroy
infrastructure being used by American businesses. That would Not Be Taken
Lightly.

~~~
com_kieffer
The same way that Stuxnet destroying Iranian centrifuges was an act of war ?

~~~
duncan_bayne
Yes. Although I'd have thought _that_ particular war would have started back
with the hostage-taking in, what, 1979?

I really don't understand relationships between States.

~~~
ta0o0o0
I'm not a West Hater by any means, but I'd say the war started when the US and
the UK engineered a coup in Iran because Iran nationalized their oil industry
(after the British oil company running it refused to be audited or to
renegotiate terms).

[https://en.wikipedia.org/wiki/1953_Iranian_coup_d'%C3%A9tat](https://en.wikipedia.org/wiki/1953_Iranian_coup_d'%C3%A9tat)

~~~
duncan_bayne
Whereas I'd say the problem was forced nationalisation.

~~~
lhopki01
A foreign coup is a valid response to nationalisation?

~~~
duncan_bayne
I'm not sure. But nationalisation is certainly a violation of rights.

Of course, I'd be interested to see how those assets were set up in the first
place - my bet would be during a non-rights-respecting period of colonialism.

How far back do you go? (Serious question).

~~~
lhopki01
You go to when the country got a democratically elected government.

As for nationalisation is certainly a violation of rights do you hold that all
eminent domain is a violation of rights? IE if the government wants to build a
road and uses compulsory purchase orders it's a violation of rights?

~~~
duncan_bayne
Yes. It's possible to do such things in non rights violating ways. For
example, buying options on properties and exercising them when a route is
made.

------
akie
Love the Orwellian Newspeak: a "National Security Certificate" to protect
people accessing "foreign resources"... If you don't know anything about the
subject it really sounds like they're doing you a favor.

~~~
fleitz
When you replace Certificate with Letter we understand how dedicated our
governments are to our well being.

------
davidu
Google, Facebook, Yahoo, Microsoft, Salesforce, Box, Dropbox, Twitter, etc.
could have a very strong influence on changing this if they banded together to
respond to this in some way.

The government might be doing what they think is right, but public backlash
can change policy almost overnight. We saw this in the US recently with
SOPA/PIPA. The "Internet" response was unprecedented.

The people of Kazakhstan can achieve the same outcome.

~~~
codeshaman
> The people of Kazakhstan can achieve the same outcome.

Highly unlikely. From Wikipedia: In April 2015, Nazarbayev was re-elected with
almost 98% of the vote.

That kind of tells the whole story - people are "behind" this (or rather no-
one dares contradict the authorities). That country is basically owned by the
Family and resistance is pretty much futile.

~~~
Drdrdrq
In other words: it doesn't matter who is voting, what matters is who is
counting the votes.

~~~
usrusr
Given the highly volatile ethnic mix of Kazakhstan and the lurking
destabilizing effect of foreign interests longing for abundant mineral
resources, a strong majority for stability over freedom is hardly surprising.
Nonetheless, 98% seems very much out of this world. But with the "right" mix
of fearmongering and early divide-and-conquer intervention when a moderate
opposition ist starting to organize? Certainly not unthinkable. There's so
much more to a healthy democracy than not miscounting the votes.

~~~
AnAfrican
I don't know why you're downvoted.

I agree a hundred percent. People from stable democracies tends to
underestimate how afraid people can be of chaos and how easy it is for some
goverment to associate democracy with chaos.

When a moderate opposition starts to organize, a non-moderate one (or one that
takes advantage of ethnic fault lines) does too.

------
henryaj
"telecom.kz wants to use your location."

NOPE

~~~
pdappollonio
I wonder why that website needs your location... After all it's just a news
article / press release.

~~~
tankenmate
I suspect although this might have some minor use to track users outside
Kazakhstan, it's real use is to track web site visitors from _within_
Kazakhstan.

------
Quiark
Wow, I feel really sorry for all Kzakhstan citizens. Also, this is a great
example of 'rubber-hose cryptoanalysis' \- who cares about 4096 RSA or whatnot
if the government can just beat you until you oblige...

~~~
api_or_ipa
Kneecaps are always the easiest things to break.

~~~
andreyf
Imagining this in heavy Russian accent: "Security as good as veekest link. And
veekest link... is kneecaps. Har har har."

------
jedberg
And everyone made fun of Netflix for implementing a secure protocol on top of
http. Suddenly that seems really useful for people in Kazakhstan.

[http://techblog.netflix.com/2014/10/message-security-
layer-m...](http://techblog.netflix.com/2014/10/message-security-layer-modern-
take-on.html)

[https://github.com/Netflix/msl](https://github.com/Netflix/msl)

~~~
tptacek
If the protocol is delivered over HTTP and runs in Javascript DOM context, it
will be straightforward for an adversary that MITMs all traffic to defeat it.

~~~
klapinat0r
Curious. How do you go about (trivially) defeating asymmetric encryption?

EDIT: or do you mean to replace "all" (content + js)?

~~~
venomsnake
No, just inject some JS that reads the required keys.

~~~
klapinat0r
Okay, so it's (just) for reading the delivered data. Somehow I keep
considering MitM a harmful attack (i.e. manipulating the data before it hits
the user). My bad :)

~~~
MatthaeusHarris
Given that you're relying on server-provided JS to verify the integrity of the
data in the first place, a MITM could replace the verification function with
return(true) and then inject whatever data they want.

------
RyanZAG
Woah, it can't be stressed how bad this is. If this succeeds, other countries
will definitely follow! If it can be shown to work, it will be demanded that
this be implemented by pretty much everyone for difficult to deny political
reasons (terrorists, children, crime, etc)

This feels like the first bullet in a new war that will occur in every
parliament world wide.

~~~
NoGravitas
It is already par for the course in the enterprise world (both public and
private sector), for difficult to deny political/economic reasons.

~~~
tomjen3
Which is quite another thing, after all you are using somebody else network,
just as you have every right to hear Adeles new album in your home, but not in
mine.

Besides these days you can use your own phone and mobile data, at which point
you should be safe.

------
exelius
While there are probably 100 different ways to avoid this and retain secure
traffic, I would venture to guess that the average Internet savvy-ness of
Kazakhstan is pretty low, so using any of them would single you out for
additional government attention (whether you're actually doing anything
illegal or not).

That said, there's a remarkable tendency in countries as corrupt as Kazakhstan
for a "shadow" telecom network to pop up. Just run in some fiber from a
neighboring country on the down-low and distribute locally via microwave dish.
Yeah, it's not exactly difficult to locate a powerful dish, but it's also not
glaringly obvious so you can usually pay someone to look the other way. After
all, the government officials want to look into everyone's communication, but
if their own communication was ever intercepted, they would be the target of
blackmail! They want to use the information they gather to blackmail citizens
like the Stasi, not the other way around.

Of course, the flip side of that are the mobile phone networks operated by the
Mexican drug cartels and ISIS. But the only surefire way to avoid government
surveillance of this sort is to bypass government regulated telecoms entirely.

~~~
brohee
Kazakhstan is possibly more democratic than all its neighbours save maybe
Kirghizstan (I'm not up do date on the current government position). More
democratic as in I can't make up who's more of a despot between Putin and
Nazarbayev, after all they both win open elections, albeit with an iron grip
on medias... But then Kirghizstan is likely depending on its neighbours for
connectivity (also landlocked).

The other neighbours are shining beacons of democracy such as Russia, China
and Uzbekistan...

~~~
nine_k
While Russia does encroach on various Internet liberties, it does so quite
lazily so far. It does not have a great firewall, it does not have force-fed
SSL certs, it does not crack down on the widespread VPN usage. When
Roskomnadzor blacklists certain resources, Internet providers enforce it at
their leisure, it seems, because different users report a resource either be
blocked or not.

"The strictness of Russian laws is compensated by their optional enforcement",
as they say.

In a smaller country like Kazakhstan such things are easier to enforce,
probably.

------
zokier
Makes me wonder how long such policy would last if Google, Facebook, and
Microsoft would ignore traffic from Kazakhtelecom MITM server (or just drop
the whole Kazakhtelecom IP address space). Of course I'm not saying that they
should do that.

~~~
Sleaker
Actually they really should. As soon as major networks start saying NO is when
governments change, I think this is one of the few times where this kind of
pressure would be mostly good.

~~~
briandear
And it wouldn't work. You've apparently have never been stuck inside China. I
was there for a few years and it was brutal, network wise. Local companies
just replace what can't be accessed from the outside.

~~~
duskwuff
China had a large domestic Internet industry, though. KZ doesn't.

~~~
rinon
RU does though.

~~~
guard-of-terra
After Donbass Kazakhstan will think thrice before lending their fate to
Russia.

------
jakobdabo
Google and Mozilla should blacklist the certificate once it's made public.

~~~
nsgi
That would just stop their browsers from working in Kazakhstan on HTTPS sites,
who would most likely respond by issuing a new certificate and/or recommending
IE. It may also discourage websites from implementing HTTPS.

Not sure how this will work with certificate pinning, though. Will sites like
Google become inaccessible?

~~~
tptacek
No, because locally-installed certificates override pins.

~~~
azinman2
Depends on how the app is implemented. Doesn't have to be that way at all, and
shouldn't if properly pinned.

~~~
tptacek
Individual applications (not browsers) can of course hardcode pins that aren't
overridden. Those applications will simply stop working in Kazakhstan.

------
chatmasta
Why is Kazakhstan's cert any different than the hundreds of "trusted" root
certificates that came preinstalled on my mac?

Looking at my mac's cert keychain, there are 185 trusted root certs. I don't
know what any of them are or who has the private key to them.

My ISP could MITM my traffic whenever it wants to, if it has the private key
of one of the _hundreds_ of trusted root certs on my device.

~~~
dchest
These CAs have to follow specific rules and have external audit. MITM is
prohibited by these rules: certificate authorities that participate or enable
MITM are removed from root stores (example:
[https://en.wikipedia.org/wiki/DigiNotar](https://en.wikipedia.org/wiki/DigiNotar)).

~~~
tobltobs
And sometimes the CAs might receive National Security Letters insisting on
National Securtiy Certificates.

~~~
JoshTriplett
A National Security Letter will not prevent the certificate authority from
being blacklisted when detected, and there are at least some legal precedents
for warrants (though not necessarily for NSLs) that could challenge a warrant
if complying with it would effectively destroy the business (given that the
business itself is not the subject of the warrant). If that isn't the
definition of an "unreasonable burden", nothing is.

~~~
tobltobs
"A National Security Letter will not prevent the certificate authority from
being blacklisted " Sure it will, just send another NSL to the blacklisting
instance.

And I do not understand that going to jail instantly is a smaller burden for
you than living with the small risk getting caught.

Do you really believe the NSA or any of those other patriots do not have a few
of the private keys for the certificates you trust?

~~~
JoshTriplett
> Sure it will, just send another NSL to the blacklisting instance.

Instances, plural, including both browsers and various cross-check mechanisms
(pinning, certificate transparency, etc). Likely too many people required for
operational security.

Not saying it couldn't be done, but it certainly couldn't be done lightly or
often, and even then it would produce significant risk of exposure. It
certainly couldn't be effectively used for widespread traffic interception.

> And I do not understand that going to jail instantly is a smaller burden for
> you than living with the small risk getting caught.

As mentioned, there exists legal precedent that a warrant/subpoena for
information from a third party can't compel that third-party to provide
arbitrarily large amounts of aid or to impose an undue burden. Findings of
"undue burden" have been upheld for burdens far smaller than "this has a risk
of destroying the entire business".

~~~
tobltobs
warrant/subpoena != NSL

~~~
JoshTriplett
Yes, as I said in my original response, "not necessarily for NSLs".

------
DanielStraight
If we could rebuild the internet from scratch knowing that someone would try
to do this, what measures could be put in place to make it impossible to MITM
traffic (in other words, make it so the only option is to install monitoring
software directly on the user's machine)? Is this something which even _can_
be defeated with current cryptographic theory?

~~~
mike_hearn
No, it can't be defeated. If the government says "you can't use encryption on
the internet" then it's game over, simple as that. The only thing that stops
western countries doing this is the fact that politicians don't realise it's
possible (and the horrible UX/deployment issues involved with attempting to
install a new root cert on every device your customers may have).

------
danpalmer
This is what HTTP Public Key Pinning (HPKP) protects against.

It allows a server to specify the only set of certificates that a browser
should accept. Meaning that MITM'ing is impossible, without a valid cert in
the chain of one of the advertised trusted certificates from the server.

Chrome, Firefox, Opera, Chrome for Android, and the Android stock browser all
support it.

I'm not sure how they intend to circumvent this problem, apart from perhaps
just instructing users to not use those browsers? That's quite difficult to
put into practice.

~~~
tptacek
No, it isn't. Locally installed certificates override pins; if they didn't,
HPKP browsers wouldn't be deployable inside large companies that have
regulatory requirements to monitor traffic from their own desktops, and there
would be no benefit, because an adversary who can install software or
reconfigure your machine can defeat pins in a variety of other less
transparent ways.

HPKP is great, but it doesn't address this problem.

~~~
davidu
As an aside, this is one of the reasons why I believe locally installed
certificates overriding pinning has a quickly eroding shelf life... At some
point, something bad will happen like this (or malware-based) and Chrome will
raise their hand and say, "sorry enterprises, no more MITM at all, even for
locally installed certificates."

After that, IE and Firefox will follow and crypto will no longer be so
trivially subverted by enterprise organizations.

~~~
tptacek
That's another arms race Chrome will lose, because the market for the kinds of
enterprise configuration management and "host protection" tools that could
override this policy exists and is very lucrative. Chrome would simply be
begging enterprise security companies to release products to fuck up their
browser.

I disagree with you.

~~~
cwyers
Or someone just forks Chromium and releases Chromium For Enterprise.

~~~
tptacek
Which again helps nobody, because forks of Chromium will inevitably lag on
security fixes.

~~~
kibwen
At my last job, my manager tasked me with finding a way to defeat Chrome's
update mechanism for all of our employees because a new version had introduced
a bug that broke our internal web applications. I disregarded his plan and
just introduced a workaround for the bug, but the point remains that
enterprise customers already consider it a value-add to freeze their software
in time for perpetuity. Hell, my workstation was running XP until I needled IT
to grant me a "premature" upgrade to Win 7.

~~~
tptacek
Sorry, I meant that from the perspective of the Chromium team.

~~~
kibwen
Indeed, I agree with the policy that if someone can control what's installed
locally, they've already won.

------
mhandley
Idiocy such as this is a strong argument for the use of PAKE rather than CA-
based authentication. No need to trust anyone other than the site you're
trying to connect to: [https://en.wikipedia.org/wiki/Password-
authenticated_key_agr...](https://en.wikipedia.org/wiki/Password-
authenticated_key_agreement)

TLDR: Basically, you prove to the website/mail server/sshd that you know your
password, while the site simultaneously proves to you that they also know your
password (and hence are actually the site you're trying to connect to), all
without actually sending the password in either direction. The password is
then used to bootstrap symmetric encryption keys.

------
LoLFactor
For those of you looking for a mirror (copy) of the page before it was taken
down, here it is:

[https://web.archive.org/web/20151202203337/http://telecom.kz...](https://web.archive.org/web/20151202203337/http://telecom.kz/en/news/view/18729)

------
icco
TIL: "Kazakhstan is currently our 76th largest goods trading partner with $2.5
billion in total (two way) goods trade during 2013. Goods exports totaled $1.1
billion; Goods imports totaled $1.4 billion. The U.S. goods trade deficit with
Kazakhstan was $295 million in 2013.” - [https://ustr.gov/countries-
regions/south-central-asia/kazakh...](https://ustr.gov/countries-
regions/south-central-asia/kazakhstan)

------
airza
So like, what's the plan for people visiting Kazakhstan here? Install some
rando's SSL certificate in your trust store or just not be allowed to access
the internet?

~~~
andrewstuart2
They're likely only intercepting known https traffic (port 443). If you use a
VPN and tunnel all traffic you probably won't have any issues.

If a nation-state with the resources of China has come up with a system that
can still be (albeit nontrivially) bypassed then I would imagine Kazakhstan
will have a much-less-sophisticated first iteration.

~~~
nathan_f77
I lived in Kazakhstan for a few months, and I think they're already blocking
VPN traffic with deep packet inspection. I tried a number of different
services, including setting up my own on Digital Ocean.

~~~
vbezhenar
I use my OpenVPN VPS without any troubles.

------
binarnosp
So, the next step is encrypting the content before sending it through
TLS...TLS over TLS

~~~
tptacek
If they can unwrap the first layer of encryption, and most normal traffic
inside isn't encrypted, people tunneling through MITM'd TLS are playing a game
of cat and mouse with a very well-funded adversary that can imprison, torture,
or kill them.

Obviously, a lot of people do this kind of thing in China, and from what we
know, circumventing the "Great Firewall" isn't routinely getting people
killed. But people should know what they're doing before they try it in
Kazakhstan.

~~~
VMG
Next step: steganography

~~~
DanBC
Steganography needs vast quantities of cover data. You're increasing the
bandwidth costs dramatically when you recommend steganography for everything.

~~~
stcredzero
_Steganography needs vast quantities of cover data._

Porn? Perhaps the world's smut peddlers will become beacons of freedom and
civil disobedience? (Sounds like a Neal Stephenson book.)

~~~
viraptor
That's a terrible TX/RX ratio. Unless you encode data in each request and
receive small pictures only, it would take ages to send any real information.
Good for receiving though.

------
israrkhan
wait till private keys for the cert are leaked by some disgruntled telecom
company employee.. Puts the whole country internet at risk.

~~~
nkassis
Unfortunately that might be the most effective way to fight this type of
thing. Massive incident that would show the foolishness of the move.

------
hannob
This sounds pretty bad and we can just hope that this doesn't become the new
norm.

What makes me kinda angry is however where this originates from: There are
countless so-called "IT security" products that had this idea of MitM-ing all
traffic before. Basically it's just the same idea on a bigger level.

~~~
NoGravitas
Indeed. This is already the norm in the Western world, as long as we're
talking about the workplace.

------
sathackr
Link is 404'd

Here is the text of what was there.

ENG ALMATY

Press center Company News Internet news TV News Publishing Video Archive Photo
archives Operators Main page Press center Company News Kazakhtelecom JSC
notifies on introduction of National security certificate from 1 January 2016
Kazakhtelecom JSC notifies on introduction of National security certificate
from 1 January 2016 From 1 January 2016 pursuant to the Law of the Republic of
Kazakhstan «On communication» Committee on Communication, Informatization and
Information, Ministry for investments and development of the Republic of
Kazakhstan introduces the national security certificate for Internet users.

According to the Law telecom operators are obliged to perform traffic pass
with using protocols, that support coding using security certificate, except
traffic, coded by means of cryptographic information protection on the
territory of the Republic of Kazakhstan.

The national security certificate will secure protection of Kazakhstan users
when using coded access protocols to foreign Internet resources.

By words of Nurlan Meirmanov, Managing director on innovations of
Kazakhtelecom JSC, Internet users shall install national security certificate,
which will be available through Kazakhtelecom JSC internet resources. «User
shall enter the site www.telecom.kz and install this certificate following
step by step installation instructions”- underlined N.Meirmanov.

Kazakhtelecom JSC pays special attention that installation of security
certificate can be performed from each device of a subscriber, from which
Internet access will be performed (mobile telephones and tabs on base of
iOS/Android, PC and notebooks on base of Windows/MacOS).

Detailed instructions for installation of security certificate will be placed
in December 2015 on site www.telecom.kz.

PR department Kazakhtelecom JSC

30.11.2015

Academy of Public Administration under the President of the Republic of
Kazakhstan

Official site of the President of the Republic of Kazakhstan

Информационно-аналитический портал Write to us FAQ Site map Report an error
Career with Us Procurement Аукционы Reference book Help © 2010-2015, АО
«Қазақтелеком»

~~~
mtgx
For an easier to link source:

[http://seclists.org/funsec/2015/q4/30](http://seclists.org/funsec/2015/q4/30)

------
bgs
I think I found the law, anyone read Kazakh[1] or Russian[2]?

[1]
[http://egov.kz/wps/poc?uri=mjnpa:document&language=kk&docume...](http://egov.kz/wps/poc?uri=mjnpa:document&language=kk&documentId=Z1500000418)
[2]
[http://egov.kz/wps/poc?uri=mjnpa:document&language=ru&docume...](http://egov.kz/wps/poc?uri=mjnpa:document&language=ru&documentId=Z1500000418)

Edit: I think I got them this time. They seem to be ministerial orders under
Kazakhstan's 2004 telecoms law:

In Kazakh: [http://info-
con.mid.gov.kz/sites/default/files/pages/2_kaz.d...](http://info-
con.mid.gov.kz/sites/default/files/pages/2_kaz.doc) [http://info-
con.mid.gov.kz/sites/default/files/pages/6_kaz.d...](http://info-
con.mid.gov.kz/sites/default/files/pages/6_kaz.doc)

And Russian: [http://info-
con.mid.gov.kz/sites/default/files/pages/2_rus.d...](http://info-
con.mid.gov.kz/sites/default/files/pages/2_rus.doc) [http://info-
con.mid.gov.kz/sites/default/files/pages/6_rus.d...](http://info-
con.mid.gov.kz/sites/default/files/pages/6_rus.doc)

~~~
selecadm
Interesting. In 6_*.doc I can read this: "Long-distance and international
operators perform transmission of traffic that uses protocols with encryption
support using security certificate, except traffic encrypted by means of
cryptographic protection on the territory of the Republic of Kazakhstan."

So, if encrypted by such means on the country's territory, shouldn't be
intercepted? Ha!

------
ocschwar
Wondering about a turtles-all-the-way solution:

A web-socket based protocol that opens up a new SSL session with non-MITM'd
certificates.

So you'd open up the snoop-me HTTPS/1.1 connection, do some GETs, then say
"GET /busy, yo", and start what looks like a video-chat conversation that is
in fact a regular SSL connection with uncompromised certs.

(some protocol) over SSL over Web-Socket over bad-SSL over TCP/IP

~~~
mike_hearn
You can't solve political problems with cryptography, much though the software
engineering industry may wish it were so.

Ultimately, though it will be very hard to accept, crypto may be on the way
out as a technology with any political impact. Governments currently accept
the rapid increase in SSL because none of the politicians or regulators
understand that it's possible to disable it at a country level, and nobody
with any technical clue has been willing to point it out to them. But that
situation isn't sustainable, as the Kazakh example shows. A sufficiently
determined government won't care about minor details like user convenience.
They'll just say "you either install our root cert, or you don't get to use
the internet" and that's it. Game over. If even just one western country does
it, the rest will all follow within a few years.

~~~
ilaksh
Use a crypto that doesn't rely on authority.

------
egeozcan
> The national security certificate will secure protection of Kazakhstan users
> when using coded access protocols to foreign Internet resources.

How is this protecting users? They are outright lying here, if I understand
correctly. Also why are they asking for my location?

[http://i.imgur.com/fYKHRK1.png](http://i.imgur.com/fYKHRK1.png)

~~~
majke
Remember they have your location anyway from your IP address.

~~~
egeozcan
That makes it only more interesting. However, I assume, IP-based location
isn't that granular?

~~~
andrewstuart2
It's very surprisingly granular. I logged dropped packets from my router's
firewall for a week and looked up the origin locations with geoip for fun.
Just plugging in the coordinates to google maps would zoom directly in on
peoples' houses (sometimes in the middle of nowhere). I'm not sure it's 100%
accurate, of course, but it sure seemed specific.

~~~
finnn
The actual data source will provide a country, state or sometimes even city
and zipcode. Then whatever tool you're using to map drops a pin in the middle
of that region. If you zoom in, you get whatever happens to be at the
geographic center of whatever the mapping tool (probably Google Maps) thinks
is the center. eg if it says "United States" and no other data, you get some
random ass place in the middle of Kansas. Sometimes there can be more specific
data, but just because you can keep zooming in doesn't mean that that's
actually where it is

~~~
dboreham
You're describing GeoIP derived from "public" information sources such as the
physical address of the assigned entity or the location information provided
to the registrar by the block owner.

However, there is a different kind of GeoIP that has the potential to be much
more specific as to the location, based on a join between Internet traffic and
transactions that target a specific location. e.g. when you purchase a
physical item from an online vendor, with your house as the delivery address,
they now have both your IP and location. Obviously for this to work it depends
on a) the IP address remaining the same for some period of time and b) sharing
of the necessary information to allow the join. afaik both are often true.

------
wtracy
I once looked into getting a .kz domain. (I wanted to host comics on a site
named "comi.kz".) It turns out that one of the requirements for getting a .kz
is that the website be physically hosted inside Kazakhstan. (And yes,
Kazakhstani hosting providers that do business with foreigners are expensive.)

Right now, I am very glad that I did not go down this route.

------
rakslice_
This is lame news. But what I'm curious about is: What are they going to do
(if anything) to validate the upstream certificates?

\- What will their upstream root certificate policy be?

\- If they MITM any old upstream certificate, how will they mitigate the huge
target they are painting on Kazakh Internet users?

~~~
peeters
I would assume their root trust store could be similar to what your browser
would use. i.e. a curated set of root CAs with CRL subscription.

------
cgcardona
FWIW there are 9.49 million Internet users in Kazakhstan according to
wolframalpha.com

[http://www.wolframalpha.com/input/?i=number+of+internet+user...](http://www.wolframalpha.com/input/?i=number+of+internet+users+in+khazikstan)

------
RangerScience
This is extremely relevant to my interests but I don't actually understand
what's happening here. Part of that is the awkward translation. Can I get a
more detailed description and/or some links to help me understand? Thanks!

~~~
vlunkr
I'm sure someone else can explain it better than me, but they want all of
their citizens to install a certificate on all of their internet capable
devices that will route all their traffic through the government so they can
see all of it. It's a man in the middle attack on the entire population.

------
nashashmi
I wish somebody could tell me what this means half technically. My mind is
wavering between this is a good thing because everyone's connection is
becoming secure to not a good thing for reasons unknown.

~~~
tmerr
It seems like you've got it backward. Kazakhstan is not making the internet
more secure. They're requiring citizens to install something (their own root
security certificate) that compromises the security of https. The result is
that their government can eavesdrop on all traffic, encrypted or unencrypted.
That's the story anyway.

------
mailslot
Why can't Internet companies simply block the entire backward country? I can't
imagine Borat's motherland traffic monitizes well anyway. You want to MITM?
Fine, build your own Kazakh Google.

~~~
jonknee
That would actually be a huge win for Kazakhstan. Much like China pushing
people to use Baidu and other state friendly services instead of Western owned
services.

------
DonaldEFoss
While I applaud the privacy advocates, we knew this was coming when HTTP/2
(RFC 4750-4751) because an official standard in May 2015. The only way a
country with limited bandwidth can operate a transparent proxy is to stick a
new certificate in the root chain so that it can decode, cache and re-encode
the traffic.

I don't like it anymore than anyone else, but I see a non-malicious purpose
here.

------
gf1
Could this be used by the Kazakh government to sign malware/spying packages
and install them on their citizens' machines? Sounds like a super easy way to
open that backdoor.

Or is this a different type of cert? I'm thinking along the lines of what Dell
and Lenovo were yelled at for (although those were easy to rip off, but the
government could possibly serve as the malicious actor here).

~~~
selecadm
Only if the cert also has code signing EKU. Then, in case of code signing
trust bit not disabled in the cert manager, signed EXEs will appear with
"verified publisher".

------
gesman
Google should come up with cheap satellite internet. This is the only way to
bypass unruly governments.

But then you're on a mercy of Google Republic.

~~~
ronsor
Google already has your data anyway

------
jumasheff
Kyrgyz here. An evil lesson is soon learnt. It's highly possible that our
regulators will try to push similar bill.

------
anovikov
Does it mean that using SSL the normal way will become impossible? I can't
imagine this. How this can be enforced?

~~~
keyme
1) The only TLS connections that are let through are all MITM'd.

2) Every other TCP/UDP flow is checked for conformance with plain-text
protocols (like HTTP), or far worse, simply for the level of entropy in the
data.

3) A threat of legal action is made against anyone caught using secure crypto.

Good luck beating that. The key here is that the "entropy detector" doesn't
"really" need to work. It only needs to work well enough to scare people into
submission.

~~~
anovikov
Here steganography comes into play - very easily implementable in the form of
webcam streams bugged with usable data.

------
coldcode
If all of their https traffic is compromised, would we not be able to break
all of their financial traffic remotely?

~~~
untothebreach
Not necessarily, it just means that Kazakh citizens will have a root cert
installed on their machine that will allow the government to MITM their https
connections. The connection between the MITM and the client will be encrypted
(just with the government-controlled cert instead of the server's cert), and
the MITM will have an encrypted connection to the server. I suppose it is
possible that the MITM could make an unencrypted connection to the server, but
I don't know a good reason for the government to do that.

------
JumpCrisscross
To what degree has the U.S. government, through the NSA _et al_ , provided
moral cover for this sort of thing?

------
xg15
Correct me if I'm wrong, but doesn't android display a rather ennerving
"someone might be spying on you" warning when custom root certs are installed?
I'm looking forward to the reactions when every (android-using) citizen of the
country student gets that warning.

~~~
mike_hearn
Why? They would have already installed the root cert themselves and they'd
know perfectly well that they are being spied on. It'd just be another
annoying warning bar for them.

~~~
xg15
They installed the cert because they've been told to and because likely "the
internet doesn't work" when they don't. But that doesn't imply they know what
a root certificate actually does or what the consequences of adding new root
certs are.

------
rdtsc
> secure protection of Kazakhstan users when using coded access protocols to
> foreign Internet resources.

I guess "coded" here means VPN as well...

Wonder how other countries' embassies will be connecting if they block all the
encrypted connections? Everything through a satellite connection presumably.

~~~
cwyers
They're unlikely using plain HTTPS for sensitive traffic, as that still
divulges what sites you're visiting.

~~~
cookiecaper
Technically it only divulges which IP addresses you're accessing. The URL,
including domain name, in the request is encrypted.

~~~
toast0
Server Name Identification divulges the hostname (in the clear) during the key
exchange.

------
electic
My first thought, any tech company to setup offices in this country are
probably out the window. However, more importantly, they just made it really
easy for other governments to spy on them. In their zeal to protect national
security, they have done just the opposite.

~~~
PeterisP
Not really - to anyone who doesn't possess the certificates used in MITM, the
SSL traffic is just as impossible to decrypt as before.

------
strictfp
And this, dear fellows, shows how effective it is to fight politics with
technical solutions.

------
adm_hn
It seems they removed the page

~~~
aorth
Indeed. Even more strange is that they are handling it with a (temporary)
redirect on that specific article.

    
    
      $ http --print h http://telecom.kz/en/news/view/18729
      HTTP/1.1 302 Moved Temporarily
      Connection: keep-alive
      Content-Length: 154
      Content-Type: text/html
      Date: Thu, 03 Dec 2015 08:41:31 GMT
      Location: http://telecom.kz/en
      Server: nginx

------
flurdy
"from which Internet access will be performed (mobile telephones and tabs on
base of iOS/Android, PC and notebooks on base of Windows/MacOS)"

So use Linux and you will be fine?

------
dbalan
Slightly OT - if the bad guy can't fiddle with the trust store of your
computer, whats his another methods of analysing a users traffic? Is https
breakable by other means?

~~~
Elhana
They don't really have to force you to install that root cert. Every https
connection will be signed with it, so you either trust that cert and can
actually view the site (and gov can read it all) or you don't and just get
error in your browser.

Everything is breakable, but some things take a really looong time to break.
Governments might be able to break some weak https encryption, but not all.

------
dendory
I wonder if non-TLS based VPNs could be used around that? And if those are
blocked, how hard would it be to build a SSL over HTTP proxy outside the
country?

------
mtgx
Is this different than the DoD having a root certificate in iOS (and I think
Windows, too)? Couldn't the DoD also MITM the traffic any time they wish?

~~~
tjohns
Yes and no.

At a basic level, yes, any CA can issue a certificate which can be used to
launch a MITM attack. We trust that the CAs don't do this. If they're caught,
the browser industry tends to revoke their CA status -- which is pretty bad
for the CA's business model.

That said, the CAs have been under increased scrutiny lately, and browsers are
starting to build additional protections against this kind of thing:

\- Certificate pinning (HPKP) allows sites to restrict which certificates can
be used for a specific host, even if the certificate is signed by a trusted
system root. (Caveat: HPKP isn't enforced for local roots, installed by an
admin. That's how Kazakhstan is able to get away with this, because they're
asking users to install a new root manually.)

\- Certificate Transparency is supposed to provide an audit log for CAs, so
that any maliciously issued certificates can be detected and acted on.

That said, these features are new and not universally supported by all
browsers. And neither would help in a case like Kazakhstan, where users are
being asked to bypass security features and there's no system root to revoke.

------
jstalin
So how about hacking and leaking their certificate and then making all Kazak
government traffic vulnerable to public posting all over the internet?

------
jjuhl
That's just wrong and a really unpleasant slippery slope. I hope this causes a
huge backlash from users and the internet at large.

~~~
1ris
Kazakhstan is authoritarian state that censors. This is in no way or form
slippery.

------
thewarrior
My prediction : Indian government takes up this idea in the next 12 months. If
this works this idea will spread.

~~~
ris
I doubt it - the outsourcing industry would cry foul a million times over.

------
rikkus
Maybe this will be what the UK government do as a 'relaxed' version of 'ban
all crypto'.

------
mdumic
They lack resources to crack it or otherwise do it in secrecy so they're
demanding cooperation. Slick.

------
Sanzhar
Did they just delete those news? Can't find the link on the telecom.kz website
any more?

------
Create
"SSL Added and Removed Here"

Kazakhstan?!

------
sbaha88
Would it affect vpn services as well? Sad to see more outrage here than in
Kazakhstan

------
fishanz
I think this would break, for example, mobile apps which use certificate
pinning.

------
samat
Any proof for that?

Anyone has a copy of original article?

Link redirects to the main page of the website.

~~~
nbaksalyar
They deleted the press release.

It's available on the Web archive:
[http://web.archive.org/web/20151202203337/http://telecom.kz/...](http://web.archive.org/web/20151202203337/http://telecom.kz/en/news/view/18729)

------
voltagex_
I wonder if they'll be checking the validity of the upstream cert?

------
aaronkrolik
How would this affect access to bitcoin/blockchains in Kazakhstan?

~~~
sneak
It won't. Bitcoin p2p traffic is unencrypted and does not use TLS.

------
kukabynd
Kazakh here as well.

Don’t bother. Nothing will happen. It’s just talk as always.

------
gideon_b
Aww but there's a kitten. This _must_ be innocent.

------
caf
Time for httpss:// (HTTP over TLS over TLS)!

------
sneak
All other countries have inferior surveillance.

------
fapjacks
This is _such_ a bad idea!

------
multinglets
At least they're fucking telling people they're doing it.

------
cmdrfred
When I watched Borat I felt a little bad for the Kazakhstan government getting
singled out like that for seemingly no reason. Now it feels incredibly
satisfying.

------
bmahax
I don't agree with all the comments here. A sovereign state decided to ensure
all outgoing traffic is protected by a secure signature that is not possessed
by foreign intelligence agencies or hackers (well, that's the idea).

It is a very cheap and effective way to achieve this.

Spying on the population is not prevented by GeoTrust and Cie's loosy
certificates, a lot of literature and real life examples already show that.
This is a tragedy of the commons, until everybody has access to REAL security,
then no country has interest in having foreign powers spying them while not
even being to do what everybody else does.

In France, Germany, Italy, Japan, Korea, Australia, etc, all of your data is
already analyzed and deciphered, they freaking work together to make it less
obvious than Kazakhstan. Don't make any mistake and don't call for
overthrowing the regime there, it makes no sense.

From a citizen PoV, they became almost as watched over as we are for WWW
traffic, but their lives are still not as much tracked as ours since they do
not have the means of our agencies. They are still better off than us.

~~~
torrio888
It doesn't protect from a foreign intelligence agencies or hackers because
connection is only encrypted by Kazakhstan's certificate to the point where
MitM is performed by the government of Kazakhstan from that point connection
to the website is encrypted with a valid certificate.

Even if what you said is true and western countries have private encryption
keys of all websites I think that citizens of Kazakhstan would rather be spied
by foreign governments than by their own government.

