Mozilla, Google, Apple To Block Kazakhstan Surveillance

Big names in the tech industry have responded to a controversial attempt by Kazakhstan to create an internet surveillance system using mainstream web browsers.

Mozilla, Apple and Google will block an encryption certificate from the Kazakh government that would allows authorities to read anything a user types or posts using the browsers. This potentially includes account information and passwords, the firms said in statements.

Google has taken action before against this state before. In 2011 for example it took the drastic action of redirecting visitors to its Kazakhstan site, google.kz, to a page in Kazakh at google.com.

Kazakhstan surveillance

That move was an escalation of tensions between Kazakhstan and Google, after the former Soviet republic brought in legislation in September 2010, requiring .kz domain names to point to servers actually located in that country.

Google’s action came after that country’s government warned it would begin enforcing that law in 2011.

And now eight years later tech firms with some of the leading web browsers in their portfolios, are reacting to another attempt at state surveillance.

In a blog posting, Mozilla explained its decision-making process.

“Today, Mozilla and Google took action to protect the online security and privacy of individuals in Kazakhstan,” Mozilla blogged. “Together the companies deployed technical solutions within Firefox and Chrome to block the Kazakhstan government’s ability to intercept internet traffic within the country.”

The companies said they were reacting to “credible reports” that ISPs in Kazakhstan have required people in the country to download and install a government-issued certificate on all devices and in every browser in order to access the internet.

Mozilla and Google said this certificate is not trusted by either of the companies, and once installed, allowed the government to decrypt and read anything a user types or posts, including intercepting their account information and passwords.

“People around the world trust Firefox to protect them as they navigate the internet, especially when it comes to keeping them safe from attacks like this that undermine their security,” said Marshall Erwin, Senior Director of Trust and Security, Mozilla. “We don’t take actions like this lightly, but protecting our users and the integrity of the web is the reason Firefox exists.”

“We will never tolerate any attempt, by any organization – government or otherwise – to compromise Chrome users’ data,” added Parisa Tabriz, Senior Engineering Director, Chrome. “We have implemented protections from this specific issue, and will always take action to secure our users around the world.”

Just a test

Reuters reported that Kazakhstan had said earlier this month, that it had halted implementation of the system, the initial roll out of which was described as a test by the government.

State security officials had said its goal was to protect Kazakh users from “hacker attacks, online fraud and other kinds of cyber threats”.

The former Soviet Central Asian nation routinely blocks websites and applications used by its critics, including Facebook and Youtube, for short periods of time.

The blocks reportedly often coincided with public protests in the country.

Are you a Firefox fan? Try our quiz!

Tom Jowitt @TJowitt

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Recent Posts

Former Cortana Boss Javier Soltero Joins Google

'Hey Cortana... please forward my email to Google', as former Microsoft man joins search engine giant

2 hours ago

Jeff Bezos’s Blue Origin Partners Lockheed Martin For Moon Lander

Moon tourists? Space company of Amazon boss signs deals with multiple companies for moon landers

3 hours ago

Equifax Used Default ‘Admin’ Password, Lawsuit Alleges

Lawsuit alleges Equifax failed to take the most basic security precautions that resulted in highly damaging breach in 2017

4 hours ago

Bletchley Park Could Host Institute Of Technology

Plans submitted for tech teaching centre for 1,100 students on historic Bletchley Park site

5 hours ago

Avast Confirms “Extremely Sophisticated” Hack

State sponsored actor? Security vendor admits it has been targetted by sophisticated cyberespionage campaign

6 hours ago

NordVPN Confirms Hack After Data Centre Mistake

Panama-based VPN provider confirms it was hacked after Finnish data centre provider left server unsecured

9 hours ago