Major Internet providers in Kazakhstan, including Kcell, Beeline, Tele2 and Altel, to their systems the ability to intercept HTTPS traffic and from users to install a "national security certificate" on all devices with access to the global network. This was done as part of the implementation of the new version of the law "On Communications".
It is stated that the new certificate should protect the country's users from Internet fraud and cyber attacks. It allegedly "allows you to protect Internet users from content prohibited by the legislation of the Republic of Kazakhstan, as well as from malicious and potentially dangerous content." However, it is essentially a form of MitM (mat-in-the-middle) attack.
The fact is that the certificate allows you to block access to certain (and not necessarily really dangerous) pages, modify HTTPS traffic, read correspondence and, moreover, write on behalf of a particular user. If the certificate is not installed, then users will lose access to all services that use TSL encryption, and these are all the world's main resources - from Google to Amazon.
Kcell operator that the certificate was developed in Kazakhstan, but who exactly did it is unknown. The most interesting thing is that to obtain a certificate you need to go to the site who registered less than a month ago. The owner of the domain name is an individual, and the address is the House of Ministries in Nur-Sultan. The funny thing is that the site for the security certificate does not use HTTPS.
A small plus here is only that the installation of the certificate is declared as a voluntary matter. However, many devices or applications often do not allow users to modify or change certificates.
At the same time, some users have already complained about the unavailability of social networks, the mail service Gmail and YouTube. At the same time, Kazakh resources opened normally. The Ministry of Digital Development has not yet reported on the reasons, but has already announced technical work "aimed at strengthening the protection of citizens, government agencies and private companies from hacker attacks, Internet scammers and other types of cyber threats." And according to Ablaykhan Ospanov, Deputy Prime Minister of Digital Development, this is a pilot project. That is, it can be extended to the whole country.
Source: 3dnews.ru