Google과 Mozilla는 카자흐스탄의 사용자를 보호하기 위해 행동

ment 8/22 '19 posted 뉴스 IT

• Firefox의 구현에서는 인증서를 신뢰할 수 없다는 오류 메시지가 사용자에게 표시됩니다.

• "우리는 이와 같은 조치를 가볍게 수행하지 않지만 사용자와 웹의 무결성을 보호하는 것이 Firefox가 존재하는 이유입니다."

• 구글의 수석 엔지니어링 디렉터 파리시아 타브리즈 (Paris Tabriz)는 그녀의 회사가 "정부나 다른 기관에서 크롬 사용자의 데이터를 훼손하려는 어떠한 시도도 용납하지 않을 것"이라고 말했습니다.

• 2015 년에 정부 기관은 브라우저에서 사용할 수있는 승인된 인증서 목록인 Mozilla의 루트 저장소 프로그램에 루트 인증서를 포함하도록 요청했습니다.

• 그러나 인증서가 사용자 데이터를 가로채는 데 사용된다는 것을 발견한 후에는 결국 요청이 거부되었습니다.

• 여러 조직이 행정부에 대해 법적 조치를 취한 이후 정부의 추가 시도는 실패로 끝났습니다.

• 구글과 파이어 폭스 개발사 모질라는 카자흐스탄 정부가 시민들의 웹 트래픽을 가로 채려는 시도를 차단할 것이라고 수요일 밝혔습니다.

• 또한 인증서는 Chromium 소스 코드의 차단 목록에 추가되었으므로 다른 Chromium 기반 브라우저에도 포함되어야 합니다.

• Mozilla의 CA 프로그램 관리자인 Wayne Thayer는 또한 영향을 받는 사용자는 VPN (가상 사설망) 또는 Tor 브라우저를 조사하고 이를 사용하여 Web에 액세스하는 것을 제안했습니다.

Mozilla and Google stop Kazakh government from intercepting traffic [www.neowin.net]

Mozilla, Google move to block Kazakhstan's attempts to spy on its citizens [www.itpro.co.uk]

Firefox and Chrome Fight Back Against Kazakhstan's Spying [www.wired.com]

Mozilla takes action to protect users in Kazakhstan [blog.mozilla.org]

Google, Mozilla, and Apple are using this one weird trick to block Kazakhstan's surveillance of its own citizens [boingboing.net]

Web browsers unite against reported Kazakhstani surveillance [www.axios.com]

Protecting Chrome users in Kazakhstan [security.googleblog.com]

Google, Apple, and Mozilla block Kazakhstan government’s browser spying [arstechnica.com]

Apple, Google, and Mozilla Team Up to Block Kazakhstani Surveillance [tidbits.com]

Google, Apple, Mozilla move to block Kazakh surveillance system [www.reuters.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

8/22 '19 answered

Update: Apple spox said Safari is blocking the root certificate as well. “We have taken action to ensure the certificate is not trusted by Safari and our users are protected from this issue.” https://t.co/VDSpPhc3IY
— Amrita Khalid (@askhalid) August 21, 2019

Microsoft says "The Certificate Authority (CA) in question is not a trusted CA in our Trusted Root Program" https://t.co/F6EaPcN5QI
— Joseph Cox (@josephfcox) August 21, 2019

Kazakhstan has implemented a new monitoring system that would offer the government access to all web traffic within the country, even encrypted data.

Now, Google, Mozilla, and Apple are adding technical protections to their browsers to fight back. https://t.co/948YTlx4My
— WIRED (@WIRED) August 21, 2019

New: Google and Mozilla have now blocked a root certificate from the Kazakhstan government in their browsers. The cert could be used to intercept Facebook, Gmail, Twitter etc encrypted traffic.

Microsoft hasn't done the same. Apple didn't respond https://t.co/F6EaPcN5QI pic.twitter.com/rDWBVHcYjV
— Joseph Cox (@josephfcox) August 21, 2019

Apple, Google, and Mozilla block Kazakhstan's HTTPS intercepting certificate in their respective browsers

Measure comes a little too late, as the Kazakh government has stopped using it, but the ban will the root cert from ever being useful againhttps://t.co/wlqSdvjYuP pic.twitter.com/K3oiOWBpGC
— Catalin Cimpanu (@campuscodi) August 21, 2019

People around the world trust us to protect them as they navigate the internet.

We don’t take actions like this lightly, but protecting our users & the integrity of the web is the reason Firefox exists.https://t.co/OhdWhsH4JP
— Firefox ? (@firefox) August 21, 2019

Big tech companies aren't letting #Kazakhstan's mass surveillance go unnoticed—and neither should you. https://t.co/x52edZj8FP
— Freedom House (@freedomhouse) August 21, 2019

We are grateful to hear @mozilla & @googlechrome
took actions against shameful Kazakhstan's MitM following our @CensoredPlanet report: https://t.co/TQ32kLXOqP https://t.co/ClcfzeQWBO https://t.co/l2IbStrAUi pic.twitter.com/6HrkzIe4G6
— Roya Ensafi (@royaensafi) August 21, 2019

On the Kazakhstan MITM: https://t.co/aG10FOUDEC https://t.co/lUlS84IV4y
— Adam Langley (@agl__) August 21, 2019

カザフスタン政府が国民の通信を傍受可能にするための証明書はルート証明書に入れるリクエストも数年前に拒否したけど、今度全国民の端末にインストールさせるという証明書も信頼しないことにして利用者の通信を政府に監視されないように対応。https://t.co/A1lrZXJ0nE
— dynamis (でゅなみす) (@dynamitter) August 21, 2019

Mozilla takes action to protect users in Kazakhstan - The Mozilla Blog https://t.co/BTBtLDObl0
— Mike Conley @mconley@mastodon.social (@mike_conley) August 21, 2019

The Mozilla Blog: Mozilla takes action to protect users in Kazakhstan https://t.co/Xs1FcocNfV
— Planet Mozilla (@planetmozilla) August 21, 2019

Oh, shi..https://t.co/JFHMpV4nZW
— Zharzhan Kulmyrza (@zharzhan_) August 21, 2019

And kudos to @mozsec for taking a strong stance in defense of their users in Kazakhstan... https://t.co/eAabUJwTrU
— Justin Schuh ? (@justinschuh) August 21, 2019

Mozilla takes action to protect users in Kazakhstan https://t.co/M44L4RpsiE via @mozilla
— tbiz (@tbiz) August 21, 2019

A response from Mozilla too: https://t.co/N68VVflS3y
— Scott Helme (@Scott_Helme) August 21, 2019

then again when US government monitors everything, the #Firefox action is to shut up ...b/c Kazakhstan is the real issue

foundations like #Mozilla or #GNOME can protest against #USA regulations and polices by simply moving away, eg to Canada or EUhttps://t.co/p1h8GEpQwS
— pff (@reality_be_rent) August 21, 2019

Google, Mozilla and Apple are taking a coordinated action to prevent the Kazakhstani government from using bulk surveillance on citizen web browsing.https://t.co/BdaU8Bu7gG
— Axios (@axios) August 21, 2019

Here's our @googlechrome response to the Kazakhstan government order for HTTPS interception: https://t.co/aZiFE5S7CJ?
— Parisa Tabriz (@laparisa) August 21, 2019

An update on that Kazakhstan certificate thing... https://t.co/VwxtNkih8E
— Justin Schuh ? (@justinschuh) August 21, 2019

Chrome nuked the Kazakhstan government's interception certificate with an entry in CRLset: https://t.co/jOsWnVXVVZ
— Scott Helme (@Scott_Helme) August 21, 2019

"Chrome will be blocking the certificate the Kazakhstan government required users to install" https://t.co/xTwC6wxJ2s
— Jonas Lejon (@jonasl) August 21, 2019

Is this a principled stance, or easier because of small market? >> Google, Apple, and Mozilla block Kazakhstan government’s browser spying ↘️ https://t.co/ZpVgtNCu7z
— Marietje Schaake (@MarietjeSchaake) August 21, 2019

permanent link

Open Wiki - Feel free to edit it. -

8/22 '19 answered

#FreedomOnTheNet's @adrianshahbaz provides important insights on #Kazakhstan's increased efforts to surveil local users https://t.co/18lCJtIKzk @lilyhnewman
— Freedom on the Net (@freedomonthenet) August 21, 2019

The next obvious step is for a government to fork a browser - and of course do it badly (eg not apply security updates). Beyond the ? effect, this makes it even more clear that your choice of browser is important. https://t.co/xCxPTxr2VH
— Mark Nottingham (@mnot) August 22, 2019

Mozilla takes action to protect users in Kazakhstan https://t.co/ArHMKMGr6b @mozillaさんから
— hsjoihs (@hsjoihs) August 22, 2019

That's great and all, but could you stop virtue signaling for a second and tell us when we can get this in the US?https://t.co/kaedQRAA4M
— Raging Golden Eagle (@RageGoldenEagle) August 22, 2019

#Mozilla takes action to protect users in #Kazakhstan https://t.co/Lk5lUVfiku fight the good fight, #firefox
cc @glynmoody
— Dr. Roy Schestowitz (罗伊) (@schestowitz) August 21, 2019

Mozilla takes action to protect users in Kazakhstan – The Mozilla Blog https://t.co/Ewh5lvcuMX pic.twitter.com/vJGGnTQQkX
— Rich Tehrani (@rtehrani) August 21, 2019

Chrome, Firefox, and Safari updated to block Kazakhstan government spying https://t.co/JyQkk93h5Z #Security #Cybersecurity #Hackers #Cyberattacks #CSO #Cyber #Infosec
— Evan Kirstel (@evankirstel) August 22, 2019

I'm proud to see companies stick up for privacy this way, but we absolutely cannot tolerate such invasive and outdated behaviour by our governments. "Google, Apple, and Mozilla block Kazakhstan government’s browser spying" https://t.co/33aidpztVG
— Lucie Krahulcova (@nomadiclucie) August 22, 2019

Google, Apple, and Mozilla block Kazakhstan government’s browser spying https://t.co/nDtcmQjuo0 by @JBrodkin
— One Microsoft Way (@OneMicrosoftWay) August 21, 2019

"Major browser makers are blocking the use of a root certificate that #Kazakhstan's government has used to intercept Internet traffic."https://t.co/FSlVclK4Je
— e-sushi (@originalesushi) August 21, 2019

Google Chrome and Mozilla Firefox will block a government encryption certificate that allows authorities to read anything a user types or posts using the browsers, including account information and passwords https://t.co/jOW6Pd4Wjc
— Donie O'Sullivan (@donie) August 22, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured