Browser makers Apple, Google, Microsoft, and Mozilla, have banned today a root certificate that was being used by the Kazakhstan government to intercept and decrypt HTTPS traffic for residents in the country’s capital, the city of Nur-Sultan.
The certificate had been in use since December 6, 2020, when Kazakh officials forced local internet service providers to block Nur-Sultan residents from accessing foreign sites unless they had a specific digital certificate issued by the government installed on their devices.
While users were able to access most foreign-hosted sites, access was blocked to sites like Google, Twitter, YouTube, Facebook, Instagram, and Netflix, unless they had the certificate installed.
The big four browser-makers Apple, Google, Microsoft, and Mozilla – have now blocked the certificate in their respective software. This means that after the ban, even if users in Nur-Sultan have the certificate installed on their device, the browsers will refuse to use them – meaning users’ data will remain secure, and out of the hands of Kazakh officials.
It’s not the first time the four companies have united to make the Internet a more secure place. Back in August 2019, a similar certificate used to intercept traffic for various Russian and English-speaking social media sites was also blocked in Kazakhstan.
