Skip to Content
Computing

How an authoritarian regime will intercept all internet traffic inside its country

Nur-Sultan, Kazakhstan's capital city.
Nur-Sultan, Kazakhstan's capital city.Photo: kalpak-travel.com (CC BY 2.0)

The new president of Kazakhstan is now proving that he will keep the old, oppressive systems alive for the 21st century, using advanced technical tools.

The man in the middle: Beginning last week, Kazakhstan’s government is intercepting all HTTPS traffic inside the country, ZDNet reports. HTTPS is a protocol meant to offer encryption, security, and privacy to users, but now the nation’s internet service providers are forcing all users to install certificates that enable pervasive interception and surveillance.

On Wednesday, Kazakh internet users were redirected to web pages instructing them to install the government’s root certificate in their web browser, which enables what’s called “man in the middle” interception of internet traffic, decryption, and surveillance.

We reached out to browser developers and certificate authorities Google, Microsoft, and Mozilla to ask how they will deal with Kazakhstan re-encrypting internet traffic for surveillance. Mozilla, which previously denied the root inclusion request from the Kazakh government in 2016, is currently discussing whether to block Kazakhstan's root certificate, spokeswoman Janette Ciborowski said.

How dictators work in the 21st century: Most Americans likely couldn’t find Kazakhstan on a map. Yet the recent actions have wide implications.

Kazakhstan sits in a region ruled by dictators steadily marching into the 21st century. Just next door is the repressive dictatorship of Turkmenistan, which, like its neighbors, has been steadily increasing internet surveillance as a means to control the population.

This man-in-the-middle scheme is not the Kazakhstan government’s only move to increase control of the country through the internet. The government is also a known customer of NSO Group, an Israeli company that sells hacking technology to governments around the world, including dictatorships that use it to squash dissidents. NSO Group’s technology typically targets one person at a time. Now the government’s technological ambitions have clearly grown.

Upskilling the dictator: From the Soviet Union’s collapse in 1991 until 2019, Kazakhstan had the same strongman in charge: Nursultan Nazarbayev. A new president came to power in 2019, but this is hardly a meaningful changing of the guard.

The victory of Kassym-Jomart Tokayev in the 2019 presidential election began with the detention of hundreds of dissidents.

Just months after the election, Tokayev’s attempts to take even greater control over the country through technology mean it’ll be a seamless transition from an old-fashioned dictatorship to a 21st-century autocrat able and willing to bend the day’s technology to his will.

Update, 7/21/19: We added Mozilla's response.

Deep Dive

Computing

What’s next for the world’s fastest supercomputers

Scientists have begun running experiments on Frontier, the world’s first official exascale machine, while facilities worldwide build other machines to join the ranks.

The future of open source is still very much in flux

Free and open software have transformed the tech industry. But we still have a lot to work out to make them healthy, equitable enterprises.

The beautiful complexity of the US radio spectrum

The United States Frequency Allocation Chart shows how the nation’s precious radio frequencies are carefully shared.

How ubiquitous keyboard software puts hundreds of millions of Chinese users at risk

Third-party keyboard apps make typing in Chinese more efficient, but they can also be a privacy nightmare.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.