Skip to Content
Computing

How an authoritarian regime will intercept all internet traffic inside its country

Nur-Sultan, Kazakhstan's capital city.
Nur-Sultan, Kazakhstan's capital city.Photo: kalpak-travel.com (CC BY 2.0)

The new president of Kazakhstan is now proving that he will keep the old, oppressive systems alive for the 21st century, using advanced technical tools.

The man in the middle: Beginning last week, Kazakhstan’s government is intercepting all HTTPS traffic inside the country, ZDNet reports. HTTPS is a protocol meant to offer encryption, security, and privacy to users, but now the nation’s internet service providers are forcing all users to install certificates that enable pervasive interception and surveillance.

On Wednesday, Kazakh internet users were redirected to web pages instructing them to install the government’s root certificate in their web browser, which enables what’s called “man in the middle” interception of internet traffic, decryption, and surveillance.

We reached out to browser developers and certificate authorities Google, Microsoft, and Mozilla to ask how they will deal with Kazakhstan re-encrypting internet traffic for surveillance. Mozilla, which previously denied the root inclusion request from the Kazakh government in 2016, is currently discussing whether to block Kazakhstan's root certificate, spokeswoman Janette Ciborowski said.

How dictators work in the 21st century: Most Americans likely couldn’t find Kazakhstan on a map. Yet the recent actions have wide implications.

Kazakhstan sits in a region ruled by dictators steadily marching into the 21st century. Just next door is the repressive dictatorship of Turkmenistan, which, like its neighbors, has been steadily increasing internet surveillance as a means to control the population.

This man-in-the-middle scheme is not the Kazakhstan government’s only move to increase control of the country through the internet. The government is also a known customer of NSO Group, an Israeli company that sells hacking technology to governments around the world, including dictatorships that use it to squash dissidents. NSO Group’s technology typically targets one person at a time. Now the government’s technological ambitions have clearly grown.

Upskilling the dictator: From the Soviet Union’s collapse in 1991 until 2019, Kazakhstan had the same strongman in charge: Nursultan Nazarbayev. A new president came to power in 2019, but this is hardly a meaningful changing of the guard.

The victory of Kassym-Jomart Tokayev in the 2019 presidential election began with the detention of hundreds of dissidents.

Just months after the election, Tokayev’s attempts to take even greater control over the country through technology mean it’ll be a seamless transition from an old-fashioned dictatorship to a 21st-century autocrat able and willing to bend the day’s technology to his will.

Update, 7/21/19: We added Mozilla's response.

Deep Dive

Computing

Erik Prince wants to sell you a “secure” smartphone that’s too good to be true

MIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.

Corruption is sending shock waves through China’s chipmaking industry

The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.

Inside the software that will become the next battle front in US-China chip war

The US has moved to restrict export of EDA software. What is it, and how will the move affect China?

Hackers linked to China have been targeting human rights groups for years

In a new report shared exclusively with MIT Technology Review, researchers expose a cyber-espionage campaign on “a tight budget” that proves simple can still be effective.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.