Malicious HTTPS certificate from Kazakhstan gets Safari ban

Apple and browser companies Mozilla, Microsoft, and Google have all blocked a root certificate that’s being used by the government to spy on the citizens of Kazakhstan.

Google, Microsoft, Apple and Mozilla has agreed to block the HTTPS certificate and ban it from their browsers. The moment the root certificate is accessed there will be an error message saying how it can’t be used.

HTTPS Certificate

The HTTPS certificate allowed Kazakhstan authorities to check its peoples’ online activity by means of decrypting and intercepting traffic from users in Nur-Sultan. While Twitter and Google blocked foreign websites by default, Apple and others decided to ban the root certificate entirely.

Users will see an error message saying how the certificate is ‘untrustworthy’, which means it won’t be installed. This kind of middleman blocking event has occurred before when a certificate was used to intercept traffic in English and Russian-speaking social media websites in August 2019.