Skip to main content

Kazakhstan mandates Internet backdoor, modeled after China’s Great Firewall

bangladeshi bank heist foiled by spelling mistake internet hacking dark net
When it comes to Internet freedoms (or the lack thereof), taking cues from China rarely bodes well for a citizenry. And now, the people of Kazakhstan are experiencing this realization firsthand as lawmakers move to force Internet users across the country to install a sort of backdoor system. This would allow the Kazakh government to monitor all web traffic on both desktop and mobile devices, and closely resembles China’s so-called Great Firewall.

Under the new law, all citizens must install a “national security certificate” on all Internet-connected devices, which will “intercept requests to and from foreign websites.” This is effectively the low-cost version of China’s monitoring strategy, which involves a much more complicated (and expensive) digital infrastructure that filters traffic itself. Beginning January 1, officials will not only be able to see Internet users’ content, but also block this data entirely.

While the government claims that this new mandate will prevent “man in the middle attacks” involving foreign servers, many worry that this is simply a thinly veiled ploy aimed at installing citizen surveillance. Kazakhtelecom JSC, the largest telecommunications company in the country, claimed that the backdoors would “secure protection of Kazakhstan users” who are using “foreign Internet resources,” but several experts have expressed skepticism at the notion, especially given the country’s seedy history with media surveillance.

“Given the style of government of Kazakhstan, I think we can assume that this is simply part of their censorship apparatus,” Steven M. Bellovin, a professor of computer science at Columbia University, told the New York Times. “It’s a serious security risk for Kazakh users both technically and in their inability to send and receive private communications.”

Major Internet companies like Google, Facebook, and Microsoft could also choose to blacklist Kazakhstan’s national security certificate altogether, making their content inaccessible to people within the country. “There are obvious, myriad ethical issues with this sort of mandated state surveillance,” security expert Kenneth White told ZDNet. “But I suspect that the political forces pushing these measures have grossly underestimated the technical hurdles and moral backlash that lay before them.”

Further details have yet to be released about the country’s plan, but if history is any indication, going through with this sort of protocol won’t result in a particularly happy ending.

Editors' Recommendations