Privacy Blog

"Friends don’t let friends get spied on.' – Richard Stallman, President of the Free Software Foundation and longtime advocate of privacy in technology.

The Government Of Kazakhstan is Coercing its Citizens to Install a Root Certificate in their Devices that will Allow the Authorities to Monitor Everything the Citizens Do Online

UPDATE: The Kazakhstan government announced on 8 August 2019 that the project is being abandoned. Kazakhstan’s State Security Committee said in a statement that the certificate rollout was simply a test which has now been completed. Users can remove the certificate and use internet as usual, it said.


While this is scary for the citizens of Kazakhstan, every computer user in the world also should be concerned. If one government does this and is successful, it won’t be long before all governments will be doing the same. Yes, that includes your government.

On July 17, the government of Kazakhstan began coercing its citizens to install a root certificate on their devices that would allow the authorities to monitor everything they do online. The surveillance affects anyone trying to access certain websites, including Gmail, Facebook, Twitter, and YouTube. Once the certificate is installed, the government could access emails, read private messages, log browsing activity, and store login credentials.

Of course, once the government can access everything, it won’t be long before the instructions for accessing everyone’s computers will leak out and then become used by hackers around the world.

“There is no such thing as a back door (or in this case, online surveillance tool) that can only be used by the good guys. The Shadow Brokers hack and the resulting WannaCry attack show what can happen when hackers get their hands on such tools. By forcing all Kazakh citizens to use the same certificate, the government is introducing a significant vulnerability. If hackers were able to get control of the certificate, they would have the same access to personal data as the government.”

You can read more in the ProtonMail Blog at: https://tinyurl.com/privacy-2019-0801.

Categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.