from the mandated-middle-men dept
While it has since been removed, a statement posted to the website of the country's largest ISP KazakhTelecom (Google cache and rather sloppy translation) stated that the ISP was required to intercept encrypted traffic to "secure protection of Kazakhstan users" who have access to encrypted content from "foreign Internet resources":
"The national security certificate will secure protection of Kazakhstan users when using coded access protocols to foreign Internet resources...Detailed instructions for installation of security certificate will be placed in December 2015 on site www.telecom.kz.Of course, such an effort will wind up doing the exact opposite of protecting the country's residents -- instead opening the door to rampant surveillance and potential security vulnerabilities should the certificate fall into the wrong hands. Oddly, while the notice states that all Windows, OS X, iOS and Android devices must adhere to the new law, Linux isn't mentioned, giving privacy conscious residents and journalists ample time to install their Linux distro of choice. Security experts are quick to point out the entire, ham-fisted affair is not only ethically idiotic, but likely impossible to fully implement and enforce:
"There are obvious, myriad ethical issues with this sort of mandated state surveillance," said (Security researcher Kenneth) White. "But I suspect that the political forces pushing these measures have grossly underestimated the technical hurdles and moral backlash that lay before them." "The best case scenario is that the regime will seriously weaken the security of only a subset of their citizens," said White.Bang up job, team! Last month, Human Rights Watch described Kazakhstan as an authoritarian dictatorship with "few tangible and meaningful human rights." Freedom House, meanwhile, ranks Kazakhstan poorly when it comes to Internet freedom, noting that the country's war on religious extremists has resulted in an increase in Internet filters, a total blockade of Live Journal, intensified surveillance at cybercafes, and a spike in "physical assaults on bloggers and online journalists."
It's easy to dismiss what Kazakhstan is doing as the drunken stumbling of a tin pot dictatorship, until you remember that the UK is proposing something not entirely dissimilar, and both current leading U.S. Presidential candidates dream of waging their own war on encryption and common sense.