Apple, others ban Kazakhstan’s MitM HTTPS certificate — Apple World Today

Under the guise of a “cybersecurity exercise,” the Kazakhstan government is forcing citizens in its capital of Nur-Sultan to install a digital certificate on their devices if they want to access foreign internet services. Once installed, the certificate would allow the government to intercept all HTTPS traffic made from users’ devices via a technique called MitM (Man-in-the-Middle).

However, with the ban, even if users have the certificate installed, browsers like Safari, Chrome, Edge, and Mozilla will refuse to use them, preventing Kazakh officials from intercepting user data.

Kazakhstan users have told ZDNet that they are not able to access sites like Google, Twitter, YouTube, Facebook, Instagram, and Netflix without installing the government’s root certificate. The MitM HTTPS certificate is the Kazakh government’s third attempt at forcing citizens to install root certificates on their devices after a first attempt in December 2015 and a second attempt in July 2019.