back to article Finally. Thanks so much, nerds. Google, Apple, Mozilla end government* internet spying for good

On Wednesday, Google, Apple, and Mozilla said their web browsers will block the Kazakhstan root Certificate Authority (CA) certificate – following reports that ISPs in the country have required customers to install a government-issued certificate that enables online spying. According to the University of Michigan's Censored …

  1. sbt Silver badge
    Mushroom

    "We will never tolerate...

    ...any attempt, by any organization – government or otherwise – to compromise Chrome users' data"

    That's our job.

    1. Mahhn

      Re: "We will never tolerate...

      You beat me to it.

      Next up goog will protest election manipulation LOL.

      Cue the bond theme song "Nobody does it better"

  2. Denarius Silver badge
    Holmes

    So how long B4

    Oz consumers get "told" to install local version in their damn near mandatory MyGov login ? Can almost hear sounds of wet pants dripping from direction of pointy Hill House on the other side of the ranges

    1. revenant Silver badge

      Re: So how long B4

      Perhaps a bit longer than you fear because of the pushback against Kaszakhstan.

      On the other hand, governments are not renowned for caring about consequences, so maybe Oz (and the rest of the world) won't get the message.

      Which leads to an interesting question : how would Mozilla etc. react to a similar request from one of the 'free world' nations?

      1. ThatOne Silver badge
        Devil

        Re: So how long B4

        They definitely won't get the message, simply because there is no message to be gotten.

        It's not like our 'free world' governments don't snoop on their citizens. Everybody knows it, but "what are you gonna do?". There are some annoyed noises, and life goes on.

        In this case it was just a small isolated government without any international influence who did it, thus a splendid occasion for everybody and his dog to jump in and signal shining virtue: "We will protect you against all dangers (provided they aren't too scary, powerful or able to retaliate in any way)".

  3. lglethal Silver badge
    Joke

    Cook & Co told The Register

    Come on el Reg, we all know Apple doesnt talk to you under any circumstances, just admit they were talking to someone else and you just happened to overhear them....

    1. Alister Silver badge

      you just happened to overhear them...

      El Reg had a Man-in-the-Middle on the Skype call...

  4. Grooke

    Kazakhstan greatest country in the world

    All other countries are run by little girls

  5. JimmyPage Silver badge
    Big Brother

    The biggest weakness in the whole TLS arena

    Is the chain of trust required to support it.

    We are all forced to use HTTPS etc. But I have to say my trust in it is pretty low.

    1. LDS Silver badge

      Re: The biggest weakness in the whole TLS arena

      It's a such old issue it has its own Latin sentence:

      "Quis custodiet ipsos custodes?"

      And there's no simple and easy solution, especially at scale.

    2. JohnFen Silver badge

      Re: The biggest weakness in the whole TLS arena

      My trust in it is essentially nonexistent. I don't trust any cert just because it's signed by a CA.

    3. Dom De Vitto

      Re: The biggest weakness in the whole TLS arena

      Trust in HTTPS is "pretty low" ?

      Compared to WHAT ?

      HTTPS, with other browser security - HTKP, for instance - is brilliant. I would put that way above a VPN service (or TOR) with HTTP alone.

      .....

  6. Harry Stottle

    "Fake" Root CA?

    might be a quibble but surely the danger is not that its "Fake". The CA is no doubt set up in the standard manner by an ostensibly legitimate organisation and is not pretending to be anything else. The danger is not its "authenticity" but straightforward abuse of what is designed to be a trust anchor, by a corrupt authoritarian regime.

  7. JohnFen Silver badge

    That's our job!

    "We will never tolerate any attempt, by any organization – government or otherwise – to compromise Chrome users' data."

    Google reserves the right to be the only one that will compromise their user's data.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020