Edit KZ report (#1622)

ooni · Oct 24, 2024 · 68cdbc8 · 68cdbc8
1 parent c3eff81
commit 68cdbc8
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/content/post/2024-kazakhstan-report/index.md b/content/post/2024-kazakhstan-report/index.md
@@ -427,7 +427,7 @@ The above charts suggest that internet users in Kazakhstan might be able to circ
 
 Normally most web traffic is made secure using TLS, which is a technology that ensures your connection to a particular server is encrypted. When a government deploys a TLS man-in-the-middle (MITM) attack, they are able to not only block access to the service, but to also break the encryption. This allows them to gain access to the content of the communication of the user to the site or service, bypassing the layer of encryption. This will only work if a user has installed on their computer the government mandated root certificate authority, which is what browsers use to verify if the certificate presented by the server is issued by a known trusted authority. 
 
-According to [Internet Freedom Kazakhstan](https://ifkz.org/), a security certificate with MITM technology was proposed for implementation in Kazakhstan in 2016, and the relevant amendments to the Law "On Communications" were adopted. In December 2020, during the cyber exercises "[Information Security Nur-Sultan-2020](https://www.gov.kz/memleket/entities/mdai/press/news/details/132113)", users in Kazakhstan were sent SMS messages with information about installing a security certificate to maintain access to foreign internet resources. 
+According to [Internet Freedom Kazakhstan](https://ifkz.org/), a security certificate with MITM technology was proposed for implementation in Kazakhstan in 2016, and the relevant amendments to the Law "On Communications" were adopted. In December 2020, during the cyber exercises "[Information Security Nur-Sultan-2020](https://www.gov.kz/memleket/entities/mdai/press/news/details/132113)", users in Kazakhstan were sent SMS messages with information about installing a security certificate to maintain access to foreign internet resources. Government agencies claimed that this method is used exclusively to block prohibited content, including terrorist and extremist materials. It was also [reported](https://drfl.kz/ru/o-certifikate-bezopasnosti/) that the use of a security certificate is legal and necessary to protect the country from cyberattacks and combat prohibited content.
 
 Ramil Bektemirov, a representative of JSC State Technical Service, at a briefing on the exercises held in Astana in 2020, [answered](https://drfl.kz/ru/anonymity-in-kazakhstan/) a question about the use of MITM technology in a security certificate: *“The [MITM] technology is indeed used in the solution. This technology is used not only by us, but also by leading manufacturers of network protection equipment. They include functionality in this solution in order to inspect traffic. We understand that now 70% of our traffic is encrypted. And in order to inspect it, to see prohibited content that will need to be blocked, without this technology it is impossible”*.