You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -1096,7 +1096,7 @@ The results of our analysis show that most ISPs in Kazakhstan appear to implemen
Notably, through [OONI data](https://explorer.ooni.org/m/20210808015758.022737_KZ_webconnectivity_3b9213f9ee4f2d06) collected from Kazakhstan between 2021 to 2024, we found **7 distinct intermediate certificates signed by 4 distinct root CAs being used to carry out TLS man-in-the-middle (MITM) attacks, targeting at least 14 distinct domain names on at least 19 different networks in Kazakhstan**. We found that these intermediate certificates were even being used to perform MITM attacks during periods of certificate invalidity. This raises concerns because such practices weaken the online privacy and security of internet users in Kazakhstan.
We found the latest government root CA and many TLS MITM attacks on at least 19 networks by only analyzing OONI data collected from Kazakhstan between June 2023 to June 2024. As OONI data from Kazakhstan [spans from 2017](https://explorer.ooni.org/chart/mat?probe_cc=KZ&since=2017-01-02&until=2017-12-02&time_grain=day&axis_x=measurement_start_day&test_name=web_connectivity) to date, with [new measurements published every day](https://explorer.ooni.org/chart/mat?probe_cc=KZ&since=2024-07-02&until=2024-08-02&time_grain=day&axis_x=measurement_start_day&test_name=web_connectivity), we encourage researchers to analyze [OONI data](https://ooni.org/data/) to investigate the scale of TLS MITM attacks in Kazakhstan further.
We found TLS MITM attacks on at least 19 networks by only analyzing OONI data collected from Kazakhstan between June 2023 to June 2024. As OONI data from Kazakhstan [spans from 2017](https://explorer.ooni.org/chart/mat?probe_cc=KZ&since=2017-01-02&until=2017-12-02&time_grain=day&axis_x=measurement_start_day&test_name=web_connectivity) to date, with [new measurements published every day](https://explorer.ooni.org/chart/mat?probe_cc=KZ&since=2024-07-02&until=2024-08-02&time_grain=day&axis_x=measurement_start_day&test_name=web_connectivity), we encourage researchers to analyze [OONI data](https://ooni.org/data/) to investigate the scale of TLS MITM attacks in Kazakhstan further.
