Mozilla has announced that it, and Google, have deployed technical solutions within Firefox and Chrome to stop the Kazakh government from intercepting internet traffic inside the country. According to Censored Planet, the government in Kazakhstan began using a fake root CA certificate to intercept HTTPS connections.
Both Firefox and Chrome will now block the use of the government’s root CA certificate so that users won’t be adversely affected even if they install it. In the Firefox implementation, the user will see an error message that states that the certificate should not be trusted. Wayne Thayer, CA Program Manager at Mozilla also suggested that affected users should research virtual private networks (VPNs), or the Tor Browser, and begin using them to access the Web. Additionally, Thayer recommends removing the certificate and changing the passwords on online accounts.
Commenting on the development, Marshall Erwin, Senior Director of Trust and Security at Mozilla, said:
“People around the world trust Firefox to protect them as they navigate the internet, especially when it comes to keeping them safe from attacks like this that undermine their security. We don’t take actions like this lightly, but protecting our users and the integrity of the web is the reason Firefox exists.”
Representing Google, Parisa Tabriz, Senior Engineering Director at Chrome, said:
“We will never tolerate any attempt, by any organization—government or otherwise—to compromise Chrome users’ data. We have implemented protections from this specific issue, and will always take action to secure our users around the world.”
The new measures should be automatic but just to be sure check to see if there are any available updates for your web browser and apply any that are.