Moscow to issue HTTPS certs to Russian websites

Meanwhile, Anonymous claims it's popped Putin's comms regulator


Moscow has set up its own certificate authority to issue TLS certs to Russians affected by sanctions or otherwise punished for president Putin's invasion of Ukraine.

A notice on the government's unified public service portal states that the certificates will be made available to Russian websites unable to renew or obtain security certificates as a knock-on effect of Western sanctions and organizations refusing to support Russian customers. These certs are primarily useful for providing secure HTTPS connections. Delivery of the certificates is promised within five days of requests.

The portal is silent on which browsers will accept the certs. This is a critical matter, because if browsers don't recognize or trust the certificate authority that issued a cert, a secure connection isn't generally possible. The Register cannot imagine any of the mainstream browser devs will rush to make these Russian certs work in their applications.

Russians do have a local alternative. Yandex, the nation's Google analog, has won 16 per cent local market share with its YaBrowser – well behind the 55 per cent share Stat Counter attributes to Google's Chrome.

If Yandex recognizes Russia's certs, and can quickly upgrade users and win tens of million more, Russia's plans just might fly. As a bonus for Putin, it's rather easy for Kremlin spies to intercept, decrypt, and snoop on connections encrypted using certificates issued by the government. The more websites using Moscow-issued certs, the more connections Putin's agents can quietly monitor.

Russia is meanwhile believed to be behind recent disruption at Ukrainian telecoms providers. Doug Madory, director of internet analysis at network observability firm Kentik, has offered the following analysis:

Forbes reported that Ukrainian ISP Triolan attributed its outages to a pair of cyber attacks on its infrastructure.

Russia appears to have a need to run some defense, too, because entities using the name and iconography of hacktivist collective Anonymous (that's EUTNAIOA) claim to have cracked Russian telecoms and media regulator Roskomnadzor and lifted 820GB of data from one of its state offices.

A post describes the data as comprising 364,000 files, 529GB of which appear to be largely email – which EUTNAIOA has warned needs to be handled with care as attachments carry malware – with the remainder being database files that detail legal investigations and HR matters.

The authors of EUTNAIOA's post write that they plan to release the data once they figure out how to extract it, and hope that it informs Russians about how their government censors local media.

That media, however, is forbidden from carrying any news that might let Russians understand the heinous nature of its illegal invasion of Ukraine. The brave Russians that have protested the war in public have been swiftly arrested, their fates unknown.

Cryptography – which Russia has rightly identified as a key issue in the economic dimension of this conflict – will also be a critical tool if the flow of information unmolested by Vladimir Putin ever resumes in Russia. ®


Other stories you might like

  • IBM finally shutters Russian operations, lays off staff
    Axing workers under 40 must feel like a novel concept for Big Blue

    After freezing operations in Russia earlier this year, IBM has told employees it is ending all work in the country and has begun laying off staff. 

    A letter obtained by Reuters sent by IBM CEO Arvind Krishna to staff cites sanctions as one of the prime reasons for the decision to exit Russia. 

    "As the consequences of the war continue to mount and uncertainty about its long-term ramifications grows, we have now made the decision to carry out an orderly wind-down of IBM's business in Russia," Krishna said. 

    Continue reading
  • California's attempt to protect kids online could end adults' internet anonymity
    Websites may be forced to verify ages of visitors unless changes made

    California lawmakers met in Sacramento today to discuss, among other things, proposed legislation to protect children online. The bill, AB2273, known as The California Age-Appropriate Design Code Act, would require websites to verify the ages of visitors.

    Critics of the legislation contend this requirement threatens the privacy of adults and the ability to use the internet anonymously, in California and likely elsewhere, because of the role the Golden State's tech companies play on the internet.

    "First, the bill pretextually claims to protect children, but it will change the Internet for everyone," said Eric Goldman, Santa Clara University School of Law professor, in a blog post. "In order to determine who is a child, websites and apps will have to authenticate the age of ALL consumers before they can use the service. No one wants this."

    Continue reading
  • Brave Search leaves beta, offers Goggles for filtering, personalizing results
    Freedom or echo chamber?

    Brave Software, maker of a privacy-oriented browser, on Wednesday said its surging search service has exited beta testing while its Goggles search personalization system has entered beta testing.

    Brave Search, which debuted a year ago, has received 2.5 billion search queries since then, apparently, and based on current monthly totals is expected to handle twice as many over the next year. The search service is available in the Brave browser and in other browsers by visiting search.brave.com.

    "Since launching one year ago, Brave Search has prioritized independence and innovation in order to give users the privacy they deserve," wrote Josep Pujol, chief of search at Brave. "The web is changing, and our incredible growth shows that there is demand for a new player that puts users first."

    Continue reading
  • International operation takes down Russian RSOCKS botnet
    $200 a day buys you 90,000 victims

    A Russian operated botnet known as RSOCKS has been shut down by the US Department of Justice acting with law enforcement partners in Germany, the Netherlands and the UK. It is believed to have compromised millions of computers and other devices around the globe.

    The RSOCKS botnet functioned as an IP proxy service, but instead of offering legitimate IP addresses leased from internet service providers, it was providing criminals with access to the IP addresses of devices that had been compromised by malware, according to a statement from the US Attorney’s Office in the Southern District of California.

    It seems that RSOCKS initially targeted a variety of Internet of Things (IoT) devices, such as industrial control systems, routers, audio/video streaming devices and various internet connected appliances, before expanding into other endpoints such as Android devices and computer systems.

    Continue reading

Biting the hand that feeds IT © 1998–2022