kravietz πŸ¦‡  
People in #Russia report some websites not officially blocked by Roscomnadzor are being blocked based on "invalid TLS certificate" basis. Because when accesses from UK the https://www.moscowtimes.ru/ website shows a regular LetsEncrypt R3 certificate valid until July, I assume the operator is hijacking the traffic and replacing it with its own certificate, which in turn is not recognized by the browser.
1
kravietz πŸ¦‡  

Oh right, so moscowtimes.ru actually is blocked by Roskomnadzor which explains the hijack and redirect… Previously I checked a wrong domain from my browser cache.

https://reestr.rublacklist.net/en/?q=moscowtimes.ru

Show thread
1
β–‘β–’β–“β–ˆβ–Ίβ”€β• πŒ”κŠπŒ‚πŒŠπŒ” πŒπŒ“κŠπ‹„πŒ™ π“‚€ β•β”€β—„β–ˆβ–“β–’β–‘  

@kravietz

Moscow Times has for a long time been viewed as "irritant" at first, and perhaps later as a "foreign agent".

I would wonder why though.

1
kravietz πŸ¦‡  

@PawelK

Two first (chronologically) bans were for specific URLs (articles) which are now deleted, then they just blocked the whole domain.

1
m0xEE
Follow

@kravietz
Good, that it's not it, but MITM attacks are still something to be expected. A lot of government entities and government controlled enterprises had problems reissuing their certs last year so they have started their own certification authority. They strongly encourage you to install that CA cert and Chromium reskins by Russian companies (e.g. Yandex Browser) come with it preinstalled. I bet they will start sniffing traffic with that sooner or later.

@PawelK

Β· Web Β· 1 Β· 1 Β· 2
β–‘β–’β–“β–ˆβ–Ίβ”€β• πŒ”κŠπŒ‚πŒŠπŒ” πŒπŒ“κŠπ‹„πŒ™ π“‚€ β•β”€β—„β–ˆβ–“β–’β–‘  

@m0xee @kravietz

These fake CAs were created, and fake CA root certs were created, and delivered as a base for mass-sniffing operation since the beginning.

0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml