all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Avoid Yandex Browser at all costs (Russia's govt root CA certificate)

Add to bookmarks
March 22, 2022, 5:16 p.m. | /u/SystemOmicron

Privacy & Freedom in the Information Age www.reddit.com

It's already been posted here that Russia started to offer a [govt root CA certificate](https://bugzilla.mozilla.org/show_bug.cgi?id=1758773) that makes MITM attack possible.

I found some more context [here](https://www.csoonline.com/article/3653315/traffic-interception-and-mitm-attacks-among-security-risks-of-russian-tls-certs.html) if you want a bit less technical overview.

Just want to warn you: if anyone you know uses Yandex Browser, they should stop ASAP. It has already adopted that certificate.

Also: if you're in Russia and need to use a govt website, only use the certificate in a dedicated virtual machine. Do not install …

browser ca certificate privacy root russia yandex

Visit resource

More from www.reddit.com / Privacy & Freedom in the Information Age

Feedback for hidemail.cc - create private emails like you create passwords 3 hours ago | www.reddit.com
building emails feedback find +6
Can you use GPS privately? 9 hours ago | www.reddit.com
apps can data earth +14
Tor: From the Dark Web to the Future of Privacy 11 hours ago | www.reddit.com
dark dark web future privacy +2
Opting out from targeted ADs locked behind a paid membership 11 hours ago | www.reddit.com
ads can edit locked +8
Reminder that anti-cheat software is bigger spyware than tiktok could ever be 12 hours ago | www.reddit.com
anti-cheat apps can cheat +13
Discord Shuts Down ‘Spy Pet’ Bots That Scraped, Sold User Messages -- 404media 12 hours ago | www.reddit.com
bots discord down messages +4
Something to think 13 hours ago | www.reddit.com
camera cameras can commercial +8
Can my gym deny me from accesing the gym because i refuse to use their … 13 hours ago | www.reddit.com
app asking can change +3
A fight across the seas: Diaspora activists demand Meta do better in India. 15 hours ago | www.reddit.com
activists demand india meta +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior InfoSec Manager - Risk and Compliance

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Security Analyst

@ Fortra | Mexico
View on infosec-jobs.com

Incident Responder

@ Babcock | Chester, GB, CH1 6ER
View on infosec-jobs.com

Vulnerability, Access & Inclusion Lead

@ Monzo | Cardiff, London or Remote (UK)
View on infosec-jobs.com

Information Security Analyst

@ Unissant | MD, USA
View on infosec-jobs.com
View more jobs