Microsoft is making it easier for the Thai government to break web encryption
The Thai government is looking to take greater control over its citizens’ web encryption, according to a new report from Privacy International, and #Microsoft is part of the problem. At issue is the Thai government’s root certificate, which is used to verify HTTPS-enabled websites. Windows automatically trusts the certificate, but many competing operating systems do not. Used maliciously, the root certificate could allow the government to smuggle malware into otherwise legitimate pages, or present counterfeit versions of entire websites. Privacy International cites Thailand’s history of government surveillance as good reason to be suspicious. The report also claims that a 2014 Facebook outage in Thailand, which occurred amid a military coup, was orchestrated not only to censor users but to circumvent the social network’s encryption, as well.