Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Serious New Privacy Issue

more options

I recently got seriously worried when I became aware about the new AI firewalls these days, which monitors or inspect SSL encrypted packets, before the packets reach to the main website. These new AI firewall systems are installed in some countries by their governments to suppress free speech, or just spy on its people. These firewalls, as you may already know, uses DPI-SSL system, which decrypts packets traveling from user to the main website. To decrypt the HTTPS packets, these firewalls uses its own self signed CA certificates. So I am asking the firefox developers, that why you guys allow this privacy issue? Does the packets sent from a firefoxe browser to other websites are also decrypted, by these firewalls? If yes, then why you guys allow this? Firefox must ONLY allow a specific CA certificate made for firefox browser only. Firefox browser must never let other third party softwares, or any software, to decrypt its encrypted packets. This is a serious privacy issue. With these firewalls, they can see what users write in chats, or posts, they can see witch content we are watching on a website, they can see who we follow on social media platforms, they can see which content or posts we like and etc. Even passwords are not safe anymore, which e use for any website of platform. When passwords are not safe, so does our accounts of various websites. This is a serious privacy breach.

These firewalls is a weapon for those countries which want to suppress free speech or suppress opposition sides in a government or spy on its own people.

Please let me know if I am mistaken or my concerns are genuine.

I recently got seriously worried when I became aware about the new AI firewalls these days, which monitors or inspect SSL encrypted packets, before the packets reach to the main website. These new AI firewall systems are installed in some countries by their governments to suppress free speech, or just spy on its people. These firewalls, as you may already know, uses DPI-SSL system, which decrypts packets traveling from user to the main website. To decrypt the HTTPS packets, these firewalls uses its own self signed CA certificates. So I am asking the firefox developers, that why you guys allow this privacy issue? Does the packets sent from a firefoxe browser to other websites are also decrypted, by these firewalls? If yes, then why you guys allow this? Firefox must ONLY allow a specific CA certificate made for firefox browser only. Firefox browser must never let other third party softwares, or any software, to decrypt its encrypted packets. This is a serious privacy issue. With these firewalls, they can see what users write in chats, or posts, they can see witch content we are watching on a website, they can see who we follow on social media platforms, they can see which content or posts we like and etc. Even passwords are not safe anymore, which e use for any website of platform. When passwords are not safe, so does our accounts of various websites. This is a serious privacy breach. These firewalls is a weapon for those countries which want to suppress free speech or suppress opposition sides in a government or spy on its own people. Please let me know if I am mistaken or my concerns are genuine.

All Replies (3)

more options

What makes you think that we allow it? Please read "Certificate cannot be trusted" warning in Kazakhstan.

Helpful?

more options

TyDraniu said

What makes you think that we allow it? Please read "Certificate cannot be trusted" warning in Kazakhstan.


You are talking about certificate installation on user device, but I am talking about self signed certificate installed on ISP server, for those new AI firewalls, which can decrypt packets, coming from user device and going to main website.

Helpful?

more options

TyDraniu said

What makes you think that we allow it? Please read "Certificate cannot be trusted" warning in Kazakhstan.

OK, I now I understand what you said. The certificate must be installed on user devices too, to work properly. Thanks for clearing this issue. I was so much concerned about this issue.

Helpful?

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.