Jump to content
Login with your Gmail HERE and start posting in seconds! ×

Thailand: ICT Ministry seeking access to internet users’ emails and logins

webfact

By webfact
in Thailand News

 Share

Recommended Posts

  • Replies 131
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Posted Images

MediaWatcher Silver Member

MediaWatcher

Posted
Posted

Getting very concerning. Step after step towards N.Korean-style information control. Will democracy ever return to Thailand?

Has it ever really been here, it's simple a mirage, how can you have a "democracy" when, since 1932, the country has been run by the military approx. 50% of the time.. the military is the one and only government, they basically control any "elected" government, which are allowed to "govern" providing they do as the military wants.

Link to comment
Share on other sites
ukrules Star Member

ukrules

Posted
Posted

I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA :

attachicon.gifimmigration-cert.JPG

did you do 90 day reporting on line?

just wondering...

No, I've never done that but I did once login to the system where the online equivalent of TM30's are processed by guesthouse / hotel operators so it probably came from there.

I don't recall authorising this addition but I must have done so or it wouldn't be there.

Link to comment
Share on other sites
Winniedapu Newbie

Winniedapu

Posted
Posted

Thailand is back again about 10-15 years. The "developed countries" introduced this long time ago. The USA was first totally controlled country.

Well, we have some seriously informed folks upthread who are saying otherwise and we've seen their credentials. Can you offer up yours please?

Seriously though, Thailand is currently under the least competent administration it's had in 15 years. They spout a ton of this stuff over and over, pass bills and so on. Can they pull it off? The expert advice above seems to be saying no.

I agree.

Also, Thais are known for spouting hot air and bluff. If they could surveil all internet traffic in Thailand, plus VPN traffic in/out of Thailand, then they would not be saying anything, they'd be doing it.

For me, the fact that they've made it so clear that this is what they're up to is ipso-facto evidence that they can't, but just want to reduce 112 traffic or frighten the social media users.

Might be wrong, but I'm reasonably comfortable that the way I've gone is secure.

W

Link to comment
Share on other sites
phycokiller Advanced Member

phycokiller

Posted
Posted

I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning.

Link to comment
Share on other sites
Swiss1960 Platinum Member

Swiss1960

Posted
Posted (edited)

I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA :

attachicon.gifimmigration-cert.JPG

My assumptions:

  1. The screen print comes from Internet Explorer
  2. You have been doing 90d report online (or at least tried to do) OR have done any other business on the immigration website)

As soon as you do business with a website that requires https, this website will talk with your browser and tell them which CA it is using. Depending on your browser, the CA used by the immigration office to create the security keys for encryption is issued (created) by themselves, thus by the IT department of the immigraion office.

Now, when I go to the same website (extranet.immigration.go.th), my Chrome browser tells me "This CA root certificate is not trusted" and declines to install the CA into the"Trusted CA store" of my browser. Chrome - as mentioned before - is VERY strict about installing uncertified certificates. Reason see below:

Uncertified means that the immigration office did issue this certificate to itself without the use of an independant third party verifier (see fields issued by and issued to). Such internal certificates are normally ONLY used for secured inhouse networks in the green zone of companies to enable secure server to server or server to client communication. They should NEVER be used for external communication, but nobody in the Thai immigration office seems to bother about this.

a "normal" example is facebook. Go to this website (facebook), click on the green lock (or yellow in some browsers), click "details", click "view certificate" and you see that the CA authority is DigiCert who issued the certificate to *.facebook.com. That is how it should be.

Now the problem is that Internet Explorer does not really care about that and might - depending on the settings - tell you "do you really want to go there" and if you press "yes", then it will install the immigration office CA into your browser store and continue as if it is trusted (which it is not).

NO THREAD FOR YOU! All they could do is give their certificate to an ISP and the ISP could then break your communication with the immigration website and read what you write even before they store it in their databases. No other website you are using has certificates from this immigration CA.

sorry for loads of technical stuff, but I hope I did write somehow understandable?

Edited by Swiss1960
Link to comment
Share on other sites
ukrules Star Member

ukrules

Posted
Posted

I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA :

attachicon.gifimmigration-cert.JPG

My assumptions:

  1. The screen print comes from Internet Explorer
  2. You have been doing 90d report online (or at least tried to do) OR have done any other business on the immigration website)

As soon as you do business with a website that requires https, this website will talk with your browser and tell them which CA it is using. Depending on your browser, the CA used by the immigration office to create the security keys for encryption is issued (created) by themselves, thus by the IT department of the immigraion office.

Now, when I go to the same website (extranet.immigration.go.th), my Chrome browser tells me "This CA root certificate is not trusted" and declines to install the CA into the"Trusted CA store" of my browser. Chrome - as mentioned before - is VERY strict about installing uncertified certificates. Reason see below:

Uncertified means that the immigration office did issue this certificate to itself without the use of an independant third party verifier (see fields issued by and issued to). Such internal certificates are normally ONLY used for secured inhouse networks in the green zone of companies to enable secure server to server or server to client communication. They should NEVER be used for external communication, but nobody in the Thai immigration office seems to bother about this.

a "normal" example is facebook. Go to this website (facebook), click on the green lock (or yellow in some browsers), click "details", click "view certificate" and you see that the CA authority is DigiCert who issued the certificate to *.facebook.com. That is how it should be.

Now the problem is that Internet Explorer does not really care about that and might - depending on the settings - tell you "do you really want to go there" and if you press "yes", then it will install the immigration office CA into your browser store and continue as if it is trusted (which it is not).

NO THREAD FOR YOU! All they could do is give their certificate to an ISP and the ISP could then break your communication with the immigration website and read what you write even before they store it in their databases. No other website you are using has certificates from this immigration CA.

sorry for loads of technical stuff, but I hope I did write somehow understandable?

I did log on to the immigration website for someone I was renting a house from so this is almost certainly where it came from and I would have allowed it as I know self signed certs are used occasionally. I've never used them myself outside of testing things.

It's actually from Firefox though, I haven't touched IE for many years. I have been thinking of moving over to Chrome as my main browser lately.

Link to comment
Share on other sites
Winniedapu Newbie

Winniedapu

Posted
Posted

What an article. Scaremongery at its finest.

However, if there is any truth at all in the 'leak', and this has been suggested by anyone in anyway involved with IT security, the very mention of 'banning SSL' is mind-boggling and the person should be removed from their area of work immediately.

Point of note, none of my business email accounts will work without encryption, none of my cloud access either and this is not ISP controlled par se.

It's the only sensible approach. Nobody should think like the Chairman and say 'if I don't do anything wrong I have nothing to fear' - that's BS

For example, given what everybody understands the honesty to be in the police and army, if they can break https, how long is it before money goes missing from online bank accounts?

Lockdown is the only smart option. VPN to an overseas server using a secure protocol (OpenVPN is a bit harder to crack than https) and always use it, don't re-use passwords (use a strong password manager with a strong password). And never ever use Facebook because they cannot be trusted, I don't know about Line. In general social media is a really bad idea, though Thais cannot survive without peer approval and to be honest, social media can fuel the fightback against the Chairman.

And lets hope Anonymous kicks the Chairman's bottom as they did before but eased up when their demands were met, Bad idea with Thais.

W

Do you really think 'https' (TLS) can simply be 'cracked' and one of the various cipher suites supported by OpenVPN is just a 'bit harder' ?

The issue with SSL/TLS is certificate authorities and who controls them. Are there any default CA's bundled with the main browsers which are located within Thailand ?

1. I'm not an expert, but yes. As I understand it, SSL3 and TLS1.0 are now considered to be broken. TLS 1.1 and 1.2 are still secure. I think my version of openVPN uses 1.1 as a minimum

2. I would not use a certificate located in Thailand.

Like I said, not an expert.

Link to comment
Share on other sites
Swiss1960 Platinum Member

Swiss1960

Posted
Posted

I did log on to the immigration website for someone I was renting a house from so this is almost certainly where it came from and I would have allowed it as I know self signed certs are used occasionally. I've never used them myself outside of testing things.

It's actually from Firefox though, I haven't touched IE for many years. I have been thinking of moving over to Chrome as my main browser lately.

I have three browsers installed, keeping them all up-to-date with versions and patches, currently I use Chrome as a variety of expert websites say that at present Chrome is the most secure browser. Of course this can change, so I re-check every now and then.

Link to comment
Share on other sites
siam2007 Gold Member

siam2007

Posted
Posted

Getting very concerning. Step after step towards N.Korean-style information control. Will democracy ever return to Thailand?

by all fairness, these sniffing tendencies started loooooong before the military took over. Not that I am pleased.....

Link to comment
Share on other sites
Bangkok Barry Diamond Member

Bangkok Barry

Posted
Posted

Getting very concerning. Step after step towards N.Korean-style information control. Will democracy ever return to Thailand?

Must stop the truth at all costs.

If anyone still harboured any doubts that Thailand is modelling itself on North Korea, surely this is enough to dispel them?

Nothing like North Korea. If you don't see the difference try doing some research. One is a constitutional monarchy and capitalist; the other is a communist dictatorship that was set up and controlled by one particular family.

Then read how many so called democratic countries have restrictive regulation and spy on their populations far more than Thailand. Whistle blowers don't get to blow their whistles without reason.

If you really think Thailand is modelling itself on North Korea then you are naive at best.

There is an Asian country where any criticism of the government can lead to arrest and detention, where its citizens are brainwashed from birth to worship the leader and any negative comments can be reported by any citizen against another and be punished with a long period in prison, where tv every night shows the good leader helping his citizens enjoy a better life, a country where his picture adorns every public building and is in every home, and defacing any such pictures can lead to a lengthy jail sentence, a country where news is censored and internet sites blocked, and people can be sentenced to prison for speaking the truth. North Korea. Its resemblance to any other Asian nation is purely coincidental.

Link to comment
Share on other sites
Winniedapu Newbie

Winniedapu

Posted
Posted

I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning.

Agree, though Tor is sooooo slooooow.

W

Link to comment
Share on other sites
Mook23 Apprentice Member

Mook23

Posted
Posted (edited)

I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning.

Agree, though Tor is sooooo slooooow.

I don't agree as most thai haven't got a clue about www and the eventual 'tricks' available. In fact, many a Thai I meet only use www for social media and haven't got the slightest idea how to use it for OTHER purposes.

"wikipedia ??? no undestààààààààààààànd"

Edited by Mook23
Link to comment
Share on other sites
Autonuaq Advanced Member

Autonuaq

Posted
Posted

Many people are so molded in the a certain direction that hey forget to look it from for example this point of view, And doing it from this point of view you will admire the current Administration of the Thai Government.

They tell openly what they want and what they are doing.

in Europe and the USA we need to find it out by wikileaks et. al.

Link to comment
Share on other sites
Winniedapu Newbie

Winniedapu

Posted
Posted (edited)

I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning.

Agree, though Tor is sooooo slooooow.

I don't agree as most thai haven't got a clue about www and the eventual 'tricks' available. In fact, many a Thai I meet only use www for social media and haven't got the slightest idea how to use it for OTHER purposes.

"wikipedia ??? no undestààààààààààààànd"

Hmmm. If you listened for longer, you would have known: ""wikipedia ??? no undestààààààààààààànd - do you like my hair? wanna selfie of me? wanna see my Louis Vuitton handbag?"

Patience is it's own reward.

W

Edited by Winniedapu
Link to comment
Share on other sites
Mook23 Apprentice Member

Mook23

Posted
Posted

I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning.

Agree, though Tor is sooooo slooooow.

I don't agree as most thai haven't got a clue about www and the eventual 'tricks' available. In fact, many a Thai I meet only use www for social media and haven't got the slightest idea how to use it for OTHER purposes.

"wikipedia ??? no undestààààààààààààànd"

Hmmm. If you listened for longer, you would have known: ""wikipedia ??? no undestààààààààààààànd - do you like my hair? wanna selfie of me? wanna see my Louis Vuitton handbag?"

u mean: fake louis Witton (sic) 555

the best selfies are the ones where they look completely different than how they look in reality, with fake light-colored lenses and zombie-white face (in order to look more "attractive") but ignore the fact that they have this rather prominent black hair (moustache) on their upperlip giggle.gifclap2.gif

Link to comment
Share on other sites
Winniedapu Newbie

Winniedapu

Posted
Posted

Many people are so molded in the a certain direction that hey forget to look it from for example this point of view, And doing it from this point of view you will admire the current Administration of the Thai Government.

They tell openly what they want and what they are doing.

in Europe and the USA we need to find it out by wikileaks et. al.

Thanks a lot! After reading your post, I did look at it from your point of view. And guess what?

I still detest them. I don't think you can argue that having a big mouth when you're in government is a good thing.

W

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.










×
×
  • Create New...