NCC1701A Posted May 31, 2016 Share Posted May 31, 2016 I'm sitting here in a Soi Cowboy gogo and I just took a moment to change my security settings. I feel a lot better now. Thanks everybody. Let me know when it is time to leave the country. OK? Link to comment Share on other sites More sharing options...
ukrules Posted May 31, 2016 Share Posted May 31, 2016 I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA : Link to comment Share on other sites More sharing options...
MediaWatcher Posted May 31, 2016 Share Posted May 31, 2016 Getting very concerning. Step after step towards N.Korean-style information control. Will democracy ever return to Thailand? Has it ever really been here, it's simple a mirage, how can you have a "democracy" when, since 1932, the country has been run by the military approx. 50% of the time.. the military is the one and only government, they basically control any "elected" government, which are allowed to "govern" providing they do as the military wants. Link to comment Share on other sites More sharing options...
NCC1701A Posted May 31, 2016 Share Posted May 31, 2016 you take Facebook, LINE, Wechat, Badoo and BeeTalk away from the Thai people the AKs will come out so fast it will make your head spin. better have those new Chinese tanks ready. Link to comment Share on other sites More sharing options...
phycokiller Posted May 31, 2016 Share Posted May 31, 2016 its interesting that in the equivalent thread about snail mail, where the Thai government wants to see your ID to post a letter, many farang support the idea, I think fascism does have a certain feel good factor for many people Link to comment Share on other sites More sharing options...
NCC1701A Posted May 31, 2016 Share Posted May 31, 2016 I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA : immigration-cert.JPG did you do 90 day reporting on line? just wondering... Link to comment Share on other sites More sharing options...
BlindMagician Posted May 31, 2016 Share Posted May 31, 2016 Keep an eye out for an unsubtle U-turn. Link to comment Share on other sites More sharing options...
ukrules Posted May 31, 2016 Share Posted May 31, 2016 I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA : immigration-cert.JPG did you do 90 day reporting on line? just wondering... No, I've never done that but I did once login to the system where the online equivalent of TM30's are processed by guesthouse / hotel operators so it probably came from there. I don't recall authorising this addition but I must have done so or it wouldn't be there. Link to comment Share on other sites More sharing options...
Winniedapu Posted May 31, 2016 Share Posted May 31, 2016 Thailand is back again about 10-15 years. The "developed countries" introduced this long time ago. The USA was first totally controlled country. Well, we have some seriously informed folks upthread who are saying otherwise and we've seen their credentials. Can you offer up yours please? Seriously though, Thailand is currently under the least competent administration it's had in 15 years. They spout a ton of this stuff over and over, pass bills and so on. Can they pull it off? The expert advice above seems to be saying no. I agree. Also, Thais are known for spouting hot air and bluff. If they could surveil all internet traffic in Thailand, plus VPN traffic in/out of Thailand, then they would not be saying anything, they'd be doing it. For me, the fact that they've made it so clear that this is what they're up to is ipso-facto evidence that they can't, but just want to reduce 112 traffic or frighten the social media users. Might be wrong, but I'm reasonably comfortable that the way I've gone is secure. W Link to comment Share on other sites More sharing options...
phycokiller Posted May 31, 2016 Share Posted May 31, 2016 I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning. Link to comment Share on other sites More sharing options...
Swiss1960 Posted May 31, 2016 Share Posted May 31, 2016 (edited) I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA : immigration-cert.JPG My assumptions: The screen print comes from Internet Explorer You have been doing 90d report online (or at least tried to do) OR have done any other business on the immigration website) As soon as you do business with a website that requires https, this website will talk with your browser and tell them which CA it is using. Depending on your browser, the CA used by the immigration office to create the security keys for encryption is issued (created) by themselves, thus by the IT department of the immigraion office. Now, when I go to the same website (extranet.immigration.go.th), my Chrome browser tells me "This CA root certificate is not trusted" and declines to install the CA into the"Trusted CA store" of my browser. Chrome - as mentioned before - is VERY strict about installing uncertified certificates. Reason see below: Uncertified means that the immigration office did issue this certificate to itself without the use of an independant third party verifier (see fields issued by and issued to). Such internal certificates are normally ONLY used for secured inhouse networks in the green zone of companies to enable secure server to server or server to client communication. They should NEVER be used for external communication, but nobody in the Thai immigration office seems to bother about this. a "normal" example is facebook. Go to this website (facebook), click on the green lock (or yellow in some browsers), click "details", click "view certificate" and you see that the CA authority is DigiCert who issued the certificate to *.facebook.com. That is how it should be. Now the problem is that Internet Explorer does not really care about that and might - depending on the settings - tell you "do you really want to go there" and if you press "yes", then it will install the immigration office CA into your browser store and continue as if it is trusted (which it is not). NO THREAD FOR YOU! All they could do is give their certificate to an ISP and the ISP could then break your communication with the immigration website and read what you write even before they store it in their databases. No other website you are using has certificates from this immigration CA. sorry for loads of technical stuff, but I hope I did write somehow understandable? Edited May 31, 2016 by Swiss1960 Link to comment Share on other sites More sharing options...
ukrules Posted May 31, 2016 Share Posted May 31, 2016 I took a look at the certificate authorities and was surprised to see this one in my browser listed as a CA : immigration-cert.JPG My assumptions: The screen print comes from Internet Explorer You have been doing 90d report online (or at least tried to do) OR have done any other business on the immigration website) As soon as you do business with a website that requires https, this website will talk with your browser and tell them which CA it is using. Depending on your browser, the CA used by the immigration office to create the security keys for encryption is issued (created) by themselves, thus by the IT department of the immigraion office. Now, when I go to the same website (extranet.immigration.go.th), my Chrome browser tells me "This CA root certificate is not trusted" and declines to install the CA into the"Trusted CA store" of my browser. Chrome - as mentioned before - is VERY strict about installing uncertified certificates. Reason see below: Uncertified means that the immigration office did issue this certificate to itself without the use of an independant third party verifier (see fields issued by and issued to). Such internal certificates are normally ONLY used for secured inhouse networks in the green zone of companies to enable secure server to server or server to client communication. They should NEVER be used for external communication, but nobody in the Thai immigration office seems to bother about this. a "normal" example is facebook. Go to this website (facebook), click on the green lock (or yellow in some browsers), click "details", click "view certificate" and you see that the CA authority is DigiCert who issued the certificate to *.facebook.com. That is how it should be. Now the problem is that Internet Explorer does not really care about that and might - depending on the settings - tell you "do you really want to go there" and if you press "yes", then it will install the immigration office CA into your browser store and continue as if it is trusted (which it is not). NO THREAD FOR YOU! All they could do is give their certificate to an ISP and the ISP could then break your communication with the immigration website and read what you write even before they store it in their databases. No other website you are using has certificates from this immigration CA. sorry for loads of technical stuff, but I hope I did write somehow understandable? I did log on to the immigration website for someone I was renting a house from so this is almost certainly where it came from and I would have allowed it as I know self signed certs are used occasionally. I've never used them myself outside of testing things. It's actually from Firefox though, I haven't touched IE for many years. I have been thinking of moving over to Chrome as my main browser lately. Link to comment Share on other sites More sharing options...
Winniedapu Posted May 31, 2016 Share Posted May 31, 2016 What an article. Scaremongery at its finest. However, if there is any truth at all in the 'leak', and this has been suggested by anyone in anyway involved with IT security, the very mention of 'banning SSL' is mind-boggling and the person should be removed from their area of work immediately. Point of note, none of my business email accounts will work without encryption, none of my cloud access either and this is not ISP controlled par se. It's the only sensible approach. Nobody should think like the Chairman and say 'if I don't do anything wrong I have nothing to fear' - that's BS For example, given what everybody understands the honesty to be in the police and army, if they can break https, how long is it before money goes missing from online bank accounts? Lockdown is the only smart option. VPN to an overseas server using a secure protocol (OpenVPN is a bit harder to crack than https) and always use it, don't re-use passwords (use a strong password manager with a strong password). And never ever use Facebook because they cannot be trusted, I don't know about Line. In general social media is a really bad idea, though Thais cannot survive without peer approval and to be honest, social media can fuel the fightback against the Chairman. And lets hope Anonymous kicks the Chairman's bottom as they did before but eased up when their demands were met, Bad idea with Thais. W Do you really think 'https' (TLS) can simply be 'cracked' and one of the various cipher suites supported by OpenVPN is just a 'bit harder' ? The issue with SSL/TLS is certificate authorities and who controls them. Are there any default CA's bundled with the main browsers which are located within Thailand ? 1. I'm not an expert, but yes. As I understand it, SSL3 and TLS1.0 are now considered to be broken. TLS 1.1 and 1.2 are still secure. I think my version of openVPN uses 1.1 as a minimum 2. I would not use a certificate located in Thailand. Like I said, not an expert. Link to comment Share on other sites More sharing options...
AlphMichaels Posted May 31, 2016 Share Posted May 31, 2016 Not even possible they could do it. Look at their websites. Link to comment Share on other sites More sharing options...
Swiss1960 Posted May 31, 2016 Share Posted May 31, 2016 I did log on to the immigration website for someone I was renting a house from so this is almost certainly where it came from and I would have allowed it as I know self signed certs are used occasionally. I've never used them myself outside of testing things. It's actually from Firefox though, I haven't touched IE for many years. I have been thinking of moving over to Chrome as my main browser lately. I have three browsers installed, keeping them all up-to-date with versions and patches, currently I use Chrome as a variety of expert websites say that at present Chrome is the most secure browser. Of course this can change, so I re-check every now and then. Link to comment Share on other sites More sharing options...
siam2007 Posted May 31, 2016 Share Posted May 31, 2016 Getting very concerning. Step after step towards N.Korean-style information control. Will democracy ever return to Thailand? by all fairness, these sniffing tendencies started loooooong before the military took over. Not that I am pleased..... Link to comment Share on other sites More sharing options...
Mook23 Posted May 31, 2016 Share Posted May 31, 2016 Link to comment Share on other sites More sharing options...
Bangkok Barry Posted May 31, 2016 Share Posted May 31, 2016 Getting very concerning. Step after step towards N.Korean-style information control. Will democracy ever return to Thailand? Must stop the truth at all costs. If anyone still harboured any doubts that Thailand is modelling itself on North Korea, surely this is enough to dispel them? Nothing like North Korea. If you don't see the difference try doing some research. One is a constitutional monarchy and capitalist; the other is a communist dictatorship that was set up and controlled by one particular family. Then read how many so called democratic countries have restrictive regulation and spy on their populations far more than Thailand. Whistle blowers don't get to blow their whistles without reason. If you really think Thailand is modelling itself on North Korea then you are naive at best. There is an Asian country where any criticism of the government can lead to arrest and detention, where its citizens are brainwashed from birth to worship the leader and any negative comments can be reported by any citizen against another and be punished with a long period in prison, where tv every night shows the good leader helping his citizens enjoy a better life, a country where his picture adorns every public building and is in every home, and defacing any such pictures can lead to a lengthy jail sentence, a country where news is censored and internet sites blocked, and people can be sentenced to prison for speaking the truth. North Korea. Its resemblance to any other Asian nation is purely coincidental. Link to comment Share on other sites More sharing options...
Winniedapu Posted May 31, 2016 Share Posted May 31, 2016 I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning. Agree, though Tor is sooooo slooooow. W Link to comment Share on other sites More sharing options...
DavisH Posted May 31, 2016 Share Posted May 31, 2016 The end is nigh... Link to comment Share on other sites More sharing options...
Mook23 Posted May 31, 2016 Share Posted May 31, 2016 (edited) I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning. Agree, though Tor is sooooo slooooow. I don't agree as most thai haven't got a clue about www and the eventual 'tricks' available. In fact, many a Thai I meet only use www for social media and haven't got the slightest idea how to use it for OTHER purposes. "wikipedia ??? no undestààààààààààààànd" Edited May 31, 2016 by Mook23 Link to comment Share on other sites More sharing options...
Autonuaq Posted May 31, 2016 Share Posted May 31, 2016 Many people are so molded in the a certain direction that hey forget to look it from for example this point of view, And doing it from this point of view you will admire the current Administration of the Thai Government. They tell openly what they want and what they are doing. in Europe and the USA we need to find it out by wikileaks et. al. Link to comment Share on other sites More sharing options...
Winniedapu Posted May 31, 2016 Share Posted May 31, 2016 (edited) I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning. Agree, though Tor is sooooo slooooow. I don't agree as most thai haven't got a clue about www and the eventual 'tricks' available. In fact, many a Thai I meet only use www for social media and haven't got the slightest idea how to use it for OTHER purposes. "wikipedia ??? no undestààààààààààààànd" Hmmm. If you listened for longer, you would have known: ""wikipedia ??? no undestààààààààààààànd - do you like my hair? wanna selfie of me? wanna see my Louis Vuitton handbag?" Patience is it's own reward. W Edited May 31, 2016 by Winniedapu Link to comment Share on other sites More sharing options...
Mook23 Posted May 31, 2016 Share Posted May 31, 2016 I dont see the issue really. If people dont like the idea of governments, corporations, businesses and people that do or dont like you being able to read your mail or locate you then its not difficult to use encryption and tor to avoid the risks. At least the Thai government has given warning. Agree, though Tor is sooooo slooooow. I don't agree as most thai haven't got a clue about www and the eventual 'tricks' available. In fact, many a Thai I meet only use www for social media and haven't got the slightest idea how to use it for OTHER purposes. "wikipedia ??? no undestààààààààààààànd" Hmmm. If you listened for longer, you would have known: ""wikipedia ??? no undestààààààààààààànd - do you like my hair? wanna selfie of me? wanna see my Louis Vuitton handbag?" u mean: fake louis Witton (sic) 555 the best selfies are the ones where they look completely different than how they look in reality, with fake light-colored lenses and zombie-white face (in order to look more "attractive") but ignore the fact that they have this rather prominent black hair (moustache) on their upperlip Link to comment Share on other sites More sharing options...
phuketandsee Posted May 31, 2016 Share Posted May 31, 2016 (edited) Makes you wonder what pending national crisis they might be preparing themselves for. Not much mystery there. Edited May 31, 2016 by phuketandsee Link to comment Share on other sites More sharing options...
koolkarl Posted May 31, 2016 Share Posted May 31, 2016 Next they will install a camera in everyone's bedroom. I just have 2 words more to say. Guess what they are? Link to comment Share on other sites More sharing options...
Winniedapu Posted May 31, 2016 Share Posted May 31, 2016 Many people are so molded in the a certain direction that hey forget to look it from for example this point of view, And doing it from this point of view you will admire the current Administration of the Thai Government. They tell openly what they want and what they are doing. in Europe and the USA we need to find it out by wikileaks et. al. Thanks a lot! After reading your post, I did look at it from your point of view. And guess what? I still detest them. I don't think you can argue that having a big mouth when you're in government is a good thing. W Link to comment Share on other sites More sharing options...
Winniedapu Posted May 31, 2016 Share Posted May 31, 2016 Next they will install a camera in everyone's bedroom. I just have 2 words more to say. Guess what they are? Foxtrot Oscar or Foxtrot Yankee? W Link to comment Share on other sites More sharing options...
mojaco Posted May 31, 2016 Share Posted May 31, 2016 Link to comment Share on other sites More sharing options...
edwinchester Posted May 31, 2016 Share Posted May 31, 2016 Next they will install a camera in everyone's bedroom. I just have 2 words more to say. Guess what they are? Camera.....action? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now