Mauritius Island MitM HTTPS certificate affecting Facebook Services

From: chittesh <chittesh_at_lsl.digital>
Date: Thu, 20 May 2021 21:12:04 +0400


Dear All,

I hope this email finds you well.


     Dear Ms./Mrs Anim-Addo and Ms./Mrs Okobi,

         I hope, as the esteemed Facebook representatives of the Sub
Saharan region, you have been notified of/ monitoring the current
political climate regarding the MITM proxy tool that the Mauritian
Information and Communication Technologies Authority (*ICTA*) is trying
to setup which would primary affect Facebook's products/services.

         In case you might not have been paying attention to this small
African country, please allow me to give a brief summary;
                 On 14th April 21, ICTA has published a consultation
paper proposing a vaguely elaborated implementation that addresses the
abuse and misuse of social media platforms with a MITM style proxy
toolkit [1]. This type of censorship has provoked both an outcry from
both local and reputable international organizations such as (Google,
Mozilla, Access Now, EFF among others) [2]. You may find an extensive
timeline on the matter _at_
https://www.lexpress.mu/article/393316/consultation-paper-icta-rappel-protestations
<https://www.lexpress.mu/article/393316/consultation-paper-icta-rappel-protestations>


However, we have received zero response from Facebook regarding this matter.

It is important that Facebook comment non-evasively on this matter as
not only it affects the Mauritian population and ICTA but also our
regional Sub Saharan Economy as many international investors look to
Mauritius as an economic hub to investing in Africa.


Continuing:

ICTA published a video and justifying their MITM implementation based on
what Mr. Zuckerberg said (see [3] for video and translation). We don't
know to what extend that is true in application to this current
situation, we have also noted that in the "Privacy-Focused Vision for
Social Networking" posted by Facebook which highlighted its belief
"..future of communication will increasingly shift to private, encrypted
services where people can be confident what they say to each other stays
secure..." [4]


Does Facebook value providing a secured encrypted services or feels
indifferent to authorities breaking this internet chain of trust between
Facebook and its users?

As your clients, we are also perplexed that if such amendments are
approved and god-forbid there's a data leak, which institution would
take responsibility ?


ICTA, the population of Mauritius and all the Sub Saharan countries
(some of which who might also be considering the same censorship
tactics) are looking forward to your email.


Thanks.

Best Regards,

Chittesh Sham,

System's Engineer (La Sentinelle Publications Mauritius),
P.R.O Linux User Group of Mauritius,
Member of Mauritius Internet Users,
Current President of MMR.


[1] Section 11.2.1 of
https://www.icta.mu/docs/2021/Social_Media_Public_Consultation.pdf
<https://www.icta.mu/docs/2021/Social_Media_Public_Consultation.pdf>

[2]
https://www.accessnow.org/mauritius-dangerous-ict-act-place-human-rights-at-its-core/
<https://www.accessnow.org/mauritius-dangerous-ict-act-place-human-rights-at-its-core/>
https://blog.mozilla.org/netpolicy/files/2021/05/Mozillas-Response-to-the-Mauritian-ICT-Authoritys-Consultation.pdf
<https://blog.mozilla.org/netpolicy/files/2021/05/Mozillas-Response-to-the-Mauritian-ICT-Authoritys-Consultation.pdf>

https://www.eff.org/deeplinks/2021/04/proposed-new-internet-law-mauritius-raises-serious-human-rights-concerns
<https://www.eff.org/deeplinks/2021/04/proposed-new-internet-law-mauritius-raises-serious-human-rights-concerns>

[3] _at_2:30 https://player.vimeo.com/video/546487190
<https://player.vimeo.com/video/546487190>

     translation:
  [Creole]           "Dayer CEO Facebook li mem finn dir ki sak
gouvernma bizin pran so bann mezir pou kontrol bann post abizif lor
facebook"

[English]        "Anyways even the CEO of Facebook said himself that
governments should take the necessary measures to control abusive posts
on facebook"


[4]
https://www.theverge.com/2019/3/6/18253472/mark-zuckerberg-facebook-letter-privacy-encrypted-messaging
<https://www.theverge.com/2019/3/6/18253472/mark-zuckerberg-facebook-letter-privacy-encrypted-messaging>
Received on Thu May 20 2021 - 17:12:38 PST

This archive was generated by hypermail 2.4.0 : Fri May 21 2021 - 05:00:01 PST