On Thu, 10/31/13, Phares Kariuki <pkariuki@gmail.com> wrote: We need to bring the latter back home simply because the US has proven it cannot be trusted… It’s not that the galvanised internet is the best option, it’s simply a compromise because some people have broken trust…
I totally agree. I am for local content, local hosting, local, local this and the other. What I find difficult to understand is the myth that once something is local, then it is safer.
We need to be careful not to mix security with being local. Let us have two independent tracks on the issues. Lets build local content to increase uptake, reduce latency, perhaps pricing, etc. But I would hate to imagine our NSIS director briefing our President that we are very secure because we have made all our ICT infrastructure local. ICT Security is often discussed under CIA - Confidentiality, Integrity, and Availability (not central intelligence agency :-). I want to believe the geographic location of your data cannot save you, if your CIA procedures are poor. So if we want to be secure, lets put the emphasis where it should be. walu. nb: Osama bin laden was as local and as manual as you can get. US folks still smoked him out. -------------------------------------------- On Thu, 10/31/13, Phares Kariuki <pkariuki@gmail.com> wrote: Subject: Re: [kictanet] NSA Tapping into Google & Yahoo Networks? How is Kenya protected? To: "Walubengo J" <jwalu@yahoo.com> Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Thursday, October 31, 2013, 11:58 AM Search engines will be largely unaffected btw. Search engines don’t go through your mail etc… The internet services that are centralised will remain centralised (basic web hosting/blogs etc). However, mail, internal applications etc still have to be secured… There’s data that we don’t mind being publicly accessible (e.g. The Nation Media Group website), and there’s data that the NSA/Search engines etc should not have access to (e.g. My banking records, my health records etc). We need to bring the latter back home simply because the US has proven it cannot be trusted… It’s not that the galvanised internet is the best option, it’s simply a compromise because some people have broken trust… -- Phares Kariuki From: Walubengo J Walubengo J Reply: Walubengo J jwalu@yahoo.com Date: October 31, 2013 at 11:10:34 AM To: Phares Kariuki pkariuki@gmail.com Subject: Re: [kictanet] NSA Tapping into Google & Yahoo Networks? How is Kenya protected? @Phares, this line of thinking was has been explored recently at the IGF and I had a different angle to it and I quote:
Whereas having each economy build its own email, social media and other web-based systems may provide national pride and a debatable sense of national security, it unfortunately goes towards balkanising the Internet along existing national geographic boundaries. The final effect will be a diminished value for online services. Search engines will end up with only a localised or national view of data, as opposed to the more international view currently enjoyed by keeping the Internet open and global.
more @ http://www.nation.co.ke/oped/blogs/dot9/Lessons-from-the-Global-Internet-Gov... walu. -------------------------------------------- On Thu, 10/31/13, Phares Kariuki <pkariuki@gmail.com> wrote: Subject: Re: [kictanet] NSA Tapping into Google & Yahoo Networks? How is Kenya protected? To: jwalu@yahoo.com Cc: "KICTAnet ICT Policy Discussions" <kictanet@lists.kictanet.or.ke> Date: Thursday, October 31, 2013, 10:09 AM I’ll very selfishly advocate for an increased uptake of local cloud services, away from the NSA’s prying eyes, with locally established standards of encryption etc… We’ve got capable universities that can assist in coming up with new encryption etc standards for the military & government. Interesting article by Charles Obbo…. http://www.nation.co.ke/oped/Opinion/Spy-more-on-your-friends-than-foes/-/44... -- Phares Kariuki From: Ngigi Waithaka Ngigi Waithaka Reply: Ngigi Waithaka ngigi@at.co.ke Date: October 31, 2013 at 9:12:10 AM To: Phares Kariuki pkariuki@gmail.com Subject: [kictanet] NSA Tapping into Google & Yahoo Networks? How is Kenya protected? Listers, Just came across this http://www.washingtonpost.com/world/national-security/nsa-infiltrates-links-... It looks like Google might have been caught by the NSA with their pants down since hacking into their Data Transport layer simply gives up all the secrets that encryption is supposed to be protecting. Now, moving on swiftly to the local setup, I am also concerned that even as we look to start pushing for National Standards of Encryption through the PKI project, whether we as a country have come together to review and see how to protect our countries intelligence and data. We also know for a fact that the US was busy tapping into World Leaders phones, and I can bet if there are a few presidents to be 'tapped' in Africa, ours should be way up on that ladder! However, more worrying would be, how protected are our internal networks from such tapping, even from locals? Could there be a guy who has tapped into Safaricoms internal network and is busy reading every email, chat that is flying through and perhaps selling such information to our erstwhile enemies the Al-Shabbab? I was once very surprised when a personal friend got a transcript of all his calls, and chat messages, word-for-word for the previous past 6 months, dug up from one of the local Telcos. The ease with which such information was availed appalled me as it clearly means that the Telcos clearly store all our chats, and such records in clear text months after we have used them and a guy with basic SQL knowledge just needs to hack into the network (easy) and call them up. So, as we continue with the PKI project, there are really very basic things on security of data that we as a nation haven't even dealt with. -- Regards, Waithaka Ngigi Chief Executive Officer | Alliance Technologies | MCK Nairobi Synod Building T + 254 (0) 20 2333 471 |Office Mobile: +254 786 28 28 28 | M + 254 737 811 000 www.at.co.ke _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/pkariuki%40gmail.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications. -----Inline Attachment Follows----- _______________________________________________ kictanet mailing list kictanet@lists.kictanet.or.ke https://lists.kictanet.or.ke/mailman/listinfo/kictanet Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development. KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.