On 3/23/12, Walubengo J <jwalu@yahoo.com> wrote:
thnx Alice for the post.
the key word/thread in your post is cooperation and voluntary implementation between the US regulator and the ISPs/Telcos in the CyberSecurity space in the US
and I would add that TESPOk already supplies info about botnets and Internet route hijacking, etc to ISPs and government agencies who run infected networks here in Kenya.
Unfortunately, I am neither an ISP nor a Telco and so am not quite sure how many ISP/Telcos are members of our Kenyan CyberCrime unit at CCK (ofcourse others may argue that for national security reasons they do need to be there?).
The moral of my thread is that we can actually have ISPs installing security gadgets (illegal or otherwise) on their networks as long as they feel they are part of the process. The moment they feel left out, they easily hide behind legalese and can make the going pretty rough and expensive for everyone
Expensive is right, a Deep Packet Inspection system for the whole country will cost 10's of Millions of USD to put in place, plus they will need a small army of analysts to make sense of the data.....but really If I am doing something illegal, why would I send unencrypted messages via an operators network? If I really wanted to avoid a DPI setup, I would use a VSAT, which can't be routed to a central inspection point! -- Cheers, McTim "A name indicates what we seek. An address indicates where it is. A route indicates how we get there." Jon Postel