[kictanet] Day 4 of 10:- IG Discussions, Internet Security.

Michuki Mwangi michuki at swiftkenya.com
Thu Aug 14 20:38:27 EAT 2008 


John Walubengo wrote:
> 
> The main internet security debate that cross-cuts into legal/social
> baskets often centers around: I)	How the Internet Protocol (IP) could
> be improved so as to trace-back the origin of the Spammers,
> eFraudsters, and other criminals.  This may demand implementing IP
> tools that require all internet services (email, dns, web, etc) to be
> digitally signed - a feature that would come with some overheads
> (Mich could again assist here on which overheads these could be) 

IMHO while tracing the perpetrators maybe a useful thing to thwart 
future attempt, the desired results cannot be realized as long as the 
weakpoints are not sealed. By sealing i refer to fixing whats broken on 
the IP thus making it harder for folks to break in. However, the 
technical part is probably the less challenging part than the part where 
   user knowledge and community support are by and large lacking.

For instance, how many users understand the importance of secure 
websites and checking the signed certificate authorities?. For instance 
how many users would be able to tell the difference between 
WWW.SAFARICOM.COM AND WWW.SAFARIC0M.COM if it came into their inbox and 
were asked to update their details. Or WWW.EQUITY.CO.KE AND 
WWW.EQUlTY.CO.KE and even if they picked it up would they assume that 
its a typo and still click on the link ahead?.  IMHO training the end 
users on security considerations on the Internet is far more difficult.

Secondly, as with most things there has to be a demand for various 
implementations to take root. Now unfortunately, the demand for secure 
IP implementations i.e DNSSEC, Secure BGP etc have gone largely 
un-deployed due to lack of support from both vendors and the technical 
folks expected to deploy the systems. This by extension can be traced 
back to the low demand by users for the same services. So who is 
entirely responsible for this should be a question and what measures are 
needed to be put in place to ensure that the right security 
implementations are done and in good time?.

With regards to the overheads that will be involved in having digitally 
signed communications or encrypted and secure communications - well the 
impact on bandwidth is minimal. The issues maybe compatibility with old 
and legacy systems and costs of upgrading them. Another important issues 
is having good and reliable connectivity where verification is needed.

IMHO security is by and large a social problem that requires social 
perspectives to resolve than technical.


Regards,

Michuki.

More information about the KICTANet mailing list