[kictanet] Day 4 of 10:- IG Discussions, Internet Security.
alice
alice at apc.org
Thu Aug 21 21:54:22 EAT 2008
And more questions on cybercrime and privacy/security?linking it to the
issue of trust, public confidence and widespread acceptance of ICTs
particularly the internet.
Do we feel confident about using the internet ? Do we trust the
internet? and how will the level of trust and public confidence affect
adoption of say e-transactions, E-education e-government applications,
etc cybercrime and privacy/security?
best
alice
mwende njiraini wrote:
>
> Good afternoon,
>
> Sorry for the late post.
>
> I am seeking responses to the following in relation to security:
>
> - Are there initiatives to create awareness on internet security?
>
> - Apart from CSIRT-KENYA are there other institutions that
> monitor vulnerability incidents?
>
> - What institutional framework should be set up to deal with
> cyber security?
>
> - Are there any success stories in dealing with security
> incidents?
>
> Kind regards
>
> Mwende
>
>
>
>
>
>
>
> Disclaimer: These comments are the author's own
>
> On 8/15/08, *Patrick Mburu* <patrick.mburu at gmail.com
> <mailto:patrick.mburu at gmail.com>> wrote:
>
> Good afternoon ladies and gents,
>
> Information security... one query i had been asking myself for
> years.. is how can we be sure we take the necessary measures to
> ensure "my" information is safe...however this has always
> fallen on the higher side... especially now in a strange world of
> buying all types and goods and services from as far as Brazil and
> know it will be delivered right to my door. One element remains
> is *how safe* is my or any of your information and details in
> the virtual world...and what is being done to protect it once its
> there... Just looking back a couple moth ago, we saw with the
> safcom IPO when all (or maybe just me..) there was a loop hole to
> see what person had on a portfolio... ofcourse this could be
> downplayed.. but just for example...
>
> Information is only too powerful a resource that we all in
> different capacities hold dear...once in the hand of others we may
> feel violated / vulnerable... similar as being burgled in a
> way...someone being able to walk right through my front door and
> check on my personal files.. take what they need and do what they
> will... so information security surely needs to be tackled and or
> awareness to consumers and businesses;
>
> I think one area for review is this area of authentication of
> actual users and at the varios portals that are currently popping
> up in all avenues... as Mich and other colleagues have already
> indicated... u never know what site u may be logging onto and
> giving your access codes to the online mwizi...
>
> With that said e-commerce is here to be embraced... and most
> definitely for development...using whatever technologies or
> combination there are on the market to promote this...but with
> customer / consumer information at risk... i think the one main
> focus point is on the ample meausre's needed to ensure security of
> customer information...
>
> Given the ever growing rate in internet and or e-fraud instances
> currently experienced in Europe, US, etc.., one of the main
> reported cases of internet fraud is through identity fraud... i
> think as we embark on this new trend of business and convenience..
> we could assist in eductating the community locally...regionally..
> on the potential threats... and thereof....
>
> Ok prior to proposing a possible solution through this.. and
> respecting this as a discussion fora... i will first seek
> permission to :-)
>
> Just FYI: heres some information / statistics on cyber crime:
> http://www.tamingthebeast.net/blog/ecommerce/internet-fraud-statistics-0207.htm
> http://securosis.com/2008/06/09/new-identity-theft-stats/
>
> Kind regards,
>
> Patrick Mburu
> Director - IT
> www.ats-africa.com <http://www.ats-africa.com/>
> /"Prevention is better than cure..."/
>
>
> 2008/8/15 Judy Okite <judyokite at gmail.com
> <mailto:judyokite at gmail.com>>
>
> Michuki,
>
> I do agree with you,very few onliners, think about
> security,when they are online. examples:
>
> 1. How many people,do actually read the End User License
> Agreement on the websites,especially,when installing
> softwares? the link below should make a good read.
>
> http://www.pcpitstop.com/spycheck/eula.asp
>
> 2. Should there be or is there a policy,when it comes to
> changing a domain name?
>
> When one types; www.nationmedia.com
> <http://www.nationmedia.com/> you are redirected to
> www.nationmedia.co.ke....I check this website everyday....one
> day it was so slow loading...then...walaa...its .co.ke....if
> we dont take the time(maybe I missed it) to let our users know
> of the changes....then, what will happen when when Kenya gets
> into serious E-commerce? I believe we need to start now,to
> build trust online,it may seem like a small thing,but it will
> go a long way.
>
> e.g what is the difference between www.safaricom.com
> <http://www.safaricom.com/> and www.safaricom.co.ke
> <http://www.safaricom.co.ke/>?
>
>
> I) The Jurisdiction and Arbitration of eCriminals e.g. How
> would one resolve a case where a Kenyan ISP is hosting an
> eCommerce site that sells content that is declared illegal in
> Germany (e.g Hitler's paraphanallia). Can/Should the Germans
> shut down the Kenyan business site?
>
> Well,I think the Yahoo and France on the Nazi case was a great
> eye opener in this regard, but what does that mean.......if
> the Germany decides to filter ccTLD(.KE)...then all Kenyan
> businesses loose.....not a very wise option! the ISP's will
> have to be responsible for the contents they display??.
>
> Kind Regards,
>
>
>
>
> On Thu, Aug 14, 2008 at 8:05 AM, John Walubengo
> <jwalu at yahoo.com <mailto:jwalu at yahoo.com>> wrote:
>
>
> Morning all,
>
> Looks like very little response on yesterday's
> topic...where's Waudo formerly WGIG member? Nway, today's
> IG theme is the one with the most consensus across all
> stakeholders. The fact that the internet is becoming a
> place to place to work, live, pray or play is widely
> acknowledged and hence the consensus on the need to
> protect it.
>
> The global and borderless nature of the Internet means
> that a secure internet needs a concerted global effort as
> earlier mentioned by Brian. A very secure US-territoial
> Internet is of no use if for example the
> Africa-territorial Internet is insecure since phising
> attacks, viruses, spam, eFrauds and other destabilizing
> conditions can be launched from there. Spam for example is
> known to constitute over 60% of email traffic on the
> Internet, which is a fairly significant chunk of Internet
> Bandwidth and Server Processing power going to waste.
>
> The main internet security debate that cross-cuts into
> legal/social baskets often centers around:
> I) How the Internet Protocol (IP) could be improved
> so as to trace-back the origin of the Spammers,
> eFraudsters, and other criminals. This may demand
> implementing IP tools that require all internet services
> (email, dns, web, etc) to be digitally signed - a feature
> that would come with some overheads (Mich could again
> assist here on which overheads these could be)
> II) The Jurisdiction and Arbitration of eCriminals
> e.g. How would one resolve a case where a Kenyan ISP is
> hosting an eCommerce site that sells content that is
> declared illegal in Germany (e.g Hitler's paraphanallia).
> Can/Should the Germans shut down the Kenyan business site?
> III) The delicate balance between pursing security and
> respecting citizen rights. To what extent should
> governments go into private emails, phone-logs, etc, in
> order to safeguard national security? Or what should be
> the mandatory procedures required of Businesses to
> safeguard sensitive electronic data of citizens?
>
> Plse feel free to add, clarify, object or modify the
> above. More importantly think of what would be an
> E.African position on the issues.
>
> As usual, 1day on this theme.
>
> walu.
>
>
>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> <mailto:kictanet at lists.kictanet.or.ke>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
>
> This message was sent to: judyokite at gmail.com
> <mailto:judyokite at gmail.com>
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com
>
>
>
>
> --
> "Do not go where the path may lead, go instead where there is
> no path and leave a trail."
> ~ Ralph Waldo Emerson
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> <mailto:kictanet at lists.kictanet.or.ke>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: patrick.mburu at gmail.com
> <mailto:patrick.mburu at gmail.com>
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/patrick.mburu%40gmail.com
>
>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke <mailto:kictanet at lists.kictanet.or.ke>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: mwende.njiraini at gmail.com
> <mailto:mwende.njiraini at gmail.com>
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/mwende.njiraini%40gmail.com
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: alice at apc.org
> Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/alice%40apc.org
>
More information about the KICTANet
mailing list