[kictanet] [Skunkworks] Media Misleading Citizens?-One Man Security?

[Moses Muya]

First of all,good evening Sir!

mmmhhh...I think a better question to ask is whether you want the
Government or Regulator to have this type of legal backing. Wearing my
security hat, I can tell you for free that national cyber-security
initiatives can never be effective using a "one-stakeholder, do it as I
say" approach...(unless u are in China and related cousins like North
Korea) *- In my opinion,after the Government has shown interest in
something,they are very likely to pursue it to the end. As our former
President would say,"Mpende msipende" (whether we want it or not) ,this
system or a variant of the same will be installed! Actually,as we speak,the
NSIS conducts various forms of electronic surveillance on us. The only
choice we have is whether we will allow the Government to spy on us as they
please without any grounds for doing that or whether we will force them to
follow the correct legal channels. It's a matter of choosing the lesser
evil. Btw,have you noticed how silent The CCK has been on this matter? They
have not denied the existence of such a system.*

Lets for a moment imagine that there is legal backing and ALL Operators are
compelled to install this gadget.  Would we then claim to be electronically
safer? *- Not at all! Judging by the fact that 103 websites were hacked by
a junior student from Indonesia,I wouldn't depend on the Government to
provide any security. I'm afraid we are on our own on this one and it's our
responsibility as individuals to make sure we have the right policies
within our organisations that will safeguard our ICT/Telecommunications
infrastructure.*Research shows that over 75% of electronic fraud/crime
originates and is executed internally (like within Banks/Organisations) and
hence putting gadgets at the Operators level presupposes the most of the
bad guys are comming in from the "outside".  Fine you may catch the
minotrity thugs (25%) but have not impact on the majority internal thugs
(the 75%...) *- I agree. However,I think the kind of security that the
Government is talking about is not limited to 'eSecurity' per se  but
rather criminal acts/terrorism planned using electronic means and executed
'offline'. For example,the system will flag a person who has been using an
email address to plan an attack on building X in Nairobi. Law enforcement
agencies will then follow up on this issue and possibly bring the culprit
to book. I stand to be corrected on this one.  *

A secondary but equally important point, is what would stop the Director
General (my good friend Wangusi) to use the very same equipment to block
internet traffic into and out of  the Kenyan space? Especially if Kenyans
are trying to do the equivalent of the Arab uprising on
Twitter/FB/etc...which is likely considering our politics is not really
improving (but I digress) *- Proper legal frameworks? Saying the Government
should not have this kind of power because they will misuse it is
tantamount to saying the police should not be given guns since they are
likely to shoot innocent civilians! It's all a matter of implementing
proper laws and proper ethics on the Government's side.*

Am not purely against security gadgets being installed.  Am against a
framework that puts one man or woman in charge of these gadgets. Even our
new constitution puts the Police and Security Intelligence bosses under
Parliament (210 MPs?) *- I agree. On the political aspect of it,having 210
members of parliament to decide on anything will simply extend the time
taken but won't necessarily stop something that has been rejected by the
masses. As we have seen in the past,parliament does not choose what is best
for the citizens but what is best for the members' survival,it all depends
on political affiliations of the member moving the motion and those seeking
to support or reject it. We have also seen how the promises of financial
heavens can sway the opinions of the most sober-minded M.Ps! One more
shocker, most of the politicians in the U.S who were in support of
SOPA/PIPA did not have in-depth knowledge of how these laws would be
implemented and their effects on the citizens. How much worse would it be
in Kenya where ignorance is more prevalent?*

If we are not carefull we may be basically putting Kenya back to the days
of one-man-show. Remember one broadcasting station - Voice of Kenya?
remember KPT&C - the days of JamboNet? Same thing here on the offing - if
we are to believe what has been published in the press (and why not, no one
from CCK has protested as  being misquoted) .

On 21 March 2012 18:49, Walubengo J <jwalu at yahoo.com> wrote:

> --- On *Wed, 3/21/12, Moses Muya <mouzmuyer at gmail.com>* wrote
> >snip
> The only question that comes to mind is whether the Government has the
> right legal backing to do this.
> >snip
>
> mmmhhh...I think a better question to ask is whether you want the
> Government or Regulator to have this type of legal backing. Wearing my
> security hat, I can tell you for free that national cyber-security
> initiatives can never be effective using a "one-stakeholder, do it as I
> say" approach...(unless u are in China and related cousins like North Korea)
>
> Lets for a moment imagine that there is legal backing and ALL Operators
> are compelled to install this gadget.  Would we then claim to be
> electronically safer? Research shows that over 75% of electronic
> fraud/crime originates and is executed internally (like within
> Banks/Organisations) and hence putting gadgets at the Operators level
> presupposes the most of the bad guys are comming in from the "outside".
> Fine you may catch the minotrity thugs (25%) but have not impact on the
> majority internal thugs (the 75%...)
>
> A secondary but equally important point, is what would stop the Director
> General (my good friend Wangusi) to use the very same equipment to block
> internet traffic into and out of  the Kenyan space? Especially if Kenyans
> are trying to do the equivalent of the Arab uprising on
> Twitter/FB/etc...which is likely considering our politics is not really
> improving (but I digress)
>
> Am not purely against security gadgets being installed.  Am against a
> framework that puts one man or woman in charge of these gadgets. Even our
> new constitution puts the Police and Security Intelligence bosses under
> Parliament (210 MPs?)
>
> If we are not carefull we may be basically putting Kenya back to the days
> of one-man-show. Remember one broadcasting station - Voice of Kenya?
> remember KPT&C - the days of JamboNet? Same thing here on the offing - if
> we are to believe what has been published in the press (and why not, no one
> from CCK has protested as  being misquoted) .
>
> walu.
>
>
>
>
>
>
>
>
>
>
> --- On *Wed, 3/21/12, Moses Muya <mouzmuyer at gmail.com>* wrote:
>
>
> From: Moses Muya <mouzmuyer at gmail.com>
> Subject: Re: [kictanet] [Skunkworks] Media Misleading Citizens?
> To: jwalu at yahoo.com
> Cc: "KICTAnet ICT Policy Discussions" <kictanet at lists.kictanet.or.ke>
> Date: Wednesday, March 21, 2012, 5:07 PM
>
> To the best of my understanding,the story makes perfect sense! The
> government wants to implement N.E.W.S and ITU is helping it. One of ITU's
> objective is "To improve telecommunication infrastructure in the
> developing world and to establish worldwide standards". If part of
> "worldwide standards" is using telecommunications infrastructure to
> safeguard the security and interests of a country,they are the correct
> people to help in this. Moreover,seeing as ITU is part of the U.N,I would
> argue that they have the financial and technical might needed to do this.
> The only question that comes to mind is whether the Government has the
> right legal backing to do this.
>
> On 21 March 2012 09:03, Barrack Otieno <otieno.barrack at gmail.com<http://mc/compose?to=otieno.barrack@gmail.com>
> > wrote:
>
> Moses,
>
> The reason i called it misinformation is that the acting DG was on the
> media when the deal was being signed , unless i was watching Al
> Kajiado TV  and i never heard anything like this, furthermore last
> year we had a Cyber Security Workshop hosted by CCK where all those
> issues were explained but i dont recall seeing brethren from the
> fourth estate, that is why i proposed that they should do more
> research, imho this kind of reporting can defeat the war on
> Cybersecurity since the people are an integral part of the Cyberworld.
>
> On 3/21/12, Moses Muya <mouzmuyer at gmail.com<http://mc/compose?to=mouzmuyer@gmail.com>>
> wrote:
> > I wouldn't be quick to call this 'misinformation'. Such systems have been
> > deployed the world over,even by the biggest democracies! It all depends
> on
> > the Government's objectives for doing this - they could go the U.S.A way
> > and crack down on terrorism or they could go the China way and use it to
> > oppress us!
> >
> > On 21 March 2012 08:27, Barrack Otieno <otieno.barrack at gmail.com<http://mc/compose?to=otieno.barrack@gmail.com>>
> wrote:
> >
> >> Listers,
> >>
> >> I just saw this on the wall of a popular media house and i am appalled
> >> by the misinformation, why can't our dear journalists do more research
> >> before publishing info, i see why Prof Nyong'o was so agitated during
> >> the Interview on Citizen TV, this is really dangerous? below is the
> >> text..
> >>
> >> The Communications Commission of Kenya could have access to your
> >> personal internet content by July this year, if a plan they have set
> >> in motion succeeds. The CCK has signed a 32.6 million shilling deal
> >> with the International Telecommunications Union (ITU) to install a
> >> system that will monitor all incoming and outgoing internet content in
> >> Kenya, and has already requested local internet service providers and
> >> telecommunications institutions to install it.
> >>
> >> Do you think this is right?
> >>
> >> Hope the concerned will react on time.
> >>
> >> --
> >> Barrack O. Otieno
> >> +254721325277
> >> +254-20-2498789
> >> Skype: barrack.otieno
> >> http://www.otienobarrack.me.ke/
> >> _______________________________________________
> >> Skunkworks mailing list
> >> Skunkworks at lists.my.co.ke<http://mc/compose?to=Skunkworks@lists.my.co.ke>
> >> ------------
> >> List info, subscribe/unsubscribe
> >> http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
> >> ------------
> >>
> >> Skunkworks Rules
> >> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
> >> ------------
> >> Other services @ http://my.co.ke
> >>
> >
> >
> >
> > --
> > Kind Regards,
> >
> > Moses Muya.
> >
>
>
> --
> Barrack O. Otieno
> +254721325277
> +254-20-2498789
> Skype: barrack.otieno
> http://www.otienobarrack.me.ke/
> _______________________________________________
> Skunkworks mailing list
> Skunkworks at lists.my.co.ke <http://mc/compose?to=Skunkworks@lists.my.co.ke>
> ------------
> List info, subscribe/unsubscribe
> http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
> ------------
>
> Skunkworks Rules
> http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
> ------------
> Other services @ http://my.co.ke
>
>
>
>
> --
> Kind Regards,
>
> Moses Muya.
>
>
> -----Inline Attachment Follows-----
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke<http://mc/compose?to=kictanet@lists.kictanet.or.ke>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
>


-- 
Kind Regards,

Moses Muya.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20120321/18010aca/attachment.htm>