[kictanet] CA Speaks to Internet Shutdowns and "Monitoring" of Online Comms

Moses Karanja mosekaranja at gmail.com
Fri Jan 13 19:21:54 EAT 2017


Security is not an absolute. No tool will give you that. However, what
the security community considers a threshold for any product is
transparency and disclosure of vulnerabilities. This allows an iterated
security path.

What worries me about today's Guardian article on WhatsApp is not that
there is a crypto blindspot but that the security researcher claims to
have informed WhatsApp security team back in April 2016 (responsible
disclosure) but the parent company, Facebook, did not consider patching
it a priority:

    "Boelter reported the backdoor vulnerability to Facebook in April
    2016, but was told that Facebook was aware of the issue, that it was
    “expected behaviour” and wasn’t being actively worked on. The
    Guardian has verified the backdoor still exists."

That is my real concern.


On 13/01/2017 19:00, kictanet-request at lists.kictanet.or.ke wrote:
> Send kictanet mailing list submissions to
> 	kictanet at lists.kictanet.or.ke
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> or, via email, send a message with subject or body 'help' to
> 	kictanet-request at lists.kictanet.or.ke
>
> You can reach the person managing the list at
> 	kictanet-owner at lists.kictanet.or.ke
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of kictanet digest..."
>
>
> Today's Topics:
>
>    1. Re: CA Speaks to Internet Shutdowns and "Monitoring" of
>       Online Comms (Nanjira Sambuli)
>    2. Re: CA Speaks to Internet Shutdowns and "Monitoring" of
>       Online Comms (Keith Andere)
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet

-- 
Moses Karanja
www.moseskaranja.com/blog 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170113/3b57fa68/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: OpenPGP digital signature
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20170113/3b57fa68/attachment.sig>


More information about the KICTANet mailing list