[kictanet] Telcos regulator seeks to monitor WhatsApp
Mark Elkins
mje at posix.co.za
Fri Nov 2 16:54:46 EAT 2018
As a follow on to WhatsApp and its end-to-end security - one can do
something quite similar for e-mail.
Practising what I preach...
At Posix Systems - customers can send e-mail to my mail relay server.
This is running Mail Submission on port 587 with username/password
authentication over TLS (The session is encrypted). This has the
distinct advantage of working from any Internet connection my customer
is on and everything is encrypted whilst over the wire. Additionally, if
you are an ISP with your own customer infrastructure - you can now block
port 25 and reduce SPAM from Virus' on customer PC's. Customers can also
fetch e-mail (POP3/IMAP) over TLS (Ports 995 and 993 respectively) - so
both the e-mail and passwords are also securely encrypted when
fetching/downloading email.
Whilst email-server to email-server can opportunistically also run TLS
(encryption) between MTA's (Mail Transport Agents), I also run DANE.
This means if the target mail system advertises their TLS info in a TLSA
DNS record (Advertise their SSL Certificate in the DNS System) - I KNOW
they have TLS (a Security Certificate) and WHAT IT SHOULD LOOK LIKE -
so if a connection is made and either the TLS signature is incorrect or
does not exist (perhaps a man-in-the-middle attack) - the mail will not
be delivered.
The only issue with this is the target TLSA record must be in a DNSSEC
signed zone - and obviously, the sending MTU must use a DNSSEC aware DNS
Resolver to check the Target Mail system.
This setup though gives end-to-end encryption of e-mail that no one can
intercept. The MTA's though do have the e-mail in an unencrypted form.
I'd presume the e-mail customers can trust their ISP's.
(Although technical - I hope this brief description is understandable)
On 11/02/2018 12:16 PM, Mwendwa Kivuva via kictanet wrote:
> Thanks Wambua.
>
> Just to clarify, and even rubbish that article, we need to understand
> that a platform like whatsapp uses end to end encryption, and cannot
> be snooped on, not even by Facebook.
>
>
> End-to-end encryption
>
> When end-to-end encrypted, your messages, photos, videos, voice
> messages, documents, status updates and calls are secured from falling
> into the wrong hands.
>
> WhatsApp end-to-end encryption ensures only you and the person you're
> communicating with can read what's sent, and nobody in between, not
> even WhatsApp. Your messages are secured with locks, and only the
> recipient and you have the special keys needed to unlock and read your
> messages. For added protection, every message you send has an unique
> lock and key. All of this happens automatically: No need to turn on
> settings or set up special secret chats to secure your messages.
>
> Important: End-to-end encryption is always activated. There's no way
> to turn off end-to-end encryption.
>
> OK, Now that we have debunked the possibility of CA reading your
> whatsapp, let us look at the types of regulations CA can put on over
> the top services. Remember Uganda social media tax? What about
> Ethiopia restriction of Skype? Yes those are the two most popular
> regulatory interventions that backward regimes use.
>
> 1. Censorship, filtering, and blockage
>
> 2. Taxation
>
>
> On Fri, Nov 2, 2018, 11:50 AM Wambua, Christopher via kictanet
> <kictanet at lists.kictanet.or.ke <mailto:kictanet at lists.kictanet.or.ke>>
> wrote:
>
> Listers
>
> For purposes of clarity on the objects of the tender in question,
> I wish to refer listers to the public tender document which is
> available on CA’s website at
> https://ca.go.ke/wp-content/uploads/2018/10/Consultancy-Services-For-The-Study-On-Over-The-Top-OTTs-Technologies-Services-In-Kenya.pdf
>
> In brief, the Authority, under its strategic objective of enabling
> widespread deployment of infrastructure and services through
> promotion of new and emerging technologies, plans to undertake a
> study to determine the regulatory mechanisms that can be employed
> to cater for new and emerging areas with specific focus on over
> the top services. The consultant shall be expected to propose the
> regulatory approach that the Authority can take in respect to
> OTTs. CA takes this opportunity to invite listers who meet the
> requirements set out in the tender documents to submit their bids
> by 14th November 2018.
>
> CA wishes to assure listers that we have not interest whatsoever
> in snooping into your WhatsApp conversations as that would be
> against the spirit and letter of the constitution. We have however
> noted that the headlines on the articles on this tender are
> misleading, and the Authority is taking up this matter with the
> respective editors.
>
> I hope this clarification puts this matter to rest.
>
> Regards
>
>
>
>
> Christopher Wambua
>
> Ag. Director/Consumer & Public Affairs | Consumer and Public Affairs
>
> Description: Description:
> http://digital.scanad.com/casignature/img/logo.png
>
>
>
> Tel: +254 20 4242000/284
>
> Office Mobile: +254 730 042284/
>
> +254 730172284
>
> P.O. Box 14448 Nairobi 00800
>
>
> Description: Description:
> http://digital.scanad.com/casignature/img/mail.png_wambua@ca.go.ke
> <mailto:wambua at ca.go.ke> _Description: Description:
> http://digital.scanad.com/casignature/img/facebook.pngCommunications
> Authority of Kenya
> <https://www.facebook.com/CAOKenya?ref=hl> Description:
> Description:
> http://digital.scanad.com/casignature/img/twitter.pngca_kenya
> <https://twitter.com/CA_Kenya>Description: Description:
> http://digital.scanad.com/casignature/img/web.pngwww.ca.go.ke
> <http://www.ca.go.ke/>
>
>
> Description: Description:
> http://digital.scanad.com/signature/banner.jpg
>
>
> From: kictanet
> <kictanet-bounces+wambua=ca.go.ke at lists.kictanet.or.ke
> <mailto:kictanet-bounces+wambua=ca.go.ke at lists.kictanet.or.ke>> on
> behalf of KICTAnet Discussions <kictanet at lists.kictanet.or.ke
> <mailto:kictanet at lists.kictanet.or.ke>>
> Reply-To: KICTAnet Discussions <kictanet at lists.kictanet.or.ke
> <mailto:kictanet at lists.kictanet.or.ke>>
> Date: Friday, 2 November 2018 at 05:07
> To: Christopher Wambua <wambua at ca.go.ke <mailto:wambua at ca.go.ke>>
> Cc: Ali Hussein <ali at hussein.me.ke <mailto:ali at hussein.me.ke>>
> Subject: Re: [kictanet] Telcos regulator seeks to monitor WhatsApp
>
> @GG
>
> Thanks for sharing. I’m curious as to what the world is coming to.
> Everyone wants to snoop and regulate. Can the CA tell us what’s
> the major value proposition to increasing snooping on us?
>
> Regulators need to spend more time enabling the sector they are
> supposed to grow and the CA has really been progressive in many
> ways. Once in a while though they try to go back to the bad old
> KANU days. The onus is on us to remind them that Kenyans shut that
> door kitambo sana.
>
> *Ali Hussein*
> *Principal*
> *AHK & Associates*
> +254 0713 601113
>
> Twitter: @AliHKassim
>
> Skype: abu-jomo
>
> LinkedIn: http://ke.linkedin.com/in/alihkassim
>
>
> "We are what we repeatedly do. Excellence, therefore, is not an
> act but a habit." ~ Aristotle
>
>
> Sent from my iPad
>
> On 1 Nov 2018, at 10:57 PM, Grace Githaiga via kictanet
> <kictanet at lists.kictanet.or.ke
> <mailto:kictanet at lists.kictanet.or.ke>> wrote:
>
>> Kenya is considering regulating online services such as WhatsApp
>> and Skype in a radical move that could force the internet-based
>> service providers to share data with the government.
>>
>> The Communications Authority of Kenya (CA) is in search of a
>> consultant to study and determine how the so-called over-the-top
>> services (OTTS) operated by groups such as Facebook, which runs
>> WhatsApp, and Skype owner Microsoft, could be regulated.
>>
>> Read on:
>> https://www.nation.co.ke/business/Telcos-regulator-seeks-to-monitor-WhatsApp/996-4833020-fn9u7s/index.html
>>
>>
>>
>>
>>
>> Best regards
>>
>>
>> Githaiga, Grace
>>
>>
>> Co-Convenor
>> Kenya ICT Action Network (KICTANet)
>> Twitter:@ggithaiga
>> Tel: 254722701495
>> Skype: gracegithaiga
>> Alternate email: ggithaiga at hotmail.com <mailto:ggithaiga at hotmail.com>
>> Linkedin: https://www.linkedin.com/in/gracegithaiga
>> <https://www.linkedin.com/in/gracegithaiga>
>> www.kictanet.or.ke <http://www.kictanet.or.ke>
>>
>> "Change only happens when ordinary people get involved, get
>> engaged and come together to demand it. I am asking you to
>> believe. Not in my ability to bring about change – but in
>> yours"---Barrack Obama.
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke <mailto:kictanet at lists.kictanet.or.ke>
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: https://www.facebook.com/KICTANet/
>> Domain Registration sponsored by www.eacdirectory.co.ke
>> <http://www.eacdirectory.co.ke>
>>
>> Unsubscribe or change your options at
>> https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder
>> platform for people and institutions interested and involved in
>> ICT policy and regulation. The network aims to act as a catalyst
>> for reform in the ICT sector in support of the national aim of
>> ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable
>> behaviors online that you follow in real life: respect people's
>> times and bandwidth, share knowledge, don't flame or abuse or
>> personalize, respect privacy, do not spam, do not market your
>> wares or qualifications.
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke <mailto:kictanet at lists.kictanet.or.ke>
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
> Domain Registration sponsored by www.eacdirectory.co.ke
> <http://www.eacdirectory.co.ke>
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/kivuva%40transworldafrica.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder
> platform for people and institutions interested and involved in
> ICT policy and regulation. The network aims to act as a catalyst
> for reform in the ICT sector in support of the national aim of ICT
> enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable
> behaviors online that you follow in real life: respect people's
> times and bandwidth, share knowledge, don't flame or abuse or
> personalize, respect privacy, do not spam, do not market your
> wares or qualifications.
>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: https://www.facebook.com/KICTANet/
> Domain Registration sponsored by www.eacdirectory.co.ke
>
> Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/mje%40posix.co.za
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
--
Mark James ELKINS - Posix Systems - (South) Africa
mje at posix.co.za Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20181102/68807204/attachment.htm>
More information about the KICTANet
mailing list