[kictanet] Telcos regulator seeks to monitor WhatsApp
Wambua, Christopher
Wambua at ca.go.ke
Mon Nov 5 00:28:45 EAT 2018
It has.
Sent from my iPhone
On 4 Nov 2018, at 09:02, Albert Mukiria via kictanet <kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>> wrote:
I am not sure if this has already been posted, but this article says the regulator wants the data stored on WhatsApp and Skype to be shared by the Govt.
https://www.businessdailyafrica.com/economy/Telcos-regulator-seeks-to-monitor-WhatsApp/3946234-4832970-15byqjn/index.html
On Fri, 2 Nov 2018 at 16:56, Mark Elkins via kictanet <kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>> wrote:
As a follow on to WhatsApp and its end-to-end security - one can do something quite similar for e-mail.
Practising what I preach...
At Posix Systems - customers can send e-mail to my mail relay server. This is running Mail Submission on port 587 with username/password authentication over TLS (The session is encrypted). This has the distinct advantage of working from any Internet connection my customer is on and everything is encrypted whilst over the wire. Additionally, if you are an ISP with your own customer infrastructure - you can now block port 25 and reduce SPAM from Virus' on customer PC's. Customers can also fetch e-mail (POP3/IMAP) over TLS (Ports 995 and 993 respectively) - so both the e-mail and passwords are also securely encrypted when fetching/downloading email.
Whilst email-server to email-server can opportunistically also run TLS (encryption) between MTA's (Mail Transport Agents), I also run DANE. This means if the target mail system advertises their TLS info in a TLSA DNS record (Advertise their SSL Certificate in the DNS System) - I KNOW they have TLS (a Security Certificate) and WHAT IT SHOULD LOOK LIKE - so if a connection is made and either the TLS signature is incorrect or does not exist (perhaps a man-in-the-middle attack) - the mail will not be delivered.
The only issue with this is the target TLSA record must be in a DNSSEC signed zone - and obviously, the sending MTU must use a DNSSEC aware DNS Resolver to check the Target Mail system.
This setup though gives end-to-end encryption of e-mail that no one can intercept. The MTA's though do have the e-mail in an unencrypted form. I'd presume the e-mail customers can trust their ISP's.
(Although technical - I hope this brief description is understandable)
On 11/02/2018 12:16 PM, Mwendwa Kivuva via kictanet wrote:
Thanks Wambua.
Just to clarify, and even rubbish that article, we need to understand that a platform like whatsapp uses end to end encryption, and cannot be snooped on, not even by Facebook.
End-to-end encryption
When end-to-end encrypted, your messages, photos, videos, voice messages, documents, status updates and calls are secured from falling into the wrong hands.
WhatsApp end-to-end encryption ensures only you and the person you're communicating with can read what's sent, and nobody in between, not even WhatsApp. Your messages are secured with locks, and only the recipient and you have the special keys needed to unlock and read your messages. For added protection, every message you send has an unique lock and key. All of this happens automatically: No need to turn on settings or set up special secret chats to secure your messages.
Important: End-to-end encryption is always activated. There's no way to turn off end-to-end encryption.
OK, Now that we have debunked the possibility of CA reading your whatsapp, let us look at the types of regulations CA can put on over the top services. Remember Uganda social media tax? What about Ethiopia restriction of Skype? Yes those are the two most popular regulatory interventions that backward regimes use.
1. Censorship, filtering, and blockage
2. Taxation
On Fri, Nov 2, 2018, 11:50 AM Wambua, Christopher via kictanet <kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>> wrote:
Listers
For purposes of clarity on the objects of the tender in question, I wish to refer listers to the public tender document which is available on CA’s website at https://ca.go.ke/wp-content/uploads/2018/10/Consultancy-Services-For-The-Study-On-Over-The-Top-OTTs-Technologies-Services-In-Kenya.pdf
In brief, the Authority, under its strategic objective of enabling widespread deployment of infrastructure and services through promotion of new and emerging technologies, plans to undertake a study to determine the regulatory mechanisms that can be employed to cater for new and emerging areas with specific focus on over the top services. The consultant shall be expected to propose the regulatory approach that the Authority can take in respect to OTTs. CA takes this opportunity to invite listers who meet the requirements set out in the tender documents to submit their bids by 14th November 2018.
CA wishes to assure listers that we have not interest whatsoever in snooping into your WhatsApp conversations as that would be against the spirit and letter of the constitution. We have however noted that the headlines on the articles on this tender are misleading, and the Authority is taking up this matter with the respective editors.
I hope this clarification puts this matter to rest.
Regards
Christopher Wambua
Ag. Director/Consumer & Public Affairs | Consumer and Public Affairs
[Description: Description: http://digital.scanad.com/casignature/img/logo.png]
Tel: +254 20 4242000/284
Office Mobile: +254 730 042284/
+254 730172284
P.O. Box 14448 Nairobi 00800
[Description: Description: http://digital.scanad.com/casignature/img/mail.png]wambua at ca.go.ke<mailto:wambua at ca.go.ke> [Description: Description: http://digital.scanad.com/casignature/img/facebook.png] Communications Authority of Kenya<https://www.facebook.com/CAOKenya?ref=hl> [Description: Description: http://digital.scanad.com/casignature/img/twitter.png] ca_kenya <https://twitter.com/CA_Kenya> [Description: Description: http://digital.scanad.com/casignature/img/web.png] www.ca.go.ke <http://www.ca.go.ke/>
[Description: Description: http://digital.scanad.com/signature/banner.jpg]
From: kictanet <kictanet-bounces+wambua=ca.go.ke at lists.kictanet.or.ke<mailto:kictanet-bounces+wambua=ca.go.ke at lists.kictanet.or.ke>> on behalf of KICTAnet Discussions <kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>>
Reply-To: KICTAnet Discussions <kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>>
Date: Friday, 2 November 2018 at 05:07
To: Christopher Wambua <wambua at ca.go.ke<mailto:wambua at ca.go.ke>>
Cc: Ali Hussein <ali at hussein.me.ke<mailto:ali at hussein.me.ke>>
Subject: Re: [kictanet] Telcos regulator seeks to monitor WhatsApp
@GG
Thanks for sharing. I’m curious as to what the world is coming to. Everyone wants to snoop and regulate. Can the CA tell us what’s the major value proposition to increasing snooping on us?
Regulators need to spend more time enabling the sector they are supposed to grow and the CA has really been progressive in many ways. Once in a while though they try to go back to the bad old KANU days. The onus is on us to remind them that Kenyans shut that door kitambo sana.
Ali Hussein
Principal
AHK & Associates
+254 0713 601113
Twitter: @AliHKassim
Skype: abu-jomo
LinkedIn: http://ke.linkedin.com/in/alihkassim
"We are what we repeatedly do. Excellence, therefore, is not an act but a habit." ~ Aristotle
Sent from my iPad
On 1 Nov 2018, at 10:57 PM, Grace Githaiga via kictanet <kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>> wrote:
Kenya is considering regulating online services such as WhatsApp and Skype in a radical move that could force the internet-based service providers to share data with the government.
The Communications Authority of Kenya (CA) is in search of a consultant to study and determine how the so-called over-the-top services (OTTS) operated by groups such as Facebook, which runs WhatsApp, and Skype owner Microsoft, could be regulated.
Read on: https://www.nation.co.ke/business/Telcos-regulator-seeks-to-monitor-WhatsApp/996-4833020-fn9u7s/index.html
Best regards
Githaiga, Grace
Co-Convenor
Kenya ICT Action Network (KICTANet)
Twitter:@ggithaiga
Tel: 254722701495
Skype: gracegithaiga
Alternate email: ggithaiga at hotmail.com<mailto:ggithaiga at hotmail.com>
Linkedin: https://www.linkedin.com/in/gracegithaiga
www.kictanet.or.ke<http://www.kictanet.or.ke>
"Change only happens when ordinary people get involved, get engaged and come together to demand it. I am asking you to believe. Not in my ability to bring about change – but in yours"---Barrack Obama.
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Twitter: http://twitter.com/kictanet
Facebook: https://www.facebook.com/KICTANet/
Domain Registration sponsored by www.eacdirectory.co.ke<http://www.eacdirectory.co.ke>
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Twitter: http://twitter.com/kictanet
Facebook: https://www.facebook.com/KICTANet/
Domain Registration sponsored by www.eacdirectory.co.ke<http://www.eacdirectory.co.ke>
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/kivuva%40transworldafrica.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Twitter: http://twitter.com/kictanet
Facebook: https://www.facebook.com/KICTANet/
Domain Registration sponsored by www.eacdirectory.co.ke<http://www.eacdirectory.co.ke>
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/mje%40posix.co.za
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
--
Mark James ELKINS - Posix Systems - (South) Africa
mje at posix.co.za<mailto:mje at posix.co.za> Tel: +27.128070590 Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Twitter: http://twitter.com/kictanet
Facebook: https://www.facebook.com/KICTANet/
Domain Registration sponsored by www.eacdirectory.co.ke<http://www.eacdirectory.co.ke>
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/mukiria.albert%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
--
Sent from Gmail Mobile
_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke<mailto:kictanet at lists.kictanet.or.ke>
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Twitter: http://twitter.com/kictanet
Facebook: https://www.facebook.com/KICTANet/
Domain Registration sponsored by www.eacdirectory.co.ke<http://www.eacdirectory.co.ke>
Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/wambua%40ca.go.ke
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20181104/c5271cef/attachment.htm>
More information about the KICTANet
mailing list