<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Kivuva</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">All I can is this:-</div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Sisi kwisha! <br><br><div><span style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.294118); -webkit-composition-fill-color: rgba(175, 192, 227, 0.231373);"><b>Ali Hussein</b></span></div><div><b style="background-color: rgba(255, 255, 255, 0);">Hussein & Associates</b></div><div style="font-family: Helvetica; font-size: medium; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.296875); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); -webkit-text-size-adjust: auto; ">+254 0713 601113 / 0770906375</div><div style="font-family: Helvetica; font-size: medium; -webkit-tap-highlight-color: rgba(26, 26, 26, 0.296875); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); -webkit-text-size-adjust: auto; "><br></div><div><p style="margin: 0in 0in 0pt;"><span style="background-color: rgba(255, 255, 255, 0);">Twitter: @AliHKassim</span></p><span style="background-color: rgba(255, 255, 255, 0);"><font></font></span><p style="margin: 0in 0in 0pt;"><span style="background-color: rgba(255, 255, 255, 0);">Skype: abu-jomo</span></p><p style="margin: 0in 0in 0pt;"><span style="background-color: rgba(255, 255, 255, 0);">LinkedIn: <a href="http://ke.linkedin.com/in/alihkassim" target="_blank">http://ke.linkedin.com/in/alihkassim</a><a href="http://ke.linkedin.com/in/alihkassim" target="_blank"><span style="text-decoration: none;"></span></a></span></p><span style="background-color: rgba(255, 255, 255, 0);"><font></font></span><p style="margin: 0in 0in 0pt;"></p><font><span style="background-color: rgba(255, 255, 255, 0);">Blog: <a href="http://www.alyhussein.com/" target="_blank">www.alyhussein.com</a></span><br></font></div><div><span style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.292969); -webkit-composition-fill-color: rgba(175, 192, 227, 0.230469); -webkit-composition-frame-color: rgba(77, 128, 180, 0.230469); "><br></span></div><div>"Discovery consists in seeing what everyone else has seen and thinking what no one else has thought". ~ Albert Szent-Györgyi</div><div><span style="-webkit-tap-highlight-color: rgba(26, 26, 26, 0.294118); -webkit-composition-fill-color: rgba(175, 192, 227, 0.231373);"><br></span></div>Sent from my iPad</div><div><br>On 8 Mar 2017, at 3:32 PM, Mwendwa Kivuva via kictanet <<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:<br><br></div><blockquote type="cite"><div><span>Wikileaks released CA hacking tools codenamed Vault 7.</span><br><span></span><br><span>Basically, everybody that maters has been hacked ... even if they use</span><br><span>Signal, Telegram, or the best security tools. Funny how Telegram tried</span><br><span>to console its users "The good news is that for the moment all of this</span><br><span>is irrelevant for the majority of Telegram users. If the CIA is not on</span><br><span>your back, you shouldn't start worrying just yet. And if it is, it</span><br><span>doesn't matter which messaging apps you use as long as your device is</span><br><span>running iOS or Android."</span><br><span></span><br><span>Now we are in the age of another new-normal - that encryption only</span><br><span>protects you from parochial entities.</span><br><span></span><br><span>Below is the full release by Telegram: <a href="http://telegra.ph/Wikileaks-Vault7-NEWS">http://telegra.ph/Wikileaks-Vault7-NEWS</a></span><br><span></span><br><span>What does the "Year Zero" and "Vault 7" stuff from Wikileaks mean?</span><br><span></span><br><span>TelegramMarch 7, 2017</span><br><span></span><br><span>Wikileaks has released a new set of documents they called "Year Zero".</span><br><span>According to these documents, the CIA had created "its own NSA" with</span><br><span>"even less accountability". The newly discovered hacking arsenal of</span><br><span>the agency includes techniques that reportedly permit the CIA to go</span><br><span>around the encryption of messaging apps like WhatsApp or Signal by</span><br><span>hacking people's smartphones and collecting audio and message traffic</span><br><span>before encryption is applied.</span><br><span></span><br><span>This is not an app issue. It is relevant on the level of devices and</span><br><span>operating systems like iOS and Android. For this reason, naming any</span><br><span>particular app in this context is misleading.</span><br><span></span><br><span>Say what?</span><br><span></span><br><span>To put "Year Zero" into familiar terms, imagine a castle on a</span><br><span>mountainside. That castle is a secure messaging app. The device and</span><br><span>its OS are the mountain. Your castle can be strong, but if the</span><br><span>mountain below is an active volcano, there's little your engineers can</span><br><span>do.</span><br><span></span><br><span>So in the case of "Year Zero", it doesn't matter which messenger you</span><br><span>use. No app can stop your keyboard from knowing what keys you press.</span><br><span>No app can hide what shows up on your screen from the system. And none</span><br><span>of this is an issue of the app.</span><br><span></span><br><span>So who can fix this?</span><br><span></span><br><span>It is now up to the device and OS manufacturers, like Apple, Google,</span><br><span>or Samsung, to fix their volcanoes back into mountains.</span><br><span></span><br><span>Luckily, in the case of "Year Zero", the mountain isn't exactly a</span><br><span>volcano. It's rather just a big mountain that is full of secret</span><br><span>tunnels and passages. The tools from "Vault 7" are like a map of those</span><br><span>tunnels. Now that device and OS manufacturers like Apple and Google</span><br><span>will get this map, they can start filling in the holes and boarding up</span><br><span>the passages. This will require many hours of work and many security</span><br><span>updates, but eventually they should be able to take care of most of</span><br><span>the problems.</span><br><span></span><br><span>Who is affected?</span><br><span></span><br><span>The good news is that for the moment all of this is irrelevant for the</span><br><span>majority of Telegram users. If the CIA is not on your back, you</span><br><span>shouldn't start worrying just yet. And if it is, it doesn't matter</span><br><span>which messaging apps you use as long as your device is running iOS or</span><br><span>Android.</span><br><span></span><br><span>The published docs did not include details on how to recreate and use</span><br><span>the CIA cyberweapons. Wikileaks said they will hold off such</span><br><span>publications until it becomes clear how these weapons should be</span><br><span>"analyzed, disarmed and published."</span><br><span></span><br><span>This means that your neighbor next door won't likely get access to the</span><br><span>newly discovered tools before they are neutralized.</span><br><span></span><br><span>What can I do?</span><br><span></span><br><span>There are some general steps you can take to increase the security of</span><br><span>your device:</span><br><span></span><br><span>Don't use rooted or jailbroken devices unless you're 400% sure you</span><br><span>know what you're doing.</span><br><span>Never install apps from unknown or untrusted sources.</span><br><span>Keep your device up to date and always install the security updates it offers.</span><br><span>Pick a manufacturer that offers long term updates for their products.</span><br><span>Remember that devices that aren't supported anymore have an increased</span><br><span>risk of being vulnerable.</span><br><span></span><br><span>These measures will only protect you from "Year Zero" exploits when</span><br><span>your device and OS manufacturers implement the relevant fixes, but</span><br><span>following these tips can already make you much safer against many of</span><br><span>the known security threats you'd be otherwise exposed to.</span><br><span></span><br><span>To sum up</span><br><span></span><br><span>"Year Zero" is not an app issue. It applies to devices and operating</span><br><span>systems and will require security updates from their respective</span><br><span>manufacturers to mitigate the threats. Naming any particular app in</span><br><span>this context is misleading.</span><br><span></span><br><span>Wikileaks claims that the CIA has had a map of undiscovered secret</span><br><span>tunnels and passages in your mountain for several years. The CIA could</span><br><span>use them to look inside your castle and read data from your phone</span><br><span>screen, before any app gets a chance to encrypt it. It is possible</span><br><span>that some of the tunnels from the secret maps have been or will be</span><br><span>discovered by actors other than the CIA.</span><br><span></span><br><span>The most important news is that after this leak, the device and OS</span><br><span>manufacturers will finally get these maps as well. And so Samsung,</span><br><span>Apple, Google, and others will be able to get to work and make their</span><br><span>mountains impassable for the CIA and anyone who tries to follow in</span><br><span>their footsteps.</span><br><span>______________________</span><br><span>Mwendwa Kivuva, Nairobi, Kenya</span><br><span><a href="http://twitter.com/lordmwesh">twitter.com/lordmwesh</a></span><br><span></span><br><span></span><br><span></span><br><span></span><br><span>On 8 March 2017 at 11:11, Ngigi Waithaka via kictanet</span><br><span><<a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>> wrote:</span><br><blockquote type="cite"><span>Hi,</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Anyone interested in top-notch cyber-war tools and techniques, it doesn't</span><br></blockquote><blockquote type="cite"><span>get better than this...</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span><a href="https://wikileaks.org/ciav7p1/">https://wikileaks.org/ciav7p1/</a></span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>As we discuss Internet privacy etc, it's important to know friendly</span><br></blockquote><blockquote type="cite"><span>countries have such an arsenal of tools that are or could be used to spy on</span><br></blockquote><blockquote type="cite"><span>us.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>--</span><br></blockquote><blockquote type="cite"><span>Regards,</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Waithaka Ngigi</span><br></blockquote><blockquote type="cite"><span>Chief Executive Officer | Alliance Technologies | MCK Nairobi Synod Building</span><br></blockquote><blockquote type="cite"><span>T +254 20 525 0750 |Office Mobile: +254 716 201061 | M +254 737 811 000</span><br></blockquote><blockquote type="cite"><span><a href="http://www.at.co.ke">www.at.co.ke</a></span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>_______________________________________________</span><br></blockquote><blockquote type="cite"><span>kictanet mailing list</span><br></blockquote><blockquote type="cite"><span><a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a></span><br></blockquote><blockquote type="cite"><span><a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a></span><br></blockquote><blockquote type="cite"><span>Twitter: <a href="http://twitter.com/kictanet">http://twitter.com/kictanet</a></span><br></blockquote><blockquote type="cite"><span>Facebook: <a href="https://www.facebook.com/KICTANet/">https://www.facebook.com/KICTANet/</a></span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>Unsubscribe or change your options at</span><br></blockquote><blockquote type="cite"><span><a href="https://lists.kictanet.or.ke/mailman/options/kictanet/kivuva%40transworldafrica.com">https://lists.kictanet.or.ke/mailman/options/kictanet/kivuva%40transworldafrica.com</a></span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for</span><br></blockquote><blockquote type="cite"><span>people and institutions interested and involved in ICT policy and</span><br></blockquote><blockquote type="cite"><span>regulation. The network aims to act as a catalyst for reform in the ICT</span><br></blockquote><blockquote type="cite"><span>sector in support of the national aim of ICT enabled growth and development.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><blockquote type="cite"><span>KICTANetiquette : Adhere to the same standards of acceptable behaviors</span><br></blockquote><blockquote type="cite"><span>online that you follow in real life: respect people's times and bandwidth,</span><br></blockquote><blockquote type="cite"><span>share knowledge, don't flame or abuse or personalize, respect privacy, do</span><br></blockquote><blockquote type="cite"><span>not spam, do not market your wares or qualifications.</span><br></blockquote><span></span><br><span>_______________________________________________</span><br><span>kictanet mailing list</span><br><span><a href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a></span><br><span><a href="https://lists.kictanet.or.ke/mailman/listinfo/kictanet">https://lists.kictanet.or.ke/mailman/listinfo/kictanet</a></span><br><span>Twitter: <a href="http://twitter.com/kictanet">http://twitter.com/kictanet</a></span><br><span>Facebook: <a href="https://www.facebook.com/KICTANet/">https://www.facebook.com/KICTANet/</a></span><br><span></span><br><span>Unsubscribe or change your options at <a href="https://lists.kictanet.or.ke/mailman/options/kictanet/info%40campusciti.com">https://lists.kictanet.or.ke/mailman/options/kictanet/info%40campusciti.com</a></span><br><span></span><br><span>The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.</span><br><span></span><br><span>KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.</span><br></div></blockquote></body></html>