Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Thursday July 02 2015, @04:50AM   Printer-friendly
from the wifi-IS-a-deadly-weapon dept.

The head of Kenya's Communications Authority, Francis Wangusi, announced a new set of regulations on Tuesday aimed at combatting cybercrime in the country. The new rules would require all users of devices with wireless networking capability to register their devices with the Kenya Network Information Centre (KENIC)—much in the same way that some US states require registration of assault rifles and sex offenders.

Yesterday, in a speech before the annual general meeting of the Association of Regulators of Information and Communications for Eastern and Southern Africa (ARICEA), Wangusi said, "We will license KENIC to register device owners using their national identity cards and telephone numbers. The identity of a device will be known when it connects to Wi-Fi." He also said that the Communications Authority would set up a forensics laboratory within three months to "proactively monitor impending cybersecurity attacks, detect reactive cybercrime, and link up with the judiciary in the fight," according to a report from Kenya's Daily Nation.

The registry will enable Kenyan authorities to "be able to trace people using national identity cards that were registered and their phone numbers keyed in during registration" if the devices are associated with criminal activity on the Internet, Wangusi said. The regulation would apply to anyone connecting to a public Wi-Fi network. KENIC would maintain the database of devices; anyone connecting to a public network at a hotel, café, or other business would be required to register before accessing it. If businesses providing Wi-Fi fail to comply with the regulation, they could have their Internet services cut off.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 4, Informative) by kaszz on Thursday July 02 2015, @04:55AM

    by kaszz (4211) on Thursday July 02 2015, @04:55AM (#204100) Journal

    WiFi MAC addresses is never faked in Kenya? ;-)

    Some countries aren't just technology backwaters. They make sure everybody knows it too..

    • (Score: 3, Insightful) by Adamsjas on Thursday July 02 2015, @07:49AM

      by Adamsjas (4507) on Thursday July 02 2015, @07:49AM (#204131)

      Was thinking the same thing.

      There are mac address change programs in the market for Android.
      This scheme will collect so much information that the real perpetrators (if there actually are any) will be lost in the clutter.
      Their forensic labs are going to exist where? Are they going to cover every restaurant and coffee shop?

      They said something phone numbers keyed in during registration. Seems silly. I know lots of people who use wifi capable phones with no sim card, just to make voip or Skype calls from public libraries or other free wifi.

    • (Score: 3, Insightful) by Anonymous Coward on Thursday July 02 2015, @12:25PM

      by Anonymous Coward on Thursday July 02 2015, @12:25PM (#204183)

      Actually it provides a new way to harm someone.

      Step 1: Find out his MAC (not hard; his device is broadcasting it all the time).
      Step 2: Set your device's MAC to his.
      Step 3: Do something illegal on the internet. The MAC recorded will be that of your victim.
      Step 4: Make sure the police finds out about that activity.

  • (Score: 2) by penguinoid on Thursday July 02 2015, @07:39AM

    by penguinoid (5331) on Thursday July 02 2015, @07:39AM (#204126)

    Sounds like it's time for Kenyans to start routing all their traffic through proxies or TOR.

    --
    RIP Slashdot. Killed by greedy bastards.
  • (Score: 3, Insightful) by sjwt on Thursday July 02 2015, @07:43AM

    by sjwt (2826) on Thursday July 02 2015, @07:43AM (#204128)

    Strange and biased comparison, how about
    "Much the same way the US requires you to register to drive a car, or own a bank account"

    • (Score: 0) by Anonymous Coward on Thursday July 02 2015, @09:45PM

      by Anonymous Coward on Thursday July 02 2015, @09:45PM (#204439)

      Really, are you sure you are required to have a bank account in the USA?

  • (Score: 4, Interesting) by lentilla on Thursday July 02 2015, @04:17PM

    by lentilla (1770) on Thursday July 02 2015, @04:17PM (#204296)

    From a naive perspective, it makes sense to "register" all devices to an individual user. I can see how the thinking goes:

    • Bad guys sometimes do bad stuff over the Internet
    • We'd like to pay them a visit
    • Therefore we simply register devices - that way, when a bad guy does bad stuff, we'll know his address

    That makes perfect sense. Only problem being that it won't actually work. Two things will happen. Firstly, only "good" people will follow the law whereas "bad" people will circumvent it. Secondly, it becomes a means by which the government controls its population.

    I imagine the plan will be very popular with politicians. Those of us living in countries where we each have a smartphone in our pocket, a laptop in our bag and a desktop in the office (as do each of our children)... have a hard time convincing our own politicians that similar plans will not have the desired effect. I imagine the task is far harder in countries where computing isn't so omnipresent.

    The idea that we can stop bad guys with such a simple plan is so very, very appealing. It's almost a crime that it won't work. Unfortunately for all peace-loving people everywhere the reality is that no such simple solution exists and that particular proposal (wholesale tracking, in all its various invocations) leads inexorably to far greater problems than it ever hopes to solve.

    In the meantime, have some mercy on the politicians who propose these ideas and the voters who probably will think it's a fantastic idea. Their hearts are in the right place (we hope!) They simply haven't done their Computing Studies or their History homework.

    • (Score: 2) by tathra on Thursday July 02 2015, @04:43PM

      by tathra (3367) on Thursday July 02 2015, @04:43PM (#204306)

      Firstly, only "good" people will follow the law whereas "bad" people will circumvent it.

      your second point is fine, but i see this fallacy [logicallyfallacious.com] all the time, especially when it comes to stuff like gun control. "It won't be perfect" is not a valid reason not to try something. not that i agree with what they're proposing, but sophistry like this doesn't help with convincing others that it really is a bad idea.

      • (Score: 3, Insightful) by lentilla on Thursday July 02 2015, @05:47PM

        by lentilla (1770) on Thursday July 02 2015, @05:47PM (#204333)

        That's a fair point - and worth bringing to the discussion. Let's leave the gun topic to one side (that one could be a little loaded, no?)

        You said (and quite rightly too) '"It won't be perfect" is not a valid reason not to try something' - so it seems you're making an argument centred on weighing the pre-existing situation with the one after a change is made. That's entirely reasonable. I must; though; point you at what I said later in my post: "that particular proposal [...] leads inexorably to far greater problems than it ever hopes to solve". In short, I do not believe that implementing this particular proposal swings the balance sufficiently to the appropriate side to be judged good. I believe in fact that it would swing the balance further into undesirable territory.

        In effect, I'm not just saying "it won't be perfect, so don't try it". I'm saying "not only will it fail to even partially achieve its stated goals, but it will also cause additional - serious - problems". I don't believe that is a fallacious argument. (Maybe it is...?) Certainly could be in the general case ("won't be perfect, so don't try"), but surely not in the specific case ("won't actually work, will cause deeper problems")?

        Thank you for pointing out the "Nirvana Fallacy" as your linked article calls it. I've always known it as "perfect is the enemy of good". Those of us who are wired to "think first, then act" are much more prone to falling into that particular trap than "act, then think" kind of people. They have their own special dilemma, aptly called a Politician's Syllogism [wikipedia.org]

        • (Score: 2) by tathra on Thursday July 02 2015, @06:44PM

          by tathra (3367) on Thursday July 02 2015, @06:44PM (#204354)

          so it seems you're making an argument centred on weighing the pre-existing situation with the one after a change is made.

          no, i'm just pointing out that your argument that some people will ignore it is fallicious. it may be that it will fail to achieve its stated goals, or it could be that the stated goals aren't the actual goals or that you're misunderstanding or intentionally misrepresenting the goals.

          that it will cause serious additional problems is a valid argument against it, but that it will fail to achieve what you understand to be its goals, or that it won't achieve them perfectly, isn't. usually the goal with measures like this is to reduce whatever it is they're trying to reduce, or to make it easier for officials to accomplish something, not to entirely eliminate or perfectly accomplish.

          i too think what they're wanting to do is stupid and oppressive and would oppose similar legislation in my area, and its for that reason that arguments against it must be sound.

  • (Score: 1) by meustrus on Thursday July 02 2015, @09:06PM

    by meustrus (4961) on Thursday July 02 2015, @09:06PM (#204412)

    It sounds like this would mainly apply to public Wi-Fi. Mainly because licensing users for their own personally owned hardware doesn't make sense. So if we're talking about public Wi-Fi, this does make sense in the case of liability. If a crime is committed on Wi-Fi, is the business hosting the internet liable for the crime? Such a scheme would effectively eliminate public Wi-Fi, so no. Is the business responsible then for maintaining enough information to help law enforcement identify the real culprit? Because if not, there is no accountability. So this is a totally reasonable proposal so far; let's understand the reasoning behind it before we attack it for its technical failings.flaws

    The fact is that internet activity does not necessarily leave the kind of identifiable evidence that physical activity does. Just about the only thing it always leaves is a MAC address, which I would see as a fingerprint. So is it reasonable to require all users of public internet in a country to effectively register their fingerprints to do so? Probably not. And the fact remains that criminals are usually pretty dumb. They will log into Facebook or Twitter or their email account in the same session as loading up some hacking script they bought off a crappy web site. Anybody smarter than that, however, is probably thinking about using a proxy or spoofing their MAC address. The law cannot keep up with whatever schemes the smart criminals will use to stay hidden.

    So what can be done to really solve this problem? Because without real solutions, simply telling the politicians that their solutions won't work just isn't going to cut it.

    --
    If there isn't at least one reference or primary source, it's not +1 Informative. Maybe the underused +1 Interesting?
  • (Score: 0) by Anonymous Coward on Friday July 03 2015, @12:16AM

    by Anonymous Coward on Friday July 03 2015, @12:16AM (#204477)

    From Wikipedia's entry on Kenya:

    Kenya ranks low on Transparency International's Corruption Perception Index (CPI), a metric which attempts to gauge the prevalence of public sector corruption in various countries. In 2012, the nation placed 139th out of 176 total countries in the CPI, with a score of 27/100.

    and

    In December 2014, President Uhuru Kenyatta signed a Security Laws Amendment Bill, which supporters of the law suggested was necessary to guard against armed groups. Opposition politicians, human rights groups, and nine Western countries criticised the security bill, arguing that it infringed on democratic freedoms. The governments of the United States, Britain, Germany and France also collectively issued a press statement cautioning about the law's potential impact. Through the Jubillee Coalition, the Bill was later passed on 19 December in the National Assembly under acrimonious circumstances.

    Notwithstanding the pot calling the kettle black, it seems Kenya is just another African county where mass corruption is normal, but now they've found a new way to do it that's more efficient.

  • (Score: 1) by mgcarley on Friday July 03 2015, @04:25PM

    by mgcarley (2753) on Friday July 03 2015, @04:25PM (#204774) Homepage

    This is already required in several countries, such as India - when you want access to the WiFi you have to sign in (on paper) to a kind of log book.

    --
    Founder & COO, Hayai. We're in India (hayai.in) & the USA (hayaibroadband.com) // Twitter: @mgcarley