On Wed, Jul 15, 2009 at 1:26 PM, Michuki Mwangi <michuki@swiftkenya.com> wrote:
To the best of my understanding the Govt has concerns on security and privacy thus the reason for having this project. I think their concerns are well founded and since most of them are at the policy level as rightfully put by Alex the design and implementation has to appear to reflect the same. Therefore if this project will create this sense of control and security - its probably what we need to get e-govt going forward so i would advocate for speedy implementation.
Agreed, we often omit to practically consider and address local concerns preventing wider internet usage. @Karunyu, I wonder if the Blackberry example equates to CIA, FBI, Public Health data, and all other sensitive USG data passing right under private noses? The other problem I can foresee is that if KIXP were to handle such data and one of the boys in suits (or in blue) stood by Wambugu all day... guys ( including me) would start screaming "censorship" or "gova is monitoring all our private communications." So I argue as Michuki below, let them have their own and BGP/ASN announce what's publicly necessary. That's ok for all of us - them, us and public interest.
Having said that;
1) From my understanding its called GIXP - by definition of what an Internet Exchange Point is - are they going to have each Govt agency, ministry etc peering there? i.e using BGP, ASN fully meshed peering point and invite others (ISPs, Telco's etc) to come and peer?.
You beat be at this:-) I was to respond exactly the same way...
2) Quote "The internet was never designed with security in mind" therefore its best Govt took time to understand that security is built on-top of the infrastructure, Services and Human Resource. Failure to do so having a peering point will not shield them from any potential security problems.
Am sorry Alex but the reason encryption was built was to ensure that DPI cannot do anything and depending on what kind of encryption you use determines the number of years you will be spending trying to decipher encrypted packets.
But look at it from a cost-benefit analysis angle. The cost of educating every Civil Servant to ensure all their communications are encrypted. Or (lesser?) costs of implementing the same on every government servers versus theĀ putting of up "GoK-Intranet" GIXP costs. I would bet on GIXP costs being way much lower (and lesser maintenance costs)
So if i was Govt, i would develop my own type of encryption like the the Russian Govt did. Heck even using a SHA-1 256 bit key would suffice :)
It's mobile stories like "Death muddies Greek spy probe" that don't help much to re-assure. <http://news.bbc.co.uk/2/hi/europe/4838552.stm> Bear in mind foreign majority ownership of Kenya's communications infrastructure -courtesy of privatisation and the need to attract foreign communication investments.. See it simply as a middle-ground "the best of both worlds:)" position advocacy. regards, Alex
Phares Kariuki wrote:
A suggestion, .go.ke buys out the KIXP? Then it can maintain and control traffic... But given the history of parastatals and efficiency, I'm not too sure that's a good idea...
On Wed, Jul 15, 2009 at 10:12 AM, Gakuru Alex <alexgakuru.lists@gmail.com>wrote:
You mean PPP kind of partnerships where government saves by using private sector's infrastructure, data centres and servers, KIXP, etc? Well, I think NOT. Imagine gova intranet data (for example, NSIS) passing through some private company's servers... And with Deep Packet Inspection (DPI) the telcos /data centre owners reconstructing all of that data then using it to know EXACTLY what is going on in all of government's offices.... Let's be frank, that'd be a national disaster. In any case, who these companies? c'mon...
On Wed, Jul 15, 2009 at 7:53 AM, Richard Bosire <richard.bosire@gmail.com>wrote:
In today's paper's CCK is sourcing for supply, installation and commissioning GIXP, wonder why they are not working with private initiatiates such as KIXP?
There are too many parallel and sometimes duplicate infrastructure initiatives in this country. _______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Skunkworks announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science - http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi - http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Skunkworks announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science - http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi - http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
------------------------------------------------------------------------
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Skunkworks announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science - http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi - http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general
Skunkworks mailing list Skunkworks@lists.my.co.ke http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks Other services @ http://my.co.ke Other lists ------------- Skunkworks announce: http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks-announce Science - http://lists.my.co.ke/cgi-bin/mailman/listinfo/science kazi - http://lists.my.co.ke/cgi-bin/mailman/admin/kazi/general