So last week I was reading my blog feed and came across this startling news in the Business Daily: Policy target internet cafes on war on cyber-crime. Reading the article revealed some rather disturbing details.
Apparently the Kenya Police in an effort to combat cyber-crime, you know: hacking, copyright and IP theft; wants to make it that every time you use a computer to access the internet at an internet cafe your details are logged. While it wasn't exactly clear what details they'll be collecting, they did mention ID numbers and time. They want to do this so that they can tie people to specific computers if they use them to commit a crime.*snorts*
And where was this proposal made? At the parliamentary committee on education's hearing on the more than 1,700 cases of cheating reported in our O level exams last year. 1,700 cases. Wow!! Out of the almost 400,000 people who did the exam that translates to 0.425% cheating rate. Not too bad considering that in some countries it's much higher (nonscientific Google research). The article mentions the conviction of one person based on the fact that he used SMS. Wait a minute? How this is relevant to cyber-crime and registering who uses a computer is beyond me. Never mind that not once anywhere is it mentioned that any of the 1,700 cases was because someone used a computer to distribute the papers.
Now seeing that there was only one conviction based on evidence from sim card registration shows that either one person out of those 1,700 cheated using SMS or that out of the 1,700 they could only convict one which is a success rate of 0.06% or maybe and this is more likely that the other 1699 cheated by other means. Let's think about the other possible means. One could have written the answers on a piece of paper, what we in Kenya call "mwakenya" , the next proposal will be that every time a student or anyone is buying paper they'll be required to leave their ID details at the till? Or perhaps when buying a pen?
Now these are obvious hyperboles, but so is this proposal!! I don't trust the government with my data! I don't know what they'll be using it for. I may end up a suspect just because every time I'm on the net I research bomb making technics. Combine this with the fact that the Communications Commission of Kenya, a group I already feel have no spine, wants to use 36 million of my money(taxpayer) to install a system on all our nation's ISPs to perform deep packet inspection (they want to be able to read your email, FB messages and generally see whatever the fuck you're doing on the net) in the name of cyber security, never mind almost all the websites hacked in the last year were hacked from outside our borders, I feel that our online privacy is now effectively under attack from a government that is over-reacting to a non-existent threats. Read about this CCK deep packet inspection system here.
I feel our nation's resources and time would be better spent building and finding ways to ensure there's better protection on our mission critical and sensitive systems and educating companies on how best to protect their online infrastructure and data rather than wasting time and money on spying and violating the privacy right of it citizens.
I'd like to remind everyone that these same people whose websites were hacked twice because they had the user name as "admin" -or was it "user"- and the password as "12345"(No really!! I'm not fucking with you). Clearly these people know jack shit about cyber-security!! Peace!