Security Archives — LIRNEasia


I hope to write more about the insightful discussions at the workshop convened by LIRNEasia and CIS. For now, here are the slides I used to frame the discussion on Harms from Surveillance, (In)security, and impacts upon Privacy and Competition. Image source.

Loon facing turbulence in India

Posted on December 12, 2015  /  0 Comments

Economic Times reports three problems, of which it says the spectrum issue is the hardest to address. One of the primary concerns with the proposal is that the spectrum band required for the transmission is unavailable. According to DoT, Google has sought a band of 700 to 900 MHz, which is occupied by telecom service providers. Union communications and IT minister Ravi Shankar Prasad confirmed that there are technical glitches in Project Loon. “The proposed frequency band to be used in the Loon Project of Google is being used for cellular operations in India and it will lead to interference with cellular transmissions,” he said in a written reply to the Rajya Sabha.
India has withdrawn a really stupid piece of legislation. But can you imagine what would have been the outcome if informed and articulate experts such as Pranesh Prakash of the Center for Internet and Society were not there to tell the government the dangers of following the advice of its house “experts”? Responding to a chorus of criticism, Indian officials on Tuesday hastily withdrew a draft policy on encryption that would have required users of social media and messaging applications to save plain-text versions of their messages for 90 days so that they could be shared with the police. The proposal, which many condemned as both draconian and impractical, came as an embarrassment days before Prime Minister Narendra Modi travels to Silicon Valley to try to attract investment and promote India as an emerging market for digital technology. Mr.
I once invited Bruce Schnier to speak on cryptography at a Ohio State U conference. He came and gave a good talk. But he’s now a star. He exposed the NSA inserting back doors into national cryptography standards. Here is his big picture analysis: Not only is ubiquitous surveillance ineffective, it is extraordinarily costly.
President Obama’s support for surveillance predates his election. I believe that he has assessed the pros and cons of surveillance and concluded that it is necessary. The question then is how it is to be regulated, so that that negative outcomes can be minimized. One possible path is a variation of the FISA oversight solution, but with greater transparency. This may be the path being explored by Senator Markey, perhaps one of the most well informed US legislators on telecom and ICT matters.
The Saudi regulator is pressuring operators to crack down on Skype and similar OTT applications. It affects both Saudis and the many expatriate workers who live there. This will require deep packet inspection and some serious interventions in the data streams. Saudi students on scholarships who use the Skype video application to contact their parents are also disappointed. “I really don’t understand what they mean by monitoring.

What to do about unregistered SIMs?

Posted on January 7, 2013  /  7 Comments

We have consistently argued that human beings must be associated with, and be accountable for, SIMs. The imperatives of the Budget Telecom Network Model cause companies (or more, the thousands of resellers who actually interact with customers) to give away SIMs without too many controls. Therefore, one must be judicious in enforcing the rules. We have been pointing to Pakistan as a model. Kenya, it appears, is exemplary of what not to do.
Ministers making statements outside their areas of competence without consulting appropriate authorities is no way to govern. But that apparently is what the Pakistan Interior Minister has done by announcing the end of prepaid mobile in his country, according to Dawn: In a meeting on Friday the operators took strong exception to Rehman Malik’s statement and declared it uncalled for. “The statement has created panic in the industry and it appears that it might have been given purposely to target the telecom industry,” an official of a leading operator told this correspondent. He said in the meeting the operators had also decided to see the PTA chairman in this regard.
Increasingly, there is talk that permitting Huawei to bid on telecom network contracts makes a country vulnerable to espionage and worse. The Economist has a well argued ripost. Well worth a read. The other reason for not banning Huawei is the dirty little secret that its foreign rivals strangely neglect to mention: just about everybody makes telecoms equipment in China these days. Chinese manufacturers and designers have become an integral part of the global telecoms supply chain.
This was not a fight we were involved in, but were following with peripheral vision. For those who were in the thick of it, it must be a good day. For us too, because an open Internet benefits everyone. “Let us be clear,” the White House statement said, “online piracy is a real problem that harms the American economy, threatens jobs for significant numbers of middle class workers and hurts some of our nation’s most creative and innovative companies and entrepreneurs.” However, it added, “We will not support legislation that reduces freedom of expression, increases cybersecurity risk or undermines the dynamic, innovative global Internet.
The Directorate of Environment, European Commission organises the conference ‘The Civil Protection Forum – Towards a more resilient society’ that aims to explore the concept of resilience. Climate change is likely to increase the frequency and impact of disasters, and Europe has to be prepared for this challenge. The Forum will start a debate on a comprehensive European disaster management strategy to enhance resilience. Around 500 delegates, speakers and exhibitors from politics, academia, the civil protection services and international organisations are expected to participate. Chanuka Wattegama, Senior Research Manager, LIRNEasia will be one of the speakers in the six practice-oriented seminars will look more closely at how European civil protection works in the field – how does it integrate with other international actors, three major phases of an emergency (prevention, preparedness, and response) and the roles of different stakeholders (institutions, civil protection professionals and civil society).