When The Kenyan Government can shut down both Internet and mobile phones

I will pick on this conversation and look at something that may not have come up when Daily Nation and Standard were alerting us of the Device Management System. Opinion on that here

Right now we’re worried that the system will monitor and report on our activity; voice and mobile money. (that’s what CA is denying) But the biggest worry would be that the system can shut down mobile devices, which they claim is to shut down counterfeit devices. But what stops them from shutting down all handsets around the election period, such that there is an Internet shutdown and a mobile communication shutdown?

What are we preparing for here?

1 Like

probably preparing for that shutdown…

its been what i am telling u guys for a while,the govt has already acquired the device and accompanying system,it allows them to digest and monitor all users as well as block entire platforms.

The original article from the Daily Nation and the analysis that has followed is so poorly done, it remains difficult to say what’s true and what isn’t.

GSM networks are known to be insecure and privacy should be an assumption especially against government surveillance.

In fact courtesy of the Snowden leaks, we know that as far back as 2009 our American friends were actively monitoring Kenyan mobile networks under the NSA program MYSTIC.

Source: Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas

According to the NSA documents, MYSTIC targets calls and other data transmitted on Global System for Mobile Communications networks – the primary framework used for cell phone calls worldwide.

The operation in Kenya is “sponsored” by the CIA, according to the documents, and collects “GSM metadata with the potential for content at a later date.”

Regarding an Internet shutdown, blacklisting devices sounds like a crude implementation. It would be easier to enforce at the DNS level or even at the Internet Exchange Points. In Uganda they made it even simpler by sending “instructions from above” to the ISPs.

TL;DR don’t assume privacy on an insecure network and the Communications Authority should share the specifications of this mystery system.

It has emerged that the technical specifications in the tender document do not list any interception capabilities.

The technical specification sections of the tender talks of a DMS that links into the operator networks with a view to blocking stolen, counterfeit, substandard and SIM-box devices from communicating on the telecommunication networks.

A half decent analysis in today’s Daily Nation linked here What we know - the technology behind the ‘phone spying’ programme and the tender document here Design, Supply, Delivery, Installation, Testing, Commissioning and Maintenance of a Device Management System (DMS).

1 Like

From the Daily Nation analysis, it is shown that CA will hold the whitelist, which I think is making Teclco’s get cold feet - for reasons I do not know. Personally I think that the mention by CA that the whitelist would collect all data from all valid phones is what is worrying. What data are they referring to?