Kenya's Ingenious Solution To Cybercrime: Register Every Wi-Fi User And Device With The Government

from the criminal-masterminds dept

Mon, Jul 6th 2015 11:39am — Karl Bode

Good news! Kenya has developed an ingenious, foolproof plan to put an end to the menace of cybercrime as we know it: they'll soon be requiring that all Wi-Fi users register with the government before going online. Since most of us realize that hacking or tricking Wi-Fi authentication systems is impossible, and, as we all know, criminals aren't capable of stealing other peoples' Wi-Fi credentials, Kenya will be at the very forefront of landing a killing blow on internet-based crime as we know it for decades to come. It's simply amazing that someone didn't come up with this idea sooner.

The new head of Kenya's Communications Authority, Francis Wangusi, last week stated in a speech that Kenya has taken over chairmanship of Association of Regulators of Information and Communications for Eastern and Southern Africa (ARICEA), a body that fights cybercrime within member nations. A new mandate of the group will require that every single Wi-Fi device in each and every member nation be registered with KENIC for the good of internet users everywhere:

"He added that Kenyans will also be required to register their mobile devices with Kenya Network Information Centre (KENIC) in new rules aimed at fighting cyber- crime. "We will license KENIC to register device owners using their national identity cards and telephone numbers, the identity of a device will be known when it connects to Wi-fi," said Mr Wangusi at the ARICEA annual general meeting Tuesday in Nairobi. CA is also committed to conduct a detailed study on the depth of web hackings in the country. Wangusi said cyber-attacks are on the rise with the banking sector suffering most, followed by government officials."

Other reports seem to indicate the well-formed plan could just involve users having to plug in a passport or other ID number before being able to access the internet whatsoever:

"We are considering the idea of ensuring the Public Wi-Fi is not accessed without a log in. The logging in of the public domain will require one’s passport number, ID Number or telephone number," he said. "The unique number of a device is identified on the internet but we can’t identify who is owning it, if you don’t use the right identification numbers. That’s why we insist on logging in the Public Wi-Fi with personal credentials. This will help us in securing the cyber space, in case of cybercrimes,” he said."

Since MAC spoofing apparently doesn't exist in the alternate dimension I'm currently writing this story from, it should be relatively easy to get everybody voluntarily registered while constantly monitoring and thwarting any attempt to bypass the system. Similarly, since fighting the ambiguous menace known as "cybercrime" is never used as a pretense to expand government surveillance and brick-and-mortar oppression, Kenya will likely spearhead this bold new assault on internet skulduggery without any negative repercussions whatsoever for the public at large. Amazing!

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybersecurity, kenya, registration, wifi

21 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 6 Jul 2015 @ 12:03pm

Was that article sarcasm?

Yes, I'm 3/26 now.
[ link to this | view in thread ]
kP (profile), 6 Jul 2015 @ 12:09pm

SMAC MAC Address Changer
http://download.cnet.com/SMAC-MAC-Address-Changer/3000-2085_4-10536535.html
[ link to this | view in thread ]
ahow628 (profile), 6 Jul 2015 @ 12:10pm

Where will the cyber criminals go?
But where will the cyber criminals go? My guess: Nigeria.

Wait, is this an old article? Did this already happen? I'm confused.
[ link to this | view in thread ]
Jeffrey Nonken (profile), 6 Jul 2015 @ 12:10pm

The Farce is strong with this one.
[ link to this | view in thread ]
alanbleiweiss (profile), 6 Jul 2015 @ 12:11pm

What an "ingenious" plan! Wouldn't surprise me if RIAA learns about this and then pays U.S. politicians to try the same thing here.
[ link to this | view in thread ]
Anonymous Coward, 6 Jul 2015 @ 12:22pm

When unregistered internet use is criminalized, only criminals will use the internet unregistered!
[ link to this | view in thread ]
sheldon C, 6 Jul 2015 @ 12:27pm

Re:
https://youtu.be/82CtZX9gmZ8
[ link to this | view in thread ]
Anonymous Coward, 6 Jul 2015 @ 12:45pm

Re: SMAC MAC Address Changer
Are MAC addresses still set up such that the first 6 characters designates the manufacturer of the NIC? Is so I can see something being deployed that if the first 6 characters don't match anybody's list that said NIC would be denied access to whatever network.

(Similar to MAC whitelisting/blacklisting, except those use entire addresses.)
[ link to this | view in thread ]
minijedimaster (profile), 6 Jul 2015 @ 1:16pm

Re: Re: SMAC MAC Address Changer
Yes the first 6 has and always will be the OUI which different OEM's purchase for their devices. Doesn't really matter though, when you spoof a MAC you spoof the whole thing, not just the first or last half of it. So change the OUI, change the last half, change both, don't matter.
[ link to this | view in thread ]
minijedimaster (profile), 6 Jul 2015 @ 1:20pm

Control! CONTROL! YOU MUST LEARN CONTROL!
Not really any different than your run of the mill gun control laws or DRM on software. Only affects the legit users, criminals will continue to do what they want outside of the system bypassing it entirely. When will politicians learn?
[ link to this | view in thread ]
Anonymous Coward, 6 Jul 2015 @ 1:24pm

And the really funny thing is ...
MAC addresses aren't transmitted past the point of access. So your WiFi equipped device and the WiFi access point have access to the MAC address and anything past that just has a IP address (typically dynamically assigned). So is Kenya going to require that all WiFi access points maintain access logs? Or perhaps transmit an authentication record to some central logging server?

Definitely sounds like politicians making laws about technology when they don't have the foggiest concept about the technology.
[ link to this | view in thread ]
minijedimaster (profile), 6 Jul 2015 @ 1:35pm

Re: And the really funny thing is ...
Not only that but vast majority of the time you're connecting to an AP on a LAN and are NAT'd out to the internet on the same public IP everyone else on the AP is on (just a different random port). So really PAT'd out, not NAT'd out I guess. Either way, not sure how you even accomplish this without forwarding all your internet traffic to some sort of AAA server the government runs.
[ link to this | view in thread ]
That One Guy (profile), 6 Jul 2015 @ 2:14pm

Well, not /all/ of them...
You can be sure however that politicians and the higher ranked individuals from companies will not be subject to this new tracking scheme, because it would 'violate their privacy', and 'present a threat to the security of the government/company'.

Can't track the ones that write the rules, or the ones who buy them after all. /s
[ link to this | view in thread ]
FallenDynasty (profile), 6 Jul 2015 @ 2:33pm

Im sure a government like Kenya that leads the way in both technology and humanitarianism will be able to pull this off without a hitch.
[ link to this | view in thread ]
Anonymous Coward, 6 Jul 2015 @ 4:20pm

Another overbearing, $*%£ 'ing government......yet again
[ link to this | view in thread ]
Anonymous Coward, 6 Jul 2015 @ 4:24pm

so what about an ad-hoc mesh network? I mean, it isn't "the internet" (of big corporations, wires from hither to yon, satellite reception, and phone towers in the middle of nowhere).
[ link to this | view in thread ]
ahow628 (profile), 6 Jul 2015 @ 8:01pm

Re: Re: And the really funny thing is ...
You don't think the government of Nigeria can build servers to handle the forwarding of all traffic through one government checkpoint? Just look at all the email traffic they handle going to the US.

"Dear honorable sir, I am Jobley Masterson, esq and I represent a Nigerian price..."
[ link to this | view in thread ]
CharlieBrown, 6 Jul 2015 @ 11:04pm

Australia. Again.
In Australia you need ID to buy a mobile device, including phones, SIM's and Internet dongles. Prepaid included.
[ link to this | view in thread ]
James, 7 Jul 2015 @ 4:41am

WiFi only?
I foresee a large increase in Kenyan cyber criminals using ethernet connections for their daily business.
[ link to this | view in thread ]
minijedimaster (profile), 7 Jul 2015 @ 6:27am

Re: Re: Re: And the really funny thing is ...
Not sure where I said I didn't think the government couldn't handle setting up AAA servers to authenticate people. Just said that's the only way I can think of on how to accomplish it.
[ link to this | view in thread ]
Anonymous Coward, 7 Jul 2015 @ 11:12am

Coming soon to a Western "democracy" near you!
[ link to this | view in thread ]