 mahenaMasteri yon zayia yon zod usedipo yon coman yon zan k maisan mahenaOur personal data The kind of things they can do with it from like tracking your daily progress to knowing what you eat to knowing you know the times of the day watewa you do doing the times of the day it can get Can get a bit It can get a bit extreme However as I assured you guys last time there's nothing much to worry about since most of the data is used by advertise Ilemsenu, napudiria zami nga kwa kodinyo. Eki Kwa kwa gafiwekia kora wungi, Na kwa wungi, kwi wungi kwa kwa wungi reiki. Yu wungi nga kwa kwenujiwato, Newsumit kwa kwa kwa kwa wa kwenuwa reiki. Omi, kwa kwa kwa wungi kwa kwa kwa wungi kwa kwa kwa wungi kwa wungi kwa wungi, But mostly it's been relegated to try and understand the impact of data and AI more in the short time in the short from the last time we talked, I released a book called to hide or not to hide, which tackles the same topic we tackled here last year when we met. Last year, wow, long time ago. So currently I am the product officer of Akilikash, which is a startup that's supposed to teach people on financial literacy. Okay, alright, quite interesting. Tell us a little bit about the book. Okay, so in the book I, in the book I tend to try and make it sort of like an introductory course into the idea of data, data inclusion and what to do if you don't feel so confident about people using your data. I try and make it as easy as possible to understand and I try breaking it down in ways that make sense. And it's not even a big book, it's about 16 pages, just try to make it as brief as possible in the, I understand in the quick world everybody doesn't have time to read like a whole 250 book on things like data privacy, so I try to make it as short as possible. Which is good, because that summarizes everything, all that you need to know about data privacy. Exactly. Okay, alright, so now on to encryption, what is encryption? Okay, so take encryption like some sort of password. So say you have probably an app, most people use app lockers these days on their phone apps. So for example you don't want people to easily access the gallery you put like a passcode or a pattern. Encryption works in a similar way. What it does is that it takes your normal data, breaks it down into something that's completely unrecognizable and then on the other end there is a system that breaks down whatever was unrecognizable to show you what was decoded down. So basically it's encoding, decoding, encoding. What I mean is this is one full thing, it's broken down into a thin line which was not its original shape and then at the end of it it's brought back to its original shape but only now in the digital sphere. Alright, so I think it'll bring it with perspective. What are some of the areas where encryption has been applied? So encryption has been applied to, in the modern day it has been applied to messaging, for example the messaging app WhatsApp uses end-to-end encryption. Other messaging apps and mostly very vital apps and services that require vital information for example your social security number or your bank account number or any particular set of information that is vital to you. Most of these services and most of these apps use encryption to protect the user's data. So when I'm using the ATM it uses encryption, making the online payment uses encryption, WhatsApp uses encryption. So there's this, I don't know if it's a myth, I don't know if it's allegations basically that WhatsApp kind of, as much as it's end-to-end encryption our information is still out there that the government can still get our information as much as we are being told that the messaging is private. So how true is this? Okay, it depends on how you look at it. On one of the threats of encryption the government or legislation is one of them. In instances where a crime is committed and there are messages that could attribute or could help investigators or prosecutors find evidence the government is legally obligated to ask for those messages, a transcript of those messages. In that case then the government directly has access but it is only used by the government in cases where there is an ongoing investigation or there is an allegation that has gotten to the legal system that requires the government to actually look into your data. Otherwise there is nothing to fear about. Okay, but we usually told this information that's out there especially with WhatsApp for group administrators. They need to be careful about what is being posted in the group because if anything, let's say hate speech is being discussed there then they'll be held accountable. But how would they know that there's hate speech because maybe nothing really substantial has happened but how would they know that there's hate speech unless they're actually monitoring it? Okay, so there are three ways they discover this. The first thing is through user reporting. So on your WhatsApp feature sometimes when you want to block somebody you find the option of block and report. The block and report option gives the user the option to report in instances of hate crimes, in instances of insult or abuse online, in instances of cyberbullying and the like. It was brought about to protect the user. That's the first instance. The second instance is that in most modern messaging apps and most apps they use what is known as keywords or they use keywords. So though the messages are not directly read via WhatsApp, the messaging goes through a system that helps the service provider know whether there is evidence of hate speech in appropriate content and the likes and as long as it breaks the terms of service they have rights to block a person or close an application or even ban a user from using the service. So that's what actually happened. So basically what you're saying is that as long as we have the end to end encryption, our data is safe unless of course you're involved in some shady activities there. So we can sleep well knowing. Just don't do anything that would probably put you on the wrong side of the law or the wrong side of probably WhatsApp because again the last time we were here I remember us talking about people not reading the terms of service and the terms and conditions of any app they love. They just say yes I agree. They don't read through and unfortunately sometimes they find they get banned. They get banned from WhatsApp and they don't know why. So they go telling everybody, I've been hacked, I've been hacked when in truth they probably broke terms of service. One of the easiest ways you can get banned on WhatsApp is through spam. You know the tabia for the two aunties for WhatsApp groups when they see one message and they send it to everybody. Click on this link. Yeah, click on this link. Government do you what, militarist do you what and you know it's not real. When you overdo it, it's recognized as spam. You are affecting other users experiences. That's one of the terms and service violations that you might encounter that might lead you to getting banned on WhatsApp. Alright. Yes, so it's very important for you to read the terms and service it's also very important for you to understand like your limits the limits of your use on any of these social media platforms. If any of the things that violate the terms of service hate speech, spam in appropriate content is recognized there is a high chance you will get banned. Banned, alright. Now I know that. I know that clicking on those links, the spams you can, you start a chance to get banned on these platforms. Now what are some of the threats of encryption? Okay, some of the threats of encryption include one that I have talked about is legislation. There is always a fight online about there is always a fight in public concerning free speech and the balance of the thin line between free speech, hate speech, free speech and violation of our country's laws free speech and interference with the government activities. And a lot of people have asked in terms of privacy why does the government have access to our data especially when we feel we might be looked into and the government might try to look for other things other than the thing they are looking for. I will give an example of the United States back in 2017 a major phone developer known as Apple prevented the FBI from accessing people's private data including messages and calls and video chats because they believed as a company it would infringe on their users' privacy despite it going against the legislation at the time which allowed the government of the day to be able to peru. So there is always a friction about that particular thing. The second thing is cyber hacking. Last month, but one or two we faced several cyber attacks. The DDOS attack that happened. We are not really sure where they came from Sudan. I am not really sure where they came from. The people who claimed responsibility were from Sudan but we don't know who really enacted the attack. Unfortunately DDOS attacks or any types of cyber attacks can affect your privacy because hackers might have systems in place or algorithms designed to break encryption. As long as they understand how that particular encryption works they have the ability to break it. That is one of the threats that are available for encryption. Alright, speaking of the cyber attacks there are also these steps of links that we get the spam links again that are actually sent they are actually encrypted and we don't know so when you click on it then you are through phishing and all the different types of cyber attacks that we also get so that is the other downside to it because they also use encryption. They use encryption. Unfortunately because of the way encryption works one of the ways people take over your account to view is through phishing. This is something you have actually reminded me about and this has affected a lot of people. I know there are a bunch of insecure boyfriends out here who try and access their girlfriends phones. You are addressing Grace's question. There are people who try accessing their girlfriends phones WhatsApp introduced a feature that allows you to connect to your WhatsApp account through the web using your phone number without directly having access to your phone. This presents a lovely opportunity if you are using your own personal desktop. You are talking about the WhatsApp web? The WhatsApp web that allows you to use WhatsApp internet directly without having to use your phone. It presents a good opportunity for convenience for those who have to multitask and whatnot but it also presents a risk. There are people who I know take advantage of WhatsApp web to get access to their girlfriends phone numbers and therefore messages. There are also apps that exist like spy pro or something like that that exist that copy users data the copy the data directly by cloning instead of phishing cloning the person's data through WhatsApp. How does it do that? Explain to us. So for example with WhatsApp web what they do is they ask their girlfriend for their phone number of course they'll play the game of see you trust me. So they'll take the phone number they will connect it to their own either web or app that has that particular authorization they put in the phone number and from there they can be able to see your messages and even interrupt or stop messages from being sent and received. In other cases they use links phishing links where now when you click on that link there is script attached to that particular link that locks you out of your WhatsApp account but enables the hacker to have access to WhatsApp account. Oh my goodness look at that. That can only be done with IT grids. Who are you dating? Be careful who you date. Choose wisely. The profession matters. I mean wow. So people go to that extent. So basically that's what phishing is for those that don't understand phishing phishing and cloning essentially that's like the easiest way to explain it. They only take these methods because of WhatsApp's encryption system that is end to end secured and even WhatsApp themselves don't see. How they note the keywords however is because it's already in the system. The system is able to note those keywords and WhatsApp itself has that detection system on the app itself. So though the keywords can be figured out the app does not transmit any data to Facebook or matter. It goes directly from you to the other person and only our WhatsApp app can decode what you sent. So now we know that apart from cloning and phishing WhatsApp does not transmit data to Facebook or Instagram. What about from Facebook to Instagram because when you search on something on Instagram when you go to Facebook you probably find it. There is always the element of interconnected apps. You understand that the parent company of Facebook known as META owns WhatsApp, owns Facebook, owns Instagram and the new app known as Threads. I don't even know the last time I used that app. Come to it Lisa. So what happens is with Facebook and Instagram there is something known as interconnected experiences which is a feature that was developed for it. Interconnected experiences with your permission of course they allow you to link whatever your activity on Instagram with your activity on Facebook. If you enable that whatever you post on Instagram can also and will also be posted to Facebook. This is very helpful for those who want to try and make one post for multiple platforms but from the same from one platform. So for example if I'm posting a picture on Instagram let's say today since I've been here I want to post a picture on Instagram and tell people you have been here it's been a lovely day and I want everybody to see it from Instagram to Facebook to even WhatsApp possibly. I want interconnected experiences turned on that would allow me to have one post sent to multiple platforms. Exactly. Alright, awesome. Now with the Threads what are some of the solutions that are there? Some of the solutions I believe they tackle us here and I will touch on them. One thing to do is to make sure you keep if you're going to have a digital identity online make sure it is a digital identity that only you want the world to see. So in that instance you only share what you want to share and don't share anything more or less. That's one thing. Another thing you can do is be careful who you share your number with which links you click as it might affect your privacy or affect your encryption stability. Another thing you might want to do is try and probably limit the kind of websites you access because some websites use cyber hacking things like key logging there are apps that take screenshots malicious apps that take screenshots of your phone, they clone they copy information from your phone and send it back to their servers. So you want to be careful which kind of websites and apps you access. One of the easiest ways to know that a site is secure when you access the website from Google Chrome or whichever website browser app that you use make sure the first line of that web link that you access is HTTPS. HTTPS, the S at the end of it stands for secure. It's been designed to be secure. That probably ensures your protection online. That's key to note. Any website that's just HTTPS is not secure. It has to have the S with it. What about cookies for those that people say accept cookies so is it safe to always click on accept cookies for every website you go to? I'll begin by explaining what cookies are. So cookies are it's just a technique it's just a nickname or a term for short term short term data that is used on web apps. So for example certain web apps require some memory in order to operate or run because based on various decisions you decide various decisions you decide to take on the app. So for example if it is a shopping app you probably want it to remember what you put in the cart or you probably want it to remember what thing you searched last time or which item you clicked on last time so the next time you access the website you can easily find it. Cookies are designed for that reason they are designed to keep short snippets of data that can be used to easily open quickly open their website first and easily remember what you were doing the last time you were on the website. When website asks for cookies what they are essentially doing is giving you the user a choice to decide whether you want that particular set of information available to them or not. So that's next time the website tells you do you want to accept cookies now you know what cookies are and whether you're comfortable with that particular website having those cookies. Why is it that then there's a website when you don't accept the cookies I may be wrong if you don't accept the cookies then you're not able to scroll through the website if it's a website I don't know website that is doing a news website then you are not able to read through the whole story if you don't accept the cookies. Some websites require those cookies to operate based on whichever way that website was built. The websites that are built that require cookies to completely function because logging of that data is not accessible to the web developers themselves it is only accessible to the user and only when the user accepts the cookies is that information available to the web developers in order to optimize their websites. In such an instance then cookies are vital for that website or that app's success. In instances where also another thing is ad blocking ad blocking it's related it's similar but it's not necessarily tackling on encryption we know why we do ad blocking malisha's ads boring ads fill the screen certain websites require ads to function and what I mean by require ads to function is that's why they make their bread and butter so sometimes when we add ad blocks on these websites we prevent them from making any money and it becomes very difficult to keep the website up because it actually costs it's not cheap to keep a website up so they use ads to try and get an income and keep the website slides on hypothetically so there are some apps that we refuse to operate once you've enabled an ad blocker that is in order to secure first of all that they get some money and also to secure the services that they probably would provide to other service providers for example that ad space is a service so they need to ensure that that happens now that we're speaking on this line there's something that also usually happens for people who watch movies in this websites like one to three movies different sites so when you click on it it usually redirects you to another tab and it's for me it usually looks like it's a virus so it can infect your laptop or something how safe is it using these sites okay first of all you should be aware I know Kenyans to Mezoia mamboia but first of all those websites are not legal they're illegal meaning they're infringing on copyrights they're infringing on the data that was developed by these individual studios by deciding to join that websites you have opened yourself up to potential threats because these websites also need money to work so they'll obviously be littered with ads and some of these ads are redirects they are short form ads which lead you to other links which also lead you to other links and that is done on their end to prevent like easy tracking of whoever is making this website the end is the goal is to try and make money from the ads and the goal is also not to get spotted for doing illegal shady things so just know if you're watching from 1, 2, 3 movies, F movies then you are exposing yourself to these kinds of people but does it have any harm audio machine well it depends on what you click if you just click around aimlessly and accept every link that follows there is a high chance you will be infected with malware malware is malicious software basically it's malicious software malicious software can do anything from copy the information that is on your laptop important information track every key that you type including passwords and stuff or fishing links links that take your data or run somewhere apps that close your laptop give us money or you will never access your files again oh goodness wow yeah it gets crazy gets really crazy and when they will get to understand all the types of cyber security issues that are there like the run somewhere now as we come to a close on this tell us how the landscape looks like on encryption landscape I could say the landscape is great but there are new challenges coming already a lot of encryption methods have been locked down their universal their standard they understood and that means it's even more secure for the end user however their new technology is always coming up and I will talk about something that sounds like sci-fi to a lot of you quantum computing now quantum computing has come up and because of how quantum computers work they are able to break encryption cycles very easily in fact what would take a normal computer about 256 years to break it can take a quantum computer merely seconds and so now people are trying to find ways to ensure that their encryption methods cannot be unencrypted by quantum computers so that's something that is coming with technology it's already here it's only that it's not in Kenya yet but it's already here there are more than five quantum computers that exist in the world they are in different campuses in the United States and in Google so that poses a threat to encryption it poses a threat to encryption alright so we need to develop something bigger than that something that can be able to handle quantum computers anything else we need to do it is very important to look at the kind of apps that you use and find assurances for encryption a lot of us use apps that do not state whether they do have encryption ekia kina telegram and the likes there is no assurance that there is any type of encryption and so you need to figure out whether you feel safe using these websites whether you are ok with these websites having your data or not and whether you feel safe typing on these types of messages but for the previous presenter that was here don't worry nobody is reading your WhatsApp chats unless you want them to unless you are doing some malicious business grace you were safe that's what we are saying thank you very much Tehila for coming and sharing the amazing insights now we know about encryption I hope we do the 1, 2, 3 is about encryption we have gotten a good understanding of it and how secure you are with end-to-end encryption that has been Tehila Kachila who is a product officer at Akil Cash with us on Sport and Tech now we are going to take a short break and then we will be back with some great entertainment so stick with us