The reading notes record thoughts from things I read. 這網誌是我的一些閱讀後的思考和摘要記錄。My website 我的網頁:

Free Wi-Fi in Hong Kong 2

Following my earlier article on free wi-fi services, there are two noted development which are of interest.

The first one is the FCai on Friday (25 May) on the funding of the project to provide free wi-fi services in government premises. The total cost is $217.6 million covering a project period of three years. I am very eager to see free wi-fi services covering most areas in Hong Kong. Many ISP are now providing wi-fi services using 3G technology. If you have a 3G phone account, your mobile devices such as smartphones, PDA, notebooks are already internet-enabled. There are also many commercial wi-fi hotspots at popular locations. Furthermore, free wi-fi services are also available at the airport and some selected locations. FON the community based shared wi-fi service has already landed in Hong Kong. With the added free wi-fi hotspots in government premises, charged wi-fi services will face tremendous pressure in
competition. Is the government free wi-fi service deployment extensive enough and fast enough? This is for you to judge. The information of the project is as follows.

– June to November 2007: Procurement of services for implementation and operation of Wi-Fi service
– December 2007 to June 2008: Progressive roll-out of service to the priority sites
– July 2008 to June 2009: Progressive roll-out of service to the remaining sites

The first phase implementation up to June 2008 comprises 118 locations:
66 Libraries
20 Public Enquiry Service Centres
18 Government Joint-User Buildings
5 Central Government Offices
5 Community Halls and Centres
3 Cultural and Recreational Centres
1 Park

The second phase which will take another year is for another 232 locations:
84 Cultural, Recreational and Sports Centres
33 District Environmental Hygiene Offices
21 Community Halls and Centres
12 Job Centres
11 Visa Document Related Offices
9 Birth / Marriage / Death Registration Offices
6 Polyclinics/ Health Centres
6 Transport Licensing and Examination Centres
5 Museums
4 Stadiums
4 Ferry Terminals
3 Field Unit and Service Centres of Social Welfare Department
2 Parks
32 Other locations

I think wi-fi services are for those staying at one location for some time and wish to access the Internet for information. Some locations are weird, such as birth and marriage registries, district hygiene offices and SWD field units. But who know what internet could do in the future. The most important point on this topic is internet security. On this, the paper says: “To prevent citizens from entering into obscene web sites with the Wi-Fi facilities, appropriate filtering software will be installed. Network monitoring systems will be implemented to monitor and stop improper use of the service, such as spamming. Relevant security measures, such as user isolation and data encryption, will also be introduced to ensure the proper use of the service by citizens. Helpdesk support will also be provided to assist users of the Wi-Fi service.”

Filtering is a very controversial subject. I do not know how websites are classified as obscene or impropoer. Furthermore, would adults be prevented to access sites for adults, or selected groups be prevented to access selected sites? Other security measures are virtually none. This is a worldwide situation that all systems have loopholes, including mobile phones and fixed line phones, not to mention many so-called secured systems in banks and large corporations.

The second development is a LegCo question rasied in last Wednesday’s meeting (23 May) specifically on wi-fi security. I append below a gist of the reply of the government.

– OFTA has followed up the case with the ISP and required them to provide effective security measures for ensuring effective delivery of their clients’ information. OFTA will consult relevant licensees with a view to setting up industry guidelines and code of practice and will also request them to conduct regular security audit for their systems.

– We will strengthen the promotion of information security to the public through existing promotional programmes and channels: dissemination of leaflets, conduct of road shows, etc.

– We will specify the security requirements for Wi-Fi services at Government premises to ensure that the contractors will provide the necessary hardware, software and technology with appropriate security features in delivering the required services.

– We will require service providers to provide various security measures so as to ensure that user data will not be stolen by others. These measures will include encryption,
intrusion prevention and detection systems, filtering software, etc.

– We will also engage security consultants to perform security risk assessment on the Wi-Fi network designs, and conduct security audit after the networks have been put into full operation to ensure that the services provided meet our security requirements.

I would say this is a typical bureaucratic type answer giving an illusion that government is doing something but in fact she cannot do anything. For the fast developing world of IT security and insecurity, I think we need to be aware of the danger and take reasonable precaution. Up to date information on how this battle is going on is essential. Besides that, we cannot do much more than to be careful about personal information, which I think is actually not a secret. We need to realise the fact that our personal information is known to many others very often for legitimate purposes. It is the illegal use or criminal use of our information that need to be guarded.