About the TTCS


The Trinidad and Tobago Computer Society (TTCS ; http://ttcs.tt/ ; http://cs.tt/) is a computer user group formed in 1997. We:

  • are a forum where computers, related technologies and related social issues are discussed;
  • keep current with the events in the local Information Technology and telecommunications industries ;
  • “Network local computer users” so that they can share knowledge and improve upon their experiences with modern technology.
  • hold membership in several international organisations and advise on technology issues in Trinidad and Tobago and the region.

We have regular meetings, mailing lists, and our website and presence on Facebook , Twitter and Google+.

We also maintain a collection of Free and Open Source Software for Windows called the TTCS OSSWIN.

We welcome anyone interested in computing and the Internet, regardless of the level of their computer experience or the type of hardware or software they use, to participate in our activities.

To keep up to date about TTCS activities, please join our announcement mailing list

Trinidad and Tobago Computer Society comments on the Trinidad and Tobago Cybercrime Bill

The Trinidad and Tobago Computer Society (TTCS) has sent their comments on the Trinidad and Tobago Cybercrime Bill (PDF ; 242K) to the Joint Select Committee of the Trinidad and Tobago Parliament on Friday June 16 2017.

View/Read the TTCS comments on the Cybercrime Bill (PDF ; 242K)

Some of the general areas of concern regarding the Cybercrime Bill noted in our comments:

  1. Suppression of free speech and the work of journalists
    It is important to note that many of the clauses in this Bill can be applied to  journalists carrying out their duties, and/or the free speech of private citizens, as well as to persons who are attempting, in the public interest, to report misconduct (aka whistleblowers). In the interest of support of the Fourth Estate as well as the principles of Free Speech enshrined in our Constitution, this Bill requires urgent complementary whistleblower/journalist protection via legislation.
  2. Excessive Penalties
    A number of sections outline penalties of $100,000 to $3,000,000. These are non-trivial amounts that far exceed the penalties in other areas that many would view as more serious – for example drunk driving. We wonder if the concept of proportionality could be incorporated in this act. The quantum of penalties will have chilling effect on the legitimate use of computers and networks, for example, students learning about computer security and security professionals investigating vulnerabilities on behalf of their clients.
  3. Collateral Damage
    The general trend in technology has been to move towards using shared server resources in the cloud. This opens up the possibility that data and equipment in use by accused persons may be simultaneously used by other persons unrelated to the accused and may thus be unduly affected by the shutdown and/or seizure of such equipment and data. Care must be taken to protect those who are not party to the criminal activities of other persons.
  4. Potential for Censorship and Abuse
    In the interest of protecting the rights of citizens, we believe that all requests for access systems and data should be approved by the Judiciary via the application for, and receipt of, a warrant. This judicial warrant would ensure that any potential for abuse by the State, or its agents, would be mitigated.
  5. Self Incrimination
    Several sections of this Bill seem to run afoul of the Constitution’s directive that persons are protected from self incrimination, for example, the requirement that persons unlock their phones or decrypt their data in furtherance of an investigation. This is a dangerous issue and should be reconsidered.
  6. Training
    It is highly likely that the Courts and Trinidad and Tobago Police Service will be called on to deal many cases under this legislation. As such, it is critical that officers of both agencies receive training in some of technical issues surrounding cyber crime. In this regard the TTCS would welcome the opportunity to assist in providing this training and any specialized advice when required.

The comments were put together by the TTCS based on

Many thanks to the contributors who helped with reviewing and commenting on the bill. For those interested in discussing and sharing ideas about computing, related technologies and related social issues are discussed, do join our announcement mailing list.

TTCS near final draft comments on the Trinidad and Tobago Cybercrime Bill 2017

The Trinidad and Tobago Computer Society (TTCS) has posted a near final draft version of its comments on the Cybercrime Bill 2017 based on the discussions from the Trinidad and Tobago Computer Society lime on Wednesday June 7 2017, comments from subscribers on the TTCS announcement mailing list and a followup TTCS F2F meeting on Tuesday June 13 2017, online comments received following the posting of the TTCS draft comments on the Trinidad and Tobago Cybercrime Bill 2017 on Tuesday June 13 and a online TTCS conference call on Thursday June 15 2017.

With the deadline of Friday June 16 for submission of comments to the Joint Select Committee of the Trinidad and Tobago Parliament , you can view and comment on the Google document of the TTCS near final draft comments on the Cybercrime Bill 2017 – you do not need a Google account to comment on the document.

View/Comment TTCS near final draft comments on Cybercrime Bill 2017

TTCS draft comments on the Trinidad and Tobago Cybercrime Bill 2017

screenshot showing part of the TTCS draft comments on Cybercrime Bill

The Trinidad and Tobago Computer Society (TTCS) has posted a first draft of its comments based on the discussions from the Trinidad and Tobago Computer Society lime on Wednesday June 7 2017, comments from subscribers on the TTCS announcement mailing list and a followup TTCS meeting on Tuesday June 13 2017.

With the deadline of Friday June 16 for submission of comments to the Joint Select Committee of the Trinidad and Tobago Parliament , you can view and comment on the Google document of the TTCS draft comments on the Cybercrime Bill 2017 – anyone can comment on the document directly – you do not need a Google account.

Comments are welcomed.

View/Comment TTCS draft comments on Cybercrime Bill 2017

 

 

Trinidad and Tobago Computer Society lime on Wednesday June 7 2017 from 7 to 9pm ; please RSVP!

The Trinidad and Tobago Computer Society (TTCS ; http://ttcs.tt) will be having a lime on Wednesday June 7 2017 from 7pm to 9pm at Wendy’s Cafe located upstairs at Wendy’s Restaurant at the corner of Ana Street & Ariapita Avenue, Woodbrook, Port of Spain.

Key focus for this meeting is the Cybercrime Bill 2017 introduced in the Trinidad and Tobago Parliament last month. The TTCS is considering whether to submit a comment on this bill.

Another ICT topics as time permits:

  • the WannaCry ransomware
  • the recent IT disruption at British Airways

Anyone interested in computing and ICT are welcome to attend, however please RSVP to [email protected] as space is limited.

Managers of Trinidad & Tobago Government’s ICT infrastructure assures things are in place to treat with #Wannacry ransomware threats

The Ministry of Public Administration and Communications of Trinidad and Tobago (MPAC) have issued a press release dated May 17 2017 “Protection against Ransomware”.

In the press release, MPAC notes that

  • it has received assurances from the managers of Government’s ICT infrastructure that systems are in place to treat with ransomware threats such as WannaCrypt/WannaCry ;
  • a eight month extension to using Symantec’s End-point security software
  • a review looking at the vulnerability of Government’s ICT infrastructure
  • Information about WannaCrypt, including general tips on avoiding such ransomware.

Here’s the MPAC’s press release:


PROTECTION AGAINST RANSOMWARE
May 17, 2017

The Minister of Public Administration and Communications has received an assurance from the managers of the Government’s Information and Communications Technology (ICT) infrastructure that there are systems in place to treat with `ransomware’ attacks that afflicted over 100 countries over the weekend.

The Government’s ICT infrastructure, GovNeTT, is managed by the National Information and Communication Technology Company Limited (iGovTT) which is supported by contractual agreements with a contractor’s alliance of Fujitsu and a team of ICT companies.

Last week the Minister told the House of Representatives that Government had saved US$40 million in negotiating a new Microsoft Enterprise Agreement for the public service and had also reached agreement on a new End-point security software contract with Symantec. End-point Security protection will be the Government’s first defense in protecting its IT assets from cyber-attacks such as Ransomware.

The Government also achieved $2.5 million dollars in savings in its negotiations with Symantec. The old Symantec agreement expired in 2016 but the Ministry of Public Administration and Communications (MPAC) negotiated an eight-month extension at no cost. It is expected that the new agreement will provide $3.6 million worth of security software to the public sector.

As the Minister with responsibility for ICT, Minister Cuffie said the Symantec agreement provides security for all computers and software throughout the public service.

Additionally, a review which looks at the vulnerability of GovNeTT is also being conducted. This exercise is expected to be completed shortly. In the meantime, the MPAC will work with iGovTT to prepare a best practice checklist which will be shared with all Ministries, Government departments and agencies.

Further information on the ransomware attack is provided below from our ICT providers:

There was widespread international disruption caused by the ransomware attack known as WannaCryptOr/WannaCry. This has the ability to encrypt all files on a Windows system and render it unusable unless a fee is paid for decryption.

On 12-May-2017, Microsoft released a security update for versions of Windows that are no longer under mainstream support (Windows Server 2003 SP2 x64, Windows  Server 2003 SP2 x86, Windows XP SP2 x64, Windows XP SP3 x86, Windows XP Embedded SP3 x86, Windows 8 x86, Windows 8 x64).

Fujitsu has assured that it is aware of the global ransomware threat from last Friday and has been reviewing potentially vulnerable Windows systems in GovNeTT. This includes the current patch levels as well as firewall rules which may allow for the spread of the threat. The company has committed to executing any emergency change orders based on their findings.

Public servants and members of the public are asked to note cyber criminals are constantly active, seeking new ways to attack both corporate networks and individual syayems. Attacks vary in purpose but “phishing” attacks are increasingly common. Phishing attacks often appear to come from a trusted source, including an organization’s leadership team. All persons are reminded to be extremely vigilant when opening emails from unexpected sources or from individuals known to you but from an unusual/different email address, opening attachments or following links.

Some simple steps you can take to protect yourself are:

• If an email looks suspicious, treat it with care and do not click on enclosed links
• Take particular care with links in web-based email
• Rather than clicking on a link, open a new browser window and go to the known home page for the site
• Use different passwords for different online accounts; if one is compromised the others will still be protected
• Change passwords regularly, and if you suspect that your password has been compromised, change it immediately
• Don’t disclose your password to anyone
• Remember that reputable companies do not send unsolicited mail asking you to provide sensitive information
• Don’t provide personal or financial information through a website, unless you typed in the web address yourself
• Look for indications that a website is secure (for example, a URL that begins https)