Saturday, July 4, 2009

Create a high-security vault for your data in 5 minutes

truecrypt_iconIn the last article, Protecting your sensitive data with TrueCrypt, I gave an overview of what Truecrypt can do for you: make an encrypted virtual hard drive, encrypt an entire partition, or encrypt an entire hard drive. This time, we'll see how to make the virtual hard drive in at most 5 minutes. Rather than write my own tutorial, I direct you to the step-by-step TrueCrypt Beginner's Tutorial with full screen shots.

Instead of another tutorial, I'll summarize the steps, add a note or two, and try to give a little more explanation of what is happening in this method.

Why use TrueCrypt?

First, why use Truecrypt rather than one of the many, many other encryption programs?

  • Compatibility: TrueCrypt runs on Microsoft systems from Windows 2000 upward, on Mac OS X 10.4 and 10.5, and on Linux. (According to this Wikipedia article, only one of the other 45 disk encryption programs work on all three systems, and that one is not open source).
  • Price: Free. Not shareware, not trial-ware, not "free download," but just free, period.
  • Open source: This means that anyone can examine the program's instructions to see how it all works. This means that many people can be working on improvements and bug-fixing. More importantly, though, the transparency of open source makes it hard for any security flaws to remain undetected.
  • Wide use. TrueCrypt is one of the most widely used encryption programs. The site reports over 10 million downloads to date.

That said, the most important thing is to protect your sensitive data somehow and to use a well-supported, respected encryption program. If you like experimenting, there are many programs out there. TrueCrypt can be a complicated program with all kinds of options, but it's quite easy to use the most important features.



banksafe What will you accomplish when you follow the tutorial?

  • Within a few minutes, you will have a new "drive" M: on your computer where you can safely store sensitive information. You can use it like any other drive--create files, drag-and-drop files into our out of folders on the drive, even use a folder on the drive as your "My Documents" if you like.
  • Though in action you see a new drive M:, all the data is kept in a container file that can only be unlocked ("mounted") using TrueCrypt and your passphrase.
  • While your new drive is mounted, you will not know or care that your files are encrypted. When you turn off your computer or lock ("dismount") the drive, the data will be invisible, safe from any prying eyes.
  • You can copy or move the entire encrypted drive, as a single file, to a different location such as a USB flash drive or another computer. This is good for backup.


Here's a high-level explanation of the 18 steps in the tutorial.

  • Step 1: Download and install the program.
  • Steps 2-12: Create the container file. This only has to be done once.
  • Steps 13-18: Mount the container file for use. You do this every time you want to unlock and access your data.


  • You are making a data vault or safe, and your passphrase is the combination to the lock. There is no backup, no spare key or emergency button to use to recover your data if you lose or forget your passphrase. In most cases, it is probably best to record your passphrase somewhere safe rather then rely on your memory. Obviously, you don't want to keep it somewhere where a thief will see it, such as in your computer bag. Depending on your situation, you may not even want to keep it in writing in your home or office, but do consider keeping it somewhere.
  • Putting your information onto an encrypted drive is only one part of security. Do not neglect other parts; a chain is as strong as its weakest link.

OK, let's do it

Now, go to the tutorial and follow it step by step, referring to these notes as you do.

  • Step 1. Downloading and installing TrueCrypt. Ideally, you should download the program directly from TrueCrypt so that you get the most up-to-date, "pure" version.
  • Steps 2-5. Telling TrueCrypt you want to create a virtual drive. Just click the buttons as shown, no choices to make here.
  • Step 6. Specify location and name of container file. Attention: be sure to read the explanation in the tutorial. Although it might appear that you are to select an existing file to encrypt, this is not true. Rather you are giving the program the location and name of a file to create. This new file will be the "container" for your virtual drive. If you select an existing file, it will be erased, not encrypted!
  • Steps 7-8. Having chosen a name for your container file, you just press "next" two times.
  • Step 9. Tell TrueCrypt how big to make your virtual drive, how much data you will be able to store in it. TrueCrypt will create a container file of this size, so you will need at least that much free space in the location you have chosen. Don't make it too big if you plan to copy the entire thing onto a flash drive.
    Optional note: If you choose to make the container "dynamic" (Step 11), it is very small at first and only grows as you add files. In this case, the size you select in step 9 is the maximum size. If you do not make the container dynamic, then the container file will be this maximum size from the very beginning, even though it contains no data.
  • Step 10. Choosing a passphrase. While you are just testing, you can use a simple passphrase. For serious use, however, be sure to read the guidelines about how to make a secure passphrase.
  • Step 11. Select format type. Just follow the instructions, moving your mouse around randomly for a while to help make the encryption strong, then click Format.
    Optional note: For advanced use, you can use a format other than the default FAT. For large virtual drives in Windows, you might consider using NTFS.
  • Step 12. Finishing up. Now the container file is ready to use.
  • Steps 13-18. Mounting the container as a virtual hard drive. Although this occupies six steps in the tutorial, it is really simple. First, you choose a drive letter to assign to the new drive (step 13), then you tell TrueCrypt which container file to use (i.e., the one you just created) (steps 14-16). Finally, you enter your passphrase for that container file and mount it (steps 17-18).

At this point, your new drive M: is ready to use just like any other drive. Remember that you data is exposed as long as the drive is mounted; if someone steals the computer while you are working on it, M: will be unlocked until the computer is shut down. Depending on the situation, you may want to manually dismount it when you leave the computer or when you do not need to access the secure files.

Finally, read the small print at the end of the tutorial and realize that your original, unencrypted data is still present on your original drive even after you delete it--that's why file-recovery programs work. To permanently remove it, you need to use a disk wiping program with the option of erasing all unused disk space. See Purge Your Hard Drive for a good explanation. One wiping program is Heidi Computer's Eraser. Some others are reviewed in Best Free Secure Erase Utility.

Even then, how do you know that you have deleted all the files that contain sensitive data? What about backups, email folders, temporary files, obscure files in the Application Data folder, the paging and hibernation files? You really don't know. That's where whole disk encryption comes into play. It may seem a little scarier to think of altering your whole hard drive, but it's actually easier than making a virtual drive, and it eliminates all these residues of the information you want to protect. You will not need to worry about wiping or shredding your files, either. I'll cover whole disk encryption next time, in a much shorter article I hope!

Photo of safe by rpongsaj on Flickr, / CC BY 2.0

Protecting your sensitive data with TrueCrypt

About two weeks ago, I finally took the big plunge and encrypted my laptop's entire hard drive. I knew in theory that it was a good security precaution, and in fact, our mission's IT policy requires hard drive encryption on all laptops. It's a policy that is still more honored in the breech than in practice. Why didn't I do it earlier?

Not that I've been totally slack about protecting my data. I've always kept my passwords and financial accounts encrypted. (Always? What about those home accounting programs--I know my Microsoft Money program opens without a password....) I don't think there is any sensitive information in my email folders, except that anyone successfully logging on to the computer could get enough information about me and my contacts to start lots of scams even without actually breaking into my email server. ("This is Pastor Jonah, friend of Mike, who you support. He's been in a bad accident and needs money for treatment. Please urgently send $1000 to this account number ...") The bottom line is that any unencrypted information on my computer is potentially exposed to anyone who steals or borrows my laptop.

But since I have a good password for even logging on to my laptop, no one should even get that far, right? Wrong. It's very easy to break into a Windows computer if you have physical access to it. Anyway, if the data is not encrypted, someone can take out the hard drive and read it on another operating system.

Last year, I finally installed TrueCrypt, an excellent, free encryption tool. TrueCrypt can work in three main ways:

  • Create an encrypted virtual hard drive. Tell TrueCrypt where to put the file to contain the data, assign a pass phrase, and TrueCrypt creates new, encrypted volume ("hard drive") for you with the drive letter you choose, such as "T:". From then on, you can use it exactly like any other drive. As long as the volume is unlocked with your pass phrase, you can't even tell that the data is encrypted. Lock it again and the drive letter disappears, leaving only what looks like a file of random garbage.
  • Encrypt a partition. Most hard drives these days are divided into different logical areas or partitions, each with its own drive letter ("C drive," "D drive," etc.). TrueCrypt encrypts all the data in the entire partition, making it inaccessible until you supply the pass phrase. This option allows you to keep some data unprotected and more sensitive data encrypted on a separate partition. Unless you encrypt the operating system partition (usually C: in Windows), you can still boot the computer without the password.
  • Encrypt an entire drive. In this case, everything on the drive is encrypted and nothing can be accessed without the pass phrase. Nothing, that is, except the tiny boot program that loads enough TrueCrypt to get your password and unlock the drive for you. If you lose your pass phrase, there is no way you're going boot your system or recover your data, period.

Rather than encrypting my whole drive, I started with the first option--a virtual hard drive where I could keep my sensitive data. Next time I'll show just how easy it was.

Monday, June 1, 2009

How we use FrontlineSMS

Jos, Nigeria has been in the news recently because of riots in November that killed hundreds of people. This was the second such episode since 2001, and the situation remains tense. Besides this, violent crime has increased rapidly in the past 4 years, with frequent robberies by armed gangs of up to 20 or more men.

tempPart of our response as a group of missions in Jos has been to strengthen our communications network, and FrontlineSMS has become a key part of that network. The mobile phone is the basic means of communication in Jos, where there are few if any functioning land lines, and where Internet access is still expensive and spotty. During the November crisis, we noticed that voice calls on the mobile network rarely connected, probably because of congestion, while SMS messages got through well.

With FrontlineSMS, we have so far developed a system with these features:

  • Anyone can text the system and receive a response with the current status message. In a crisis, this could contain warnings, instructions, announcements and so on.
  • Besides this "on demand" capability, we keep one list of users ("text alerts") who receive broadcast alerts.
  • Anyone can join the "text alerts" group by sending the request as a text message to the system. We ask people to send the message ".join " followed by their name. At this point, FrontlineSMS cannot automatically include the name when the phone number is added to a group, but we hope that could be added in the future.
  • We maintain other user lists such as compound security leaders, crisis management team, and so on. Anyone can broadcast a message to the crisis management team by prefixing a text message with a code that causes FrontlineSMS to forward the message to team members.
  • The system sends outgoing SMS message through the Internet when it is available. They're sent to the Clickatell, which routes them to the actual SMS network. Clickatell is is very fast and inexpensive. We can send about 80 messages per minute this way, far more than is currently possible if we were to send messages directly onto the mobile phone network.
  • FrontlineSMS is compatible with many mobile phones and modems. We are using a Huawei E170 modem.

    Real Life Examples

    Fortunately, we have not had actual rioting since we set up the system. However, there have been times when it has been very useful to send warnings and to raise the alert level. Here are some actual examples:

    @Alerts: Jos is tense, please avoid downtown today.

    @Security: X and Y have been robbed tonight & report the robbers took their Toyota Land cruiser and muttered something about Hillcrest on the way out.

    @Alerts 20Feb 655pm. Serious rioting reported in Bauchi. No problems in Jos. Obey curfew, avoid areas that could be troublesome.

    22 Feb 8am. *** Rioting on Friday Bauchi, churches & mosques burned. Now controlled. Keep on alert. Report signif news this num or ur security rep.

    SecGrp: Some rumors are going around about unrest planned for Friday, .... Email or txt me if you know more. --Mike


    The system has worked quite well. The most serious limitations have been

    • The interfaces (modem and Internet) have had a tendency to lock up, failing to receive messages, and have to be re-initialized manually.
    • Message delivery is sometimes delayed for hours, occasionally more than a day. This is a fault of the local network and has nothing to do with FrontlineSMS or Clickatell.


    FrontlineSMS has served us very well as a well to communicate quickly by SMS. We would recommend it for others in similar situations.

    Tuesday, May 26, 2009

    Using WSUS to save bandwidth, and how to set up an XP Home edition computer to use it

    Two of the biggest challenges in keeping computers running in Africa are power and bandwidth. Bandwidth as in connection to the Internet, which is now vital for many of us. We're constantly trying to control and limit our bandwidth usage, which gets harder as people have higher and higher expectations. Our old-timers remember when we had to pay $0.50 a page to get emails that were sent over a noisy transatlantic phone connection to an expensive, 19 kbps Zyxel modem. Newcomers from developed countries are used to streaming video, Skype phone calls, file-sharing and so on.

    One of the hidden consumers of bandwidth, though, is program updates. Keeping programs up to date is critical for security, but can consume a lot of bandwidth. For example, our network at SIM Nigeria serves roughly 40 computers (including laptops members bring to the office just to connect to the Internet). If a set of Windows updates is released that comes to just 10 MB, that translates to 400 MB to update all 40 computers, which is close to a whole day's bandwidth allocation for us.

    Part of the solution is to use Windows Server Update Services (WSUS). This lets you download Microsoft updates onto a server on your network from which all your other computers can access them. Each update is downloaded once for the whole network, rather than once for each computer. You can read about WSUS and how to set it up here on the Microsoft Technical network.

    An issue I encountered when trying to get as many computers as possible to use WSUS, though, is that XP Home (as opposed to Pro) edition does not include the policy-setting tool (gpedit.msc) normally used to instruct computers to get updates from the local WSUS server rather than over the Internet from Microsoft. Nor can you simply copy gpedit.msc from another computer onto the XP Home computer.

    Instead, you can use a simple script to add some keys to the XP Home computer's registry. The script and explanation can be found at Guide For Setting Up XP Home Clients With WSUS. Just create a new text file, enter "REGEDIT4" as the first line, and copy and paste the registry keys as shown in that page. Change the two occurrences of "http://yourWSUS" to reflect the URL of your WSUS server. Save the file as "WSUS4XPHome.reg" (or whatever.reg) and run it on the XP Home machine. I think a simple reboot will suffice to start it looking for updates in the new location, but the page above tells how to use some commands to start the process immediately and without rebooting.

    Reversing the process

    You definitely do not want to leave these settings on a computer once it is no longer using your network for updates, since it will then fail to be updated at all. For computers joined to a domain that sets the group policy to use WSUS, it should be enough to remove them from the domain. For computers you manually changed (via local policy or registry changes) , you will have to undo those changes. As far as I know, you can simply delete the entire [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] key as it does not appear to exist in the default installation.

    If anyone has corrections or further information, I would love to know.

    Monday, May 18, 2009

    Twe2 is gone, but then I never did get it to work

    Earlier, I wrote about a service called Twe2 that allows people around the world to get Twitter messages on their mobile phones. That's needed because Twitter does not send to mobiles in most countries, only to the US, Great Britain, Canada, and, for some reason, India. Twe2 was supposed to be a gateway you could use to get around that limitation. Without something like it, Twitter is of limited use here (actually, I'm still trying to figure out what the use is).

    I've tried many times to get my mobile phone number "verified" to work on Twe2, but for some reason the confirmation message would never come through. Perhaps a problem with my carrier. Whatever the case, it's now a moot point because I learned today from Twe2's website that it no longer exists, the source code having been sold to Wadja (an unfortunately heavy, clumsy sounding name in English, in my opinion, but what's a name).

    temp I've signed up for Wadja (as MikeBlyth, in case you want to follow me) and am trying to get some friends in Jos to join so that we can test its capabilities. So far, I haven't seen anything about a gateway with Twitter, but we don't really need that if all we want is to access a Twitter-like network for our friends in Nigeria. I'll report later how it works. So far, all I can say is that the web interface seems really slow, at least from Nigeria.

    Sunday, May 10, 2009

    Disaster Avoided -- A Corrupted Microsoft Access Database File

    I had a near miss today, almost losing my main address list, which I keep in Microsoft Access. I haven't used it in quite a while, as I have another list of recent address changes, but it's still my most comprehensive list of mailing addresses. When I tried to open it today, I got a message that it was in an "inconsistent state" and Access would try to repair it. Next, an error message that it "can't be repaired" or "isn't a Microsoft Office Access Database File."

    I tried using my backup copies, but they had the same problem. It has been very long--4 years!--since I've put backups onto CDs or DVDs, simply because it takes so many of them, and have been relying mainly on one or two levels of medium term backups on an external hard drive.

    Of course, this is far better than nothing, but the risk is just what I encountered today: having a file lost or corrupted and not knowing about it until the last "good" backup is gone. The same can happen with a virus. If you are keeping system backups but a virus has silently infected your machine, it could happen that all your backups are infected by the time you discover the problem.

    I tried the solutions I found on the Microsoft site and by Googling, but they didn't work. The main thing I learned was that when your Access database is corrupted, there is a good chance that it's not something you can repair on your own. There are professionals who will do it, and some commercial programs. I tried one program, Advanced Access Repair, which quickly showed me that my data was recoverable. I was all ready to pay the $29.99 price of the program to actually recover the data, then noticed that the price is really $299.99. Oops.

    Happily for me, the next program I tried was MDB Repair Tool, by Skysof, and it promptly repaired the database without my having to answer any questions or try different options. It just worked. To my surprise, this "trial" version actually recovered all the data for me for free, and I still have 58 more uses before I have to register. What a deal!

    Lessons learned:

    • If you can't or don't want to save full backups to long-term media (DVD, CD, tape, or online), then you should at least save your most important data that way once in a while. This method is risky because you might miss data you should have backed up, but at least you will have most of what you need. (Be sure to include your email in your backup; it may not be included if you're not careful).
    • My address list doesn't need to be kept only in an Access database. I could periodically backup the actual address information so a simple text file. Then, if I lost the Access file, at least I would have the essential data.
    • Hopefully I won't ever have to repair another Access database, but if I do, MDB Repair Tool will be the first thing I try.

    Sunday, April 26, 2009

    Don't neglect online backups

    A week ago, one of my friends was mugged on his way home from school on a bike path. He was badly beaten and ended up unconscious in the hospital. Though his bike, computer and some other things were stolen, and despite his injuries, I suspect that his most serious loss is much of the work he had done on a masters thesis. Apparently any backups he had were also stolen.

    It's one thing to lose your most recent work, and losing your whole email store can be serious. But what if you lose something you've been working on for years--that book you're writing, a carefully compiled bibliography, your research data, a major proposal for your organization? It's almost unthinkable, yet it happens. Data loss is sure to happen if you have no backup strategy, but it can happen even if you do have backups. For example

    • Backups may be lost along with your computer in a fire, theft, evacuation and so on
    • Backup media may fail or be destroyed. Here in Nigeria, at least, flash drives have a high failure rate. CDs and DVDs can be scratched or damaged by sunlight and heat.
    • If your original data becomes corrupted and you don't immediately know it, you may store the corrupted data in the backups.
    • When do yo discover that your backup is damaged or corrupted? That's right, you discover it when you need it because your original data is lost.

    For these reasons, it is important to have more than one level of backup for any data that is important to you. For any data that is really important, you should have at least two and preferably three backups stored in a way that they cannot be lost simultaneously. For example, you could keep one copy on a hard drive at work, one copy on a flash drive or re-writable CD at home, and one copy online.

    In my last post, I briefly mentioned that one use of Dropbox was backing up your data online. Online backup should be more than an afterthought--it should be an important part of your backup strategy. Most of us in Africa do not have the luxury of a low-cost Internet connection that will let us back up all our data, let alone the whole system, but we can back up what is most important. Apart from multimedia files (video, pictures, music), your most important data, what you've actually invested the most time on, is probably a few hundred megabytes at most. You should at least consider saving some or all of it online.

    There are many online data storage services, including a fair number of free ones. I like Dropbox--it works for me--but another solution might work better for you. One thing I like about Dropbox is that it keeps previous versions of changed and deleted files. That feature has already saved me a couple of times.

    David Bradley's article "Make SkyDrive a Virtual Drive" describes the free Microsoft SkyDrive online service and add-ons that make it more useful and transparent. Some people send their important documents to their own online email addresses (a Gmail account, for example). It's not the simplest or most secure method, but it's a lot better than nothing.

    Saturday, February 28, 2009

    Dropbox: A free, low-bandwidth solution for online file sharing, syncronization and backup

    One of my projects is the book AIDS Is Real and It's In Our Church, which I co-authored. The English version has been quite a success, Hausa and Amharic editions are in print, and now we're working on the French version. One of the technical problems we've dealt with is simply how to share the files between authors and editors on different continents, while being sure that corrections and updates are made to the right file. Once, in the Hausa version, I spent quite a few hours making corrections and then discovered that the file I'd been given was not the latest.

    There are many approaches to this issue, which after all is a common one whenever people are collaborating on documents. One of the particular constraints for some of us though, is that the solution has to be low-bandwidth, simple, and free (or at least very low cost). It simply isn't practical to be uploading and downloading a 20 MB file every time it is changed.

    I've looked briefly at Google Docs, which works fine and would be my first choice for documents that don't have a lot of formatting requirements. Collaborators work (even simultaneously) on a document in Google's own format, stored in cyberspace somewhere, and that document can be exported when necessary to another format. Documents can be text (with pictures), spreadsheets, or presentations. Google Docs is free, doesn't require any setup, and lets users work online or offline (that is, you can edit documents even while not connected to the Internet, and they will be saved again when you are online).

    Google Docs won't do what I need at the moment, though, which is to allow people to edit Microsoft Word and Publisher documents. That is where Dropbox has been a real help. I use it to
    • Share files with co-workers, automatically keeping everyone's copies synchronized
    • Work on files from different computers without having to do anything manually to keep them synchronized
    • Keep online backups of projects I'm actively working on, so that the backup is always current.
    Here's how it works:
    1. Download and install the free software (currently a 14 MB file). It creates a special My Dropbox folder on your computer.
    2. Register as a user with the service. You get a 2 GB online folder free, and can pay for more storage.
    3. "Once installed, any file you drop into your Dropbox folder will synchronize and be available on any other computer you've installed Dropbox on, as well as from the web. Also, any changes you make to files in your Dropbox will sync to your other computers, instantly."
    4. Dropbox does not transfer the entire file each time it is changed, but only sends the changed portions. This means that when I change one word in the 20 MB file, only a small amount of data has to be sent back and forth over the Internet, not 20 MB. That makes it useable over our low-bandwidth connection.
    You can use the Dropbox folder like any other folder. Drag files into it, make sub-folders, add and delete files, and so on. All those files and sub-folders will be transparently synchronized with your online folder and with any users sharing those files. That last point is important. People sharing your files do not have to do anything to keep their copies up to date, as Dropbox does that in the background.

    1. I create an "AIDS is Real" folder inside my Dropbox folder and drag my 20 MB aids_is_real.doc file into it.
    2. If my collaborator does not already have Dropbox installed, I send her an invitation to install it.
    3. I mark the AIDS is Real folder as shared with my collaborator, for reading and updating.
    4. The Dropbox software automatically downloads aids_is_real.doc into my collaborator's computer.
    5. I open my copy of the document from my local Dropbox folder, make some changes, then save and close the file (changes are not synchronized until the file is closed).
    6. Dropbox software automatically saves my changes to the online copy and to my collaborator's local copy. When my collaborator opens her copy, it is always up to date (as of the last time she was connected to the Internet).
    7. Likewise, when my co-worker changes the file on her computer, those changes will be reflected in my local copy (almost) immediately.
    Give it a try! It's well worth the effort if only for the ability to keep 2 GB worth of your important projects safely backed up online. (Of course, how safely depends on the long-term survival, security, and stability of Dropbox; you shouldn't depend on any one service for the backup of your valuable data).

    Monday, February 16, 2009

    Now you can use Twitter in Nigeria

    This is the good news I learned today from Jon's latest blog at In case you don't know, Twitter is a "micro-blogging" service that lets you send tiny posts, limited to 140 characters each. The posts appear on your page where (as you choose) others can view them, but they can also be broadcast by mobile phone text messaging (SMS) to anyone subscribed to you. You can choose to let everyone subscribe, or you can let only approved individuals subscribe, depending on your needs.

    The problem has been that last year Twitter stopped sending out those SMS messages in most countries of the world, basically because they didn't have any way to fund the service--someone has to pay for all those messages. Now, as Jon describes, you can use a new service called Twe2 which does send text messages around the world. They're financed by attaching a small text advert to each one, which seems to me a reasonable price to pay to receive free text messages by Twitter.

    I'm still trying to subscribe ... it's very easy but requires your mobile phone number to be verified, and sometimes here in Jos it takes many hours for SMS messages to be received, so the verification could take a while.

    Now, if I can just figure out a good reason to use Twitter ...

    Mobile Internet Services in Jos, Nigeria

    As I said in the previous post, I've been researching the mobile ISPs that are currently available in Jos. It's a dynamic situation, with several companies entering or about to enter the playing field, and with promises of broadband 3G service to come "soon". Since 3G is already available in some cities in Nigeria, we hope the "soon" is actually in the near future, this year sometime.

    As I said in the previous post, I am summarizing all my information as I gather it, on the Mobile ISPs page in the Living in Nigeria wiki. So go there for more details and for more recent news. Add information if you have it!

    The summary at this point is:
    • Although advertising as high speed, MTN offers low-speed (GPRS) service with a variety of monthly and day plans (from a few hours to a full 24 hours). They plan eventually to have broadband (GSM family, UMTS)
    • Multi-links and Zoom offer medium-speed (1x) connections. They plan to have broadband (CDMA family, EVDO). I don't know about actually-observed operating speeds.
      • Multi-links requires you to buy a 21,000 naira phone or 16,000 naira (unavailable) modem.
      • Zoom requires you to buy a 3,000 naira phone or 10,000 naira modem.
      • Multi-links and Zoom both have a variety of plans, but only Multi-links has day plans.
      • Zain and Glo do not offer intermediate range (1x) service and don't seem to have any attractive features at this point.
    • My personal experience with MTN on only a few occasions has been that it is not worthwhile (too slow).
    • I have heard from one person each for MTN, Zoom, and Multi-links that the service has been fair (MTN, Zoom) to good (Multi-links).
    My friend who has been testing Zoom (with the rather bulky 1x/EVDO modem) told me today that it's not tolerable for browsing, as far as he is concerned, with very low speeds at times. However, he pointed out that it's ok for email since that can trickle in at any speed.

    It is very important to remember that while the companies advertise a connection speed and while the hardware could in fact support that speed, the actual speed is still limited by how much bandwidth the company chooses to pour into the pipeline. Bandwidth is expensive and so far the companies are not actually giving out as much as they could, or so it appears to the consumer.

    Wednesday, February 4, 2009

    Using a Blackberry phone in the bush in Nigeria

    I plan to post a couple of blog entries soon about using mobile internet services in Nigeria, specifically in Jos rather than in the big cities. If you're interested, you can see and contribute to the wiki page where I'm gathering and organizing the information I have. Meanwhile, this note came from Tom Crago. He is having better luck with a Blackberry phone in the village than I am having with an MTN modem in Jos.
    We are using a Blackberry 8830 World Edition cell phone in Nigeria which we obtained and are paying for in the USA. We are currently in the small village of Kwarhi, on the grounds of EYN's Kulp Bible College. This is about 13 km west of Mubi in Adamawa State. By comparision, Jos is a huge metro service area.

    The phone is designed to search for the best available service connection wherever we may be. At different times it has connected to MTN or CelTel (now Zain) while we have been in Nigeria. Here in Kwarhi, and in Jos while we were there, it has connected to CelTel's GPRS system. It took about one minute to download the wiki page you reference in your article.

    The phone was purchased in the US for 99 dollars, and we got a 70 dollar rebate. Net cost about 29 dollars. Price probably can't be matched now.

    We added the global service to this phone just before leaving the US. I don't recall the sim chip charge--20 dollars or so I think. We are charged 65 dollars a month, on top of our US domestic voice service plan, for unlimited 24/7 email and Internet browsing service in 140 countries with partnership agreements with Verizon Wireless, our US service provider.

    We have been very pleased with this service in Abuja, Jos and now in the "bush." It seems to work anywhere there is a CelTel tower.
    I don't know the cost of the basic voice service plan Tom refers to, but I'm guessing that the monthly total for that plus the data service must be close to $100, currently about 15,000 naira per month, for GPRS (low-to-medium speed) service.

    On the other hand, I've tested the MTN service in the past couple of weeks and it has been unusably slow, both at my home and the office, despite having a strong signal.