Touring the digital through type

Month: July 2009 (Page 2 of 2)

Background to North American Politics of Deep Packet Inspection

crtc566The CRTC is listening to oral presentations concerning Canadian ISPs’ use of Deep Packet Inspection (DPI) appliances to throttle Canadians’ Internet traffic. Rather than talk about these presentations in any length, I thought that I’d step back a bit and try to outline some of the attention that DPI has received over the past few years. This should give people who are newly interested in the technology an appreciation for why DPI has become the focus of so much attention and provide paths to learn about the politics of DPI. This post is meant to be a fast overview, and only attends to the North American situation given that it’s what I’m most familiar with.

Massive surveillance of digital networks took off as an issue in 2005, when the New York Times published their first article on the NSA’s warrantless wiretapping operations. The concern about such surveillance brewed for years, but (in my eyes) really exploded as the public started to learn about the capacities of DPI technologies as potential tools for mass surveillance.

DPI has been garnering headlines in a major way in 2007, which has really been the result of Nate Anderson’s piece, “Deep packet inspection meets ‘Net neutrality, CALEA.” Anderson’s article is typically recognized as the popular news article that put DPI on the scene, and the American public’s interest in this technology was reinforced by Comcast’s use of TCP RST packets, which was made possible using Sandvine equipment. These packets (which appear to have been first discussed in 1981) were used by Comcast to convince P2P clients that the other client(s) in the P2P session didn’t want to communicate with Comcast subscriber’s P2P application, which led to the termination of the data transmission. Things continued to heat up in the US, as the behavioural advertising company NebuAd began partnering with ISPs to deliver targeted ads to ISPs’ customers using DPI equipment. The Free Press hired Robert Topolski to perform a technical analysis of what NebuAd was doing, and found that NebuAd was (in effect) performing a man-in-the-middle attack to alter packets as they coursed through ISP network hubs. This report, prepared for Congressional hearings into the surveillance of Americans’ data transfers, was key to driving American ISPs away from NebuAd in the face of political and customer revolt over targeted advertising practices. NebuAd has since shut its doors. In the US there is now talk of shifting towards agnostic throttling, rather than throttling that targets particular applications. Discrimination is equally applied now, instead of honing in on specific groups.

In Canada, there haven’t been (many) accusations of ISPs using DPI for advertising purposes, but throttling has been at the center of our discussions of how Canadian ISPs use DPI to delay P2P applications’ data transfers. Continue reading

Solved: Apple SATA II 1.7 Firmware Problems

mbp13When something ‘just works’ 99.9% of the time, that .1% of downtime is particularly frustrating. This is what I recently experienced with my Time Capsule networking fiasco, and was paralleled by another problem stemming from an Apple firmware update.

The new MacBook Pros were shipped with their SATA II data speeds crippled; they were limited to 1.5Gps rather than the SATA II 3.0Gbps standardized speed. While this had no real effect for HDD users, it did affect SSD users – SSD is capable of taking advantage of the SATA II spec, and so SSD users rightly complained.

Apple heard these complaints, and released a firmware update for the MacBook Pro line; they warned that the update might not work with non-stock drives (!) but that it would restore SATA II speeds. I decided to update the firmware, just because having an up-to-date system is a good idea. This is right-minded thinking, right?


Continue reading

Administrative Note: Changes Implemented

spiralblueI’ve just spent the past little while implementing a few changes to the site – there is a new template that should be a bit easier to read, as well as some SEO stuff under the hood that is running now. Let me know if you run into any weird issues, though I think that I’ve tested all the code that was modified enough that I’ve squashed the bugs that had crept up.

The full list of changes includes: a direct link to all bookmarks I’ve tagged with as relating to DPI in delicious, an updated CV, a picture in the ‘About’ section, no more direct link to my edublog (which will, eventually, get drawn into this blog), a new theme (plus some code changes), a few SEO plugins.

Deep Packet Inspection and Law Enforcement

rcmpCandace Mooers asked me a good question today about deep packet inspection (DPI) in Canada. I’m paraphrasing, but it was along the lines of “how might DPI integrate into the discussion of lawful access and catching child pornographers?” I honestly hadn’t thought about this, but I’ll recount here what my response was (that was put together on the fly) in the interests of (hopefully) generating some discussion on the matter.

I’ll preface this by noting what I’ve found exceptional in the new legislation that was recently presented by the Canadian conservative government (full details on bill C-47 available here, and C-46 here) is that police can require ISPs to hold onto particular information, whereas they now typically required a judicial warrant to compel ISPs to hold onto particular data. Further, some information such as subscriber details can immediately be turned over to police, though there is a process of notification that must immediately followed by the officers making the request. With this (incredibly brief!) bits of the bills in mind, it’s important for this post to note that some DPI appliances are marketed as being able to detect content that is under copyright as it is transferred. Allot, Narus, ipoque, and more claim that this capacity is built into many of the devices that they manufacture; a hash code, which can be metaphorically thought of like a digital fingerprint, can be generated for known files under copyright and when that fingerprint is detected rules applied to the packet transfer in question. The challenge (as always!) is finding the processor power to actually scan packets as they scream across the ‘net and properly identify their originating application, application-type, or (in the case of files under copyright) the actual file(s) in question.

Continue reading

Newer posts »