Universities Struggle to Cope with Anti-Piracy Requirements

/ Christopher Parsons

copyrightussatireUniversities in the US have been deeply burdened by the Higher Education Opportunity Act that President Bush signed into law last year. In particular, the Act require that “schools ensure they are doing all they can to combat illegal file sharing among students. The new rules, according to the wording contained in the legislation, requires institutions to develop plans to “effectively combat the unauthorized distribution of copyrighted material, including through the use of a variety of technology-based deterrents.” Schools must also “to the extent practicable, offer alternatives to illegal downloading or peer-to-peer distribution of intellectual property.” Any institute found to be non-compliant could lose federal funding” (Source).

To combat unauthorized distributions, technological solutions such as bandwidth shaping and traffic monitoring need to be implemented. Such solutions need to be integrated with advanced DMCA response practices. Of course, some of the companies that are being courted to meet these demands are those that incorporate DPI into their copyright ‘solutions’. I’ve discussed, generally, how these technologies work on campuses from iPoque’s position when writing about one of the company’s whitepapers. In that post, I wrote, Continue reading

Iran, Traffic Analysis, and Deep Packet Inspection

/ Christopher Parsons / 9 Comments

iranelectionLet me start with this: I am woefully ignorant and Iranian politics, and have no expertise to comment on it. I’ll save my personal thoughts on the matter for private conversations rather than embarrass myself by making bold and ignorant statements here. Instead, I want to briefly note and comment on how the Wall Street Journal (WSJ) is talking about Deep Packet Inspection (DPI) and the data traffic that is flowing in and out of Iran.

The WSJ has recently disclosed that Iranian network engineers are using DPI to examine, assess, and regulate content that is entering and exiting Iran. They note that the monitoring capacity was, at least in part, facilitated by infrastructure that was sold by Nokia-Simens. The article proceeds, stating that traffic analysis processes have been experimented with before, though this is the first major deployment of these processes that has captured the attention of the world/Western public. This is where things start getting interesting.

The article notes that;

The Iranian government had experimented with the equipment for brief periods in recent months, but it had not been used extensively, and therefore its capabilities weren’t fully displayed – until during the recent unrest, the Internet experts interviewed said.

Continue reading

Canadian Telecom Summit and DPI

/ Christopher Parsons

telecomtowerFor the past little while I’ve been (back) in Ontario trying to soak up as much information as I could about telecommunications and deep packet inspection. I was generously given the opportunity to attend the Canadian Telecommunications Summit by Mark Goldberg a while ago, and it was an amazing experience. I found that the new media panel, where broadcasters and carriers came together to discuss their (often contrasting) modes of disseminating content offered some real insights into the approaches to media on the ‘net. It demonstrated very clear contrasts in how new media might operate, and be seen by the Dominant Carriers, into focus for me and really began to provide a broader image of the actual strategies of various parties.

A huge element of the conference surrounded the development of wireless as the new space for innovation. Often unspoken, save for in informal discussions, was that wireline was seen as increasingly outmoded. Most statistics that were formally presented saw wireless overtaking wireline broadband by 2014 or so. This has me wondering about how important it is to examine capital expenses by major broadband providers – while we read that there is massive investment (totaling in the hundreds of millions/billions per year across all carriers), how much is in wireless and how much is in wireline infrastructure?

Continue reading

Now Showing: EDL Security Theatre

/ Christopher Parsons / 2 Comments

darktheatreWe’re paying for a high-tech Broadway show that’s themed around ‘security’, but we’re actually watching the equivalent of a catastrophic performance in a low budget community theatre. The price of admission? Only millions dollars and your privacy.

As of June 1, 2009, Canadians and Americans alike require an Enhanced Drivers License (EDL), a NEXUS card, a FAST card, a passport, or a Secure Certificate of Indian Status to cross a Canadian-American land border. In Canada, only Ontario, Quebec, B.C. and Manitoba have moved ahead to develop provincial EDLs; the Saskatchewan, New Brunswick and Prince Edward Island governments have all decided not to provide these high tech, low privacy, cards to the constitutencies (Source). To apply for an EDL in a participating province, all you need to do is undergo an intensive and extensive 30 minute face-to-face interview at your provincial equivalent of the Department of Motor Vehicles. Your reward for being verbally probed? A license that includes a Radio Frequency Identification (RFID) tag and a biometric photograph. The RFID tag includes a unique number, like your Social Insurance Number (SIN), that is transmitted to anyone with an RFID reader. These readers can be purchased off the shelf by regular consumers, and number your EDL emits is not encrypted and does not require an authentication code to be displayed on a reader. Effectively, RFID tag numbers are easier to capture than your webmail password.

Continue reading

DPI and Canadians’ Reasonable Expectations of Privacy

/ Christopher Parsons / 2 Comments

canadasupremecourt[Note – I preface this with the following: I am not a lawyer, and what follows is a non-lawyer’s ruminations of how the Supreme Court’s thoughts on reasonable expectations to privacy intersect with what deep packet inspection (DPI) can potentially do. This is not meant to be a detailed examination of particular network appliances with particular characteristics, but much, much more general in nature.]

Whereas Kyllo v. United States saw the US Supreme Court assert  that thermal-imaging devices, when directed towards citizens’ homes, did constitute an invasion of citizens’ privacy, the corresponding Canadian case (R. v. Tessling) saw the Supreme Court assert that RCMP thermal imaging devices did not violate Canadians’ Section 8 Chart rights (“Everyone has the right to be secure against unreasonable search or seizure”). The Court’s conclusions emphasized information privacy interests at the expense of normative expectations – thermal information, on its own, was practically ‘meaningless’ – which has led Ian Kerr and Jena McGill to worry that informational understandings of privacy invoke:

Continue reading