I tend to (almost exclusively) access key websites related to my research and personal interests through RSS feeds. As a result of using Google Reader to collate new content, I rarely actually see the blogrolls and suggested links that are provided by those key websites that I grab content from on a daily basis. Given that I’m sure many people read this site almost exclusively through RSS, I wanted to prepare a short piece that highlights just some of the key blogs and websites that I turn to on a regular basis in the hopes that readers might find some cool and interesting new sources of information they’d otherwise never come across. As a hat tip, this post is largely inspired by Rebecca Bollwitt‘s “The Missing Link” that considers (as of 2008) the changing characters of link lists and blogrolls.
Aya Walraven is a digital media and internet enthusiast who primarily works in video, web, and emerging technologies. A self-appointed internet-culture historian and archivist, she studies and documents mobile technologies and online behavior, particularly in Japanese youth and anonymous communities.
In many ways, I can credit the NSA along with the excellent reporting of Nate Anderson for why I’m so interested in surveillance technologies. In particular, when the story broke in 2005 that the NSA was likely engaged in massive wiretaps of domestic and international data traffic I was drawn to the power and capacity for the ‘net to be used for truly broad-based surveillance efforts. This interest was heightened when Nate published the first of a set of articles on deep packet inspection (DPI) for Ars Technica. Without these two key moments, along perhaps with some interesting reporting on copyright, I’d probably still be thinking through the conditions of ontological psychology through a Heideggerian or Hegellian lens.
Given that I am engaged in research into surveillance technologies, and have the absolute pleasure to be associated with truly excellent scholars, activists, advocates, collaborators, and friends who share similar research interests, I wanted to take a moment to ask you, my readers, to help us map data traffic. As you may be aware, the NSA is reputed to have installed systems in various networking hubs that lets them examine massive amounts of data traffic. It’s not entirely known how they inspect this traffic, or the algorithms that are used to parse the fire hose of data they must be inundated by, but researchers at the University of Toronto have a decent idea of what ‘carrier hotels’, or major Internet exchange/collocation points, have likely been compromised by NSA surveillance instruments.
The CRTC is listening to oral presentations concerning Canadian ISPs’ use of Deep Packet Inspection (DPI) appliances to throttle Canadians’ Internet traffic. Rather than talk about these presentations in any length, I thought that I’d step back a bit and try to outline some of the attention that DPI has received over the past few years. This should give people who are newly interested in the technology an appreciation for why DPI has become the focus of so much attention and provide paths to learn about the politics of DPI. This post is meant to be a fast overview, and only attends to the North American situation given that it’s what I’m most familiar with.
Massive surveillance of digital networks took off as an issue in 2005, when the New York Times published their first article on the NSA’s warrantless wiretapping operations. The concern about such surveillance brewed for years, but (in my eyes) really exploded as the public started to learn about the capacities of DPI technologies as potential tools for mass surveillance.
DPI has been garnering headlines in a major way in 2007, which has really been the result of Nate Anderson’s piece, “Deep packet inspection meets ‘Net neutrality, CALEA.” Anderson’s article is typically recognized as the popular news article that put DPI on the scene, and the American public’s interest in this technology was reinforced by Comcast’s use of TCP RST packets, which was made possible using Sandvine equipment. These packets (which appear to have been first discussed in 1981) were used by Comcast to convince P2P clients that the other client(s) in the P2P session didn’t want to communicate with Comcast subscriber’s P2P application, which led to the termination of the data transmission. Things continued to heat up in the US, as the behavioural advertising company NebuAd began partnering with ISPs to deliver targeted ads to ISPs’ customers using DPI equipment. The Free Press hired Robert Topolski to perform a technical analysis of what NebuAd was doing, and found that NebuAd was (in effect) performing a man-in-the-middle attack to alter packets as they coursed through ISP network hubs. This report, prepared for Congressional hearings into the surveillance of Americans’ data transfers, was key to driving American ISPs away from NebuAd in the face of political and customer revolt over targeted advertising practices. NebuAd has since shut its doors. In the US there is now talk of shifting towards agnostic throttling, rather than throttling that targets particular applications. Discrimination is equally applied now, instead of honing in on specific groups.
In Canada, there haven’t been (many) accusations of ISPs using DPI for advertising purposes, but throttling has been at the center of our discussions of how Canadian ISPs use DPI to delay P2P applications’ data transfers. Continue reading