Slashdot Mirror

← Back to Stories (view on slashdot.org)

Deep Packet Inspection and Net Neutrality

Posted by kdawson on from the freedom-vs.-the-exaflood dept.

EncryptKeeper writes "Ars Technica has an in-depth feature on deep packet inspection, and it's a disturbing read. ISPs are starting to turn to DPI to monitor their networks, and, more troubling, to look at how they can use it to shape, block, monitor, and prioritize traffic. 'The "deep" in deep packet inspection refers to the fact that these boxes don't simply look at the header information as packets pass through them. Rather, they move beyond the IP and TCP header information to look at the payload of the packet. The goal is to identify the applications being used on the network, but some of these devices can go much further; those from a company like Narus, for instance, can look inside all traffic from a specific IP address, pick out the HTTP traffic, then drill even further down to capture only traffic headed to and from Gmail, and can even reassemble emails as they are typed out by the user.'"

2 of 334 comments (clear)

  1. Re:Encryption by TubeSteak · · Score: 5, Informative

    E. There isn't a business case for it that I can find. FTFA: Imagine a device that allows one user access only to e-mail and the Web while allowing a higher-paying user to use VoIP and BitTorrent.

    They no longer have to differentiate their product offerings based only on speed.
    It's called market segmentation
    You see the business case yet?
    --
    [Fuck Beta]
    o0t!
  2. Re:Encryption by CajunArson · · Score: 5, Informative

    Gmail by default only uses https for your login, not actually reading/sending mail. To get a full session via https you need to login to this URL: https://mail.google.com/ Note: https://gmail.com/ will NOT encrypt the session further than the login screen (see for yourself, look for the https connection).

        Having said all of that: Email is not an encrypted protocol by default! The method above is a good method for preventing sniffing on the last hop between you and Gmail (which is why I use it when I'm on an unsecured wifi connection to prevent easy eavesdropping). However, once the mail server sends the message on the open network... it is 100% cleartext. If you want real encryption, get PGP, this advice was true long before Slashdot got its panties in a bind over ISP's 'snooping' on your traffic.

        Oh and one more thing: I love the Slashdot doublethink: Having a large evil corporation (the ISP) possibly being able to sniff traffic to read some of my emails is a terrible invasion of my privacy!! Simultaneously: Having a large non-evil (because they said so) corporation (Google) actually store all my emails (much easier to get at them then trying to wire-sniff) and index them and use them to generate ads: SUPER!

    --
    AntiFA: An abbreviation for Anti First Amendment.