Slashdot Mirror

← Back to Stories (view on slashdot.org)

Deep Packet Inspection and Net Neutrality

Posted by kdawson on from the freedom-vs.-the-exaflood dept.

EncryptKeeper writes "Ars Technica has an in-depth feature on deep packet inspection, and it's a disturbing read. ISPs are starting to turn to DPI to monitor their networks, and, more troubling, to look at how they can use it to shape, block, monitor, and prioritize traffic. 'The "deep" in deep packet inspection refers to the fact that these boxes don't simply look at the header information as packets pass through them. Rather, they move beyond the IP and TCP header information to look at the payload of the packet. The goal is to identify the applications being used on the network, but some of these devices can go much further; those from a company like Narus, for instance, can look inside all traffic from a specific IP address, pick out the HTTP traffic, then drill even further down to capture only traffic headed to and from Gmail, and can even reassemble emails as they are typed out by the user.'"

13 of 334 comments (clear)

  1. Federal Mail Laws? by apt142 · · Score: 4, Insightful

    I've become more and more convinced that information sent over the internet should afford the same protections that federal mail does. Net neutrality is a step in that direction. But, it's just a step.

    ISP's currently have no limits that keep them from violating the privacy of their subscribers. Well, nothing short of market forces. Which in this case is laughable. Since packets can travel through a number of networks before ending up at their destinations, there is no guarantee it won't travel through an ISP the consumer doesn't support financially.

    --
    Star Pirates
  2. Urp by HumanSockPuppet · · Score: 1, Insightful

    They can't sell this as adequate internet viral prophylaxis to anyone using Linux or a beefed-up Firefox and script-blocking configuration. It also won't fly as a means of managing streaming quantities because innovations in fiber optics technology will allow for greater amounts of data to be passed along existing "tubes." Maybe I'm just naive, but DPI won't stand up to free market capitalism. Anyone aware of the fact that their information is being closely scrutinized won't be as comfortable handing their money over to an ISP which condones the practice. I can imagine a "Googlenet" (or what have you) being created in response to market demand for a Net Neutral internet service provider. Maybe I'm not seeing the whole picture, though.

    --
    Inserting [insert witty signature here] here does not constitute a witty signature.
  3. common carrier == net neutral by markhahn · · Score: 5, Insightful

    If an isp wants to do this, I think they should simply loose any common-carrier status. that is, deep inspection means that they become responsible for content: accomplices in any crime committed via that traffic.

  4. Re:Encryption by the+eric+conspiracy · · Score: 5, Insightful

    A. it isn't going to work on an HTTPS session.
    B. it doesn't make sense to reassemble an email because eventually the whole email will be submitted.
    C. Deep packet inspection is very expensive because it requires heinously fast hardware to inspect a 10 Gb/s data stream, and you need a lot of these at the network edges. The core networks are too fast to inspect.
    D. AFAIK DPI isn't deployed anywhere. Only a couple of manufacturers have 10 Gb/s gear and they are trying to sell it now, which is what ARS picked up on.
    E. There isn't a business case for it that I can find.
    F. A lot of the applications Ars describes don't require deep packet inspection, only header inspection.
    G. Many of these things run inline, which means there is a decrease in reliability due to insertion of the device. That means redundancy etc which drives costs up even more.

    Ultimately I don't think there is any likelihood that carriers who are already facing capital expense and return on investment problems plus increasing demands for plant expansion due to video are going to buy this story. The current wisdom is that fast-dumb is what is scalable.

  5. Encryption not the magic bullet by stwrtpj · · Score: 3, Insightful

    I'm rather dismayed by the number of people immediately chiming in and saying "well, fuck the ISP, I'll just encrypt everything." While that would address privacy concerns, it does nothing for the main issue, which is the traffic-shaping itself. Your encrypted packets will be unrecognized, and thus shunted to the lowest priority. Problem solved, from the ISP's perspective.

    --
    Karma: Frotzed (mostly due to the Frobozz Magic Karma Company)
    1. Re:Encryption not the magic bullet by jeko · · Score: 5, Insightful

      Yeah, I thought that too, until I realized that meant all commercial activity (ebay, bill pay, amazon) gets shunted to scavenger class. Somehow, I don't think "the money" is going to go along with this....

      --
      He put his boots up on the table and made a face. "The sig," he smirked. "You can waste your life in search of the sig."
    2. Re:Encryption not the magic bullet by jZnat · · Score: 2, Insightful

      Don't forget all the VPN activity going on for people working outside the actual physical office. Then there's SSH which is latency-sensitive when in interactive mode (bulk transfers via sftp or scp should probably be marked as such via QoS, but it's not like anyone along the way will listen to that). There are more legitimate uses for encrypted net connections than there are legitimate uses for BitTorrent, and that's saying a lot.

      --
      'Yes, firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.'
  6. Chinese (Invisible) Export by ObsessiveMathsFreak · · Score: 4, Insightful

    Deep packet inspection technology was developed by the likes of Cisco for the sole purpose of obtaining access to the Chinese market. The Communist Party wanted the power of the internet, but they also wanted the power to control it. With deep packet inspection and a suite of other related solutions, I think it's reasonable to say they got their wish. There are millions of Chinese internet users and the country is father from a revolution now that it was in 1989.

    It's not just China. Countries like Saudi Arabia and Iran are also taking advantage of this new technology, every byte of it developed by corporations right here in the "free" west.

    And now? The technology is simply being marketed here to. Exported back into the west if you will. ISP, companies, governments are all being given the power to put the internet genie back in the bottle. Time was that corporations were developing technology to help make democracy stronger. Now they're simply giving democracy the rope it needs to throughly hang itself.

    I'd like to be optimistic about our society, but frankly it's too tiring in this day and age of fear and surveillance. The worst part is the overwhelming acceptance, nay approval, of our loss of freedoms. The Net Neutrality debate is not an isolated argument. It's a symptom of the underlying shift in Western society, back into a dark age.

    --
    May the Maths Be with you!
  7. Re:Encryption by PopeRatzo · · Score: 5, Insightful

    Deep packet inspection is very expensive because it requires heinously fast hardware to inspect a 10 Gb/s data stream
    You don't think AT&T would already have this "heinously fast hardware" in place? I'd guess that if anybody does, they do.

    The window of opportunity for the Internet to be saved as something resembling the free and open place it's been for the past few decades is closing rapidly. If we don't get some Net Neutrality laws in place soon, it's going to be too late. Once the current model of the Internet is gone and we have what AT&T would like us to have, I'm betting that just about all of us here at Slashdot are going to be very, very sad.

    I fully expect that in about 5 years, the same people who are here today talking about how we should let the "free market" control the Internet will be whining about how much they miss the days when an individual could actually put up a web site that could compete with the "big boys" for the eyes of the World.

    If there hadn't been a de facto "net neutrality" in place back in '97, there would be no Slashdot today. Nor would there be a You Tube or Craig's List or Wikipedia or just about any of our beloved sites.

    If you want to know about what the Internet is going to be like if it's not protected with strong Net Neutrality laws, just picture AOL. Picture the entire Internet being AOL.

    Have a nice day.

    --
    You are welcome on my lawn.
  8. Re:Encryption by flosofl · · Score: 3, Insightful

    Oh and one more thing: I love the Slashdot doublethink: Having a large evil corporation (the ISP) possibly being able to sniff traffic to read some of my emails is a terrible invasion of my privacy!! Simultaneously: Having a large non-evil (because they said so) corporation (Google) actually store all my emails (much easier to get at them then trying to wire-sniff) and index them and use them to generate ads: SUPER!
    The doublethink is only second to the kneejerk reaction. If you thought it through for second you'd see that one is by choice and the other, well most don't have any choice. I *choose* to use Gmail and I *know* they index my stuff. However, I only have one choice for braodband (the cable co) as I was informed by the DSL companies that where I live is not wired correctly for DSL. And if they decide they want to scrutinize every bit I send over their wire, I have *no choice* but to drop trou and bend over.
    --
    "This calls for a very special blend of psychology and extreme violence" - Vyvyan "The Young Ones"
  9. Wait what??? by NEOtaku17 · · Score: 2, Insightful

    In order to keep the internet open and free we have to.....let the government regulate it? You lost me somewhere in there. I think you've fallen for Google's propaganda campaign.

    --
    Creative Demolition
    1. Re:Wait what??? by PopeRatzo · · Score: 2, Insightful

      In order to keep the internet open and free we have to.....let the government regulate it? You lost me somewhere in there.
      No, you've just been sold a bill of goods by so-called "conservatives" who since Goldwater have been telling everyone that government is the worst thing in the world. That if only there was less government, we'd all be living in fields of clover, rich beyond our wildest dreams.

      Problem is, it was baloney when Goldwater said it, baloney when Reagan repeated it, and baloney today. Funny how the same people who believe there should be less government and that government is too powerful have no trouble dropping a trillion dollars on the military. The government is not our enemy. Even the old legend about how government does things so wastefully but corporations and the "free markets" are ultra-efficient isn't even close to being the full truth.

      It's even funnier that people who don't like big government having power don't mind giving big corporations power one bit.

      NEOtaku, there are worse things that can happen to something like the internet than having government regulate it. If you don't believe me, watch how the next 20 years goes, as big corporations extricate themselves completely from anything like a sovereign state. Tell the truth, I'd much rather be a citizen of the old USA than AT&T, Exxon or Haliburton.

      --
      You are welcome on my lawn.
  10. Re:Gmail by Anonymous Coward · · Score: 1, Insightful

    > Google doesn't do it by default. They're providing
    > a service out of their good will knowing that only
    > a very tiny minority of users will take advantage of
    > it.

    No company does anything out of ``good will''. Google
    provide an HTTPS interface to retain those people for
    whom it is important, otherwise they might lose ad
    revenue if those people used an alternative provider.