DPI and Net Neutrality's Overseas Weak Spot

Ian Lamont writes "An unnamed source at an American ISP says staff there briefly considered using Deep Packet Inspection to comply with an order from Argentina's Department of Justice to block access to a local gambling site. The ISP ended up not going that route, owing to the cost, but some engineers at the company worry that DPI will eventually be implemented on the ISP's overseas network, thereby positioning it for an easier US rollout should Net Neutrality lose out in Washington. Besides being used for traffic-shaping, DPI can also monitor the traffic of ISP subscribers to supply targeted advertising."

ISPs in Canada already throttle encrypted traffic

Rogers and Bell throttle all non-HTTP traffic. If their DPI cannot recognize it, they throttle it.

Yeah this sucks for VPN users, but they are an oligopoly and don't care.

In NZ

[duckInferno]

The worst we have here is a monopolising telecommunications company. We have data caps and high prices compared to other countries. Sometimes I find it really hard to treasure what we have, but it's articles like these that make it easier. Precious few ISPs here throttle data and I've never heard of any kind of push against p2p, let alone all the blocked/throttled/privacy-busting measures I've been hearing about what's going on in the US.

Of course, I still have reason to worry. A lot of NZ traffic goes through the US. :)

There's DPI and there's DPI

[kriss]

Yes, there's DPI devices for traffic shaping (or throttling or management or whatever term you prefer), and there's DPI devices for ad insertion but those really wouldn't be the same devices, probably not even made by the same vendor. Plugging my own blog, here's a shortentry about this.

As for the article, I think - but I could well be called biased - that the unnamed sources may be overreacting a bit. Could you do the things described with a decent traffic shaping DPI enabled box? Sure. Do ISP's do this? With the exception of some high profile cases we're all aware about, not that I noticed. As it happens, I wrote about this as well fairly recently (the text is quite long, if you want only the relevant bits on DPI uses, scroll down to 'DPI uses' near the bottom)

(In all honesty, I could well see the point of very restricted and extremely cheap access though. The net is a resource you pretty much need access to in order to function well in society nowadays. If that's all you need it for, it might make a lot more sense to get a $10/mo line restricted to only web and mail than a $30-or-more/mo line unrestricted. I sure as heck wouldn't get a restricted one myself, but then again, I'm not really the target audience of that idea)

As for an american rollout, quite a few ISP's run the gear in the US already. Again, with a few (very notable) exceptions, you don't really notice it. Which is kind of the point of a good implementation, in my book.

Re:This is where customers put their foot down.

[PopeRatzo]

Tell you what: people are quickly learning about the means and meaning of the surveillance of our data and behavior.

Here in Chicago, tens of thousands of drivers have gotten little notes in the mail from the City of Chicago, telling them that they have to pay $100 or have their car seized, based on a picture taken at an intersection.

When a local, nationally prestigious university recently had a public symposium on the effect of electronic surveillance upon personal, public and political life, you would have been quite surprised at the number, and the variety, of the people who showed up. In fact, a lot of last-minute shuffling had to take place at the venue to accommodate the unexpected number of attendees. And a surprisingly small number of them were techies and geeks. A large number were under age 18.

Re:Out of interest

Quite a lot when negotiating the crypto handshake (there's hardware for this and it scales pretty decently, even if it's not exactly cheap) - but you'd still be able to pick up what was being visited from the certificate if you wanted.

Re:Packet Encryption

[BountyX]

Ironically, bin laden DID NOT encrypt his communications. Instead, he chose to plan is activities on the internet in sex chat rooms and other public locations on the internet. Bin laden, who had a relationship with the CIA before becoming a terrorist, knew that encrypting communication was one of the NSA's criteria that alerted the agency of an individuals suspicous activitiy. Encryption draws attention becuase its like feeding the NSA bad data. If enough people encrpyt their communications regularly, it will make it harder for the NSA to snoop...and yes, I do run linux :)