Will ISPs Be Driven To Spy On Their Customers?

bs0d3 writes "In regards to the new 'voluntary' graduated response deal (where no one really knows how ISPs will track and accuse customers of copyright infringement), according to CNN, it may be the ISP directly spying on their customers. 'But now that they're free from individual blame, there's also the strong possibility that the ISPs will be doing the data monitoring directly. That's a much bigger deal. So instead of reaching out to the Internet to track down illegally flowing bits of their movies, the studios will sit back while ISP's "sniff" the packets of data coming to and from their customers' computers.' This could be a problem for people who use U.S.-based internet services. If the U.S. wants to be an internet savvy country, they still need the competition in the marketplace that's always been missing, and a digital bill of rights that isn't a sneaky anti-piracy measure."

Re:You mean they don't do it already?

[Kjella]

Really? Anyone? Really believes that the ISP are protecting you? Your privacy? With claws and fangs?

No, I think they're covering their own asses by making sure they know absolutely nothing about anything I do or don't do. If they start flagging copyright infringements for one company I'm sure they'll get sued by a bunch of other companies for secondary infringement or criminal negligence or being co-conspirators as they let all the other infringements pass. And not just copyright infringement but everything else too, the user is sending SPAM and they let it pass? Sue the ISP. Internet fraud? Sue the ISP. Hacking? Sue the ISP. If anyone can show the ISP "knew" the customer was doing something illegal but continued the subscription to turn a profit, they could get in all sorts of legal shit. Either you're reading the bits or you're not, you can't both do that and claim ignorance at the same time.

Re:Just use SSL for everything

[DarkOx]

I think most ISP have enough common sense not to try that. All it would take is for some 3rd party DNS provider to stuff a NAT statement into their iptables such that 80 -> 53. Doing DNS on TCP is not to much overhead for modern hardware.

At that point they'd have to start doing inspection to make sure all 80 traffic looks like http. That would even get somewhat more complicated if the SSL port were used. Its game over once people implement local stub DNS resolvers that actually call a web service somewhere over https to do queries.

Unless ISP are prepared to essentially deploy Websense or something like it with SSL intercept and block any protocol including VPNs etc, that is not http, https, possibly ftp, and does not appear to some other protocol implemented on top of those its impossible. I don't think consumers would stand for it.

*What do mean I can't connect to my companies VPN?
*WOW and all my old games wont work any more, I have to buy new ones that use webservices and have shit latency thru your proxy!
*No more VOIP

That dog won't hunt.