In reading through the recent CRTC filings, something that has been striking me is that the ‘regular’ metaphor for how Deep Packet Inspection (DPI) technologies work seems a bit awkward. When you send packets of data along the ‘net, they are broadly composed of a header and a payload. The metaphor goes as follows: the header is like the addressing information on an envelop, and the payload is the actual letter in the envelop. DPI opens the envelop, sees the content of the letter, examines it, reseals it, and then passes the letter along to its destination (assuming that the contents aren’t of a type that shouldn’t be sent onwards).
I like the metaphor because of its power, but at the same time I have to wonder about its accuracy, at least in the Canadian situation. When reading the ISP’s CRTC filings, I keep reading that they use DPI devices for flow analysis – they’re not looking for the content of your email, they just want to identify whether you’re sending email or an instant message. Rather than assume that the ISPs are being duplicitous, why not reconsider the metaphor to see if it can’t be developed to distinguish between different usages of DPI equipment. Read more…
I’ve recently put up a document that summarized most of the first round of filings for the CRTC’s investigation of Canadian ISP traffic management practices (PN 2008-19), and thought that I’d post a few things that I thought were most interesting (for me). Keep in mind that many of my interests revolve around deep packet inspection.
Network Use Averages
- Bell filed their specific data points in confidence, though from what they provided we can see that the top 5% of usage on the network has declined from 61.1% to 46.6%, and the top 10% of network usage has declined from 77.1% to 62.6%.
- In TELUS’ case, we find that their retail customers have decreased the amount of content they are uploading, though they are downloading more. Their wholesale customers are both downloading and uploading more than in 2006. Specific traffic data was filed in confidence to the CRTC.
- Bell finds that P2P and HTTP/Streaming traffic are the most commonly used end-user categories that contribute to bandwidth usage.
Canadian ISPs Admitting to Traffic Management
- Bell Wireline (excludes Bell Mobility and Bell Aliant Atlantic). DPI technology is used, though the vendor and products are filed in confidence.
- Cogeco uses DPI, but has filed the vendor and products in confidence.
- Rogers filed their comments in confidence, but from past information that has emerged we know that they are using DPI equipment.
- Shaw Communications Inc. uses Arbor-Ellacoya devices, though the particular products are filed in confidence.
- Barrett Xplore Inc. Uses VoIP prioritization, provisioning of modems, and DPI. Specifics are filed in confidence.
- While not explicitly stated, is appears as though Bragg Communications Ltd. also uses DPI. Read more…
In Lessig’s most recent book, Remix, he avoids directly endorsing any particular method of alleviating the issues with copyright infringement. Rather, he notes that there are models that have been proposed to alter how monies are collected for copyright holders. I want to briefly attend to the notion that file signatures can be used to identify particular copywritten works, and how deep packet inspection (DPI) could be used to facilitate this identification process.
The idea for using file signatures to track the movement of copywritten files goes like this: when you create a work that you want to have copywritten, the work is submitted to a body responsible for maintaining records on copywritten work. We can imagine that this could be national libraries. When the libraries receive the work, they create a unique signature, or hash code, for the copywritten work. This signature is stored in the national library’s database, and is known to the copyright holder as well. We can imagine a situation where we can choose what kind of signature we want copywritten work to have – there could be a full-stop copyright, a share-and-share alike non-commercial style copyright, and so forth. By breaking copyright up in this fashion, it would be possible to more granularly identify how content can and should be used. Read more…
A little while ago I was talking about network neutrality and Deep Packet Inspection (DPI) technologies with a person interested in the issue (shocking, I know), and one of the comments that I made went something like this: given the inability of DPI technologies to effectively crack encrypted payloads, it’s only a matter of time until websites start to move towards secure transactions – in other words, it’s only a matter of time until accessing websites will involve sending encrypted data between client computers and servers.
The Pirate Bay and Beyond
Recently, Sweden passed a bill that allows for the wiretapping of electronic communications without a court order. This caused the Pirates Bay, a well-known BitTorrent index site, to announce that it was adding SSL encryption to their website as well as VPN solutions for native Swedes who wanted to avoid the possibility of having their network traffic surveyed. Recently, isohunt.com has done the same, and other major torrent sites are expected to follow the lead. The groups who are running these websites are technically savvy, allowing them to implement encrypted access rapidly and with little technical difficulty, but as more and more sites move to SSL there will be an increasing demand amongst tech-savvy users that their favorite sites similarly protect them from various corporate and government oversight methods. Read more…
