bell end more like....
What's worse than an ISP throttling your peer-to-peer traffic? An ISP throttling your peer-to-peer traffic while stepping on your privacy. Late last week, the Canadian Internet Policy and Public Interest Clinic (CIPPIC) fired a letter to the country's privacy czar, urging an investigation into the traffic shaping practices of …
Our new anthem:
Glorious and Free after deep packet inspection and approval by Bell Canada.
Should confuse the fans the first time it is sung at a baseball game.
Note I said baseball game - not hockey. Like many Canadians I hate hockey. Bobby Clobber* sums it up.
*Canadian cultural reference.
Much as I detest the thought of anyone "snooping" what I'm using the internet for, Deep Packet Inspection for traffic shaping doesn't worry me, and the "privacy" issue is just peing used as another way to complain about traffic shaping.
In almost ANY traffic shaping device, the packet inspection (be it headers only, or deeper) is done in hardware (typically FPGAs,) with the result being a decision on what type of traffic the packet represents. No one is "looking" at the packets. If classifying packets is a privacy invasion, then ISPs better start providing individual dedicated point-to-point links between each customer and every server that they access, since any router can make decisions based on port number, which would certanly represent an invasion of privacy.
Oh, and what about cache servers? They're certanly an even greater invasion of privacy, since thy not only inspect the URL, they store it...
Paris, because she leaves inspection of the traffic to her chauffer.
For those who are in Ottawa for the Ottawa International Animation Festival 2008 on May 27, should also drop by and say HI! to your MP on Parliament Hill and do something about Ma' Bell's throttling.
Details at http://www.netneutralityrally.ca/
This rally was push back because of conflict with two other protest on the hill.... One is Pro Tibet, the other Pro China.... Best stay off the hill that day....
What? Aren't the major ISPs satisfied screwing the typical customers? Now they also want to screw their business clients (wholesellers/small isps).
" "As a service provider, we have to ensure no individual or group is negatively impacting the majority’s internet access,"... "
I'm pretty sure that when a business client, let's say, a small isp wants to buy a service, there's a stipulation of guaranteed bandwidth. Is Bell selling bandwidth it doesn't have? Or is it just screwing the small isps by outright lying to them about the package it sold them? Once Bell sells a service plan, it's up to the client whether to manage/throttle the connection or not since they are entitled to it.
Also, how can small isps consume more bandwidth than what they have bought since Bell is probably already using some kind of bandwith limiter?
I'm on Bell Sympatico and have my encryption on. BitTorrent still levels off at 30KB, no matter what encryption or other options are used.
I was reading up on the Ellacoya DPI hardware Bell uses. It doesn't need to care about encryption, as it drills into the payload of every data packet and reassembles the content, thereby knowing what it is. Further proof that Bell is using DPI to look at more than just "headers".
I just love the way these DPI-driven providers keep saying "We don't use this technology to examine the actual content, and we completely respect everyone's privacy." If either statement was actually true, then WHY USE IT?!! (And, why the secrecy?)
I wouldn't put it past Bell to also be offering the extracted personal info to any number of marketing firms.
Out of all the ISPs, I think Bell is THE monster that needs to be taken down, back to the level of the "Common Carrier" it is supposed to be. These blatant privacy and competition violations, on top of an already-poisoned relationship with Canadian consumers, just begs for a complete rethinking of how much latitude should be given to this publicly-owned company.
Bell has been doing a shitload of questionable things over the years, always without any discussion, and thumbing their noses at us all with impunity!
They should never have been allowed, as a common carrier, to even consider offering their own content, without at least a firm set of regulatory rules.
Of course encryption means something. DPI may tell you what sort of traffic you're looking at, or at least hazard a good guess, but an encrypted channel is still just a load of (almost) random data to any outside observer who can only infer, say HTTP content from a port number of 443 or whatever. It can't tell porn from bank details if they're encrypted.
Now, if you're talking about throttling high bandwidth, long duration TCP connections then yes, that's possible and doesn't even require super fancy packet inspection.
What's more likely in your particular case is that encrypted bit torrent does not usefully obfuscate itself, it merely hides content and is still quite obvious as to its nature.
That's Bell alright! - all the way back to Alexander Graham obtaining the first telephones from Antonio Meucci and trying to claim it as his invention. Bell's patent was annuled on the basis of fraud and misrepresentation!
Mind you, is he any worse than the 'inventor' of the electric light bulb Thomas Edison who copied the British patent of Joseph Swan?
If you're concerned about some chip "inspecting" your images (and, classifying it as IM/email/whatever you are using to send it) then you'd better stick to Polaroids and snail mail.
Note that we're only talking DPI in the course of traffic shaping... any other "inspection" is a different discussion.
Shurley that's the impact of wardrivers?
"It doesn't need to care about encryption, as it drills into the payload of every data packet and reassembles the content, thereby knowing what it is"
The only way it could do that is by decrypting the payload. So either it has to care about encryption, or all it's doing is checking headers. Since the first is unlikely, odds are you've been reading their marketing materials, which would tell you that the product cures world hunger if they believed you'd fall for it. I recently got a call from a guy promising that his DNS server software would ensure 100% uptime for my web server.
It really depends on how you define "examine"...
If examine means that a Human looks at, or has access to, the packets, then NO, DPI does not "examine" the data.
If examine means that a classification/decision is made about the packets, based on the contents of the packet and a pre-defined algorithm, then every router in the world is guilty of privacy invasion.
Traffic throttling is certanly a concern with users and ISPs alike, and needs to be addressed. But, keep the discussion about competition, etc. and keep "privacy" out of it!
With the Post, you pay depending on what it is, and how fast you want it to get there... in the US, if I send something as "Media Mail" (also known as book rate), the USPS certanly has a right to inspect my package, and if it's not a book, charge me extra for it (they don't, really, but they can.)
This is no different than a box looking at traffic on port 80, deciding it's not really HTTP, and treating it differently.
It's great that El Reg keeps exposing these privacy violations, but I still can't believe that it doesn't provide an https: web address. If one of the few web sites that actually understands what's happening to our privacy can't get its act together and provide an encrypted service, what chance is there that others will?
Come on guys, lead from the front!
I agree with the comment that the provider oversold their network capacity.
Surely this would be a contractual matter as usually in the western world it is not exactly legal to charge for services that you do not provide?
This behaviour must come as a result of badly regulated activities being allowed to proliferate.
While I may be able to send things by "Media Mail" (it was known as "book rate"), the inspection of the mail was part of the bargain. If I put a nice "First Class" stamp on the envelope, I don't expect the mail to be opened AT ALL. Presently, there is only ONE type of packet on the internet, and it is "First Class", not subject to inspection since I'm paying the full rate.
If some nice company wants to choke my packets by inspection, I expect to pay a more favorable rate AND have these terms described to me. I also expect that I will be able to send some of my traffic "First Class".
Of course, the better analogy is a phone call. I don't expect any voice recognition software looking at my conversations then delaying them based on the contents. No, gossip doesn't get bogged down at all. It is treated the same as a call to my bank to find out the balance. First Class (no other way)!
You have to question the logic of using DPI and as one person described 'drilling into the packet' to identify the payload.
Wouldnt the money spent on DPI capable kit be better spent on actually increasing capacity?
not only do users end up in an arms race with ISPs to succumvent throttling but surely there must be a significant time overhead associated with DPI that increases network latency for everyone.
The other point is that as such Telcos upgrade their capacity It adds to their upgrade bill to ensure the functionality they dont need doesnt become the weakest link in the chain and a bottleneck.
DPI as no legal reason to exist. i paid for 5 MBits with 60GB of traffict per month. Bell does not have any rights to Censore my net connection. If i exceed my traffic allowance them they can slow me down, charge me extra or whatever. but if i still in the limits of my CONTRACT WITH THEM. Bell have no right right. why they want to do it? overselling capacity, pressure from know international criminal cartel such as the MPAA and RIAA (and its canadian copycat: CRIA)/.
The ony thing that will make such illegal practice stop is is huge fine (in the billions, but who am i kidding, The Canadian goverment does not have the balls to apply its own law.
I wonder if i can cancel all of my Bell contracts (Cel, TV, phone, Internet) on the ground that i do n ot want to finance a openly criminal corporation?
"Presently, there is only ONE type of packet on the internet, and it is "First Class", not subject to inspection since I'm paying the full rate."
"First Class" most certainly does not apply to the internet. The ONLY type of packet on the public internet is "Bulk Rate". It MAY get there, eventually, or it may get lost. Absolutly no guarantees. If you want "First Class", you will pay MUCH more, and you will need to be on a network controlled by one entity.
For a phone call, you are (effectively) paying, per minute, for a dedicated connection (of at most 64 kbps, likely much less than that.) I'd be happy to sell you something similar for your internet connection, though I don't think you'd be willing to pay the price.
"The only way it could do that is by decrypting the payload. So either it has to care about encryption, or all it's doing is checking headers."
They are playing fast and loose with the meaning of "headers". Inspecting packet headers is used for packet filtering (a.k.a firewalling). They are looking at packet content to sort-out what the traffic is (a.k.a DPI).
They cannot decrypt the packet contents. What these systems do is look for peculiarities that are unique to torrent clients, such as how a handshake is done.
If you want to grab one of these systems for yourself, go shopping for something like this:
Oh, and by the way, the other big ISP in Canada, Rogers, has been doing this for years. They're even at the point (previously reported here on El Reg, I believe) of modifying packet contents on-the-fly. They can insert information about account usage and such, to be helpful, of course.
Paris, because her packets willingly bare all.
Reliable at what? Digging through your data?
Encryption only works so far, eventually they will cross the line and sniff the client and server ends to confirm its bittorrent and kill it.
And if that doesn't work, eventually the dsl upstream will make people jealous of dialup users as they reduce it further and further.
The answer to the P2P issue is so startlingly obvious that I’m amazed no one has suggested it yet (and why didn’t I think of it myself earlier?). ISPs should sell packages with three different components – one is for ‘normal’ traffic, the second is for unmonitored and unshaped P2P traffic and the third is for internet TV/Radio/legal P2P file-sharing (which is monitored for copyright). This way, the ISPs can ring-fence the bandwidth we need for normal surfing, whilst P2P users will be forced to ‘shape’ their own use along the terms of their contract. The unmonitored P2P can have an additional charge to go towards royalties, whilst the monitored one can have the material providers subsidise it to make sure investment comes out of the pockets of the big media corporations instead of from those who don’t use the service.
So, a typical package may look like this for current bandwidth capacity: a subscriber pays for unlimited normal surfing internet access at 2Mb/s from 12 midnight to 6pm, with service dropping to a guaranteed minimum of 1Mb/s during the evening. As the subscriber uses little P2P streaming of BBC or Ch 4 content they will use a ‘pay as you go’ system for this third of internet use. The subscriber does use Torrent P2P, but doesn’t need to use this type of P2P in the evenings, so he or she will sign up for a cheap package that gave P2P only between, say, 12 midnight and 8 am. If the subscriber then decides they want to watch BBC multimedia content regularly, they’d pay an extra charge to move from ‘pay as you go’ to a more traditional bandwidth model (which is only fair – why should others suffer bandwidth collapse just because other subscribers forget to set their DVD recorders?).
The beauty of this system is that P2P users only compete with other P2P users for bandwidth. Also, if you download too much, you only loose your P2P download allowance and can still surf normally (the biggest gripe with traffic shaping). It also prevents big multimedia corporations paying to prioritise their content over non-competing websites by giving them their own ‘channel’. This stops multimedia content costing ISPs their profit margins, and gives a true reflection of the cost of streaming media over the internet instead of just watching normal digital TV. It also removes the justification for ISPs to monitor our service, repays artists who lose money from copyright infringement and allows non-file-sharers to buy high peak bandwidth for a price consistent with their low overall data download volume.
The new system would be much more flexible, honest and would bring the current shady practices of ISPs out into the open. It would also prevent ISPs being able to use P2P as an excuse for not providing the service we pay for. More importantly, the new system would allow the separate types of internet use to develop independently; why should on-line retailers have to adapt their websites to work on a bandwidth that is constrained by the popularity of BBC TV programming? Motorway planners build bypasses to prevent the heavy ‘bandwidth’ using commuters and trucks jamming up the normal business of citizens travelling around their towns. Doesn’t it make sense to do this on the interent?
PlusNet are also deeply in love with Ellacoya. And they will not answer the basic question "Why do PlusNet believe that DPI for traffic shaping is legal?"
To save me copying it all out again, have a look at:
where there are references to an Ars Technica article that seems rather revealing:
Helicopters can be the only appropriate icon.
Sad really , on digg a recent submission under the title "How Much File Sharing Traffic Travels the Net ? Update " provided graphs on the average internet traffic and the so called threat that p2p poses is one that is more hype then fact in real life !
Choices or horses for courses ? Or people who prefer to tell lies rather then admit to the real truth or prefer to believe what they want to believe because it is easier then seeking out the real truth of the matter , which is very evil indeed in system with a billion answers seeking out the questions that have yet to be asked at one's fingertips ?
Although , it really goes to show since the dawn of this new century , we have been fed much propaganda with no real supporting evidence from many so called official , corporate and mass media sources and it continues on unabated even now !
I'll get my coat , it is the one that now has the new micro mini four percent only dragon flame proof option installed too !
You'll find Bell (like most ISPs) do not guarantee bandwidth - their terms indicate that speeds will be UP to the amount quoted. You'll probably also find some statements about acceptable use which mention the use of applications that might hog bandwidth.
As for DPI, it isn't possible to shape things like Skype without DPI. Skype is really quite clever at getting through whatever ports are available. The only way to know whether traffic on port 80 is regular browser traffic is to "look" for html. It doesn't matter if encryption is used or not - what counts is if the traffic looks like html code or not. If not, it is not going to be treated as regular web traffic.
" You'll find Bell (like most ISPs) do not guarantee bandwidth - their terms indicate that speeds will be UP to the amount quoted. You'll probably also find some statements about acceptable use which mention the use of applications that might hog bandwidth. "
For your average customers, that is usually the case, but for business clients? What? Is Canada a BACKWARD country? I live in a "developing country" but when a business entity applies for an internet connection, standard packages for ANY isp ALWAYS include guaranteed bandwidth (ofcourse, they also have pure burst bandwith packages, if you ask).
I don't want to impose the reality of where I leave to Canada, but either Canada is a backward country (since they don't offer guaranteed bandwith for their business clients) or that the small ISPs there are just plain stup!d to understand the importance of guranteed bandwidth when you're into the business of providing connectivity.
*(can this board add tags, like italics, so that I don't appear like shouting when emphasizing?)
"we have to ensure no individual or group is negatively impacting the majority’s internet access" should have read "we have to ensure that no individual or group is providing better service to their customers than we are".
The only problem with this is that when the phone companies start selling premium (ie, tv, movies, etc.) services, they're going to want to make sure their stuff get through no matter what to their happy customer base.
The other part of this is that DPI isn't the problem...they are probably already providing the direct network slurping off of all packets anyway to the Canadian version of the NSA.
Biting the hand that feeds IT © 1998–2021