back to article Spook firm readies Virgin Media filesharing probes

The corridors at Detica's central London "Nerve Centre" are lined with portraits of the heroes of Bletchley Park, Britain's World War Two code-breaking powerhouse. The black and white gallery acted as an reminder of the secret government business where the firm makes most of its money when The Register visited recently. We were …


This topic is closed for new posts.
  1. The Mole 1

    Never is a very long time

    "According to Klein there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers."

    Unless of course someone decides to write logs from the DPI stuff which logs which links the unique ID with the source IP address, or if someone at some point decides to change the implementation so that the IP address isn't stripped...

    I just about believe him when he says there is no way that it currently does (ignoring perhaps debug logs) but of course it would be possible for the product to be changed in the future. Whether we should worry about it or not is another matter

  2. Bayleaf

    We don't know who's going to end up paying for this"

    We are, of course.

  3. Frederick Karno
    Big Brother

    Yeah right !!!

    According to Klein there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers. "We believe identifying the consumer is an invasive use of DPI," he said.

    did his nose grow longer when he said that ????

    hands up all those that believe him.......

  4. irish donkey

    no way" CView could ever be used to report the IP addresses of individual filesharers.

    But it is possible..........

    And with the massive clause Mandy has left in his Paper it shouldn't be too difficult to change the legislation to allow for a more invasive penetration. I'm sure Mandy will be in favour of some Deep Penetration.

    This is so wrong on so many levels. Thanks NuLabour.

    Vote for somebody/anybody /just Vote!

  5. Eden

    I wonder

    If you join a TOR network and someone uses you as an end point to copy down some copyrighted material, are you held liable?

    Of course this wil hopefully just fuel education and prolifiration of encrypted P2P etc.

    The problem however comes down to wireless networks and spoofed IPs and how far they are going to go to proove an IP was genuine, and how far do you have to go to protect your network to avoid liability, how do you proove it!

    What about my Sky Broadband? the Modem is a black box system, I can't even change the KEY on it or monitor it to see if anyone else has connected to it!

    1. Annihilator

      Yes, no, how and get a better ISP

      If you make yourself a TOR network endpoint, it absolutely falls to your liability. It's pretty much written into every ISP's Ts&Cs. Why do you think people are using TOR?

      Encrypted P2P only helps with DPI. All an ambulance chaser has to do is join the swarm and knows who you are (well, what your IP is - and it's getting closer to that being the same thing)

      How do you spoof an IP address to download something? You can't. Have seen this misunderstanding of IP spoofing all over the land with regard to this. It's like ordering stuff off Amazon with a stolen credit card and having it delivered to a fake address. All well and good, but you'll never receive the stuff! But incidentally, at the moment our legal system says you don't have to prove anything. Though that seems perilously close to changing.

      As for your Sky router - get a better ISP is all I can suggest!

      1. Tom Chiverton 1 Silver badge

        "Encrypted P2P only helps with DPI. "

        Good, that's what we're discussing :-)

        The ambulence chasers would have to join every swarm. this will make them easy to spot.

    2. takuhii

      Sky Broadband

      I don't understand the comment about Sky Broadband Black Box System. I have a Sky Broadband Router (the new Sagem Black boxes). And I have changed the network key and can see Exactly who is trying to use it. The reason I changed the network key was because their key was week, and they were using WEP by default. Sky make no secret of the user-name and password to access the boxes, so why complain about the state of your Sky broadband, when a quick Google will remedy all your problems.

      1. Anonymous Coward

        Stuff Sky's modems, replace 'em!

        I took one look at the Sagem cack and replaced it with a Linksys WAG325, which I have control over what is coming and going through my connection!

        Sky won't give you the ADSL username/password but there are "methods" to get your password from your username and not that hard to do, Google is you mate.

        When I saw that Sky "snoop" port open onthe Sagem and found there was no way to close it, I threw it straight in the spare room! If Sky call up and want to know if it's working and can they get in, I will simply plug it back in, switch all my PCs off, let them play, then remove it afterward!

        Stuff their T&C, I want a secure connection on a secure line where I choose what comes and goes from house and my machines, not what some think-headed muppet at Sky-central deems acceptable to move from my machines to the world's most insecure and dangerous network!

      2. Anonymous Coward
        Anonymous Coward

        WEP? Dont think so

        Sky havent used WEP for about 2 years now, all the black routers (netgear, sagem etc) IIRC are all WPA.

        At least the 200 or so ive seen are at any rate.

    3. frymaster

      a title is required

      "someone uses you as an end point to copy down some copyrighted material, are you held liable?"

      well if you are, you get kicked off your ISP for illegal actions, which is against the terms and conditions. If you aren't, you get kicked off your ISP for not securing your network properly, which is also against most ISP's terms and conditions. so I don't think it matters

  6. Jacqui
    Thumb Down

    Work traffic

    I use a encrypted VPN traffic to both work systems and into clients systems.

    I have to say that I know just how much extra logging is done (for "quality research") which will mean my work traffic will be in the hands of a now private company - who can/will sell this onto my clients competitors.

    Time to move to a non DPI ISP.


    1. The Original Ash

      Non DPI ISPs

      I recommend UKFSN or Andrews and Arnold. I'm with the latter.

      I'd gladly stick with them if BT implemented DPI with AAISP being unable to opt out; I'd just get myself a VPN.

    2. Slartybardfast

      The answer lies in your post

      "I use a encrypted VPN traffic to both work systems and into clients systems"

      They will not look encrypted VPN traffic. They almost certainly would not be able to break the encryption.

      "I have to say that I know just how much extra logging is done (for "quality research") which will mean my work traffic will be in the hands of a now private company - who can/will sell this onto my clients competitors."

      No they won't.

  7. Tom Chiverton 1 Silver badge


    They might be able to record 40% now, but that'll drop to around 0% once everyone* is using encrypted connections, which is the end game here.

    1. Alexander Hanff 1

      Don't be such a bloody idiot

      Seriously, when will people realise that trying to circumvent this system with encryption is NOT the answer. How long do you think it will take for Mandy to use the powers granted in clause 17 of the Digital Economy Bill to force ISPs to block all encrypted traffic unless the end node is registered on some database somewhere as a legitimate corporate e-Commerce IP and registered corporate VPN server?

      Get your heads out of your arses and actually do something to try and stop this nonsense instead of just jumping on the encryption bandwagon - because if you think encryption is going to solve the problem over the long term, you are incredibly naive.

      1. Anonymous Coward


        Your obviously superior solution is???

        Thought not.


  8. zooooooom


    If they can't tell what is being transmitted, just that so much is being transmitted using those protocols - how long before the record industry tries to claim that my download of fedora is 10 lost album sales for them?

    And yeah recording the IP is just a very trivial step away from this, and will probably factor into the next negotiating round for virgins new music business.

    1. mmiied

      read the dam article

      if it is not encripted they can read it as the box on the other end captures all the P2P trafic you send and reassembles it so they can compare it to a list of copyrighted work

      given this I have lots of questions on how it works (what list what if I am doing more than 1 transfer what if I only to half or less at any time etc) but yours is ansered in the article

  9. Natalie Gritpants
    Thumb Up

    It's a service

    Your next bill will come complete with tracks from Amazon that the ISP has detected you downloaded. You get to buy Jedwards latest MP3 for £5.99. If that wasn't the track there'll be a link at the bottom of the bill where you can tell them what track you did download.

  10. Anonymous Coward
    Big Brother


    No Detica - actually YOU have missed the point. Data I send using the internet is mine. I own it - and I don't want you peeping into it. Get 'yer bloody mits off! Whether you trace the data back to me is a secondary point - you shouldn't be peeking at what I am doing ANYWAY!

    Of course, your connection to the Intelligence Services doesn't make anyone nervous, does it? You know - those intelligence services working for that government that seems bloody obsessed with knowing everything I do, every waking minute of every sodding day?

    Oh - and you're owned by BAE? Oh right - I feel SOOOOOO confident about your morals and ethics now...

    Virgin - are you ****ing mad?

    All this has done is lead me to :

    a) Immediately port my data through a secure VPN.

    b) Recommend to the many people who come to me for advice (as an IT professional) to stay the hell away from you. In the past week alone, I have managed to stop two people signing up with you... It's a shame, because as an ISP your service isn't that bad...

    Oh - and I was never using torrents / file sharing in the first place...

    Really Virgin, get some principles, and then live by them.

  11. Steen Hive

    DPI my eye.

    Deep packet inspection of encrypted bittorrent packets will tell you it's an encrypted bittorrent packet. The payload of which is no doubt a copyrighted film of a bear shitting in the woods.

    So. They're going to count the encrypted bittorrent packets and then take a totally unfounded guess as to how much copyright infringement is going on and sex it up with a few buzzwords. Then grease Mandelson's sphincter a bit more till he poots forth more restrictions on, and monitoring of, private people for the benefit of those who deserve nothing more than a swift kick in the nuts. Oh joy.

  12. Tom Kelsall

    They can tell you're...

    ...downloading; they can tell WHAT you're downloading.... how do they then propose to prove "Beyond reasonable doubt" that you are ILLEGALLY downloading?

    They can tell you're uploading; they can tell WHAT you're uploading; how do they then propose to prove boyond reasonable doubt that the person you're uploading to is NOT licensed to download it?

    It's a long way from identifying someone who's up/downloading and proving that it's illegal.

    1. mmiied


      under british law there is NO person (exept may the bbc's new service) who is allowed to use the P2P netowrks to share stuff and the list tey will be comperting it to will only include bbc

      as far as I rember under british law we have no right to consume meida except in the form they want us to

  13. The Metal Cod

    I've heard this before

    "The first thing we do is throw away the IP address" sounds suspiciously similar to something said by Phorm. We're still waiting to see the much vaunted legal opinion they possess which proves that Webwise is legal.

    Saying things like "there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers." is nothing but spin, spin, spin. The next logical step is to record the IP address and try to see who is doing exactly what.

    It's what the dying middle man heavy "entertainment" industry wants and it's what Sith Lord Mandelson wants.

    Escape key - because I want to Escape from this country.

  14. Sampler

    Why are they excempt?

    Surely they're purposes downloading illegal content just as much as the people they're chasing - how are they allowed to get away with it?

    1. mmiied


      they have a letter from mummy mandleson saying it is ok if they skip cort cos they have a cold

  15. Anonymous Coward
    Big Brother

    Vote for the pirate party

    This is (still) a democracy, so we, as the average joes, should have the final say. And I say:

    a) Vote for the pirate party. Despite the name, they have more sense in them than anybody else out there,

    b) If the taxpayer receives the bill for all this nonsense, WE are not paying,

    c) All internet traffic to and from Mandy's giant castle should be logged and made public, just to give the freak a taste of his own medicine.

    I don't care about piracy, but I care about privacy. Some people are losing track of their priorities.

  16. Anonymous Coward
    Anonymous Coward

    How does encryption help?

    Sure if you encypt the payload CView will not be able to tell what the payload is.

    However the Music Industry and its abulance chasing lawyers work by joining a swarm and grabbing the IPs of PCs in the swarm that upload and download to their monitored client. Surely the fact its encrypted in transport makes no difference since they are part of the swarm?

  17. Valerion

    I've got an idea

    I don't download music from the interwebs as I prefer to have a CD, but as filesharing is now likely to instantly identify you (ignore what the say) and make you liable for death at the hands of Mandleson, I reckon all downloaders should just go and start shoplifting at HMV. Easier, more convenient and a lesser sentance if you get caught.

  18. Paul Donnelly

    how long....

    Before someone releases an Ubuntu build which acoustically matches a major copyrighted work?

  19. Anonymous Coward

    If Neil of VM and Dan Klein of Detica has nothing to hide ,They as nothing to fear...

    "Dan Klein, Detica's media accounts director, and the man in charge of the trial."

    If Neil of VM and Dan Klein of Detica has nothing to hide ,They as nothing to fear...

    so lets Have the Full Quotes they made to clarify their position on this. a full and detailed graphical layout jpg, showing Exactly how they have integrated this DPI kit into the Virgin Media Core infrastructure, showing the Exact path your inspected VM customers data will take from start to finish for starters Please ASAP.

    a pictur paints a thousand words and all that, clarity without compromise.

    outbound path: PC>cable modem>UBR>detica DPI kit>VMrouters>interweb>requested web site...whatever

    inbound path: web site>interweb>VMrouters>detica DPI Kit>UBR>cable modem>PC....

    what happens to your data And the copy they take of it as it enters the DPI kit, and after it leaves ?

    you get the picture, will the Virgin Media customers got them too as requested to help clarify this, or is that set of pictures far to to damning of the actual processes taking place unseen by mere paying customers, or will they not publicly appear for more than a nanosecond, then get taken down as the BT Phorm DPI picutures did way back when, thats the question.

    so what it going to be Neil and Dan Klein, nothing to fear ,so provide this requested most basic information clearly, openly, and without obfuscation to clarify your position!

    or are you going to hide behind the usual and often seen corporate VM and BT executive wall of silence, and darth of any real informative open data directly from the companies people wanting to install and operate this DPI for profit kit on their consumer protected user base.

    PS :the names, addresses, and full copys of any legal teams opinions (redacted of any personal info OC) you may have as regards this stage of your plan for plain Public reading is also requested please, so is it nothing to hide or lots to hide and keep out of the pubics view.

  20. Alexander Hanff 1

    Absolute rubbish

    "According to Klein there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers."

    Absolute rubbish - if the system is able to identify what is an IP address and strip it from the data replacing it with a UID then of course it can be used to report the IP address - it just takes a few minutes of reconfiguring - nothing more. They must think we are all completely stupid or something.

    Furthermore, how many times does it need stating that a UID is NOT anonymous - it is personally identifiable specifically because it represents a single entity and is unique for exactly that purpose.

    Also Detica think that is wrong to use DPI to spy on people? Do they take us for complete idiots or are they just trying to insult us? This is the company who since 2006 have netted around £1.7M in payment from the Cabinet Office and Office of Public Sector Information to do exactly that! Lets see what an FOIA Request to GCHQ on how much money they have paid Detica for their DPI services delivers shall we?

    CView is not compliant with RIPA, PECR or ECHR and VM's spin that they are exempt under RIPA is exactly that, spin. RIPA only allows exemptions for interception for the purpose of provision and operation of the service - this monitoring is in no way required for either and therefore is not exempt.

    I am working about 12 hours a day on this issue at the moment and will not rest until CView goes the same way as Phorm - out of the UK.

    Use of this technology for this purpose is a criminal offence.

    1. Alexander Hanff 1


      As was pointed out by Chris, actually GCHQ are exempt from FOIA Requests, but there is more than one way to skin a cat - let's see if we can get a parliamentary question asked like this one:

      Granted it is probably likely to still go unanswered but for a company that allegedly receives hundreds of millions of pounds from British Intelligence services such as GCHQ for snooping technology such as DPI, it is an insult to our intelligencet for them to take the moral high ground with regards to using the same technology being used for detecting copyright infringement.

      Detica don't give a shit about privacy, all they care about is making money - to believe otherwise is absurd.

    2. Anonymous Coward
      Anonymous Coward

      VM Company Terms and Conditions

      Section B.5(i) states:

      "We reserve the right to monitor and control data volume and/or types of traffic transmitted via the interactive services on your Virgin TV and/or Internet access"

      So effectively anyone who has accepted the terms of service for VM broadband has said they are happy for this to take place. If they are not happy, I refer them to section J.5(c)

  21. Skizz

    Whatever results they come up with...

    ...will have a huge error margin. Encrypted data will no doubt be added to the 'illegally shared file' total. And the music recognition algorithm is by no means 100% accurate. I'd be amazed at 20% accuracy. In the end, if there was no illegal file sharing then the music business will lose out since fewer people will be buying music. Who would fork out money to listen to music that is highly likely to be shit. Try before you buy.

  22. takuhii


    Don't get me wrong, but doesn't a VPN only work between your PC and the Router. You can't setup a VPN between the router and your ISP without their permission, or at great expense, they won't let you do that for free. Surely the point is encrypting the traffic between the router, ISP and Internet.

    Surely all we would need to do is encrypt the data stream from P2P client we are using?

    Unless C-View intend on hacking the data, I don't see how they can "see" what is in your encrypted data stream. Fair enough if people are openly (and stupidly) downloading illegal files, but if some users are actually making the effort to cover their tracks CView won't be able to look at this, will it?

    1. The Original Steve

      Not really

      A VPN is a secure (encrypted) "tunnel" from A to B. It could be from network to network, or PC to a network, or PC to server etc.

      For example, I could use a VPN taking me to a server in Russia, or Taiwan or Sweden. All my traffic will be routed over that VPN, so my BitTorrent download is going out of the ISP plugged into the network of the VPN end-point I'm connected too.

  23. John 73
    Big Brother

    Lots more BitTorrent for me, then

    First thought, for me, was "Oh, I'd better start downloading lots of Linux distros by BitTorrent again soon." If they're going to intercept perfectly legal filesharing traffic, let's make sure they get lots of it!

    1. Anonymous Coward

      Better yet

      Better than that why not share some files that you own the copyright on with your friend who you've granted permission to download them from you. Then by their own admission they make an *unauthorised* copy of your copyrighted works!

  24. Gianni Straniero

    Acoustic matching

    Good luck with that, especially if they're using Gracenote.

  25. Gianni Straniero

    Re: Encryption


    No, no. You're setting up a VPN *through* your ISP, no to it. Yes, you want to encrypt the wireless traffic between your computer and your router, because it is sent over the air and can be intercepted by anoyone in range of your wireless adapter.

    But a VPN provides an encrypted tunnel through which other traffic can pass. All the ISP knows is that encrypted traffic is going to another host on the Internet, most likely on TCP port 1723.

    This differs from encryped peer-to-peer traffic in that the ISP will not know the intended endpoint of your communications, nor the TCP port the endpoint is using. Encrypted peer-to-peer is like encrypted web, in that although the contents of the packet cannot be determined, the address and port of the recipient can be, e.g.

    So the (rather clunky) workaround for Virgin users wishing to game the system is to connect over a VPN to a system that is not on Virgin, which then forwards your filesharing traffic to your peer. You just have to hope that the peer is not also a Virgin customer.

    1. takuhii
      Thumb Up

      Thank you

      @Gianni Straniero: Thanks for clearing that up mate, I was always under that impression the VPN was merely between you and your router (esp for home users). Now if ONLY I could find a tutorial on setting one up ;)

  26. Luther Blissett

    Not enough jails to detain all the freetards

    Contrary to the paranoia, the objective here is not to turn freetards into nervous wrecks. (That may come later - much later).

    > "We're not trying to be 100 per cent accurate," he said. "We're taking a statistical view."

    This does not mean what he wants you to think it means. You think you might or might not get sampled, so that makes it a "statistical view".

    But he isn't saying what copyright database they are going to be using, so we don't know who or what is on it. Self-evidently the results are going to depend on the database. But how complete is that database? Does it contain only copyrights owned by Big Muzak? As he isn't saying, it seems a reasonable inference that the database is incomplete - and that the results will be biased in favour of Big Muzak. IMHO that's his "statistical view".

    Less nu Stasi, more corporatist-fascist business-as-usual.

  27. Neal 5

    Thing is though

    Perhaps someone can tell me, how will this handle something like TorrentRelay, whereby any torrent is downloaded by another server, unrelated to your PC/Mac whatever, and then once the server has downloaded the torrent, you download from the server as normal HTTP traffic from one IP address. All the dirty work has been done by the other server, and when you download from the server, you show only yours and the servers IP, seemingly no sharing, same as a large update or SP from Microsoft.

    The traffic admittedly won't be difficult to decode or inspect, but the idea of DPI is to detect multiple IP's indicating file sharing by torrent or P2P.

    Does this mean that all traffic between ISP and IP is going to be inspected or just identifiable sharing data?

    Where do you draw the line, is anything over 1MB, going to be determined as file sharing?, what about if I send some holiday snaps to a friend in an email?, whatabout if I send a home movie to a distant relative by email?

  28. Anonymous Coward

    stop using the reply button, it doesnt work well

    people stop using the reply button, it doesnt work well, and means you may miss that interesting informative reply if you dont keep refreshing the pages and rechecking al the replys to date....

    just use copy/paste for now untill Elreg sorts this messy thing out.

    chris, can you have the Elreg techys make it post all future quoted replys to the end of the threads, as at least then your users page refreshs wil not miss potentially interesting feedback, adding in a direct URL link to the replyed post could be used to take people back to the OPs full entry too

    1. Law
      Thumb Up

      +1 for the reply proble... ooops!

      sorry! :)

      The real solution would be for you to get a reply notification icon to replies/new posts since your last visit to that page, and have these new posts highlighted when refreshed. With the update icons in your control panel you won't have to keep hitting refresh on a page... and maybe some option to list by date and a view all instead of paged view when in a discussion too.

      Must admit though, I share your pain - the new threading is a bit of a bugger when looking for updates... for long discussions the splitting of posts into multiple pages only adds to the frustration... my old method was to keep pages alive, and hitting refresh once the page reloaded it would jump to my last position... now it's always messed up so gave up.

    2. mmiied

      not both

      if we do one or the other but what annoys me is the problem of pepol doing both and then me missing all intresting descuions

  29. Anonymous Coward
    Anonymous Coward

    RE: Encryption

    Encryption hides the content of the packet. Whilst legal teams for the RIAA / MPAA etc. could look at a swarm connected to a tracker - you can do it the pirate way and just use magnet links and DHT for distribution.

  30. pAnoNymous

    ISP lose legal defense with this?

    surely ISPs will lost the legal defence that they don't know what's going through their network and therefore can't be held accountable with this?

    if an ISP know that's someone is using their connection to download copyright infringing material/etc then the ISP is facilitating this and could be help accountable, perhaps?

  31. Anonymous Coward

    reducing the P2p traffic directly reduces the income and taxs receaved!

    this is odd, market forces dictate that by actively reducing the P2p traffic directly like this it will also directly reduce the income for the ISP and the and taxs the Gov get month on month.

    if your a VM customer and want to use P2p a lot, be it perfectly legal use or otherwise, statisticly your Far more likely to be taking the existing higher priced 50/Mbit/s Virgin Media package to overcome the existing upto 12 hours STM restrictions on all the other lower Virgin Media packages.....

    if you then find you, or more likely your family members, decide they dont want to be *intercepted by a company they are paying good money to use, or given a UID (Unique ID), then theres the Very Large incentive to just drop your highest cost Virgin Media 50Mbit package right down to the lower level with all the restictive STM in place and so save a lot of cash, but that also directly reduces Virgin Media's income month on month, and so the Gov do not get the higher cost packages taxs income eather, reducing their intake too.

    and thats a best case position, making a very large assumption that the Virgin Media consumer cant be bothered to go the whole way, and just get a totally different provider, as theres are no other cable providers OC as Virgin Media have a monopoly in the uk, For Now.. perhaps OFCOM etc need to look at that and Force Virgin Media chief exectuvie Neil Berket to Open it up to non some invasive providers ASAP...

    i guess 3G and those Vm customers in the BT FTTC area's will be VERY popular over this christmas quarter for those wishing to just get off Virgin media's interceptin and inspecting network weather they use P2p or Not, hence more burden on the remaining customer base to to pay more for less to make up the shortfall.

    hmmm , with the new very strict UK/EU advertising rules and regulations now in effect, does Virgin Media chief exectuvie Neil Berket and especially his PR sales teams now NEED to tell the potential New customers and their family members young and old, they are at risk of being intercepted and inspected as one of the 40% total traffic when they use Virgins cable network.

    *( who does want to be intercepted and inspected ? and its nearly always the wife thats after saving money for other uses, usually her own use, and getting you off the interweb so she and the kids can use it far more remember)

  32. Anonymous Coward

    Enough you want to illegally search my..?

    Making this announcement may result in a decrease in bandwidth use. Which would help the known capacity management issues VM has ( So why not use legal torrents to skew Detica' s data and use the service you're paying for?

    Here's a few links that aren't Linux distros for variety...

    The Open CD (open source for Windows). Cut budget? (

    The Humanure Handbook v3 (apt for a Sith Lord). (

    Georgia Wonder ( have a legal Pirate Bay torrent. ( If you like them, go to their site.

    Wonder how VM would cope if 1.4 million users all downloaded the 3.1 gigabytes of music from the SXSW 2007 site and one legal movie per day. How will Detica know the difference? And how will Detica tell the difference? Unless they're monitoring IPs...

    You're already paying for the service. Be a shame not to use it, right? Oh, and angrily mention the DPI trial to a VM service rep and threaten to take your business to Sky. See what discount you get for the next year... :o)

  33. theloon

    Let the Cat and Mouse games behind

    It's going to be amusing to watch this one. Having written one of the official responses to the UK Gov telling them this is a giant waste of time, I'm going to have a good time watching this one fail...

    If only it was not going to cost the tax payer in the end. That is the real crime here.

  34. John Smith 19 Gold badge
    Thumb Down

    Not recording the actual IP address is a *policy* decision

    Not a technical problem.

    Policies can change.

    That sound is the Dark Lord whipping out his statutory instrument.

  35. Anonymous Coward
    Thumb Up

    the games people can play with ISPs and their agents and contractors etc ;)

    "Alan Woodland

    Better yet # ↑

    Posted Monday 7th December 2009 22:25 GMT

    Better than that why not share some files that you own the copyright on with your friend who you've granted permission to download them from you. Then by their own admission they make an *unauthorised* copy of your copyrighted works!


    see , we nearly missed this latest post place somewere up there butthe broken Elreg SW, as you didnt cut&paste and just posted it below, but used the 'reply' button istead.

    what , you mean something like Dan bull posting his Dear Mandy, or the musicion that wanted to post his copyright songs on facebook but they blocked him as one of the Big Corps claimed they owned the HIS copyright when they didnt, cant remember the blokes name now but it happens.

    given that VM/Detica are makeing an exact cloned copy of the childs/silver surfers full dataflow to work on elsewere, then assuming anything found is a valid P2p file with a given hash and not a false positive....

    perhaps somone can write a quick hash equaliser that can be run on a given file and realtime , and produce a re-hashed file that meets the same values as the for personal use mp3 files these alleged unlawful file-sharers/bad people put on usenet and torrent sites, hell perhaps these so called alleged unlawful file-sharers/bad people can auto generate their hash values and put them in a free database for personal use only (and a 10000 UKP per use for commercial profit minimum commercial use being 10 units per transaction, delivered in cash, in pound coins at your designated location at 6 PM GMT on the day they grab it online to be provided with a swarn afadavid stating their intended purpose per use copyright restriction or some such legally binding commercial contract ;) ) for all users to then use to make all legal files look like the same bad mp3 files, masses of false positives all round shoudl give the the US investor owned Virgin Media something to ponder...

    1. Roger Heathcote 1
      IT Angle

      @ "perhaps somone can write a quick hash equaliser"

      No, they really can't, that's exactly the point of good hashing functions.

      Even MD5, which is considered broken and deprecated by most, takes a hideous amount of processing power to find collisions for. If they're using exact hashing at all (which I can find no mention of) they'll be using standard issue SHA128 or SHA256 for which there are no known vulnerabilities.


  36. Anonymous Coward

    i dont mind...

    i stopped downloading music after i started using spotify.

    If the dpi can be used to reduce botnet activity on the VM network, thats a good thing.

    Presumably if the bots need to communicate with the outside world (sending spam email) then the endpoint would need to be in the clear. While not halting bots, it would make spamming (and the spread of the bots) a bit harder.

    if they started monitoring for tv shows however, id be a bit worried. :P

    so yeah, encryption and stuff.

  37. Martin Nicholls

    Here we go again.

    These people understand what they're doing is illegal and that directors (including branson) can face up to five years in prison right?

    The government is going to be compelled to act, there's every chance they're going to make a showcase out of the punishment just to show the EU that these breaches are going to be taken seriously after the phorm farce.

    Have fun deep packet time wasting my SSL traffic.

  38. Anonymous Coward
    Anonymous Coward

    the answer

    this is how it will work - CVIEW will look at IP - it will take a snapshot maybe every few hours & take the top 5% of ips who have downloaded say >1GB - this data will then be sniffed.. this is not science once the ISP knows your doing it they can then sniff you on realtime - believe me i do it currently in my role . if you download the odd album then ild say no need to worry as youll be in a group of some > million users which is very hard to catch - the problem lies with the bigger material.

  39. ShaggyDoggy


    Acoustic matching won't affect me, I only ever listen to electronic music

  40. Peter Fairbrother 1

    Re "Eh?"

    "No Detica - actually YOU have missed the point. Data I send using the internet is mine. I own it - and I don't want you peeping into it. Get 'yer bloody mits off! Whether you trace the data back to me is a secondary point - you shouldn't be peeking at what I am doing ANYWAY!"

    Absolutely, though perhaps it should be addressed to Virgin, not Detica. That's the opinion of the EU, as expressed in several directives. It's also the law in the UK (RIPA).

    El Reg, there has been a lot of comment about the probable illegality of this, but you don't mention it in your article - have you been snow-jobbed?

    This sort of DPI is illegal, for now, under UK law. It probably won't be illegal under UK law after/if the new Digital Economy Bill is in force, though it would remain illegal under EU law. The EU is trying to get the UK to change the present UK law regime to comply with EU law, but it's a long slow process, and the process hasn't even started for after the DEB is passed.

    What I don't get is what Virgin Media gets out of the deal. Unlike Virgin Media, Virgin Records isn't part of the Virgin group, it's part of EMI. Or are they somehow otherwise affiliated?

    1. Anonymous Coward
      Anonymous Coward

      It will benefit Virgin

      They are setting up their own online music store.

      They plan to snoop on everyone using P2P, send them all letters saying "hey scumbag use Virgin's service instead and we won't cut you off" and bingo, millions of pounds worth of free advertising. Better than advertising actually, people ignore advertising, they don't ignore threatening letters!

      How do people keep missing this small detail?

      It's like if Lurpak* built a death ray that could see what type of butter was in every kitchen in Britain, at the same time they were granted legal power to tell people what kind of butter to eat - and everyone just scratches their head and goes "but how does this benefit Lurpak?".


      *name picked entirely at random

  41. Anonymous Coward
    Anonymous Coward

    You what?

    "replacing it with a randomly-generated unique identifier" - pardon? What's the point of that? You might as well just record the IP and be done with it; or else how are you going to track the degree of filesharing to the same user? I get a feeling in my bones of cooked statistics coming up as a result of this.

    1. CD001


      Either it's not random, hashing the IP address for instance, or they're not tracking individual users and the unique identifier merely identifies that specific transfer - which was the impression I got from the article. They're merely generating aggregate data about P2P usage and what approximate proportion is (probably) pirated.

      I'm guessing they're doing this for the sake of a report, the end result of which will be to say either "yes, piracy is rampant, we may be forced (by El Gov) to take further measures" or "actually, the figures the music industry have come up with greatly overstate the amount of piracy, can we tell them the stfu and fo now, plz? kthnxbye" (all that bandwidth r used for cheezburgers, natch).

  42. mmiied


    what allwasy gets me is theyt allways talk about pepol sareing music? I P2P a lot and download a lot of stuff but none of it is music it is all TV shows(ones that are not going to be out here for yesrs like big bang theroy) some films (ones I think I might like but could never bring my self to buy eg anything made by disny) and porn (lots of porn) all of that is probley copyrighted (excpet maby some of the porn) but they do not seam bothered about it

  43. Oliver 7

    Oi! Beardy! NNNOOOOOOOO!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    Can't see how they'll make this work but we're all paying for it one way or another and it may well be turned against actual users once the DEB comes in.

    Can only hope that they run out of time in parliament before DEB is enacted. There are many other worthy bills that should be passed or repealed but Mandy's mates seem to be first in the queue! Surprise huh?

  44. Anonymous Coward
    Anonymous Coward

    Pot, meet kettle

    As far as I can see, VM are proposing to make a copy of the data sent through P2P networks. A lot of that will be copyrighted and VM will not have the copyright holder's permission to make that copy.

    So how exactly are they superior to the people they are spying on? And will they be counting themselves as illegal file sharers in the statistics?

  45. Anonymous Coward

    Maybe it's ...

    ... time to start torrenting lots of large .txt or .jpg files renamed as .mp3 perhaps?

This topic is closed for new posts.