Re: Deep packet inspection technology
All of this is rings as non-sense reflecting a hostile environment for companies doing business in the US and today's regulatory powder keg.
Sandvine creates solutions for carriers using swiss army knife style products - akin to a python interpreter with libraries to do useful things with network traffic or standards signaling traffic.
There is no product Sandvine offers that can directly/independantly MITM TLS encrypted traffic. Perhaps it can MITM TCP (like any software) and perhaps it could be more useful in figuring out which flows are interesting to MITM. Perhaps they have solutions which lowers the barrier for semi-skilled malicious actor to use Sandvine in the chain of an attack... but facts don't matter in a world of feelings... and the public and the press and likely the US and Canadian government are lacking facts, logic and fortitude to do what is actually needed and go after the underlying problem.
The reality is that Sandvine as a company is better known in the industry for their innocuous solutions like volte/E911 QoS prioritization (which isn't even a DPI solution), Quota Management, congestion management etc. The US govt. just put all their US affiliated customers in the position where they might not be able to engage with the Sandvine support organization without possibly violating the EAR, an act which was put in place to prevent nuclear and arms proliferation with penalties to match. Forget that Egypt was an A+ ally and country prior to Arab spring and basically any network vendor doing anything interesting/useful is vulnerable to this kind of reactionary virtue signaling.
Why is Sandvine & the Canadian government tight lipped about all this. Allegations seem to stem from the U of T and Citizens Lab who don't seem to go beyond speculation that because such potential dual use tech exists and is in Egypt, that it must be up to the vendor to police or not have a product that can be used for evil? Oh boy that's a slippery slope...
Where is Citizen's Lab pushing the relevant technology to improve the internet for all of us that kneecaps potential for misuse? Why aren't they relating exploits to the proposed technology standards that prevent human rights abuses by malicious governments? Why is the US administration playing pretend world police through virtue signaling?! We sell real arms to countries knowing which rebels they are going to kill. Why are sanctions being put on a technology partner instead of the actual human rights abuser?
I wonder, if Sandvine/Francisco Partners are the losers/being squeezed here, who is, or rather who will be the winner?! Are we beginning to see the slippery slope of tech regulation?