×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Will ISPs Be Driven To Spy On Their Customers?

timothy posted about 2 years ago | from the won't-be-a-long-drive dept.

Privacy 133

bs0d3 writes "In regards to the new 'voluntary' graduated response deal (where no one really knows how ISPs will track and accuse customers of copyright infringement), according to CNN, it may be the ISP directly spying on their customers. 'But now that they're free from individual blame, there's also the strong possibility that the ISPs will be doing the data monitoring directly. That's a much bigger deal. So instead of reaching out to the Internet to track down illegally flowing bits of their movies, the studios will sit back while ISP's "sniff" the packets of data coming to and from their customers' computers.' This could be a problem for people who use U.S.-based internet services. If the U.S. wants to be an internet savvy country, they still need the competition in the marketplace that's always been missing, and a digital bill of rights that isn't a sneaky anti-piracy measure."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

133 comments

short answer (5, Informative)

roman_mir (125474) | about 2 years ago | (#40584859)

yes

Re:short answer (3, Interesting)

game kid (805301) | about 2 years ago | (#40585037)

Though it seems like an exception to that headline law [wikipedia.org] , it doesn't count because we already knew they already spy on us or allow direct use of their facilities to do so.

Just use SSL for everything (2, Insightful)

Anonymous Coward | about 2 years ago | (#40584865)

Computers are fast enough... there's barely any CPU overhead anymore.

Re:Just use SSL for everything (0)

Anonymous Coward | about 2 years ago | (#40585191)

Time Warner doesn't resolve ip addresses to places they don't think you should be.

Re:Just use SSL for everything (3, Insightful)

The Master Control P (655590) | about 2 years ago | (#40585269)

Do they also block access to all other DNS servers?

In any sane world this would be sarcasm, but you never know these days.

Re:Just use SSL for everything (3, Informative)

amiller2571 (2571883) | about 2 years ago | (#40585367)

I have Time Warner and I used to use their DNS, but I had trouble with them not resolve some IP addresses. I switch to Google DNS and now I have had no trouble at all.

Re:Just use SSL for everything (1)

Jane Q. Public (1010737) | about 2 years ago | (#40585859)

Even if you use an external DNS, your traffic is still going through your ISP. There is no getting around that.

Re:Just use SSL for everything (1)

kesuki (321456) | about 2 years ago | (#40587141)

the onion router, virtual private networks... there are ways of getting access to computer your isp has blocked with a firewall.

Re:Just use SSL for everything (2)

Jane Q. Public (1010737) | about 2 years ago | (#40587185)

That's quite true. However, your traffic is STILL going through your ISP. There literally isn't any way around that.

Which is precisely why we must not allow ISPs to monitor.

DNSCrypt (1)

Anonymous Coward | about 2 years ago | (#40587891)

"That's quite true. However, your traffic is STILL going through your ISP. There literally isn't any way around that."

Tor, or:

DNSCrypt

"In the same way the SSL turns HTTP web traffic into HTTPS encrypted Web traffic, DNSCrypt turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks. It doesnâ(TM)t require any changes to domain names or how they work, it simply provides a method for securely encrypting communication between our customers and our DNS servers in our data centers. We know that claims alone donâ(TM)t work in the security world, however, so weâ(TM)ve opened up the source to our DNSCrypt code base and itâ(TM)s available on GitHub"

https://www.opendns.com/technology/dnscrypt/ [opendns.com]

- Download the right package for your Linux distribution:
https://blog.opendns.com/2012/02/16/tales-from-the-dnscrypt-linux-rising/ [opendns.com]

https://github.com/opendns/dnscrypt-proxy/blob/master/README.markdown [github.com]
https://github.com/opendns [github.com]
https://blog.opendns.com/2012/05/08/dnscrypt-for-windows-has-arrived/ [opendns.com]
http://techcrunch.com/2011/12/05/dnscrypt-encrypts-your-dns-traffic-because-theres-always-someone-out-to-get-you/ [techcrunch.com]
http://www.h-online.com/security/news/item/DNSCrypt-a-tool-to-encrypt-all-DNS-traffic-1392283.html [h-online.com]
http://blog.opendns.com/2012/02/06/dnscrypt-hackers-wanted/ [opendns.com]
https://www.linuxquestions.org/questions/debian-26/dnscrypt-930439/ [linuxquestions.org]

Re:Just use SSL for everything (5, Insightful)

DarkOx (621550) | about 2 years ago | (#40585877)

I think most ISP have enough common sense not to try that. All it would take is for some 3rd party DNS provider to stuff a NAT statement into their iptables such that 80 -> 53. Doing DNS on TCP is not to much overhead for modern hardware.

At that point they'd have to start doing inspection to make sure all 80 traffic looks like http. That would even get somewhat more complicated if the SSL port were used. Its game over once people implement local stub DNS resolvers that actually call a web service somewhere over https to do queries.

Unless ISP are prepared to essentially deploy Websense or something like it with SSL intercept and block any protocol including VPNs etc, that is not http, https, possibly ftp, and does not appear to some other protocol implemented on top of those its impossible. I don't think consumers would stand for it.

*What do mean I can't connect to my companies VPN?
*WOW and all my old games wont work any more, I have to buy new ones that use webservices and have shit latency thru your proxy!
*No more VOIP

That dog won't hunt.

Re:Just use SSL for everything (2)

nurb432 (527695) | about 2 years ago | (#40585361)

Perhaps, ( not a TW customer ) but that isn't really what the subject was about. Encryption would prevent spying on arbitrary data transmission.

Preventing access to 'unauthorized addresses', that is a different discussion.

Re:Just use SSL for everything (1)

kesuki (321456) | about 2 years ago | (#40587065)

there are a few problems with saying isps have to monitor everything non politicians transmit. because of course the law won't apply to them or their corporate buddies. first off is encryption. encryption is only vulnerable on the host when it is about to encrypt data, except in the bizzare case where two computers use the same encryption keys, and access to both streams encrypting the same data, and then it is like a lucky shot to correlate the data and bring it to the attention of users looking for that exploit. unencrypted data is searchable but again see how hard google and the like have finding things, it is not easy, do you want the full emails of billions of people? even if servers can scan in one language people speak in several thousand languages. it becomes harded and harder to track languages especially when they start using unnoficial slang uses of foreign words. so now you need to scan in at least the top 12 languages? i know computers are widespread, but do we really want to say in law every email has to be grepped? got it? this is n hard stuff here, are you going to target people for suicide watchs becuase their home pc detected them pasting depressed songs? or are we just going to make computers so hard to use that no one uses them?
so lets hypothetically say we can overcome the technical hurdles we can make computers to catch all the 'terrorists' who don't speak in riddles? do you realize what that means? then we can have what a society where people are all so clean and neat that no one knows how to relax by a friend as the camera/computer monitors what they say, like in 2001 a space odysey.

there is a problem with would be police states. life isn't worth living if you are too afraid of breaking the law to live. life has risks.

Fantasy (1)

irving47 (73147) | about 2 years ago | (#40584911)

"a digital bill of rights that isn't a sneaky anti-piracy measure."

Dream on.
I regularly dream of leaving this industry because of nonsense like this.

Re:Fantasy (1)

DarkOx (621550) | about 2 years ago | (#40585899)

Don't I know the feeling. I am saving up, hopefully a few years from now I can move to Maine and run a Christmas tree farm. I am getting tired of even thinking about this nonsense.

You mean they don't do it already? (4, Interesting)

stanlyb (1839382) | about 2 years ago | (#40584923)

Really? Anyone? Really believes that the ISP are protecting you? Your privacy? With claws and fangs?

Re:You mean they don't do it already? (5, Interesting)

ATMAvatar (648864) | about 2 years ago | (#40585105)

I don't think anyone believed that many (if any) ISPs were fighting the good fight, as it were. The assumption was more that ISPs are typical businesses, which do not incur costs unless required to do so. Setting up infrastructure and staff to monitor subscriber traffic costs money and effort. Without some well-defined, monetary gain in doing so, ISPs simply won't bother.

So to answer your title - no, most ISPs probably haven't monitored traffic already, because it was a waste of time and resources to do so.

Re:You mean they don't do it already? (1)

Darkness404 (1287218) | about 2 years ago | (#40585153)

Exactly, the only monitoring ISPs will do is due to either government mandated crap, or government-sponsored lawsuits (RIAA/MPAA) due to their horribly outdated intellectual "property" laws.

Re:You mean they don't do it already? (2)

hot soldering iron (800102) | about 2 years ago | (#40585947)

Actually, at the last local industry expo I went to, the Sonicwall rep told me about their really new, really expensive, ISP grade router that came complete with deep packet inspection, white and black lists, and real-time data stream analysis. So I could push it to my clients to "stop those pirates downloading warez and movies".
Companies don't spend any more than they have to, true. But smart companies plan for shifts in the market, and having to spy on their users definitely is a market shift. Buy the equipment now, use the increased capabilities to make happy customers, and have the gear halfway amortized when the spying mandate comes down. Profit!

Re:You mean they don't do it already? (2)

stanlyb (1839382) | about 2 years ago | (#40586049)

Except if they want to force you to not use your bandwidth, or your cap limit, or this or that site that are producing a lot of traffic, or with other words, the ISP business is the only one that does not give 100% of your speed, and does encourages you to NOT use your cap limit. In fact, it is even worst, when they promote for example 3MBs, with 30GB limit, what they mean is that the regular Joe would use only 1/10th of this speed and only 1/10th of this limit. As a result, if their cable has the maximum capacity of 3MBs, then they will sell this same speed to 10 customers (with the hope that it will work out....somehow).
And yes, in most cases it WORKS. But as the users become more and more computer savvy, and are demanding more video and audio, and more Netflix like services, the final result is that this approach DOES NOT WORK OUT anymore.
So, to answer your question, what a sane business entity as ISP could and would do in this case?
1.Monitor the traffic and do anything possible to throttle down the "bad" users.
2.Upgrade their network.
Please, don't answer me, we all know the answer...

Re:You mean they don't do it already? (5, Insightful)

Kjella (173770) | about 2 years ago | (#40585237)

Really? Anyone? Really believes that the ISP are protecting you? Your privacy? With claws and fangs?

No, I think they're covering their own asses by making sure they know absolutely nothing about anything I do or don't do. If they start flagging copyright infringements for one company I'm sure they'll get sued by a bunch of other companies for secondary infringement or criminal negligence or being co-conspirators as they let all the other infringements pass. And not just copyright infringement but everything else too, the user is sending SPAM and they let it pass? Sue the ISP. Internet fraud? Sue the ISP. Hacking? Sue the ISP. If anyone can show the ISP "knew" the customer was doing something illegal but continued the subscription to turn a profit, they could get in all sorts of legal shit. Either you're reading the bits or you're not, you can't both do that and claim ignorance at the same time.

Re:You mean they don't do it already? (1)

nurb432 (527695) | about 2 years ago | (#40585377)

Only if it means they will lose all their customers by not acting would they do something to protect us.

Re:You mean they don't do it already? (0)

Anonymous Coward | about 2 years ago | (#40587971)

If not, how else do they catch/arrest/question the hackers, paedophiles, terrorists, etc, etc. But I do appreciate moves to make them honest about it.

Free Market, Informed Customers (0)

Anonymous Coward | about 2 years ago | (#40584935)

Anybody who understands the issues and has any kind of forum has a responsibility to use that forum. Expose ISPs that behave unacceptably. Let informed customers leave the ones that deserve to be left and go to the ones that want money and are willing to act accordingly.

Re:Free Market, Informed Customers (2)

Mycroft_VIII (572950) | about 2 years ago | (#40585083)

That only works when you have more than one to choose from. Where I am at you have the cable monopoly and AT&T who couldn't even keep dial-tone service working 3 days in a row let alone dsl (which caps out at 128 up 768 down!).

Mycroft

The US is not a free market (2)

Darkness404 (1287218) | about 2 years ago | (#40585197)

That is all well, but the US is not a free market when it comes to ISPs because the government gave out massive amounts of moneys to large corporations to "modernize" the US which means that in many areas there are only 1 or 2 ISPs, both megacorporations and no other ISP can compete with them either by law or because they already had such a large competitive advantage by having all the infrastructure basically paid for by theft (taxes). We need to not make this mistake again and cut off all taxpayer support to ISPs and other private companies in order to allow the free market to work, otherwise you have a mess like we have today.

Re:The US is not a free market (2)

SuricouRaven (1897204) | about 2 years ago | (#40585279)

Even absent government-granted monopoly, ISPs are a perfect example of a natural monopoly: Once one ISP has an area cabled up, it's no longer financially viable for another to move in. They'd have the huge up-front wireing cost only so they could compete with an incumbent.

Re:The US is not a free market (5, Interesting)

sqrt(2) (786011) | about 2 years ago | (#40585571)

Which is why the physical infrastructure should be nationalized and leased by the government to private businesses who must then compete with each other. This would lower the barriers to entry and open up competition. And laying all that fiber will create a lot of jobs too.

Re:The US is not a free market (5, Interesting)

Jane Q. Public (1010737) | about 2 years ago | (#40585777)

"Once one ISP has an area cabled up, it's no longer financially viable for another to move in."

That's why some smart communities have decided to let the city or county build the cable infrastructure, using tax dollars. Then they rent the infrastructure to data providers.

Not only do they save money, they are not subject to coercion by monopolies.

Re:The US is not a free market (0)

Anonymous Coward | about 2 years ago | (#40585883)

My home town was going to do that and the two options pretty much squashed the idea, one promised to have faster service out soon, it took them 7 years to do it and only after they were bought by a company that made it their regional headquarters and the other just gave a generic blah, blah, blah, self regulation, blah, blah, blah free market statement.

In other parts of the country the ISPs have actually sued to get it stopped.

Re:The US is not a free market (1)

the eric conspiracy (20178) | about 2 years ago | (#40586067)

It's simpler than that. Just handle it like the phone lines - the cable owner has to allow others to offer services on their infrastructure.

The howling would be awesome.

Re:The US is not a free market (2)

Jane Q. Public (1010737) | about 2 years ago | (#40586175)

Agreed. But it is hard to explain how this works to people who are not familiar with the concept. They tend to think it is a "government takeover" of private enterprise and/or property.

There is a very high correlation (outside the U.S., which hasn't tried it so it's irrelevant) between regions that have required leasing of backbone bandwidth, and those that have not. Those that have mandated sharing deliver remarkably high bandwidth at astoundingly low prices, compared to those that do not.

So, although it seems counter-intuitive to many people, mandating the sharing of the infrastructure actually promotes free-market capitalism. And I'm all for it. We just need to kick some Congressional asses and get it done.

Re:The US is not a free market (1)

the eric conspiracy (20178) | about 2 years ago | (#40586943)

Well it is something of a loss in rights to treat it as your exclusive property, so I have some sympathy for the howling.

However that sympathy is well tempered by the abusive treatment that the monopoly cable owners inflict on their customers.

Ultimately the monopoly situation is really just unreasonable.

I happen to be in an area served by a traditional cable company as well as FIOS, so I have personal experience with both a monopoly situation and having competition. Competition is much nicer.

Re:The US is not a free market (1)

Jane Q. Public (1010737) | about 2 years ago | (#40586991)

"Competition is much nicer."

Amen, brother.

(Note: I am not particularly religious; it just seemed a simple way to express my agreement.)

Re:The US is not a free market (0)

Anonymous Coward | about 2 years ago | (#40587409)

The smart communities have put up barriers to entry to competition to get the sweet sweet kickback checks from the monopolies.

You can tell there is corruption without looking very far. [huffingtonpost.com]

Re:The US is not a free market (1)

stanlyb (1839382) | about 2 years ago | (#40586117)

Actually, it is financially viable for many small players to move in this area. But unfortunately, the good government is having so many little nasty and expensive regulations, that only some big player with a lot of money and connections could manage somehow to be a competition to the existing ISPs.
As a friend of mine, who is in this business, said once to me, all he needs are 1000 customers, and with this user base he could provide them with a fiber cable. To every single home. Literally. In a matter of 1 to 2 years (depending of the population density). But of course all these regulations are too expensive to follow, and the final result is MONOPOLY.

Re:The US is not a free market (2)

amiller2571 (2571883) | about 2 years ago | (#40585407)

When it comes to cable internet, in my area we only have Time Warner. I hate them with all my hart, they charge out the ass for crappy speeds. I know some people who are play they same amount as I am and have 4 to 5 times the speed.

Re:Free Market, Informed Customers (2)

cheekyjohnson (1873388) | about 2 years ago | (#40585639)

I have plenty of choices. Let's see... Comcast, Comcast, and Comcast! Oh, and Comcast, too! Unfortunately, AT&T isn't in the area yet, but there are still plenty of choices!

"anti-piracy" (1)

Anonymous Coward | about 2 years ago | (#40584987)

more like anti-privacy

Are you fucking serious? (1, Interesting)

Anonymous Coward | about 2 years ago | (#40585017)

This is the most blatantly sensationalist piece of shit article I've seen in recent memory. The time article they source pretty much explains it all:

An Internet user downloading media illegally gets flagged by the copyright holder

Implying that nothing is changing, the media companies will continue outsourcing the scraping of public bittorrent swarms and notify ISP's that one of their IP's was sharing x content at y time and ISP's will send a letter based on who was addressed that IP at the time informing you why it's wrong.
The only thing that might change is that they'll probably give your information to the MAFIAA after you've "shared" their content more than six times, or something else. More likely however, is that this won't happen at all because of sensationalist articles posted by incompetent journalists that can't even get the facts straight. So maybe it's worth thanking Douglas, but he still sucks at his job.

Re:Are you fucking serious? (-1)

Anonymous Coward | about 2 years ago | (#40585079)

Anyone want to tell me why this post is being downmodded? Torrentfreak has been doing extensive reporting on this matter and indicate that media companies will be doing swarm scraping, nothing is changing except the fact that they report you to your ISP and your ISP keeps track of the number of times they caught you in a honeypot sharing their content.
The article is deliberately sensationalist.

FIRST POST!!!!! YIPPIE!! (-1)

Anonymous Coward | about 2 years ago | (#40585045)

FIRST POST!!!!!!! At last!! Wow... I'm giddy. I finally got one! Been trying for years. =^.^=

"...be driven to...?" (-1)

Anonymous Coward | about 2 years ago | (#40585067)

Naris, et al.

NO !! (0)

Anonymous Coward | about 2 years ago | (#40585165)

ISPs don't need to be driven anywhere !! ISPs are alreay there, doing it NOW !! TWC ?? YES !! ALl Your Bases Are Belong To TWC !!

Why? (3, Informative)

Mathias616 (2612957) | about 2 years ago | (#40585173)

I can understand why the RIAA and MPAA would be interested in this happening, by why would an ISP want to do this? The act of monitoring the activity of their customers requires a lot of dedication to packet capturing and inspection which would cost a lot of money. From a business standpoint, embarking on this conquest to monitor every single customer is a bad idea because no revenue will be generated by doing this. The only reason I can think of for ISP's to do this is that they are being paid to do so by the RIAA and MPAA, that is the only way they would spend money on this program when it does not generate more revenue from their customers. So what is happening here is two big industries are paying members of another industry to violate the privacy of their customers for financial gain. I wonder where we will see this next if this succeeds. Perhaps the porn industry will pay ISP's to track their customers porn habits so that they can effectively market to those individuals. There is a wide variety of possibilities so long as they isn't illegal. You could argue that pirating is illegal and that is why this differs from other situations, but who the hell made the RIAA and MPAA into legal institutions? They aren't getting court orders to have ISP's snoop on customers, there is no court system here.

Re:Why? (0)

Anonymous Coward | about 2 years ago | (#40585261)

They aren't, the writer is just looking for hits and feigning ignorance about how they'll monitor infringers. The only thing that's changing is the ISP's may put a system in place that keeps track of how many times firms complain about an address sharing their content. The MAFIAA is still going to oursource other companies to scrape bittorrent swarms, monitor other p2p protocols and send C&D's to direct download services.

Re:Why? (1)

Eil (82413) | about 2 years ago | (#40587901)

I can understand why the RIAA and MPAA would be interested in this happening, by why would an ISP want to do this? The act of monitoring the activity of their customers requires a lot of dedication to packet capturing and inspection which would cost a lot of money.

Not really. I work for a company that sells solutions to ISPs (and others) for detailed analysis of the traffic on their network, right down to the application level. Unless you're subscribed to some local mom-and-pop DSL provider, your ISP already know exactly what you do with your Internet connection. The hardware and software to do this is not terrifically expensive anymore. And usually, it has the ability to do things like DDoS mitigation and on-the-fly load balancing as well. (We sell boxes that can do deep packet inspection at a rate of 40 gigabits per second. And if you need more than that, all you have to do is buy more boxes!)

As long as your ISP is collecting data about the applications its customers are using, it's not at all difficult to monitor traffic for certain payloads or destinations, and then log the IPs of all traffic that matches. The better question to ask is: what are the ISPs getting out of this? Especially after SOPA and PIPA failed, what's in it for them?

Short answer: No (the correct answer) (5, Informative)

gavron (1300111) | about 2 years ago | (#40585177)

Fact:
First, there is no law requiring any action on the part of any ISP.
Disclosure: I participate in running an ISP, but not one of the ones involved in this.

Fact:
Some large national carriers have agreed to do some things. "Agreed" and "partnership" have no legal meaning. "An agreement is yet to be signed." is in the OP's link and that gives us an idea that in the future there MAY be an agreement. For now, should it happen, it's voluntary.

Fact:
No law of any jurisdiction in the United States currently requires any ISP to provide any content monitoring. The only requirements close to that are to allow Law Enforcement access should they have the right to it -- CALEA [askcalea.net] .

Opinion:
It would be counter to the AOL decision [aol.com] (Zeran v AOL) that an ISP is responsible for either monitoring content, taking action based on content, or being liable for content or failing to take action based on content. That's a fourth-circuit decision that makes it likely that any ISP that doesn't want to join the "partnership" with the MPAA/RIAA can easily not opt-in to their program. Note that I didn't say "opt-out" because that would beg the question of whether there's a requirement to join.

Looking forward, I can guess that our "friends" in the MPAA/RIAA will continue their program to CHANGE THE LAW through spending lots of money, lobbying, using the influence of former senator Dodd, etc. If they can get the law to require ISPs to do so, and thereby trump the 4th circuit's AOL decision, then there will be a concern.

However, as Sonic.net's CEO Dane Jasper said [tinyurl.com] ISPs should keep as little logs as possible, preferably under two weeks. That would make it difficult unless they are doing real-time DPI, analysis, investigation, and sending out C&D letters for any of this to have meaning.

While the resources necessary for ISPs to provide access under CALEA are minimal ("Here's your Ethernet port, have a nice day, Feds") the requirement to do DPI for hundreds of gigabits-per-second of data is beyond onerous -- if even achievable. Consider -- it's not just that an ISP has to monitor their "upstream" pipes, but also customer-to-customer. The amount of bandwidth inside each ISP's core is immense.

Sorry to be long-winded, but having read the other responses, I see a lot of D&G and nay-saying. I agree that the landscape is pretty harsh, and the earth is getting scorched. I see hope because I see that we have defeated SOPA, PIPA, ACTA, (and yes I know the TPP is still alive) and we can likely continue to teach our congressional non-representatives that when the majority of the country doesn't want something ... it's likely not something they should support in our name.

Ehud

Re:Short answer: No (the correct answer) (3, Insightful)

jftitan (736933) | about 2 years ago | (#40585291)

If I had any point, I would have given them all to you in some form or fashion. Thanks for your input, and you clearly have insight as to what this 'agreement' really means.

  I have heard random opinions about this situation, and most of them resemble your opinion as well. ISP will not be directly monitoring User's traffic, do so, violates a few other laws in palce. the AOL case, is a prime example WHY we will not have ISPs jumping onto the bandwagon to help MPAA/RIAA prosecute customers. From a business perspective, it would be detrimental for ISPs to be caught "snitching' on their users.

  The moment a ISP is labeled as a 'snitch', customers may change in droves to competition, thus killing a ISP in the process. I highly doubt this, because if Warner Brother wanted to go after its viewers and customers, then Time Warner would have been sending notices of impending doom to customers long ago. When ISP are forced to monitor customers' traffic, it will be FORCED. Non-compliance would result in fines, and penalties from the Government. Currently the government isn't the group of people trying to punish others right now.

Again this is about partnership. MPAA/RIAA being allowed direct investigation connection through the ISP. With this passing, it would only cheapen the process in which the RIAA/MPAA uses to catch users and send infringement letters.

Re:Short answer: No (the correct answer) (1)

Jane Q. Public (1010737) | about 2 years ago | (#40585707)

"No law of any jurisdiction in the United States currently requires any ISP to provide any content monitoring. The only requirements close to that are to allow Law Enforcement access should they have the right to it -- CALEA."

Fact: CALEA applies only to telephony; to date, it does not apply to the internet at all.

Congress has introduced some bills that would make CALEA -- or something very like it -- apply to the Internet. So far without success.

CALEA DOES apply to ISPs and Internet Comm. (4, Informative)

gavron (1300111) | about 2 years ago | (#40585921)

CALEA applies to Internet communication.

Pen/Trace - asking for email headers and IP headers but not content.
Full detail - asking for actual dump of bidirectional communication from a specific IP address or address-range.

See ISPs can be requested to forward all traffic... [harvard.edu]
or a company that helps ISPs comply... [netequalizer.com]
or this has been a law since 2007... [dslreports.com]

To find these things check out this link [tinyurl.com] .

Fact: I appreciate your copying my style. However, when doing so, please ensure that after the word "Fact:" comes a fact.

Ehud

Re:CALEA DOES apply to ISPs and Internet Comm. (2)

Jane Q. Public (1010737) | about 2 years ago | (#40586065)

I appreciate that you appreciate my sarcasm.

However, my comment assumed the CONTEXT that you used in your own comment; your reply abandoned that context.

Fact:
No law of any jurisdiction in the United States currently requires any ISP to provide any content monitoring. The only requirements close to that are to allow Law Enforcement access should they have the right to it -- CALEA [askcalea.net].

According to the EFF (which has actually been involved in litigation of this matter, and is a source I trust far more than your liberal University professors or journalists), CALEA does NOT require monitoring of content, which was the matter under discussion. CALEA only requires recording of header data: times of activity, etc.

But the context here was CONTENT, which you seem to have forgotten in your reply.

CALEA does not apply to internet CONTENT, at all. It does not, in itself, allow Law Enforcement monitoring of the content of internet traffic. It DOES allow that for telephony.

From the EFF website: [eff.org] "CALEA requires communications carriers to be capable of providing both "call-identifying information" (CII) and call content to law enforcement. In the circuit-switched world of traditional telephony, the meaning of CII was clear: telephone numbers are CII, and the conversations are content. But in the packet-mode world of the Internet, communications are encapsulated (see 16 below â" link), and each protocol layer is associated with different "signaling information." Whether a component is "signaling information" or "content" depends on which layer is reading it. Thus CII on the Internet is not a clearly defined concept, although it is in traditional telephony
...
Law enforcement is now attempting to broaden CALEA by requiring communications service providers to design their networks to make it easy and fast for law enforcement to perform wiretaps, pen-register, and trap-and-trace surveillance on a large number of people."


In simple terms: it ain't done yet. And maybe it never will be.

Re:CALEA DOES apply to ISPs and Internet Comm. (0)

Anonymous Coward | about 2 years ago | (#40586281)

This is the most straw-grabbingly pathetic rationalisation I've seen you come out with in the face of being demonstrably wrong on slashdot to date, and you do that very regularly.

I look forward to being arbitrarily dismissed in a self-contradictory bit of face-saving where you spend time going out of your way to post a response to an anonymous coward in which you claim to not care what anonymous cowards think/refuse to respond to one.

Re:CALEA DOES apply to ISPs and Internet Comm. (0)

Jane Q. Public (1010737) | about 2 years ago | (#40586385)

"This is the most straw-grabbingly pathetic rationalisation I've seen you come out with in the face of being demonstrably wrong on slashdot to date, and you do that very regularly. "

Haha. Go ahead. ASK the EFF if this is "straw-grabbing". They've used it -- successfully -- in court.

And if you say "I do it regularly", why are you posting as Anonymous Coward, you sockpuppet asshole? No balls?

Re:CALEA DOES apply to ISPs and Internet Comm. (0)

Jane Q. Public (1010737) | about 2 years ago | (#40586463)

Come on, answer me. Why should I pay attention to someone who doesn't even live here, who spouts opinions about MY laws, and doesn't even have the stones to stand up and give a name?

Do you really think that deserves any respect?

Enough Please (2)

gavron (1300111) | about 2 years ago | (#40586719)

This so off-topic as to be absurd.

Jane Q Public: You wrote "Fact: CALEA applies only to telephony; to date, it does not apply to the internet at all. "
Note: You didn't say "content" but later you clarified you meant it in context to imply content.

That's fine. Now go back and read my response where I pointed out that Federal agencies HAVE and DO request
[with court orders] pen/trace on email headers and IP packets.

I also appreciate that you labeled the three links I gave and a google search result (which has many more)
as "liberal University[sic] professors and journalists" but your ad-hominem attack only detracts from any claim you might have.

I know the EFF is wonderful, and I support them financially and use their 4th am. packing tape to seal my packages.
Unfortunately your lack of knowledge and insisitence that the EFF is the only source of knowledge despite "liberal
University[sic] professors and jounralists] is of no positive value in this discussion.

Finally, having personally been presented these court orders (and no, these were not National Security Letters;
these were plain old "Tap this, send us this" orders) by US three-letter agencies, I know it to be fact.

Stick to the facts, maam*.

E
* The real facts, not opinion, not ad-hominem attacks, not straw-man arguments, not anything.
My goal was to prevent disinformation -- THE EXACT THING YOU ARE NOW DOING. Stop it please and go time out.

Re:Enough Please (1)

Jane Q. Public (1010737) | about 2 years ago | (#40586895)

Note: You didn't say "content" but later you clarified you meant it in context to imply content."

YOU first mentioned "content". YOU set the context and topic, not me, and it is ridiculous for you to come back and try to chastise me for discussing the very topic you mentioned. Your reasoning here seems to be a bit skewed.

Now go back and read my response where I pointed out that Federal agencies HAVE and DO request [with court orders] pen/trace on email headers and IP packets.

Of course they do. That is not even remotely any kind of evidence that these are covered by CALEA. Court decisions, in fact, contradict the idea that they are.

"I also appreciate that you labeled the three links I gave and a google search result (which has many more) as "liberal University[sic] professors and journalists" but your ad-hominem attack only detracts from any claim you might have."

I will concede that the one comment could have been considered "ad hominem" (and it wasn't intentionally meant that way), but nevertheless, I still place more credibility on those who have actively been litigating these matters, over those who could in all generosity might be called bench-warmers.

"Unfortunately your lack of knowledge and insisitence that the EFF is the only source of knowledge..."

This is a mis-statement. I did nothing of the sort. I simply stated that they had practical experience in the field; nowhere did I try to claim they were the only authority. Get your own facts straight.

"Finally, having personally been presented these court orders (and no, these were not National Security Letters; these were plain old "Tap this, send us this" orders) by US three-letter agencies, I know it to be fact."

Your interpretation of the law, when presented with official papers, is anecdotal evidence AT BEST, and entirely subjective. If you were to show me a competent attorney's analysis of such paperwork, I might be convinced. However, I am guessing that there is about a 95% probability that you never bothered to get any. You simply took their word for it.

Ehhhhhh... (sound of an obnoxious buzzer). Your position lacks evidence. I have given you source for mine.

When you stoop to make fun of names... (1)

gavron (1300111) | about 2 years ago | (#40588075)

"Ehhhhhh... (sound of an obnoxious buzzer)"

When you make fun of my name, you drop yourself even lower than ad-hominem attacks.

Please take your spewage elsewhere. This thread doesn't need more of your misinformation,
and your attacks on my name are at best below the belt.

Best regards,

Ehud (sound of someone who has no tolerance for idiots)

Re:When you stoop to make fun of names... (1)

Jane Q. Public (1010737) | about 2 years ago | (#40588197)

"When you make fun of my name, you drop yourself even lower than ad-hominem attacks."

I haven't the slightest idea what you are talking about. Does "gavron" have something to do with "buzzer"? I neither know nor care. In any case, I wasn't mocking anyone's name. I don't do that kind of crap.

Re:When you stoop to make fun of names... (1)

Jane Q. Public (1010737) | about 2 years ago | (#40588273)

Hmmmm... this is just a guess, but you somehow thought that "Ehhhhhh" was some kind of attempt to mock the name "Ehud"??? I really don't know, so I'm taking a stab at it here.

I repeat that I do not do that kind of crap. But at the same time, it's a pretty big leap to conclusions on your part, to think that some random bit of onomatopoeia was some kind of personal attack. Paranoid much, are we?

As for "misinformation": I cited my source, and not only does it have solidity and reputation, what it stated is as clear as an azure sky of deepest summer. Your calling it "misinformation" does not make it so.

Re:Short answer: No (the correct answer) (0)

Anonymous Coward | about 2 years ago | (#40585787)

The Telco/Cableco are content producers themselves (at least in Canada). It is to their advantage to protect their outdated business model of selling contents. Having their customers cutting cord and switch to internet service only means less money for them.

Re:Short answer: No (the correct answer) (1)

pgn674 (995941) | about 2 years ago | (#40586223)

"An agreement is yet to be signed." is in the OP's link and that gives us an idea that in the future there MAY be an agreement.

That article is from June 23, 2011. A final agreement called the Momorandum of Understanding [copyrightinformation.org] (PDF) was written on July 6, 2011. It's an agreement between MPAA, RIAA, AT&T, Verizon, Comcast, Cablevision, and Time Warner Cable. I don't know if it was actually signed on the lines, and I haven't heard of anyone leaving or entering the agreement.

Re:Short answer: No (the correct answer) (1)

Kr1ll1n (579971) | about 2 years ago | (#40586905)

I also work for an ISP, which has roughly 2m subscribers, and can validate what the OP has stated to be true, with one caveat;

It is not unreasonable for an ISP to dedicate SAN infrastructure for the purpose of storing IP's, outbound connections, and source ports (where Carrier Grade NAT is in place) due to the humungous revenue stream it generates. Basically, ISP's are allowed to charge the *AA cartels for logs when they request them. The last number I had heard where I work was roughly 30k a month revenue stream for copyright infringement logs.

USPS (-1)

Anonymous Coward | about 2 years ago | (#40585193)

If the Post Office can do it, the so can ISPs.

Re:USPS (3, Interesting)

Darkness404 (1287218) | about 2 years ago | (#40585235)

The difference is the USPS is a government sponsored monopoly where legally you cannot compete with them. If they decide to increase the price of stamps to $15 a piece, they can do that and there's not much that anyone can do about it since it is illegal to deliver mail except by the USPS.

In fact, a guy named Lysander Spooner made a competitor to the US post office called the American Letter Mail Company, it did everything better than the USPS, faster delivery, cheaper rates, less waste, etc. but it was shut down because of the monopoly that the USPS has.

ISPs are not the same. While arguably many have monopoly status due to the fact that the government gave them massive amounts of money to "modernize" the US, there is nothing preventing me from starting a better, more privacy friendly ISP aside from the startup costs.

Re:USPS (2)

SuricouRaven (1897204) | about 2 years ago | (#40585327)

Big startup costs. Unlike in Europe where our regulators can to some extent compel it, no existing ISP is going to let you use their cables - so you'd have to get roads dug up and cable laid. After which you are left competing with an incumbant, so you're already at a disadvantage: Switching ISPs is a hastle, and people already on the established provider will need a very compelling reason. You are free to start up your own ISP - but only a fool would invest in it.

Re:USPS (1)

sqrt(2) (786011) | about 2 years ago | (#40585699)

The difference is the USPS is a government sponsored monopoly where legally you cannot compete with them.

Are you forgetting about UPS, FedEx, DHL, and within large cities, numerous small courier services?

Re:USPS (1)

bobbutts (927504) | about 2 years ago | (#40585815)

Here's some research from the USPS Wikipedia Article [wikipedia.org] :

"The USPS has exclusive access to letter boxes marked "U.S. Mail" and personal letterboxes in the United States, but still competes against private package delivery services, such as UPS and FedEx."

"Due to the postal monopoly, they are not allowed to deliver non-urgent letters and may not directly ship to U.S. Mail boxes at residential and commercial destinations. However both companies have transit agreements with the USPS in which an item can be dropped off with either FedEx or UPS who will then provide shipment up to the destination post office serving the intended recipient where it will be transferred for delivery to the U.S. Mail destination, including Post Office Box destinations."

"Many of the thousands of courier companies focus on same-day delivery, for example, by bicycle messenger."

Re:USPS (1)

sqrt(2) (786011) | about 2 years ago | (#40587273)

So as long as they're not tampering with US Government property (mailboxes) you are allowed to run a competing mail services. The government went through the trouble of setting up and paying for all those mailboxes with taxes, so the government mail system gets exclusive use of them. Seems fair to me.

Re:USPS (1)

Jane Q. Public (1010737) | about 2 years ago | (#40585829)

I am familiar with the Spooner situation. (And just as an aside, I think everybody should read Spooner's essay, "Vices Are Not Crimes.)

However, there is an issue here:

"... there is nothing preventing me from starting a better, more privacy friendly ISP aside from the startup costs."

Yes, there is. In my town, the City Council is required every year to evaluate and vote on service providers. And every year, so far, they have voted to NOT allow competition in the cable business, because (so they say) of problems with overhead cabling (telephone poles, etc.).

Clearly their reasoning is bullshit, and they are just engaging in Crony Capitalism (which is not real capitalism at all). Nevertheless, so far they have managed to get away with it, and the only alternatives to the one cable company are DSL, which is inferior, and satellite, which has high latency.

As a result, in this community we CAN get good cable service, but it probably costs about 3 times what it should. Bandwidth has been getting ever cheaper for the ISPs, but they have been steadily increasing their prices. There is no correlation between their cost, and their prices.

Re:USPS (1)

westlake (615356) | about 2 years ago | (#40586485)

The difference is the USPS is a government sponsored monopoly where legally you cannot compete with them.

The U.S. mail box is protected.

It was one way our town was able to fight back against the distribution of poison pen letters and cobbled together tabloid news sheets by a corrupt and vicious faction that taken control of our local school board ---

a faction too clever to be caught paying postage, but not quite clever enough to avoid being spotted on the road.

For a courier service, cherry-picking the big metro markets has always been easy and profitable. Universal postal service --- affordable flat rate delivery anywhere in the fifty states and territories --- is a very different beast.

Re:USPS (0)

Anonymous Coward | about 2 years ago | (#40586611)

So I got modded down - whoosh!

UK has beaten USA to it (1)

Wowsers (1151731) | about 2 years ago | (#40585203)

The UK is leading the charge once again in destroying freedom and democracy http://www.channel4.com/news/black-boxes-to-monitor-all-internet-and-phone-data [channel4.com] , with their plan to install "black boxes" in all internet providers.. it's for your protection you see, so many nasty terrorists out there http://www.dailymail.co.uk/news/article-2134333/Why-allowed-spy-Facebook-Twitter-Whitehall-intelligence-chief.html [dailymail.co.uk] If you don't allow your internet connection to be spied up, you'll be killed....do you want that? http://www.dailymail.co.uk/news/article-2159041/Snoopers-Charter-matter-life-death-says-Met-Police-chief-Home-Secretary-unveils-plans-monitor-website-use.html [dailymail.co.uk]

The UK already said they will allow access to the information to the USA and to Brussles (EU). Think of all the other crooks, I mean corporations that could do with this information. See, now YOU have to PAY the corporations to prove you're innocent...... http://www.bbc.co.uk/news/technology-18594105 [bbc.co.uk]

Hmm (0)

MacGyver2210 (1053110) | about 2 years ago | (#40585241)

What is this future tense bullshit? They already do. If they didn't spy on you, how would they know what you were browsing/downloading to issue the 'strikes' now available to them?

Re:Hmm (0)

Anonymous Coward | about 2 years ago | (#40585331)

They don't in fact; media companies hire third parties to scrape bittorrent swarms and if you're stupid enough to be in one of their swarms then you'll get a letter from your ISP because those companies say they caught your IP address sharing their content at whatever time. ISP's know it's you because of DHCP addressing databases.

Re:Hmm (1)

SuricouRaven (1897204) | about 2 years ago | (#40585341)

They depend on external monitoring companies, which in turn are hired by the copyright holders.

1. Copyright holder hires investigator company.
2. Investigator company finds some infringers (Easily done)
3. Investigator company contacts infringer's ISP on copyright holder's behalf.
4. ISP looks through their logs to see who had the specified IP at the specified time.
5. Strike.

Re:Hmm (0)

Anonymous Coward | about 2 years ago | (#40585721)

which in turn are hired by the copyright holders

Sounds trustworthy. I can only hope all the 'evidence' they present is discarded... but then again, all they do is blackmail people.

Re:Hmm (1)

Jane Q. Public (1010737) | about 2 years ago | (#40585759)

Which amounts to allowing a third party to interfere in my private contract, without my consent... which is very much against the most basic contract law.

Wheres the beef? (2, Interesting)

WaffleMonster (969671) | about 2 years ago | (#40585399)

The CNN link is an opinion piece where the author dreams up a scenario of ISP content inspection not supported by any external evidence.

I can sit on my lazy ass all day and dream shit up too. This does not mean I should be expected to be taken seriously.

Where is the actual evidence this is being implemented or even seriously contemplated by any stakeholder?

In the interim I'm just going to sit back and wait for the lawsuits to start flying against ISPs for cutting off their paying customers without due process.

Deep Packet Inspection Is Illegal (1)

Jane Q. Public (1010737) | about 2 years ago | (#40585679)

Has everybody somehow forgotten the ruling of several years ago? Comcast was forced by the government to stop its deep packet inspection that it used for throttling traffic.

If it goes that route again, it's just going to get slapped down again.

Re:Deep Packet Inspection Is Illegal (1)

nurb432 (527695) | about 2 years ago | (#40585775)

Its a different situation, one the feds approve of, due to the mass payoffs ( err, donations ) of the *AAs.

Re:Deep Packet Inspection Is Illegal (0)

Jane Q. Public (1010737) | about 2 years ago | (#40585949)

"Its a different situation, one the feds approve of, due to the mass payoffs ( err, donations ) of the *AAs."

Yes, it's a different situation, but that does not change the law. Deep packet inspection is illegal. It doesn't matter WHY you are doing it, unless it's called for by a judicial warrant.

Re:Deep Packet Inspection Is Illegal (1)

Jane Q. Public (1010737) | about 2 years ago | (#40587489)

Funny how often I have gotten modded "over-rated" or sometimes "troll", and then received a reply to by a certain Anonymous Coward.

Hint, guy: You aren't as anonymous as you seem to think.

Tax avoiders in time of war (0)

Anonymous Coward | about 2 years ago | (#40586033)

The RIAA & MPAA use offshore accounts to avoid paying taxes in time of war.

The RIAA & MPAA use some of the same banks that drug dealers, terrorists and Mitt Romney uses.

They have been found guilty of bribing police in the US and Sweden. They have also been exposed for improper payments to congressmen and judges (unrealistic advances on meritless songs, books and scripts).

The people that run them should be proscribed as threats to national security.

Sliding scale (1)

CanEHdian (1098955) | about 2 years ago | (#40586935)

To those who think that it's not all that bad and it's just voluntary, etc. etc.: this is a sliding scale. This is how it starts. Just sending a few notices to naughty customers. It will end in full-blown surveillance: deep packet inspection and anything that smells like encryption to other-than-whitelisted-approved-sites will be dropped.

ISPs Spy On US 24/7/365-6 (0)

Anonymous Coward | about 2 years ago | (#40587167)

The ISPers are already creating databases on each user in order to cash-in when the US Federal Government wants detailed information.

Thank the line of Presidents of the USA (starting with Nixon and ending with Obama, mostly Obama by the way) for that bit of naughty-naughty.

Strange that Nixon and Obama are ... Book Ends!

LoL

What's the workaround? (0)

Anonymous Coward | about 2 years ago | (#40587427)

posting AC for obvious reasons...

The privacy/security environment is getting more complex every day. What's a person who is not at the cutting edge of computer privacy.security technology supposed to do if he/she wants to (while located in the USA):

  search the Web anonymously;
  send/receive email anonymously;
  post a comment to a discussion anonymously?

I get the feeling that it's no longer possible to do these things unless you have pretty much full time to devote to the effort. I can't be the only one in the world who wants a measure of privacy that governments and corporations are increasingly unwilling to tolerate. It isn't that I'm not smart - I solve very complex engineering and scientific problems for a living, I follow infosec discussions and sites to the extent that my life and duties permit, but I no longer feel I understand, nor as a practical matter, *can* understand the details and complexities of staying in the dark while continuing to seek information.

And it has made a difference in what I look for on the Web - I no longer search on topics that have extreme political valence here in the US, because I don't trust my ISP or search engine not to dump my search history to HSA or NSA or other such agencies that have the power to put me on a no-fly list, imprison me without a warrant, etc. This makes me less informed, and a poorer citizen and asset to my nation.

So what's available to those of us who want a modicum of privacy because we want to learn about the world without gratuitous retribution? Tor? Truecrypt? Anon proxies? Or is it just hopeless, Citizen?

CALEA applies to Internet communication. (1)

nhtuyenbk (2679691) | about 2 years ago | (#40587493)

At that point they'd have to start doing inspection to make sure all 80 traffic looks like http. That would even get somewhat more complicated if the SSL port were used. Its game over once people implement local stub DNS resolvers that actually call a web service somewhere over https to do queries.cong ty dich vu bao ve [baoveviettien.vn] hanh tinh cung cap dich vu bao ve [baoveviettien.vn] chuyen nghiep, Cong ty bao ve [planetsecurity.vn] dia diem ngan hang, cong trinh, co quan, van phong, biet thu, nha rieng, van chuyen tien, tai san, tu diem ca nhac, giai tri

Tor Discussion Forums (1)

Anonymous Coward | about 2 years ago | (#40587709)

We need an official Tor discussion forum.

I didn't see this issue mentioned in Roger's *latest* notes post, so for now, mature adults should visit and post at one or both of these unofficial tor discussion forums, these tinyurl's will take you to:

** HackBB:
http://www.tinyurl.com/hackbbonion [tinyurl.com]

** Onion Forum 2.0
http://www.tinyurl.com/onionforum2 [tinyurl.com]

Each tinyurl link will take you to a hidden service discussion forum. Tor is required to visit these links, even though they appear to be on the open web, they will lead you to .onion sites.

I know the Tor developers can do better, but how many years are we to wait?

Caution: some topics may be disturbing. You should be eighteen years or older. I recommend you disable images in your browser when viewing these two forums[1] and only enabling them if you are posting a message, but still be careful! Disable javascript and cookies, too.

If you prefer to visit the hidden services directly, bypassing the tinyurl service:

HackBB: (directly)
http://clsvtzwzdgzkjda7.onion/ [clsvtzwzdgzkjda7.onion]

Onion Forum 2.0: (directly)
http://65bgvta7yos3sce5.onion/ [65bgvta7yos3sce5.onion]

The tinyurl links are provided as a simple means of memorizing the hidden services via a link shortening service (tinyurl.com).

[1]: Because any content can be posted! Think 4chan, for example. onionforum2 doesn't appear to be heavily moderated so be aware and take precautions.

Switzerland Network Testing Tool (1)

Anonymous Coward | about 2 years ago | (#40587787)

* https://www.eff.org/pages/switzerland-network-testing-tool [eff.org]
* https://www.eff.org/testyourisp [eff.org]

Switzerland Network Testing Tool

"Is your ISP interfering with your BitTorrent connections? Cutting off your VOIP calls? Undermining the principles of network neutrality? In order to answer those questions, concerned Internet users need tools to test their Internet connections and gather evidence about ISP interference practices. After all, if it weren't for the testing efforts of Rob Topolski, the Associated Press, and EFF, Comcast would still be stone-walling about their now-infamous BitTorrent blocking efforts.

Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets.

You can download the latest release of Switzerland here. Before you run Switzerland, be sure to check out the notes about privacy, security, and firewalls. Switzerland is currently in alpha release as a command line tool. In other words, right now it is aimed at relatively sophisticated users. However, because it's an open source effort, we anticipate making it easier to use over time (please please please let us know by email, by IRC, or by filing bugsif you're running the client but it isn't working for you â" we've seen some clients reconnecting in cycles that makes us think there's a bug we should fix!).

Switzerland is designed to detect the modification or injection of packets of data traveling over IP networks, including those introduced by anti-P2P tools from Sandvine (widely believed to be used by Comcast to interfere with BitTorrent uploads) and AudibleMagic, advertising injection systems like FairEagle, censorship systems like the Great Firewall of China, and other systems that we don't know about yet.

The software uses a semi-P2P, server-and-many-clients architecture. Whenever the clients send packets to each other, the server will attempt to determine if any of them were dropped, forged, or modified (if you're interested in how it does that, you can read the design document here â" we'll try to continually revise that document so that it accurately describes the code, though inevitably it may lag a little behind). Switzerland is a much more sophisticated successor to the pcapdiff software that we released last year. It automates many of the things that had to be done by hand with the earlier code.

One advantage this architecture has over other network testing toolsis that it can spot arbitrary kinds of packet modifications in any protocol â" it doesn't assume that the interference comes in the form of TCP reset packets or web page modifications, and it isn't limited to BitTorrent or any other specific application. In the future we expect it to offer a good platform for collecting statistics on bandwidth, bidirectional latency, jitter and other traffic performance characteristics that might be signs of prioritization of some applications over others.

How do I run tests with Switzerland?

There are a few different ways to run tests with Switzerland. Any packets exchanged between Switzerland clients connected to the same server will be tested automatically. The question is, how do you find other clients and talk to them using the protocols you want to test? For now, the easiest way to set up tests is to co-ordinate them through this wiki page.

If you want to test whether BitTorrent downloads are working correctly, go to that page and find some torrents that others are seeding from test machines. If you want to test if your ISP is interfering with BitTorrent seeding, you can post a link to a torrent file on the wiki, seed that torrent while running a Switzerland client and other people can find it on the wiki and try to download it while running a Switzerland client.

Another way is to run clients on two different computers, and then make the machines talk to each other using whatever protocol you'd like to test. That's fine if you have administrator accounts on two suitable machines for running the test, and are comfortable running the right clients and servers on them. If you're a developer working on an application (say a P2P or IP telephony app) that might be a target for interference, you could automate one of the above methodologies.
Development

Switzerland is free/open source software licensed under the GPL. We'd love for members of the community to improve it! Switzerland development is currently hosted by Sourceforge, and you can check out a development release using subversion (running svn co https://switzerland.svn.sourceforge.net/svnroot/switzerland/ [sourceforge.net] will get you the whole development tree). You can join the project's development mailing list here (if we're around, you can also ask questions on IRC â" #switzerland on the OFTC IRC network, irc.oftc.net:6667 )."

- http://www.eff.org/deeplinks/2007/10/eff-tests-agree-ap-comcast-forging-packets-to-interfere [eff.org]
- https://sourceforge.net/project/showfiles.php?group_id=233013 [sourceforge.net]
- https://www.eff.org/pages/switzerland/privacy [eff.org]
- https://www.eff.org/pages/switzerland/security [eff.org]
- https://www.eff.org/pages/switzerland/firewalls [eff.org]
- pde@eff.org
- https://www.eff.org/pages/switzerland-network-testing-tool#development [eff.org]
- https://sourceforge.net/tracker/?atid=1088569&group_id=233013&func=browse [sourceforge.net]
- http://switzerland.svn.sourceforge.net/viewvc/switzerland/trunk/doc/design.pdf [sourceforge.net]
- https://www.eff.org/pages/pcapdiff [eff.org]
- http://www.eff.org/testyourisp#projects [eff.org]
- http://switzerland.wiki.sourceforge.net/tests [sourceforge.net]
- https://falcon.eff.org/mailman/listinfo/switzerland-devel [eff.org]

Is that a question? (1)

DocSparkle (1519777) | about 2 years ago | (#40588063)

But seriously, I think you mean "even more than they are currently FORCED to do?" ISPs are currently forced by law in many countries to keep certain records of their clients and to monitor certain content. This is only going to increase, not decrease. And in the US there is the "Patriot Act" which says "All your base is belong to us." So what was the question again?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...