VM to monitor File Sharing

[Ignitionnet]

Quote:

Originally Posted by mrmistoffelees

Replace inspecting traffic, randomizing user data for the purpose of targeted ads, with deep packet inspection, randomizing data for the purpose of targeting filesharing traffic and yes, it's exactly like phorm

I see, so they're going to be intercepting my file sharing traffic and replacing it with other things exactly like Phorm, yes?

Randomising data, why would they randomise data that they don't even need to record?

Again according to your definition every use of DPI to shape or monitor traffic is 'exactly like Phorm'. In which case you'd best get on to the courts over the list of ISPs I mentioned above, amongst others, who use DPI to both monitor and enforce traffic.

I appreciate this is an emotive subject but I think the tin foil hats are coming out a bit too easily and a healthy dose of 'wait and see' might be needed here. ISPs have always had the ability to examine our traffic since the beginning of time, if they say that they aren't going to hold personally identifiable data and do not do so I'm good with that. Recording traffic patterns has happened on the VM network for years anyway.

EDIT: Quick link as a reminder: http://www.cableforum.co.uk/board/34648943-post355.html

[Welshchris]

Quote:

Originally Posted by popper

Yes, how could it not be the case...

you need to realise to put this into functional operation they will NEED to funnel any and all of Your data flows through these Deep Packet Interception kit they put in place to actively monitor any and all of your potential or alleged criminal and civil acts of copyright abuse for their reports to the 3rd partys to make profits from the cash demands for enumeration of lost sales etc...

I just wonder how many ISPs may introduce this and if anyones personal data will go amiss by people inside the companys possibly.

Also the 40% of the network i would assume would be those that are nutorious for oversubscription due to heavy downloaders as this would be the obvious choice.

[Milambar]

I'm sorry, but I have to do this. Feel free to infraction me or something.

While nobody appears to be actually flaming yet, the popcorn part is appropriate, this is probably going to be an entertaining thread.

Just a comment:

Quote:

I appreciate this is an emotive subject but I think the tin foil hats are coming out a bit too easily and a healthy dose of 'wait and see' might be needed here.

The problem with "wait and see" approaches, is that the longer we wait, in order to see, the more entrenched the ISP becomes, and therefore the harder it is to get them to reverse the decisions, if the "see" part does reveal badness.

[warescouse]

Quote:

Originally Posted by Broadbandings

If you'd care to bring a test case into the courts on those ISPs who are engaging in this 'data interception of communication traffic without a warrant' specifically those ISPs using DPI equipment to identify and shape certain traffic then this would be interesting.
...
snip

I take it you are not offering to finance me

Not being a great down-loader of copious amounts of data (apart from the odd Linux distro) I personally have nothing against traffic shaping. If I was affected greatly by shaping I would leave VM on the strength of being affected.

The problem I have with the CView product is that it is capable of a lot more than just counting traffic flow types. BT have shown they cannot be trusted to look after their broadband customers in an open and honest way so if you cannot trust BT as an ISP who can you trust? (Yes, I am aware of a recent trust award)

This whole thing in my opinion is a charade to allow this government the facility of blanket spying on the whole of the UK internet without a warrant. Just like the way Councils misused RIPA to spy on dogs fouling pavements and kids parents being followed from their school of choice, so will this be abused similarly by those in power!

If the music industry want to stop ILLEGAL filesharing the answer in my mind is stop being so greedy and reduce prices. As stated previous, they are using a sledgehammer to crack a nut if we believe the spin as to why they are trialing this.

[popper]

Quote:

Originally Posted by Broadbandings

Those false positives are probably about the only thing keeping us from the copyright police for now!

Thanks - good to have a reasoned discussion about a potentially very emotive subject.

EDIT: One good thing about it of course is that Beyonce and all the rest of the 'R'n'B' crew will make it a nightmare for the equipment to identify infringing tracks given how similar they all sound and the amount of recycling of samples, etc, they do



For sure by definition it's interception however I'm kinda stretching dictionary definitions a bit.

From the wider definition of 'interception' every network node 'intercepts' traffic in order to make a routing decision based on it, or an ISP recording how much traffic customers are passing must be using some interception even if it's counters on a router, the router is intercepting the data stream in order to have visibility of how many packets it's routing to an IP address.

I prefer to consider a data flow as 'inspected' as opposed to 'intercepted' when the contents or headers are used to make an automated decision on an action. I would prefer to reduce 'interception' to manual analysis, data stream reconstruction and source / destination analysis with a view to identifying persons on either side.

Remember we have such things as Arbor's Netflow and Peakflow analysis equipment, would this be considered interception, as the equipment is fed a sample of a data stream and analyses it?

It's a blurry line. Dealing with dictionary definitions every single bit of data going through every ISP is intercepted else it just wouldn't go anywhere.

you have already pointed out the legal definition of safe and protected interception without realising it ..perhaps.

"when the [not legal]contents or [is legal]headers are used to make an automated decision on an action."

given the Interweb was formed and the initiated the laws clearly protect the use of the 'header packet' to be intercepted collected ,then processed and used for routing to its destination....


the safe harbour legal agreements also protect the provider of the service to use all header data flows IF, and Only If, you use that collected data to route from point A to point B etc as part of the contract obligations and/or use for internal management and billing of the customer account While they are still under a legal and valid consumer contract with the provider.....and no longer than that contract term.

anything intercepted bythe provider outside these Normal business dutys for the purpose of fulfilling the contract ,is deemed legally off limits without the court order, or the express and informed permission of the other party I.e the consumer....

in all of this, at no point is looking at the actual second part of this ,the 'contents' is allowed any more than opening up the royal mail post and looking inside is legally allowed without authority....

for a provider of electronic services to do any form of interception outside the header and actually perform the act of interception on the actual data packets is illigal, as they are deemed private just as much as the actual letter in the royal mail.

now the points you raise regarding "Arbor's Netflow and Peakflow analysis equipment" are interesting.

perhaps these actions are indeed interception outside the purposes of the contract...., but the real question not asked is: do we care ? in this one instance!

and do we get a return of our investment in better sevices for allowing this infringing action to take place as one example?

do they also infringe on copyrights for their profits, and/or allow 3rd partys to profit from the data collected , if they do we might care and so put them in the same boat as 'DPI for profit'... or we may be happy to let it slide, as it might not effect our outgoings, lower bills or profits returned to us in some way.... as long as it stays inside the company we are contracted with for services, VM in this case OC.

---------- Post added at 16:05 ---------- Previous post was at 15:29 ----------

Quote:

Originally Posted by Stuart C

The government have stated that RIPA only covers public authorities. It does not cover actions by private companies. The directive upon which it is based, however, is a different matter, and I believe the EU are taking legal action against our government..

actually , they said a lot of wrong things then steped away them later refering to them as a Home office 'View' Only....,refering to the courts as the arbiters of RIPA and related case law.

but as is perfectly clear, RIPA does actually clearly cover All interception breaches, Not just public authorities, or else the likes of the 'stanford' RIPA case law would not exist today, were he and another were convicted under RIPA for interception of electronic data offences etc... did you forget that stanford case ?

[Stuart]

Quote:

Originally Posted by popper

actually , they said a lot of things then steped away them later, but as is perfectly clear, RIPA does actually clearly cover All interception breaches, Not just public authorities, or else the likes of the 'stanford' RIPA case law would not exist today, were he and another were convicted under RIPA for interception of electronic data offences etc... did you forget that stanford case ?

I am not a lawyer. I am also not stating that RIPA does not apply (although you appear to think I am). I said the government stated it did not apply to private companies. The EU would appear to agree, as it is one of the things they highlight in their potential legal action against UK Gov, as the directive that RIPA is based on does not discriminate between public interception and private interception...

[popper]

Quote:

Originally Posted by Stuart C

I am not a lawyer. I am also not stating that RIPA does not apply (although you appear to think I am). I said the government stated it did not apply to private companies. The EU would appear to agree, as it is one of the things they highlight in their potential legal action against UK Gov, as the directive that RIPA is based on does not discriminate between public interception and private interception...

sure , but i thought you would remember the stanford RIPA case you commented and replyed on it at the time of the phorm thread several times i seem to remember...

"The EU would appear to agree" indeed, thats due to the people (in the other place NoDPI, not the houses OP )pointing out to vivien in the EU that same stanford case, related case law, and FOI replys etc that were uncovered in the phorm storm and beyond...

[Ignitionnet]

Not going to answer you in depth popper but again if there are laws against what VM are doing they would also render any use of DPI equipment to snoop inside the payloads of packets illegal.... and I haven't seen any cases brought to bear against any ISPs using this kit by anyone and Europe doesn't appear interested.

Storm, tea cup. ntl have monitored for years. UK government is demanding a reduction in copyright breaking and file sharing, one would imagine that this would require some method of monitoring such sharing.

Still, again, you can bring a lawsuit if you are confident, personally I don't think any of us here are remotely qualified to claim illegality and I'm just running with the common sense view that uk.gov and VM have some rather well paid legal types who've signed off on these things, especially given uk.gov are apparently going to pay some of the cost of this monitoring for ISPs when it becomes law.

---------- Post added at 16:30 ---------- Previous post was at 16:23 ----------

Quote:

Originally Posted by warescouse

This whole thing in my opinion is a charade to allow this government the facility of blanket spying on the whole of the UK internet without a warrant. Just like the way Councils misused RIPA to spy on dogs fouling pavements and kids parents being followed from their school of choice, so will this be abused similarly by those in power!

Err just what does Virgin doing this have to do with government monitoring of the Internet? Last time I checked Virgin Media are not 'those in power' and if the government want to monitor VM's network, which they already can via existing lawful intercept, they are hardly going to do a trial on 40% of it under the guise of monitoring piracy, they're going to have staff sign the official secrets act and supply the interconnects to their racks. You've really never been involved in anything to do with RIPA or lawful intercept, have you? It really isn't broadcast when equipment is going live.

[|Kippa|]

Just curious would encrypted ftp still be counted in as p2p activity?

[Ignitionnet]

Quote:

Originally Posted by |Kippa|

Just curious would encrypted ftp still be counted in as p2p activity?

Who knows what will count, doubt VM themselves do fully yet. Seems unlikely FTP would though so the fxp boards are probably going to be free from profiling.

[popper]

apparently any 'criminal' breach needs to go through and be initiated by the CPS as we discovered when Alexander (Hanff) make the criminal interception case report against BT and Phorm...

so it could happen in the future once they start this and the wireshark man in the middle interception evidence between a private client and server etc is collected perhaps..

[Ignitionnet]

What interception evidence? It's apparently just monitoring it's not changing anything so what 'evidence' exactly are you expecting to see? They've said what they are going to do which surely if it's illegal amounts to a confession, and I trust that Mr Hanff will be down his local police station promptly to defend our civil liberties and make the world a better place.

I must confess a certain disinterest in NoDPI as I do a lot of campaigns run by zealots, I find a more balanced viewpoint to be a more fulfilling one. So long as Virgin aren't personally identifying people I really don't see the problem it's quite different from diddling with people's web pages a la Phorm and the longer term alternatives aren't pleasant. Fixed caps, some usage based billing, STM on all tiers, sounds great.

Oh yeah and I forgot the government having people punted off the network due to not being happy with VM not doing anything thanks to Mssrs Hanff and co feeling violated. I would far prefer it's kept in house and away from the government doing it thanks.

[Sirius]

Sorry but the way i look at this is that they will introduce this first followed by a phorm like service to pay for this kit and the upgrades for its next levels of usage.

This will have a large amount of function creep allowed for and already envisaged.

They have taken one from behind by the Government and the bpi on this.

[popper]

well a 'confession' without proof, still deserves the Innocent until Proven Guilty stance for any reasonable person, at least in my book, to be fair.

as for what proof, If Any...., well thats to be determind i suppose , what proof might there be with the use of DPI kit, does anyone know as yet! its an interesting question...

[Sirius]

Quote:

Originally Posted by Broadbandings

I really don't see the problem it's quite different from diddling with people's web pages a la Phorm and the longer term alternatives aren't pleasant.

.

Just watch out for the function creep that is VM, You only have to look at STM to see how much they will change this in a short length of time.

Also will the use of a cloned modem affect this in any way, And if it does are the cloned modems users getting off Scot free again ???: