Linked by Thom Holwerda on Thu 15th Mar 2012 22:06 UTC
Legal "If you download potentially copyrighted software, videos or music, your Internet service provider has been watching, and they're coming for you. Specifically, they're coming for you on Thursday, July 12. That's the date when the nation's largest ISPs will all voluntarily implement a new anti-piracy plan that will engage network operators in the largest digital spying scheme in history, and see some users' bandwidth completely cut off until they sign an agreement saying they will not download copyrighted materials." One day, years from now, historians are going to debate whether this was the point of no return.
Order by: Score:
Copyrighted software
by Nth_Man on Thu 15th Mar 2012 22:37 UTC
Nth_Man
Member since:
2010-05-16

If you download potentially copyrighted software

I've downloaded really copyrighted software. And I plan to keep doing it :-). I've even published copyrighted software of my own and I like that people copy it. That's why licenses like GPL exist. :-)

Reply Score: 19

Warnings
by WorknMan on Thu 15th Mar 2012 23:13 UTC
WorknMan
Member since:
2005-11-13

I think the warnings are a good idea in theory; it's just the ISP letting you know that "Hey, somebody is downloading copyrighted content from your IP address." At least then if you really are innocent/didn't know what you were doing, it's better than your first warning being a lawsuit from the content industry. On the other hand, I would hope that they'd give you at least one warning before throttling your bandwidth.

As for ISPs spying on you, unless you're using some sort of encryption, everything you do online is public anyway. It's like going to a shopping mall and bitching that there's security cameras watching you.

Reply Score: 1

RE: Warnings
by Lennie on Thu 15th Mar 2012 23:18 UTC in reply to "Warnings"
Lennie Member since:
2007-09-22

Actually, I do bitch about the security cameras, not so much on private property, but mostly in public, like in the streets.

For me it is a reason not to go to London for example.

It is a matter of principle.

Reply Score: 6

RE: Warnings
by Soulbender on Fri 16th Mar 2012 03:45 UTC in reply to "Warnings"
Soulbender Member since:
2005-08-18

"Hey, somebody is downloading copyrighted content from your IP address."


It's not illegal to download copyrighted material, it all depends on the license of that material.
The logistics for figuring out if what you're downloading is illegal and violating someone's copyright is rather involving, at the ISP level.
* They'll have to capture enough packets to find out exactly what it is.
* They'll have to find out what license this material is under.
* They'll have to find out if you're allowed to download this or not. For example, maybe you purchased a legal copy that is distributed via BitTorrent.

Of course, they'll probably just wing it and do something like considering all torrent downloads illegal.

Reply Score: 10

RE[2]: Warnings
by Alfman on Fri 16th Mar 2012 06:43 UTC in reply to "RE: Warnings"
Alfman Member since:
2011-01-28

I'm not sure what level of invasiveness they'll be allowed to use. It may be "only" monitoring traffic passively. (I say "only" here with great hesitation, can't believe we're living through an age when corporate spying on private communications is legal and acceptable). If it is passive, then encryption will be 100% safe against it.

On the other hand, if they're going to add participating nodes and tamper with packets to perform man in the middle attacks, then unauthenticated P2P encryption is useless since a client cannot know whether it's communicating to a real peer or the ISP's spy proxy. To resolve this, peers would need to authenticate using out of band (non-p2p) mechanisms. Conceivably centralized services could provide that authentication, but then there'd be little stopping the spies themselves from being authenticated.

On the other hand, tor proxies and the like do provide plausible deniability. I do wonder if tor users will have their internet service shut down on account of third party activities? If so, people using tor for perfectly legal private communications might be effectively prohibited keeping their traffic private in the future.

Reply Score: 2

RE[3]: Warnings
by Soulbender on Sat 17th Mar 2012 03:57 UTC in reply to "RE[2]: Warnings"
Soulbender Member since:
2005-08-18

if they're going to add participating nodes and tamper with packets to perform man in the middle attacks


Hmm...you are right. I thought the torrent p2p encryption was better than it apparently is. It's just a fancy way to obfuscate the traffic.

On the other hand, tor proxies and the like do provide plausible deniability.


I'm just waiting for the MPAA/RIAA mafia to lobby for making encryption illegal. Well, illegal for private citizens, that is.

Reply Score: 2

Even they can't be that stupid...
by shotsman on Sat 17th Mar 2012 11:06 UTC in reply to "RE[3]: Warnings"
shotsman Member since:
2005-07-22

Or can they...

If they do make use of any encryption illegal for private citizens then you can say gooby bye to

- All your online shopping
- No more On-line banking

So the likes of Amazon, Ebay and all the rest will go to the wall.

Have you ever considered how many times you use HTTPS in your normal daily activities on the internet?
It is scary.
In short they would (if they took this up) want to han all the use of HTTPS.

Nah, they can't be that stupid...

Or can they ;)

Reply Score: 3

RE[2]: Warnings
by static666 on Fri 16th Mar 2012 16:41 UTC in reply to "RE: Warnings"
static666 Member since:
2006-06-09

* They'll have to capture enough packets to find out exactly what it is.

Indeed, it can be pretty tricky to operate on individual packets. But every torrent and individual files in it have a hash advertised together by client, which is guaranteed to be rather unique. And probably, together with a couple of chunks of copyrighted data downloaded from users computer, can be enough to prove something beyond reasonable doubt or at least grant a search warrant, for example.
* They'll have to find out what license this material is under.

They probably will focus on top torrents and newly released material.
* They'll have to find out if you're allowed to download this or not. For example, maybe you purchased a legal copy that is distributed via BitTorrent.

Not, if it is a CAM or TS downloaded well before actual release to the public.

Reply Score: 1

RE: Warnings
by OSNevvs on Fri 16th Mar 2012 07:12 UTC in reply to "Warnings"
OSNevvs Member since:
2009-08-20

This was to be expected. And this is coming to Yourope as well. Countdown has started. Time to download all you want before this summer!

Reply Score: 1

encrypted network time
by bnolsen on Fri 16th Mar 2012 00:01 UTC
bnolsen
Member since:
2006-01-06

ahh what fun, no more wild west, eh?

Reply Score: 3

RE: encrypted network time
by bornagainenguin on Fri 16th Mar 2012 18:37 UTC in reply to "encrypted network time"
bornagainenguin Member since:
2005-08-07

bnolsen posted...

ahh what fun, no more wild west, eh?


What are you kidding me? All this is going to do is bring more people to encrypted networks and lead towards more people making use of darknets. Evolutionary pressure will force things more underground and make for smarter and more dangerous things because the wild west will be even more wild (wilder?) than ever before.

Worse, whereas before and currently it is easier to keep an eye on dangerous individuals as they act out in public more or less, by adding to the volume of encrypted traffic those people will be able to hide in the mass of bits generated by people looking to download the latest Bieber album. The MAFIAA has just made it that much harder for LEA and INTERPOL to track dangerous people by adding so noise to the system...

Not that this matters to them:

"Child pornography is great," the speaker at the podium [Johan Schluter] declared enthusiastically. "It is great because politicians understand child pornography. By playing that card, we can get them to act, and start blocking sites. And once they have done that, we can get them to start blocking file sharing sites".


You can read the rest of this disgusting admission over at techdirt.com:
http://www.techdirt.com/articles/20100427/1437179198.shtml

So yeah, the wild west is not gone; it's just been moved from Kansas towards Colorado and Nebraska...

--bornagainpenguin

Reply Score: 4

Comment by shmerl
by shmerl on Fri 16th Mar 2012 00:33 UTC
shmerl
Member since:
2010-06-08

So basically they don't need any SOPA and etc. to start spying on users. Is it even legal?

Reply Score: 3

RE: Comment by shmerl
by Lorin on Fri 16th Mar 2012 00:39 UTC in reply to "Comment by shmerl"
Lorin Member since:
2010-04-06

It is legal if you agree to their terms as a condition of using the service, but that can't apply to users who opened accounts already under a different set of terms.

Reply Score: 1

RE[2]: Comment by shmerl
by shmerl on Fri 16th Mar 2012 01:21 UTC in reply to "RE: Comment by shmerl"
shmerl Member since:
2010-06-08

If that's the case they usually have some tricks like "you agree that we can change the policy any time and etc.". But how far it can go isn't clear.

Reply Score: 3

RE[3]: Comment by shmerl
by Doc Pain on Fri 16th Mar 2012 09:14 UTC in reply to "RE[2]: Comment by shmerl"
Doc Pain Member since:
2006-10-08

If that's the case they usually have some tricks like "you agree that we can change the policy any time and etc.". But how far it can go isn't clear.


I'm not sure how far this idea can get in the US. Countries like Germany have laws that state what can legally be in a contract and what cannot. Remember: The thing between a user and his ISP is a contract. The content of this contract has to obey higher laws (e. g. federal law). For example, there is no way a contract that removes my human rights in exchange for ISP service can be legal. Such a clause would immediately disappear from the contract. So even if it was stated in the contract and signed by me, it would be fully meaningless, and there would be no way for the ISP to force me to give up my human rights by that contract.

Nothing that is against the law may be considered legal when agreed to in a contract. So even if you sign a contract to "allow" your ISP to decrypt your network traffic and to cancel your connection when they "think" you're "downloading potentially copyrighted software" and it's against the law, they are not allowed to do it.

Of course, that's my very individual interpretation of how a fair and educated legal system should deal with it; I'm not sure if it fits reality.

Reply Score: 4

RE[4]: Comment by shmerl
by Lorin on Fri 16th Mar 2012 09:36 UTC in reply to "RE[3]: Comment by shmerl"
Lorin Member since:
2010-04-06

The US has the same laws, you cannot surrender a right without complete and full disclosure in a way that someone with a common education can understand, otherwise they are hosed. Contracts cannot absolve anyone from a crime, wiretapping is a crime under federal and state laws without a warrant. Yes ISP's monitoring your data is wiretapping.

Reply Score: 2

RE[5]: Comment by shmerl
by shmerl on Fri 16th Mar 2012 19:12 UTC in reply to "RE[4]: Comment by shmerl"
shmerl Member since:
2010-06-08

So how can they do it then, if it's point blank illegal?

Reply Score: 2

RE[6]: Comment by shmerl
by Soulbender on Sat 17th Mar 2012 05:23 UTC in reply to "RE[5]: Comment by shmerl"
Soulbender Member since:
2005-08-18

what makes you think the fact that it is illegal would stop them from trying to do it?

Reply Score: 2

RE[7]: Comment by shmerl
by shmerl on Sun 18th Mar 2012 00:45 UTC in reply to "RE[6]: Comment by shmerl"
shmerl Member since:
2010-06-08

Fear of lawsuits? Who knows.

Reply Score: 2

VPN
by Lorin on Fri 16th Mar 2012 00:37 UTC
Lorin
Member since:
2010-04-06

Just use a VPN, while it might slow down bandwidth a bit, it will at least keep someone from spying on you. I work in China, home of the biggest firewall and spying in the world and I can get out and do as I please online, VPN's do work like a champ, but you will need one you pay for.

Reply Score: 1

Comment by ssokolow
by ssokolow on Fri 16th Mar 2012 01:08 UTC
ssokolow
Member since:
2010-01-21

I live in Canada, so we're facing a different threat, but this kind of thing is why I'm already running Firefox with HTTPS Everywhere, running Pidgin with OffTheRecord, using Tor for torrent tracker communications, forcing encryption on non-tracker torrent data, etc.

If someone wants to inspect my packets, I'm going to make them work for it.

(And the main thing I use BitTorrent for these days is Humble Bundle games and Linux LiveCD ISOs. I've bought more games off GOG.com than I know what to do with and I'd have a backlog of used novels even if I weren't enjoying the Baen Free Library... etc. etc. etc.)

Edited 2012-03-16 01:09 UTC

Reply Score: 3

Technical question about torrents
by ozonehole on Fri 16th Mar 2012 01:56 UTC
ozonehole
Member since:
2006-01-07

One thing I'm curious about. I suppose that your ISP can know that you're downloading/uploading torrents, but can they know just what you are downloading or from whom? In Ktorrent, I do see in the Configuration section a dialog box for "Use Protocol Encryption" which I have not clicked (default is to allow unencrypted connections). I thought that clicking this might eliminate most connections, but maybe it would just slow them down. If so, how much additional overhead would it entail?

There is another dialog box to "Send the tracker a custom IP address or hostname" and then you have to specify one, but I haven't enabled that feature either, and just wondering if I should (and if so, what "custom IP address" would I use).

I have thought of enabling my browser's feature to encrypt all connections for HTML, but I think that would also cause more overhead though I'm not sure how much. And I also wonder if it would really make a difference as far as my ISP's ability to spy on me. Any thoughts on this will be appreciated.

Finally, someone mentioned using a VPN, even if you have to pay for it. I might be willing to do so, but can anyone recommend any such services? And how do I enable that feature in my browser or torrents once I've paid?

And no, I'm not engaged in piracy here. But I really don't like being tracked on the Internet by anyone. To think that there is someone out there compiling my entire browsing history, not to mention other family members (we all share a single wireless router, with encryption turned on of course) is worrisome.

Edited 2012-03-16 01:57 UTC

Reply Score: 2

phoenix Member since:
2005-07-11

In Ktorrent, I do see in the Configuration section a dialog box for "Use Protocol Encryption" which I have not clicked (default is to allow unencrypted connections). I thought that clicking this might eliminate most connections, but maybe it would just slow them down. If so, how much additional overhead would it entail?


None that you would notice nowadays. A few years ago, encrypted connections would have been few and far between. But most torrent clients default to allowing both (encrypted and plain-text). With only 2 torrents running, I'm getting over 300 KBps (~2.4 Mbps) with just encrypted connections.

I have thought of enabling my browser's feature to encrypt all connections for HTML, but I think that would also cause more overhead though I'm not sure how much.


Unless you have an ancient P2 system, you won't notice. CPUs now are mostly idle. Adding 1-5% extra CPU processing is nothing.

And I also wonder if it would really make a difference as far as my ISP's ability to spy on me. Any thoughts on this will be appreciated.


They'll be able to see your DNS requests, so they'll know which sites you're going to, but they won't know what you are doing on those sites.

Finally, someone mentioned using a VPN, even if you have to pay for it. I might be willing to do so, but can anyone recommend any such services? And how do I enable that feature in my browser or torrents once I've paid?


You don't "enable it in the browser or torrents". You change your default route (default gateway) to be the VPN IP instead of your ISP. Then all traffic (browser, torrent, *everything*) goes through the encrypted link. They won't even be able to see your DNS requests.

Reply Score: 2

bornagainenguin Member since:
2005-08-07

Lorin baited...

I have used HideMyAss, works very good and very noob friendly


Ummm yeah...somehow you missed this piece of news?

http://arstechnica.com/tech-policy/news/2011/09/fbi-arrests-lulzsec...

The FBI has announced that it has arrested LulzSec member Cody Kretsinger, 23, of Phoenix, Arizona, known as "recursion," charging him with conspiracy and the unauthorized impairment of a protected computer.

Kretsinger is accused of using SQL injection attacks to obtain confidential information from the systems of Sony Pictures Entertainment. Kretsinger and his co-conspirators are then claimed to have disseminated the stolen information via the LulzSec Web site, and publicized it on Twitter. The FBI also asserts that Kretsinger wiped his hard disk in order to avoid detection by law enforcement.

To hide his identity when performing the attack, the FBI claims that Kretsinger used VPN service HideMyAss.com. In spite of this, activity was traced to an address in Arizona.


I'm afraid you're operating under a false sense of security here, or worse encouraging others to get themselves trapped...

--bornagainpenguin

Reply Score: 3

Soulbender Member since:
2005-08-18

Uh...wait. The awesome hackers in lulzsec used hidemyass? Wow, they're even less competent than I thought.

Reply Score: 2

bornagainenguin Member since:
2005-08-07

Soulbender exclaimed...

Uh...wait. The awesome hackers in lulzsec used hidemyass? Wow, they're even less competent than I thought.


Well that's what the FBI said at the time, now that we're discovering that Sabu was working for them, it's hard to separate the misinformation and the lies from the truth.Of course since the company itself stepped forward and admitted to having handed over logs to the FBI, it's hard to consider them trustworthy again, even if it turned out it was all Sabu and no logs from hidemyass.com were actually used...

Here's their blog post on the subject:
http://blog.hidemyass.com/2011/09/23/lulzsec-fiasco/

Personally I've always thought the whole SONY hacking event said more about the state of SONY's security than it ever did about the skills of the hackers involved. SONY was riding high on a false sense of security prowess simply because by allowing Linux to be installed on the Playstation 3 at all it kept anyone from probing too hard at the security of the company or its products. Once they removed the ability to run OtherOS or customers would be unable to continue using their systems to the fullest, they waved a red flag in the face of the bull and removed any reasons for restraint on the part of the hackers. The speed at which the PlayStation 3 was then hacked should have been a lesson.

Instead SONY now continues to play whack-a-mole...

--bornagainpenguin

Reply Score: 2

Soulbender Member since:
2005-08-18

Of course since the company itself stepped forward and admitted to having handed over logs to the FBI, it's hard to consider them trustworthy again


You can't run a business anywhere and not comply with the law. Maybe you could argue that they should have fought this but on the other hand, it's the moron scriptkiddies in lulzsec we're talking about and they need to be taught a lesson.

Reply Score: 2

bornagainenguin Member since:
2005-08-07

Soulbender declared...

Of course since the company itself stepped forward and admitted to having handed over logs to the FBI, it's hard to consider them trustworthy again

You can't run a business anywhere and not comply with the law. Maybe you could argue that they should have fought this[...]


Well no, not fought it per say...the logs should have been automatically trashed at the end of each business day or at some random interval. Anything else defeats the purpose of having a VPN tunnel in the first place. Certainly they shouldn't be allowed to advertise their services as secure or private...

Soulbender declared...
[...]but on the other hand, it's the moron scriptkiddies in lulzsec we're talking about and they need to be taught a lesson.


What does the fact hidemyass.com was used by lulzsec have to do with anything? Are you seriously making the argument that only those with whom you agree with should have the right to protest on the internet? Or that only those whom you personally find agreeable should have the right to be secure and have privacy?

--bornagainpenguin

Reply Score: 2

Soulbender Member since:
2005-08-18

I suppose that your ISP can know that you're downloading/uploading torrents, but can they know just what you are downloading or from whom?


What you're downloading? For unencrypted connections it is possible. For encrypted connections it's theoretically possible but practically impossible. No, the snake-oil products that that say they can do this does not count.
As for whom your downloading from; yes they can see what IP addresses you're communicating with unless you're using something like Tor or a VPN.

If so, how much additional overhead would it entail?

On any reasonably modern computer the overhead is negligible.

I have thought of enabling my browser's feature to encrypt all connections for HTML, but I think that would also cause more overhead though I'm not sure how much


This is not a feature that you can enable, you have to use https:// rather then http:// and even then there will be connections and sites that are not encrypted.

And how do I enable that feature in my browser or torrents once I've paid?


All you have to do is connect to the VPN, you don't need to changer anything in your browser or torrent app.

Reply Score: 3

Flatland_Spider Member since:
2006-09-01

VyprVPN looks pretty good.
https://www.goldenfrog.com/vyprvpn/

Reply Score: 1

Who do ISPs work for?
by Alfman on Fri 16th Mar 2012 03:15 UTC
Alfman
Member since:
2011-01-28

To big media: either pay our internet bills and have your way, or go suck an egg.

Reply Score: 5

ISP monitoring
by Neolander on Fri 16th Mar 2012 06:49 UTC
Neolander
Member since:
2010-03-08

Ah, looks like some ugly mutant offspring of Hadopi hatched elsewhere...

I still think that internet monitoring at the ISP level, especially using IP addresses, is a huge mistake, be it only from a technical point of view. Nontechnical users can't and shouldn't have to make sure that their wi-fi routers are only accessed by them, whereas IP addresses are trivial to spoof.

Around here, most older ISP-provided routers were set up to use WEP encryption (cracked) and MAC filtering (cracked) as a default. Many users never touched those defaults, and do not even know what is WEP and what's wrong with it. In these circumstances, how could they be annoyed and prosecuted about what goes through their router ?

Edited 2012-03-16 06:55 UTC

Reply Score: 3

RE: ISP monitoring
by moondevil on Fri 16th Mar 2012 07:35 UTC in reply to "ISP monitoring"
moondevil Member since:
2005-07-08

In Germany you are accountable for letting other people use your router.

If you are not able to do it technically, you should arrange for a company to do it for you. Then is the company responsible for what might happen.

Reply Score: 3

RE[2]: ISP monitoring
by static666 on Fri 16th Mar 2012 16:26 UTC in reply to "RE: ISP monitoring"
static666 Member since:
2006-06-09

In Soviet Russia you're accountable for your neighbour using his router. :-)

And it is partly true, I remember.

Reply Score: 1

RE[2]: ISP monitoring
by Neolander on Fri 16th Mar 2012 17:53 UTC in reply to "RE: ISP monitoring"
Neolander Member since:
2010-03-08

In Germany you are accountable for letting other people use your router.

If you are not able to do it technically, you should arrange for a company to do it for you. Then is the company responsible for what might happen.

Well, same in France since Hadopi. I was arguing in this post that the law is wrong on this front.

Nothing surprising, though, when you see who backed it (english subs) : http://www.youtube.com/watch?v=r4LofqPCQew

Edited 2012-03-16 17:54 UTC

Reply Score: 1

RE[2]: ISP monitoring
by zima on Tue 20th Mar 2012 13:50 UTC in reply to "RE: ISP monitoring"
zima Member since:
2005-07-06

In Germany you are accountable for letting other people use your router.

If you are not able to do it technically, you should arrange for a company to do it for you. Then is the company responsible for what might happen.

Are FON users covered like that? FON seems to be mighty popular in DE, judging from their maps...

edit: Or at least that was the case few years ago. Checking it now ( http://maps.fon.com/en ), DE looks relatively unremarkable (its hotspot density was certainly much more impressive than present PL, at least something like Netherlands now), hm.

Edited 2012-03-20 13:58 UTC

Reply Score: 2

I really have to see this to believe it
by darkcoder on Fri 16th Mar 2012 07:27 UTC
darkcoder
Member since:
2006-07-14

I worked on an ISP, and in my experience what they probably do is record the places you visit, and probably will be a kind of black list that will mark you as going to places you should not go, but checking the actual packets of every client computer? I really doubt that. Too much hardware required for that.

Reply Score: 1

static666 Member since:
2006-06-09

Not really, since they only need to identify potential offenders to start logging all their traffic for later analysis. As was stated, when 150K is at stake for a single infrigement, it can justify the storage and CPU time required.

Reply Score: 1

Soulbender Member since:
2005-08-18

As was stated, when 150K is at stake for a single infrigement, it can justify the storage and CPU time required.


Except 150k isn't rally at stake because that number was pulled out of someone's ass. There are serious crimes (you know, real crimes against other human beings) that you would get fined less for.
In a sane world the fine would be approximately the same as it would be for shoplifting the DVD and I'm pretty sure shoplifting doesn't carry a 150k fine.

Reply Score: 3

UltraZelda64
Member since:
2006-12-05

WARNING: DO NOT READ THIS POST IF YOU ARE SENSITIVE TO EXTREME AND DIRECTLY SEXUAL LANGUAGE AND HOMOPHOBIC TERMS. YOU HAVE BEEN WARNED.










Fuck you--all of you--MPAA/RIAA dick-sucking corporations who are engaging in this gay ass-fucking privacy degeneration of an "agreement." Fuck off and go to hell, cocksuckers. I'm sorry, but I can not speak nicely of bullshit like this. I'm not sure if I should take this as a cue to download more shit illegally than ever before to take a stand, or to just use an anonymizer like Tor?

And will this effect all ISP accounts, no matter when they were set up, or just those that became active on or after July 12? Or even sometime before--will any ISPs change their TOS before then to get ready? What happens when such changes are made; do we get to, you know, *agree* on them, or are they forced down our throats lick a cock?

By the way, my choice of ISP around here seems to be either AT&T, Road Runner through Time Warner Cable, or... eh, EarthLink through... Time Warner Cable. Motherfucking monopolies.

Really, I normally download "legal" stuff so I'm normally out of those bastards' cross-hairs, but this kind of "playing cops" bullshit really pisses me the fuck off. But then, while Linux and BSD distributions are legal, they are also copyrighted. Looks like I'm fucked no matter what.

And by the way, please excuse the moderate alcohol influence on top of my normal thought process, mood and language. Too bad I just normally think that way, and alcohol just "enhances" those thoughts.

Reply Score: 5

r_a_trip Member since:
2005-07-06

I know I've been warned, but you equating the proposed ISP "actions" to homosexuality is quite frankly offensive and just plain wrong.

What you are searching for, to describe this fuckery, is rapists. There is nothing in consensual male-male sex that comes close to what our spying US ISP Overlords are planning to do.

Reply Score: 7

Kochise Member since:
2006-03-03

I think he was referring to... "back-doors"

Kochise

Reply Score: 2

Safe Harbour
by kokara4a on Fri 16th Mar 2012 08:38 UTC
kokara4a
Member since:
2005-09-16

IANAL but this looks like a slippery slope to me. If the ISPs inspect packets can they claim Safe Harbour protection? Won't that make them vulnerable to litigation?

I really don't see what's in for the ISPs for doing this. Under current law, they are not liable for the way their customers use their connection. So why would they care? They are only going to lose customers over this. I doubt anyone will ever say "Gee, let's change our ISP provider to one that sucks more!"

Reply Score: 3

RE: Safe Harbour
by Flatland_Spider on Fri 16th Mar 2012 14:45 UTC in reply to "Safe Harbour"
Flatland_Spider Member since:
2006-09-01

[quote]I really don't see what's in for the ISPs for doing this.[/quote]

A legally acceptable reason for ISPs to stock pile large amounts of customer network traffic which can be accessed by various alphabet agencies in order to identify "terrorists" and collect amateur porn pics, maybe? Mainly collect amateur porn pics.

Reply Score: 1

RE: Safe Harbour
by smilie on Sat 17th Mar 2012 00:31 UTC in reply to "Safe Harbour"
smilie Member since:
2006-07-19

This seems the biggest flaw (for the ISPs) since it would seem to trash that protection by making them aware of the content of the traffic.

Beyond that, this would appear to be an enormous full-time wire tap. You have to wonder if some additional capabilities are being put in place at the same time.

Reply Score: 1

Comment by Luminair
by Luminair on Fri 16th Mar 2012 09:39 UTC
Luminair
Member since:
2007-03-30

start monitoring communication like this and people get hurt. the power is too concentrated. banks have 100 years of lawmaking to hold back their sleeze, and they still fuck with us and our information. so in comparison what happens when you give away the keys to the most powerful communication tool in history

this is a bit like putting a police officer at the window of every home. that would be crazy too. only this is invisible and costs nothing, so they can get away with it and people will get used to it. 1984 wasnt so bad for most people.

Reply Score: 3

RE: Comment by Luminair
by CapEnt on Fri 16th Mar 2012 12:51 UTC in reply to "Comment by Luminair"
CapEnt Member since:
2005-12-18

this is a bit like putting a police officer at the window of every home. that would be crazy too. only this is invisible and costs nothing

Constant communication monitoring (or spying...) actually cost lots of money, and the costs scale proportional to the amount of users that you need do control.

You will have:
- the additional overhead of the automated infrastructure to filter the traffic together with all the technical glitches that the additional complexity add to the system.
- the need of technicians to keep everything running.
- the need of human censors to read the logs, and the admin personnel to coordinate them.
- lots lawyers to cope with the ocean of lawsuits and class actions that false positives and gray areas will bring to the company.
... and the list goes on ...

Who will pay? The customer! Of course!

Reply Score: 2

RE[2]: Comment by Luminair
by static666 on Fri 16th Mar 2012 16:21 UTC in reply to "RE: Comment by Luminair"
static666 Member since:
2006-06-09

I see no trouble in implementing a customized automated bittorrent client that would impersonate a fellow seeder/leecher, requesting chunks of copyrighted content from users of particular IP address ranges, while logging all communication. No need for anything fancier IMO, in fact it may already be in place since it is so trivial.

Using tor is an overkill and could easily put it down. Another workaround is purchasing a private VPN proxy in some remote country where there is still free internets. Like Sweden, maybe, still?

But the best way is to stop buying crappy content made in Hollywood in the first place. C'mon, it's horrible, and is only getting worse every day.

Reply Score: 1

RE[2]: Comment by Luminair
by Luminair on Fri 16th Mar 2012 16:34 UTC in reply to "RE: Comment by Luminair"
Luminair Member since:
2007-03-30

spying on people electronically costs nothing compared to doing it in the real world. compare your IT costs to hiring 300 million chinese people to follow around every american, listening for keywords

Reply Score: 2

vasper
Member since:
2005-07-22

This will be fun. Companies that sell copyrighted material will see their revenues drop. Why? Because piracy actually has increased their income. When I download something, I sample it, and 1% of the time I buy it. Otherwise... I don't buy a thing. That 1% is a couple of hundreds of dollars per year. Some people buy even more depending on the quality that they have allready seen.

Reply Score: 4

DOSguy Member since:
2009-07-27

This will be fun. Companies that sell copyrighted material will see their revenues drop.


That could very well be the case, but I think you know that if that where to happen, it would be blamed on piracy again. This will open the doors to further internet regulations, and maybe eventually some kind of nation/world-wide piracy tax.

Unfortunately, this kind of changes are inevitable as long as big content reigns supreme. They haven't learned from their mistakes before, and they will not learn now. They have to die, or we will have to succumb. It is as simple as that.

Edited 2012-03-16 12:42 UTC

Reply Score: 1

either wrong or stupid or both
by l3v1 on Fri 16th Mar 2012 13:22 UTC
l3v1
Member since:
2005-07-06

First, the article is talking about copyrighted stuff (sw, video, music). I think I can risk stating that a very very large percentage of all content is copyrighted, which doesn't mean one's not allowed to use it, download it, and do a lot of other things with it. Copyright has (almost) nothing to do with the associated license, and there's no way an ISP can reliably monitor the licensing status of all contents you download.

Second, "even share information on repeat offenders with competing ISPs, effectively creating a sort of Internet blacklist" -- now, WTF? There are really no privacy and data protection laws in place in the US? I mean come on, ISPs freely sharing among each other? It's very brotherly, no doubt, but wrong nonetheless.

Reply Score: 2

Google HTTPS
by jackastor on Fri 16th Mar 2012 14:07 UTC
jackastor
Member since:
2009-05-05

Well if Google enables https searching by default, this ought to help some. Just use their cached pages where you can maybe?

http://searchengineland.com/google-to-begin-encrypting-searches-out...

Reply Score: 1

great just what we need
by Bit_Rapist on Fri 16th Mar 2012 14:50 UTC
Bit_Rapist
Member since:
2005-11-13

More big brother crap.

On the plus side it might be a great time to start an independent ISP - one that specifically does not monitor your traffic and is honest.

Reply Score: 3

RE: great just what we need
by umccullough on Fri 16th Mar 2012 18:44 UTC in reply to "great just what we need"
umccullough Member since:
2006-01-26

More big brother crap.

On the plus side it might be a great time to start an independent ISP - one that specifically does not monitor your traffic and is honest.


I use Sonic.net... they seem to be pro-consumer and still respect people's civil rights.

My Sonic.net DSL is a wholesale AT&T circuit line, however, and I'm not sure if AT&T has any authority to monitor it or not. If Sonic.net's Fusion service ever gets offered in my area, I'll be all over that!

Reply Score: 2

Comment by static666
by static666 on Fri 16th Mar 2012 16:06 UTC
static666
Member since:
2006-06-09

We do have bittorrent peer-to-peer encryption implemented in most popular clients at the moment; even enabled by default in some. However, while protecting from simple traffic monitoring, it does not (or simply practically cannot) provide any form of peer authentication, hence it is vulnerable to man-in-the-middle attacks.

What I'm really curious about is - whether it is legal for ISPs to execute large scale network attacks on its users when it is clearly NOT in interest of national security?

Reply Score: 1

Just wondering...
by Kochise on Fri 16th Mar 2012 19:48 UTC
Kochise
Member since:
2006-03-03

...when people will get enough of all of this. Big brother, patent wars, etc... Citizens lacks of balls or what ? I miss a good ol'revoluton somedays, just to show all these smart asses who work and bring the money.

Kochise

Reply Score: 1

Hope they can wait till Dec 23 2012
by jefro on Fri 16th Mar 2012 19:59 UTC
jefro
Member since:
2007-04-13

I think they can wait until Dec 23. After all that is when the world will end.

Reply Score: 2

protect your online privacy
by akentrepreneur on Sat 17th Mar 2012 02:40 UTC
akentrepreneur
Member since:
2012-03-17

You can prevent ISPs from spying on your traffic by using an encrypted tunnel such as hushtunnel.com

Reply Score: 1

Comment by darkcoder
by darkcoder on Sat 17th Mar 2012 03:38 UTC
darkcoder
Member since:
2006-07-14

Gonna give another example since many readers still think on the packet sniffing issue.

How many clients AT&T have with Internet access, like a million?

Now imaging sniffing packets of a million accounts every day. You will need some supercomputers just for that.

So NO, Packet sniffing IS NOT GONNA HAPPEND.

DNS blacklisting, and marking you as visiting non friendly sites, is easier and works just nearly as well... Hey you dont visit piratebay to just look at their pirate ship logo, lol.

And the tunnel trick, who said those sites like the ultrasurf one will not be blocked because they are considered "harmful".

Also bandwidth monitoring and or limit have been around for a while. TMobile and AT&T have been in the attention because of that recently. My ISP has a limit of 40 GB monthly, in which they charge extra if you exceed the limit, and I'm still to this day never get past that.

Edited 2012-03-17 03:44 UTC

Reply Score: 1

RE: Comment by darkcoder
by Alfman on Sat 17th Mar 2012 03:56 UTC in reply to "Comment by darkcoder"
Alfman Member since:
2011-01-28

darkcoder,

"How many clients AT&T have with Internet access, like a million? Now imaging sniffing packets of a million accounts every day. You will need some supercomputers just for that. So NO, Packet sniffing IS NOT GONNA HAPPEND."

I don't know the real scoop, but technically they could snoop only a subset of users at any given time. Current network equipment can already do deep packet inspection on a per packet basis, depending on what they're looking for they might simply flag certain packets in real time for additional analysis.

It's just speculation but I believe the way these things will work is that ISPs will be given a watch list of signatures to look for. Network routers are already designed to do data lookups very quickly anyways, looking for blacklisted hashes might not be that much different. If the device is fed from a splice of the network, it can dedicate all it's resources to the blacklist.

I don't know how things will play out, but I wouldn't rule out the technology to do it.

Reply Score: 2

RE[2]: Comment by darkcoder
by Soulbender on Sat 17th Mar 2012 05:43 UTC in reply to "RE: Comment by darkcoder"
Soulbender Member since:
2005-08-18

Current network equipment can already do deep packet inspection on a per packet basis


deep packet inspection is mostly snake-oil and it certainly won't work in the ISP core networks.

depending on what they're looking for they might simply flag certain packets in real time for additional analysis.


This would require existing equipment to not use the switching ASIC's and instead process every single packet on their main CPU. Anyone who has ever seen a hardware router process packets on the main CPU would not ever recommend this course of action. In short, it dies.

Network routers are already designed to do data lookups very quickly anyways


No they're not and doing lookups into what would be very large tables is not something they could handle. Especially not the hilariously under powered Cisco devices which for some inexplicable reason are very popular.
What they could do is mirror *all* the packets somewhere else but that destination better be a quantum computer because doing "deep packet inspection" on tbps of data and millions and millions of concurrent streams is not going to be an easy task.
Alternatively you would need to deploy tens of thousands of new devices closer to the customer and even then you need some way to coordinate all this information, distribute new watch lists etc.

Neither of these are going to happen.

Reply Score: 3

RE[3]: Comment by darkcoder
by Alfman on Sun 18th Mar 2012 03:00 UTC in reply to "RE[2]: Comment by darkcoder"
Alfman Member since:
2011-01-28

Soulbender,

"deep packet inspection is mostly snake-oil and it certainly won't work in the ISP core networks."

I am interested in hearing your reason for saying this.


"This would require existing equipment to not use the switching ASIC's and instead process every single packet on their main CPU. Anyone who has ever seen a hardware router process packets on the main CPU would not ever recommend this course of action. In short, it dies."

Well I'm not sure what the limits are of *existing* ISP network equipment, but we don't really know that they won't be purchasing new equipment specially for this purpose.

A cpu based monitor would be one implementation. If we were to take the idea seriously, I think a highly optimized dual core 3ghz system should be able to handle a gigabit feed with up to 36000*2 cycles per packet, and it's possible that not all packets will be scanned (http/email/etc). The scheme does not strike me as infeasible.

I also think a specialized ASIC would work too, and they could easily run in parallel.

Reply Score: 2