Linked by Thom Holwerda on Thu 15th Mar 2012 22:06 UTC
Legal "If you download potentially copyrighted software, videos or music, your Internet service provider has been watching, and they're coming for you. Specifically, they're coming for you on Thursday, July 12. That's the date when the nation's largest ISPs will all voluntarily implement a new anti-piracy plan that will engage network operators in the largest digital spying scheme in history, and see some users' bandwidth completely cut off until they sign an agreement saying they will not download copyrighted materials." One day, years from now, historians are going to debate whether this was the point of no return.
Thread beginning with comment 510922
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Comment by darkcoder
by Alfman on Sat 17th Mar 2012 03:56 UTC in reply to "Comment by darkcoder"
Alfman
Member since:
2011-01-28

darkcoder,

"How many clients AT&T have with Internet access, like a million? Now imaging sniffing packets of a million accounts every day. You will need some supercomputers just for that. So NO, Packet sniffing IS NOT GONNA HAPPEND."

I don't know the real scoop, but technically they could snoop only a subset of users at any given time. Current network equipment can already do deep packet inspection on a per packet basis, depending on what they're looking for they might simply flag certain packets in real time for additional analysis.

It's just speculation but I believe the way these things will work is that ISPs will be given a watch list of signatures to look for. Network routers are already designed to do data lookups very quickly anyways, looking for blacklisted hashes might not be that much different. If the device is fed from a splice of the network, it can dedicate all it's resources to the blacklist.

I don't know how things will play out, but I wouldn't rule out the technology to do it.

Reply Parent Score: 2

RE[2]: Comment by darkcoder
by Soulbender on Sat 17th Mar 2012 05:43 in reply to "RE: Comment by darkcoder"
Soulbender Member since:
2005-08-18

Current network equipment can already do deep packet inspection on a per packet basis


deep packet inspection is mostly snake-oil and it certainly won't work in the ISP core networks.

depending on what they're looking for they might simply flag certain packets in real time for additional analysis.


This would require existing equipment to not use the switching ASIC's and instead process every single packet on their main CPU. Anyone who has ever seen a hardware router process packets on the main CPU would not ever recommend this course of action. In short, it dies.

Network routers are already designed to do data lookups very quickly anyways


No they're not and doing lookups into what would be very large tables is not something they could handle. Especially not the hilariously under powered Cisco devices which for some inexplicable reason are very popular.
What they could do is mirror *all* the packets somewhere else but that destination better be a quantum computer because doing "deep packet inspection" on tbps of data and millions and millions of concurrent streams is not going to be an easy task.
Alternatively you would need to deploy tens of thousands of new devices closer to the customer and even then you need some way to coordinate all this information, distribute new watch lists etc.

Neither of these are going to happen.

Reply Parent Score: 3

RE[3]: Comment by darkcoder
by Alfman on Sun 18th Mar 2012 03:00 in reply to "RE[2]: Comment by darkcoder"
Alfman Member since:
2011-01-28

Soulbender,

"deep packet inspection is mostly snake-oil and it certainly won't work in the ISP core networks."

I am interested in hearing your reason for saying this.


"This would require existing equipment to not use the switching ASIC's and instead process every single packet on their main CPU. Anyone who has ever seen a hardware router process packets on the main CPU would not ever recommend this course of action. In short, it dies."

Well I'm not sure what the limits are of *existing* ISP network equipment, but we don't really know that they won't be purchasing new equipment specially for this purpose.

A cpu based monitor would be one implementation. If we were to take the idea seriously, I think a highly optimized dual core 3ghz system should be able to handle a gigabit feed with up to 36000*2 cycles per packet, and it's possible that not all packets will be scanned (http/email/etc). The scheme does not strike me as infeasible.

I also think a specialized ASIC would work too, and they could easily run in parallel.

Reply Parent Score: 2