Pages

Pages

Friday, November 02, 2007

Deep packet inspection getting another kicking

The Comcast / Sandvine saga seems to have been the catalyst for consumer awareness of the potential for packet inspection misuse.

To recap:

- DPI used to protect fundamental network integrity (eg stopping DDoS attacks, stopping P2P crashing individual mobile cells, managing unanticipated bandwidth spikes etc) = GOOD
- DPI use to block / degrade traffic you just don't like very much in the hope of negotiating/extorting (pick your point of view) money from an Internet company = BAD
- DPI policies not made transparent to your customers = ACTIVE CUSTOMER DISLOYALTY (ie being so annoyed about a service provdier that you tell everyone very loudly)
- Lying to your customers about DPI = DESERVING BANKRUPTCY OR LEGAL ACTION

There are now rumours that Comcast is playing funnies with traffic going to Google.com as well. It's also been reported that its customer service staff are denying the existence of SandVine DPI gear in the network - although Comcast is known as a customer (see page 21 of SandVine's AIM admission document) and by coincidence, a very high % of SandVine's revenue comes from (a) North America, (b) Cable companies and (c) A single customer (see slides 4,6 & 7 here). Obviously, Customer A is anonymous......

Amusingly, the term 'sandvining' has been coined as a generic term for inept and intrusive misuse of DPI.

I've been saying for a while that heavy-handed use of DPI would backfire competitively on the culprits. I didn't expect it to to get escalated to the US Senate quite so quickly though. I can't imagine Viviane Reding at the European Commission, or assorted other regulatory & competition folk to be particularly impressed if the same thing happened here, either.

Of course, this is all in the fixed domain. Limitations on spectrum (especially at a per-cell and backhaul level) mean that some forms of traffic management are going to be mandatory in mobile. I don't want my 999 emergency call (or any call for that matter) blocked by some local kids using BitTorrent on their smartphones.

But if I pay for a mobile Internet pipe (and I'm quite happy to pay a fair price), I want it to work with the service I want to use. If my operator thinks differently, it needs to be very explicit about this upfront. And incidentally, this applies just as much to any monkeying around with the handset's IP stack or OS, as well DPI as in the network.

2 comments:

  1. Anonymous9:50 pm

    DPI offers far more than you give it judgement. Your comments are based on a typical US centric understanding of DPI. You should before you make comments fully understand small Islands who are being raped by VoIP where telecom income is very important to the ecomany. mostly by systems that do not even comply to standard e911 services. Or watching bad guys use systems where they can hide. When you understand the bombs in London where done via a P2P network maybe DPI has some better uses

    ReplyDelete
  2. Given that I was born and currently live right in central London, I find it pretty weird that you assert that I have a US-centric perspective. Living where I do, I'm at the sharp end in considering the balance between security & liberty.

    Which bombs were 'done' with P2P and how? If you mean people used anonymous webmail accounts and/or crypto for planning purposes, that's very different from triggering, for example.

    The 'small island' issue isn't one that I'd come across to be honest. Sure telecoms revenue is important to their economy, but if you take an Internet-wide view, I'll bet the Internet also drives more tourism, use of domain name services, even offshore car registration & insurance. It's swings & roundabouts and just needs to be managed with a holistic view.

    As I've discussed before, I see DPI use as perfectly reasonable for many applications such as protecting network integrity, stopping DDoS attacks and so on. It's also good for monitoring (roughly) what customers want to use & therefore the telco can design new products / bundles / partnerships to meet those needs.

    However, the nature of the Internet and Moore's Law means that attempts to seek out and block specific applications are doomed to failure. Collectively, the edge is becoming a lot smarter than the core - there are plenty of ways to circumvent DPI, and the last thing anyone wants its a virus-style them & us arms race.

    I also find it ironic that the telecom industry on the one hand tells us that communications use (eg mobile phones) stimulates economic demand & they lobby accordingly... and then tries to keep prices at a level which excludes many potential economic participants.

    ReplyDelete