Posts Tagged‘deep packet inspection’

Internet Filter continues down the road to stupidity.

Well it seems that the DLC must have been heard by Senator Conroy and his party members, since he’s decided to add in some additional features to the proposed filter:

18. Is it true that ISP filtering is unable to filter non-web based traffic such as peer-to-peer and chat?

ISPs in other developed nations that have introduced filtering have done so mainly to help address the proliferation of child pornography on the web using a blacklist of mainly child pornography sites. These blacklist filtering services do not deal with non-web traffic such as peer-to-peer and chat.

The Department understands that a number of ISP filtering products allow blocking of non-web based applications, and that vendors are undertaking development in this area. A small number of ISPs in Australia and overseas provide ISP level filtering services that seek to help parents manage non-web based applications such as peer-to-peer and chat.

To the extent possible, the Pilot will test the effectiveness of more sophisticated ISP level filtering services and products to help parents manage use of non-web applications.

It is understood that technology exists to filter peer-to-peer networks. If such technology is proposed as part of the Pilot by an ISP it will be considered.

Full FAQ from the deparment here with coverage from PC MAG.

Now I know that many of the ISPs would be fully aware that blocking Peer to Peer (P2P) traffic is not only complicated but will also guarntee slowdowns that are far in excess of current estimates. To give you an idea of how complicated it is here are a couple ways of detecting Peer to Peer traffic:

  • Deep Packet Inspection: Basically opening every packet and looking at the packet structure to determine what it is and where it is going to. This means that the packet is delayed whilst it is inspected, and this could lead to lengthy delays in delivery espeically if the packet is big. Say goodbye to reliable VOIP services if this kind of inspection gets put in.
  • Connection/Traffic Trending: This is watching the connections a client makes and building up a trend map of them to determine which ones are legitimate and which ones aren’t. Bittorrent and other P2P applications usually open up lots of connections and transmit small amounts of data over them, so they will build a model off that principle. Once they think they have a P2P connection they’ll terminate it by various methods (RST Injection or just drop the connection entirely). Inheritly flawed and will cause issues with any technologies that utilize P2P as a distribution method (World of Warcraft uses it for their client patches).
  • Port blocking: Simply denying all traffic on the ports that P2P applications typically use. Easily cirumvented.

The Internet Filter proposal itself was unacceptable already, this just puts it into the realm of insanity. At the rally I talked about what kind of impact this would have to businesses and introducing something like this would just make the effect even worse. Just because P2P may be responsible for some un-scrupulous people using it for nefarious purposes doesn’t mean that everyone should suffer, and I really do mean everyone in this respect.

Probably my biggest concern are the people who support Free and Open Software with their contributions to things like Linux. They use Bittorrent to distribute their software and blocking this service will mean a severe detriment to the free service that they provide. Whilst solutions like Ubuntu will still function thanks to the generous support of people like Mike Shuttleworth I’m afraid the smaller ones will be hit severely by the decision to include P2P in the filter.

If we see something like this get put in I can see so many business with strong web presences moving their services overseas. When you rely on your web services in order to generate revenue slow down means lost dollars and customers, neither of which a company will endure just to host a service in Australia. We’re already behind in terms of broadband proliferation and web services, do we really want to continue down this road of making Australia an Internet backwater?