>> How many ISP's *actually* do DPI in order to provide *security* for their subscribers?
Lots of them do security functions. They scan for malware, they scan for spam, and to do any of this they have to look at the data inside packets. >> Actually reading the article, it sounds like what Boucher wants is a "Thou shalt not Phorm thy users without their consent" law. A cursory reading might give you that impression, but I suspect it's wishful thinking. Consider the testimony before the committee of Leslie Harris of the CDT: " It is important to stress at the outset that all applications of DPI raise serious privacy concerns because all applications of DPI begin with the interception and analysis of Internet traffic." There are definitely those agitating to turn ISPs into simple conduits of data, the electric companies of data. Ironically at the same time they want to make the grid smart they want to make the networks dumb. (hey, I have to use that line.) Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [email protected] -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Friday, April 24, 2009 12:38 PM To: Thomas Raef Cc: Larry Seltzer; funsec Subject: Re: [funsec] When they outlaw deep packet inspection... On Fri, 24 Apr 2009 07:37:29 CDT, Thomas Raef said: (OK, Boucher is my congresscritter, since I live in the Virginia 9th district).. > Why don't politicians stay out of something so technical and stick to > what they do best - take bribes and sell Senate seats (Blago - > Illinois)? Actually, Boucher is probably one of the *more* technically clued guys in Congress - among other things, he's the one who's been actually trying to get the damned DMCA anti-circumvention clause fixed (by adding an exemption if the data you're extracting would itself be usable under "fair use" or other rights). > On Behalf Of Larry Seltzer > I should add that at the same time the Senate is considering a bill > mandating security standards for large parts of the Internet to follow > it seems as if the Senate is about to ban security (Noting s/Senate/House/ second time around). How many ISP's *actually* do DPI in order to provide *security* for their subscribers? (And no, "block ports 137-139 and refuse to contact the user when it's obvious they're botted" doesn't count). Now compare that to the number of ISPs that want to do DPI in order to monetize the data (Phorm, etc)? Actually reading the article, it sounds like what Boucher wants is a "Thou shalt not Phorm thy users without their consent" law. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
