Anything that inspects packets past the transport layers should be illegal unless a warrant has been served.
Just like in the good old post days you should be able to rely on all your packets arriving without 'inspection' by any carriers.
The obvious solution to the whole net neutrality problem is to encrypt everything and to run the various protocols on every port imaginable after some form of handshaking.
Yes, but that wouldn't be enough. The DNS system is also controlled by an oligopoly and ISPs. With DNS server data ISPs can easily deduce what is a packet doing. AFAIK, the DNSSEC system doesn't solve this, either.
The stakes are high, I'd love to see a change of paradigm. But it's very hard given the immense economic and political interests against anything fair.
Google is the largest advertising and user-tracking system online. I would only use those DNS servers as last resource.
Also your DNS request travels unencrypted through your ISP and a likely drop-in solution to packet inspection would just be a passive listener (typical solution with 0 configuration). So in this case, alternative servers don't help.
We don't correlate or combine your information from the temporary or permanent logs with any other data that Google might have about your use of other services, such as data from Web Search and data from advertising on the Google content network.
You are diverting the discussion. The main point of that comment is the ISP can inspect those packets just like if you use their servers (and probably by exactly the planned way to do it in the first place.)
With regards of privacy, Google's definition of what's identifying or not is very dodgy. From your own link, the permanent record includes the timestamp, domain, geolocation and ISP. That's a lot of information if you aggregate it.
Down-voted for posting a link to a privacy policy? Hmm. Ok.
My point had nothing to do with your ISP packet inspection argument (notice I didn't address it). I was providing a counter-point to the "Google is the largest advertising and user-tracking system online. I would only use those DNS servers as last resource." My comment was simply to refute your indication that Google might be associating DNS with advertising or user tracking. They don't.
Edit: Can someone explain why the down-votes? Do you just disagree?
They will still be learning a lot about users, just not adding that to their otherwise neat idea they have about who you are. You have two identities; they can track, study and serve each one, no probs.
what about looking for active abuse? Assuming I tell you on account signup, is running your traffic through an IDS to alert me when your system is compromised unacceptable? what if I only look at your traffic after I get an abuse report? what if I get an abuse report... can I use tcpdump?
I mean, these are all possibilities. my concern is that if, for example, you make running an inward facing IDS illegal, selling (nearly) anonymous accounts on the cheap will be ah, more difficult. In theory, a good enough inward-facing IDS, if implemented by more ISPs, could largely mitigate the botnet problem we have now, where almost any site can be wiped off the internet by IRC kids. (now, my IDS system never got past 'experimental' and has been down for several years now. But when it was active, I think it was pretty neat; customers could see incoming attacks, and I could see outgoing attacks. Of course, like any ids, it had a huge false positive rate, so honestly, it wasn't all that useful, which is part of why it's currently down. I'm just interested in why people think that sort of technology is inherently a bad idea- a bad enough idea that there should be a law, even.)
Now, I think it's important that providers are very clear about what they do with a customer's packets... but I worry that codifying what a provider can do to a packet /with the consent of the customer/ into law will eliminate services I like.
I'm going to have to think about that for a bit, it's a tricky enough situation you sketch that there shouldn't be some kind of exception for it.
First thing to come to mind is maybe an electronic way of securing permission from the 'endpoint' of the traffic, since they benefit from not having their hardware and their connection abused as well.
The key is 'with the consent of the customer', and I think that such instances should be the exception rather than the rule.
So if there is no specific reason why a certain customers packets are inspected and it is done without their knowledge and consent it should be illegal.
Also, it may very well be possible to correlate enough transport layer data to figure out which packets are part of an attack and which are legit, but that might be computationally very expensive to do.
well, I'm actually /really interested/ in what people think about this. I mean, laws aside, privacy policies[1] are pretty important to some people. But the thing is, by looking at (and sometimes mucking with) your traffic, I can provide you a better service. So it's important for me to know where the line is for different people.
I think you've already nailed it, the 'better service' is the key element in that sentence. If the endpoint finds their services degraded to give other people better service then I think most people would balk. If it is to give them better service they'll be fine with it. Whether or not they read the privacy policy is another matter, I think I must be the only person that actually reads those things.
as for privacy policies, what I'd really like is to use a privacy policy published by a trusted body such as the EFF.
In my perfect world, the EFF would publish several, modeled after the 'creative commons' licenses; each policy would grant different levels or different kinds of privacy, and the meaning of the policy would be fairly well understood by all parties just by stating the name of the policy.
edit: I don't mean /legally mandating/ these privacy policies... I'm suggesting something like the system in place for managing copyright (or,uh, left) - the idea would be that if there are standard policies, you won't have to read each policy all the way through for every service.
Something totally independent of both business and government run as a non-profit that reviews the various privacy policies, notices changes (by spidering them periodically) and alerts users to those changes and their consequences?
You could also issue a 'badge' or a widget that you could include on your privacy policy page that gets served up from the reviewing institution.
Even ignoring the cost in lawyer time to draw up and review the policies, knowing that a policy is 'reviewed by X' tells the user less than "ISP Y uses standard policy Z"
Also, just like there are different creative commons licenses that grant different rights, it's reasonable to have different privacy policies that grant different rights... and if you need a particular right, it's much easier to go "Oh, isp X uses policy Y which gives me what I want" than to go reading the custom policy that each ISP drew up.
Ah ok, sorry, I see what you're saying now, just in an ISP context, I thought you meant privacy policies as a whole. Apologies.
In that case it makes perfect sense. I thought about all privacy policies and because there are so many different products out there it would be very hard to have a limited set of policies. But for the ISP subset that could definitely be done.
Well, the infrastructure provider market is what I know and care about... but I don't think the privacy needs of, say, facebook users and twitter users are all that different. they could probably use the same privacy policy with no changes.
by looking at (and sometimes mucking with) your traffic, I can provide you a better service.
That's admirable, but I notice you're a hosting provider. I've never heard of a broadband ISP that wants to use IDS or DPI to provide better service; they only seem to talk about providing worse service.
Perhaps making such things opt-in would work; if the customer believes that it really benefits them, they won't mind opting in.
well, the IDS would be primarily to protect the rest of the internet by noticing when your box becomes a zombie (and decrease costs associated with handling abuse.)
Unless you are one of those people who expects me to leave your box online after it has become compromised and is spewing abuse, the ids, assuming I use it how I say I'm using it to just detect compromised hosts, and assuming I'm careful about false positives, won't hurt you.
Mucking with the traffic is /much/ more difficult to do without damaging the service. However, there are many cases where if you muck with the traffic you can allow high latency high bandwidth bulk transfers without messing up your low-latency traffic as much as it would otherwise... e.g. it's possible, with traffic shaping to maintain better customer experiences while overselling your pipe.
this positive is realized by the customer through lower prices in markets with competition. obviously, the home broadband market is not one of those markets, so I don't know how much difference it'd make there.
If you notice, I'm a provider in the server space, where there is a lot of competition.
As one of your customers, I wouldn't mind you looking at my traffic, assuming that you notified me of it afterward and that you didn't store anything that could be used to establish patterns that could be traced to me individually or the actual data I was sending (it is liable to include, among other things, passwords).
However I would expect you to get a notification before you started to murk around with my traffic, since it is liable to interfere with my use of the services that I have paid for.
first, please, please don't send passwords unencrypted. I'm not the only one who can look at your traffic. Spoofing a route in bgp is, to my understanding, not a difficult thing to do, which means that really, anyone on the net with a sufficiently well-connected BGP box can sniff your traffic.
but yeah... would just giving you access to all the information I had about your traffic be sufficient notification? That seems like the best way to handle it to me, I mean, if I've got a IDS all setup, it's no more work for me to let you see the results, and especially on incoming traffic, that has value to you.
>However I would expect you to get a notification before you started to murk around with my traffic, since it is liable to interfere with my use of the services that I have paid for.
Yeah. mucking about with people's traffic is tricky, and /certainly/ deserves a notification. Right now, the only time I do it is when you go over your transfer limits; in that case I use tc to bump you down to something that can't hurt me, and obviously, I tell you.
If I /wanted/ to provide a bulk transfer service, rather than limiting the overage accounts to 1mbps or less each, I'd take accounts that are in overage and let them have as much bandwidth as they want, just making that bandwidth a lower priority than the bandwidth of my paying customers.
Now, my experience with that kind of traffic shaping is that it's never perfect, you always interfere at least a little with the high priority traffic; or at least that's been the case every time I've tried doing that, so I don't. But, I've heard of others doing it with varying degrees of success; it's one of those things that can possibly make a cheaper service better if you allow the provider to muck with your packets.
It is true that I shouldn't send passwords unencrypted, but the passwords I send are not those I am concerned some government agency gets their hands on, nor are they useful for industrial espionage.
I am simply trying to avoid having the passwords ending up in some log file somewhere where a second-rate cracker can get access to them and spam my webpages. Honestly if you have the power to fix the Border gateway protocol, chances are that you are not interested in spamming my redmine installation.
> Even the most troubling part of Google’s proposal – that wireless networks
> would be excluded for the time being – is not much different from
> what the FCC suggested.
That doesn't make it right. I'm sure P2P voice providers like Skype are very upset about this agreement. And customers should be, too. If my 3G/4G provider selectively blocks my voice calls they should state it very clearly on the marketing material. Something like "X GB per month for everything but voice, peer-to-peer, and any other service that competes with our own services." Of course they will never say that because they don't want the public to be aware they are being deceived.
Even for the rest of the corporations the wireless situation is very bad. They won't be able to have inexpensive communications over IP if it goes through wireless, like conference calls. They'll be forced to use oligopolistic and overpriced services for something already paid for.
This isn't bad just for end users and I think Torrentfreak missed the point. This proposal initiates a terrible false dichotomy of wired vs. wireless. It helps current use of peer-to-peer (the bait) crippling wireless (the real deal in the very near future.) Google doesn't care, or even worse, is against P2P services (private or commercial) because their core business is at odds with it. In som ways Google CEO want it to be the new IBM, the new central mainframe.
[Don't get me wrong, I love the technical people behind Google including its founders, but their higher management is out of control, and IMHO, "evil".]
How can it initiate that dichotomy when it's the basically the same as a) the FCC proposal and b) reality as we've lived it for the last few years?
TorrentFreak aren't saying it's great, they're saying it sucks just as much as the status quo, so piling onto Google is stupid because you're attacking the one person pushing for progress in one area because they aren't making progress in a more difficult area, double that stupid if you're acting like Google is dismantling something that doesn't exist, rather than just not fighting to have it created.
Perhaps I shouldn't have used "initiate." But the proposal by Google/Verizon states a position while the FCC document "seek[s] comment." It's new that Google, a content provider, answers that question jointly with the 2nd largest telecom. And both companies are partners in the mobile business.
I'm sorry, but who said the current situation is network neutral? There have been plenty of crazy situations related to throttling (like Comcast) and deep packet inspection and content modification (like the big case in UK.)
It's a legally grey area where different groups are asking different things. EFF, EPIC, and other civil rights related groups worldwide want content non-discrimination and permission of tethering for wireless devices. The telcos want carte blanche to block or throttle as they please. And I bet 3 letter agencies (and their counter-parties in other countries) are siding with the telcos for their own reasons.
Google changed their stance at least on content discrimination on wireless. A very meaningful example Skype calls or competing video distribution platforms. Google can't represent those competitors on this discussion. In particular if they are partners with telcos with their Android system. That's where the outrage comes from.
"I'm sorry, but who said the current situation is network neutral?"
Err, that's exactly the point. Net neutrality already doesn't exist in a lot of ways, the Google proposal is seen by some (e.g. TorrentFreak) as an attempt to regulate something that can already be arbitrarily done in an unregulated way.
You can't take away a freedom or right that doesn't already exist.
As I said in another comment, if my 3G/4G service provider sold me the service as "X GB per month" without clarifying it can't carry voice or competing services currently it's unlawful and other companies affected could sue them. Or a class action for deceitful advertising.
Telcos want to have legal cover for that. That's new.
They do clarify in the fine print of their terms and conditions which customers agree to if they're using the service. So, it's not unlawful just because you don't agree with it, because you've already agreed to it.
There is nothing new here in the Google / Verizon proposal. They can't be both killing wireless net neutrality and seeking 'legal cover' for already doing it, especially when it didn't exist because the current status quo of 'packet discrimination' on those networks isn't illegal.
I find it interesting to see how so many people try to sound "reasonable" and find value in "compromise". Which is a good thing, 99% of the time. Except when the issue falls into "you can't be a little bit pregnant" category. IMHO, that is the case where Net Neutrality concerned. You can debate how to enforce it, or even if you should enforce it, how important it is, if it should be law, the ethics of it, whatever, but there is no such thing as "a bit of" or "an improvement in" Net Neutrality.
Any law or proposal that leaves gaping holes to manipulate traffic at will is against Net Neutrality. And so, apparently, is Google.
And btw, Net Neutrality did exist, for the longest time in the Internet's history. That's kind of the whole damn point, it brought us to where we are today. The fact that it wasn't enshrined in the law doesn't mean it didn't exist. All of which means that Google's proposal is a proposal to bury it, not defend it.
So your proposal to fight one of the biggest lobbying forces in the world [http://www.freepress.net/node/62059] is to demand that everything just be fixed all at once? You are out of your mind.
Yeah, who would ever do something that crazy? It would be like demanding automakers build safe cars or telling the tobacco industry not to market their product to children.
Both those examples had a nice emotional component to them: automobile deaths and cancer patients. Try showing someone the harm of non-neutral networks without resorting to hypothetical situations or abstracts. I don't mean someone on HN, I mean the "average Joe" voter.
Funny you should mention that, because both of those things took DECADES to enact, through massive policy overhauls, with millions of man-hours of deliberation.
And it's not just BitTorrent. Net neutrality hasn't existed in a broad sense for SMTP for years now. Anyone's who maintained a mail server will know of seemingly arbitrary IP filtering between data centers, network wide tarpitting and throttling, and all sorts of hoops you need to jump through to reliably deliver mail.
Further, many ISPs over the years have blocked port 80 in or transparently proxied port 25 (or even port 80) through their own servers. I'm not necessarily against this but I think it should be a legal requirement for ISPs to share information about what they're doing so we can choose ISPs that fit in with our requirements.
Hey, but don't you know it's chic to hate google right now?
People love complaining, but not so much helping. I see a lot of people saying why it's wrong but I dont' see fewer people making proposals. And I think the general message in the article is "hey, it's not perfect but at least google is doing something".
I don't think that's what's driving this. The major powers behind this are two-fold, the first google's apparent about face, the second that they seem to act against their self applied motto.
So they're being held to the standards that they themselves set in the past, hating google has nothing to do with it.
Net neutrality simply translates in to 'pipes are supposed to be dumb for regular traffic'. Anything other than that and the net is no longer neutral, and that's both what drove it to become what it is today and what will continue to drive that growth in the future. Turning it in to a series of ISP guarded walled gardens is not to anybodies benefit. Especially not the wireless portion, since that is where the future growth will be, so the current battle will draw the lines for one of the most important portions of the net in the near future.
And I think we all hoped that Google would stay on the right side in this, and feel disappointed that they didn't.
I for one don't just want people to not snoop around my data, I want more or less unbiased service. Remember, Comcast would throttle users who were constantly uploading a lot of information, which by the way, actually is a pretty good indicator of torrenting.
This is the reason you can't just encrypt everything (edit: as other users here suggest). It goes deeper than that. It's not about people looking into your content, it's about ISPs having to provide the internet as it is, and not simply as they want you to see it.
This is BS. Net neutrality has been the status quo for the last 30 years, if only because the network providers didn't have the ability to throttle traffic they didn't like, and weren't concerned about squeezing every cent out of their oligopoly position. Only in the last few years have the providers possessed the network hardware and the concern about becoming dumb pipes that they've actively attacked net neutrality.
Also, I think he's deluding himself if he thinks the Google/Verizon deal is going to protect Bittorrent on wired networks.
Getting rid of terrenting is what net neutrality is about for a lot of players: it's a significant part of backbone traffic that can be eliminated (de-prioritized to the point of being useless) overnight, given the right legal setting. Frankly, the interests looking to get rid of peer-to-peer bandwidth are so powerful and around invested long-term, I don't think there's much anyone can do.
What goes on in my packets is nobodies business but me and my 'peer', whether it's a web server, a phone, an internet connected appliance, an ftp site or a torrent server.
De-prioritizing (what a word anyway) is not what it is all about it is about limiting. Prioritizing all the traffic is like selecting a volunteer by having someone step backwards.
ISPs sell bandwidth, so bandwidth is what they should deliver. They don't sell quality of service, at least, I've yet to see an ISP that offered me 250K down for torrents, 32K for voice and 128K for web traffic as a single package. They'll sell me 1, 4, 8, 10 or even 20 Mbps down and 2 Mbps up for X credits per time unit. So that's what I expect to receive.
And once they start doing deep packet inspection where does it end? Some websites have a deal with the ISP to prioritize their traffic at the expense of others?
I'm for net neutrality, but the argument that they are "selling bandwidth" is ridiculous -- in fact that's the very argument ISPs have for disallowing it! [Pete Ashdown is the president of a Utah ISP called Xmission: http://peteashdown.org/journal/2006/05/04/net-neutrality/] As providers of a service, they argue that they should be able to "deprioritize" garbage traffic so that all their customers don't suffer, and you might argue that this is not the real reason they de-prioritize, but regardless, your argument is just as easily turned in the opposite direction.
Bottom line, is that net neutrality is about having an accurate picture of the internet, and not a picture that Comcast (or whoever) decides I get. THAT, as well as maintaining user privacy, is the goal here.
EDIT:
I should also add that ISPs have throttled upload-heavy traffic WITHOUT inspecting the packets for a long time, so even if you didn't inspect packets, the issue of net neutrality persists.
I don't see your point at all. The fact that you want the bandwidth you were supposedly "sold" is the very justification ISPs give for throttling the traffic of, say, spammers, or torrenters. Why should those practices make for a worse experience for everyone else? (edit: particularly if they are illegal?)
Again, I'm for net neutrality, but you do it a disservice with that argument.
But anyway, your argument hinges on the supposition that ISPs guarantee your bandwidth all the time. In fact, most of them do not. If you are buying a strict guaranteed bandwidth, do tell me why it is that the ISPs don't actually say that themselves?
Hence the argument that throttling your traffic betters other customers.
I don't know who 'Leo' is, but here is the way I understand it:
Copyright infringement is illegal. Torrent files are not (they don't contain copyrighted information, they contain hashes).
Downloading a copyrighted work using any mechanism, including bittorrent is illegal in many places, but not everywhere.
> But anyway, your argument hinges on the supposition that ISPs guarantee your bandwidth all the time.
No, they have a best effort obligation to deliver what they'e sold. The fact that most of them don't make that effort does not mean they're in the clear.
> If you are buying a strict guaranteed bandwidth, do tell me why it is that the ISPs don't actually say that themselves?
> No, they have a best effort obligation to deliver what
> they'e sold. The fact that most of them don't make that
> effort does not mean they're in the clear.
Well, Jacques, once again, that's actually precisely their argument: that they are "making their best effort" to preserve the user experience. You say they're not providing what you pay for and tell them why, and then they spin around and tell you that they are providing exactly that, because they are doing what you don't like.
And on top of that, they're not promising what you tell them you were sold: there is no bandwidth guarantee. It's like if you showed up to someone's house and bought a stereo, and then after you paid, loudly proclaimed that you actually bought their wife. Saying doesn't make it so, and since this is not a promise they have actually given you, it's a bit unfair to expect that they be held to it.
Remember, though before you head down that hole, that I'm not supporting them. I love net neutrality. It think it's great. I'm just saying that your buying bandwidth is not a good basis for argument of the position you elected.
>> If you are buying a strict guaranteed bandwidth, do tell me why it is that the ISPs don't actually say that themselves?
> Because it is to their advantage.
You're right. It's to their advantage not to sell that guarantee. That would be insane.
"We can’t help but note that Google’s proposal is in essence very similar to the (widely praised) Net Neutrality regulations that were suggested a few month ago by the FCC. On several points it’s actually an improvement, as the EFF also noted."
I Wonder why none of the bigger news outlets tried to compare between the two proposals.
> [...] will seek input on important questions such as whether wired
> and wireless broadband access should be treated differently
> in this context, and will invite new ideas.
People complain against google because:
- It has a "don't be evil" mantra, wich is deprecated right now
- A few years ago Google was promoting the net neutrality
Many people feel betrayed by the new Google behavior.
Talk about throw the baby out with the bath water. "We weren't allowed to have our service sent mostly illegal data without being blocked, so net neutrality was obviously a myth!". Does the author think that Google's "courageous attempt at net neutrality" would be favorable to torrents on wired networks?
Google betrayed the trust of everyone who believed "Don't do evil". Full stop. How ISPs dealt with illegal traffic on their networks has nothing to do with any of this.
Nowhere does it say that torrents are blocked because of illegal content. The AT&T terms of service that are quoted in the article mention "certain uses that cause extreme network capacity issues" as a reason. Given that torrents are often huge, and that wireless networks usually are not as fast as wired ones yet, that does not seem completely unreasonable.
Of course, it does mean that I cannot download, say, a Linux ISO via torrent... now that is throwing out the baby with the bath water.
(That said, AT&T did stop offering Usenet last year, supposedly because there was too much illegal content.)
>that wireless networks usually are not as fast as wired ones yet, that does not seem completely unreasonable.
But it is completely unreasonable. If they don't have enough bandwidth, they can sell me a plan with a limit - then _I_ will decide what to use that plan for (including, but not limited too, porn, terrorist activities and peer to peer filesharing).
What the providers wont admit is that they are selling a commodity, which (in the area of wireless communication) is completely fungible -- therefore they get to charge no more than commodity prices, while everybody else gets to get rich of their services.
Yes. But ISPs are blocking or throttling to oblivion, not prioritizing packets. BitTorrent has a proposed protocol addressing this and it was not embraced by the telcos, in particular Comcast who said was going to be working on that.
This proposal if sponsored by FCC or US Congress would give carte blanche to the telcos to do whatever they want on wireless, in particular 3G/4G. Google is not representative of the users (present or future) of those services.
It's a complete non-sequitur to charge more money for tiered service and claim it's because of piracy.
Most of the people on the highway on my way to work are speeding. That doesn't mean the government should allow different cars to go different speeds depending how much the manufacturer pays.
Who is down-voting this comment? lowenskind didn't break HNs rules and disagreement shouldn't be expressed by down-voting. This site's etiquette would be a reply with a counter-argument.
If you join any community, try to learn its rules first. And don't hide behind the anonymity of down-voting.
Edit 1: rephrasing.
Edit 2: lowenskind comment was in the negative side when I wrote this, requiring at least 2 down-voting accounts.
It is no less reasonable than accusing Google of having "betrayed … everyone" by still fighting harder for network neutrality than anyone else but not doing it in the exact way that you'd prefer. There's no real counterargument to be made against what basically amounts to unsubstantiated smack talk.
Just like in the good old post days you should be able to rely on all your packets arriving without 'inspection' by any carriers.
The obvious solution to the whole net neutrality problem is to encrypt everything and to run the various protocols on every port imaginable after some form of handshaking.
I think that would work.