The NSA pretty much do their own version of DPI and as far as I can tell this hasn't been debated much in Congress. At least they seem to be having some kind of debate rather than the lacklustre ones we're having over here. The long delayed consultation about the dreaded IMP seems to be finally be upon us next week; I hope the debate livens up.

ISPs have no need for DPI to know which web sites you visit. DPI is needed to decipher the content you exchange (though it's doubtful that even the NSA have the computing power to do that for everyone in the US) and, in particular, where the IP port is obfuscated to disguise traffic such as torrents.

As usual, if you want to exchange data over the Internet that you wouldn't write on the back of a postcard, use encryption. If you don't want folks to know the sites you're visiting, use Tor.

Presumably the idea is to have it running at the ISP, but that's a daft place. Given a half-reasonable lock-down on the child's machine, the parental control software could run there and this puts the processing burden on the machine requiring the service. Given a less satisfactory lock-down on the PC, put it on the domestic router. Both of these locations (well, the first certainly) also make it possible to DPI an encrypted packet, which the ISP cannot do.

Then there's the legal difference. The OS on my machine has been capable of DPI since forever. So has the machine at the other end of the conversation. But I own the former and if I didn't want the latter to read my packets I wouldnt have sent them there. Extending this idea of "endpoint" to include networks and routers wholly owned by the same two parties isn't a problem, either morally or legally. Extending it to third parties probably is. *I* may have *some* leverage with my ISP, but the person I'm talking to doesn't.

For years we've had AV software obnoxiously appending a "sig" line to emails proclaiming that they've checked this email for zillions of viruses (but curiously are never willing to warrant that it is virus free). Should we now append a note saying "My ISP uses DPI, so anything you may send in reply will be harvested mercilessly for their commercial gain, possibly at your expense. If you do not wish to be screwed over in this way, don't ever attempt to communicate with me again."? It might increase public awareness. Even better would be to automatically trigger bounce messages based on the destination IP address. That is: "Your ISP uses DPI, and I have no reason to trust their opt-out mechanism even if you've selected it, so I will not bother to read this email in case I am tempted to reply and thereby have *my* personal information harvested by your ISP for their commercial gain.".

Top rank spooks always have and always will be able to do more or less what they want. Middle ranking gauleiters across the spectrum from law enforcement to environmental health must look on them with envy. And governments would dearly love to have the opportunity to measure social trends that is available to ISPs and search engine hosts, and to map the patterns of discontent.in social networks.

Attempts to snoop the interwebs under the guise of controlling pr0n, BDSM etc. seem to be failing; mainly because enough people are prepared to be up-front that they want it or at least don't object to its availability. An alternative thin-end-of-wedge for governments is the need to disarm botnets, spam and DDoS attacks; and there is a real problem here.

Were it possible to run DPI to counter these threats using Open Source methods, where the software and the what and how it did its stuff was open to public inspection, this could provide part of a solution that doesn't significantly invade privacy. But for a variety of reasons this won't happen.

Perhaps the best way to head them off at the pass is to promote safe surfing, firewalls and anti-virus software. If the aim of tech-savvy members of the vanguard of freedom is indeed to prevent snooping rather than to axe-grind and bemoan the appalling cost of digital music, a bit of time and effort devoted towards educating the masses whose machines are open to infection might be a good investment.

DPI is in fact PRECISELY the same as phone wiretapping, as all the phone networks are digital now.

The majority of PABX are TCP/IP based, so I'd be quite surprised if the core exchanges weren't connected by something based on IP.

The international internet and phone backbones are the same glass, so probably some of the national backbones are dual-purpose as well.

If they allow ISP's to inspect content, why not allow a phone company "inspect" the voice channels (voice recognition is improving) and sell the "keywords" found to telemarketers. It IS equivalent.

Of course, "inspection" on voice channels is VERY illegal, and wouldn't be tolerated by anyone, so why would digital information be any different.

In a word: DUH!

"When you hear a politician or a policeman or a pressure group using this argument, or that of 'anti-terrorism', will any of you be brave enough to stand up and call them to account..?

No. I thought not. And that's how they will keep right on winning. They know you have been cowed into submission over a subject you are not permitted to discuss. It's a beautiful plan - and it's working." ..... By Anonymous Coward Posted Monday 27th April 2009 08:30 GMT

Err, excuse me, AC, but the beautiful plan appears to be in Meltdown, with their Simple Artificial and Corrupted Controls being Aired and Shared for Public Peer Review and Increasing Outrage...... and between a Rock and a Hard Place and in CyberSpace is there Nowhere to Hide and Claim Safe Haven and Safe Harbour Protection.

Is there a Plan B or C or D or E or.......... does an Arrogant Singular Stupidity Reign Supreme in Ivory Towers? And don't answer that Rhetorical Question for it is Obvious to even a Blind Man on a Galloping Horse.

Possibly a case of 'the enemy of my enemy is my friend' in this instance?

Maybe with the addition of '...my friend...for now.'?

Doesn't mean they aren't very useful though...