Virgin Media will trial deep packet inspection technology to measure the level of illegal filesharing on its network, but plans not to tell the customers whose traffic will be examined. The system, CView, will be provided by Detica, a BAE subsidiary that specialises in large volume data collection and processing, and whose …
DPI has no place on any internet connection
So glad I left VM. I've BEen with someone much better for quite a while now... No stupid crippling arbitrary and punitive capping, and certainly no DPI. Long may it continue. Although, I have a sad feeling it won't be very long.
Don't you realise that if you make crap like this to make a quick buck that you won't solve the "problem" of filesharing, you'll just speed up the development of tools that are totally encrypted? It's already pretty easy to use encryption but people aren't wholley aware of it yet, but if, after 3 months, a chunk of the country is attacked by law then people will simply look to learn the next step in secure filesharing? You won't stop illegal filesharing until a viable alternative is offered; a service with 100% coverage of music selling at a proper price will convert many more filesharers than putting them in jail.
I hope your system fails and you parasites come to an untidy end.
Detica has no wish to stop _unwanted_ filesharing. That's not their business. They sell boxes to the black helecopter brigade. The boxes for monitoring everyones internet connection would come from people like Detica (I was head-hunted for them; didn't take the pill).
If people add mechanisms to make it harder, Detica el al will just work harder. The boxes will get bigger & cost more. Profit as a % of cost goes up :)
Re. Detica's wished
They can work as hard as they like and make the boxes as big as they like. Properly encrypted data is going to remain encrypted whether they like it or not.
[pedantry] DPI can't determine legality
"Virgin Media will trial deep packet inspection technology to measure the level of _____ sharing of copyrighted material on its network, ..."
There, fixed it for you. Of course, a DPI filter cannot determine whether permission was obtained from the copyright holder, nor can it determine if the law was broken since it is not an officer or court of law.
@"Of course, a DPI filter cannot determine ...
... whether permission was obtained from the copyright holder etc.."
They don't care. If their automated spying system chooses to limit you or block you, then that leaves it up to you to prove that the data wasn't illegal (so you can phone up their expensive technical help line, to ask to be reconnected ;) ... Its a guilty until proven innocent approach to policing. Welcome to 21st century Totalitarian Police State policing in New Labour's new Britain. :(
DPI and encypted traffic
Genuine question - how well does DPI worth when the p2p traffic is encrypted? If it's on arbitrary ports, and encryption enabled, surely this is shutting the door after the horse has bolted - or are we going after teens/grannies again?
The PR reads like they just want better figures to prove how wonderful their new download service is going to be. "Ooh, look, 50% less piracy now!", whereas everyone will simply move on.
Bad VM. Bad.
No matter how its anonymised
At some stage they will have collected the evidence for individual users apparently infringing the law. If the BPI serves them a subpoena, they surely might have to cough this up. If not, would they have destroyed potentially incriminating evidence?
RE: DPI has no place on any internet connection
Aren't BE now owned by Virgin or something?
Anyway, if you are looking for a place to go, Zen Internet are my ISP of choice. I've been an avid Zen user for years now and they are top notch (there is a reason they keep getting ISP of the year awards).And I know this is really sounding like an advert but I really think they deserve the publicity, they also announce that they don't do traffic shaping or DPI, and don't plan to.
Also they are not owned by some supercorp. They are one of the few remaining true ISPs.
5GB download limit per month, thats 1DVD quality movie a month. According to my history, last January I downloaded 156GB from Usenet alone. Thats triple the download limit of even their largest package!
@Anonymous Coward 11:28 GMT
"5GB download limit per month, thats 1DVD quality movie a month." Emmm 1 DVD quality movie is about 800MB, As for u downloading 156GB from Usenet..... I really want some of what your smoking...
@The Comment Above me
With all the extra's a DVD would come to about 5Gb, Assuming it was a DVD .ifo file and hadn't been converted into avi, mpg or (god forbid) wmv
@Original Anonymous Coward
I'm also with Zen, and 5 gb is their basic package. They go up to 50gb. You can also buy additional Gb allowance if you use it up, so if you do go Usenet crazy they won't just cut you off for the rest of the month, they'll just ask you to pay for more allowance. Which seems pretty reasonable, bearing in mind that you're not paying for your DVD's
My hubs used to buy hundereds of CDs every year - he likes things such as country, 60s music and Abba but neither of us have bought a CD for well over five years.
Is this because of filesharing - do you "get yer music free" these days? No...
Ok then what is the reason?
1) We no longer have a stereo.
2) New CD's do not play on our computers CD drive (or try and infect the machine) The cleanup costs too much!
3) Even our cheap aldi based car stereo will not play many CD's we now have. One sony disk even managed to trash the previous car stereo!
4) There is very little music we want that we have not already bought - or should I say will not buy unless we can be sure will will nor wreck our car stereo again.
5) Many recent production CDs bought recently have 'died' whereas older CD's are still going strong - this leads me to assume they are designed to fail.
My question is - when will it be **safe** to buy music again?
I *do* use filesharing - to download linux distros and other work related FLOSS software. but dont see the point in trying to get music this way - to slow and expensive!
So Mr Sony et.al Pllease let us old folks know when it is safe to buy CD's once more.
We are being kinds and you get *one* more chance with us!
I always wondered why VM backed away from Phorm. And at least we can clearly see why the Govt didn't go against Phorm, given BAE's love in.
So VM they cap you and now that capped allowance is inspected, which must slow it down further. I pity the fool that pays for their super fast package. All that wasted bandwidth.
Heres to mass use of encryption and two fingers to our Facist government.
Then again, it could just prove that people aren't actually downloading and sharing music, and then the message will clearly be that record sales have dropped because music on offer today is utter SHITE.
What's licensing got to do with it?
'it will then peer inside those packets and try to determine what is licensed and what is unlicensed, based on data provided by the record industry.'
Whether the thing being transfered is licensed or not is irrelevant. The question is whether the copyright owner gave permission. A trial version of software could well be identified as licensed, but sharing that is perfectly legal, infact helping the owning company!! So, my guess is the above statement should actually say
'it will then peer inside those packets and determine what is licensed, which will be all music, video etc.etc. (even though it may not be). It will then determine that as it's peer-to-peer, the copyright holder cannot possibly have given permission and therefore it must be illegal.'
"Require Encrypted Connection" and "Lazy Bitfield On"
... for a start. And if it gets any sillier I might subscribe to an SSH VPN service. And beyond that it might be time to look at encrypted newsgroup feeds ....
Free VPNs here:
Various FREE encrypted VPN's - both openvpn and pptp (windows) :
For pptp software:
Mac and Windows instructions on the various websites.
Linux users, use pptp plugin for network manager
FreeBSD users, use net/mpd5
For openvpn software, see: http://openvpn.net/
Horse has bolted
The Pirate Bay has switched to Distributed Hash Tables for its trackers, BitTorrent clients are beginning to enable encrypted streams by default, and more people are learning about darknets / Tor.
You're squeezing a water balloon, Mandelson; The only thing keeping everyone in one place is convenience. Squeeze too hard and the balloon will burst. File sharers will obscure and secure, and you'll be left holding the flaccid remnants and a giant clean-up bill.
Give up. Tell the music industry to adapt its business model, or fail. They are relics of a time of scarcity and limited resources. Distribution is no longer in their control, and shouldn't be their business.
I don't download unlicensed music, as I already own all of the music I like. That is the worst place for you to be, in my opinion. Improve your products so I *want* to pirate your music, and make it easy for me to buy it so I'll do that instead. Or...
Its a good thing Ive used SSL for most of my online business since I joined virgin.
Here's a question, does the CView system have the ability to peer into encrypted traffic, I presume it doesnt due to processing limitations but Im interested to know
I suspect that if it did, GCHQ wouldn't be quite so ansty about the clunking fist of plutocrat support driving mass adoption of crypto :)
No, it's non-trivial to decrypt that much traffic at once, especially if you avoid crypto products with back doors (Macafee's wares and the like).
Simple - get a MAC - or perhaps not so simple
Large concerns like Virgin (who I personally wouldn't touch with a bargepole) are only ever as bad as their mass-market customers allow them to be. The trouble with this sort of caper is that Virgin assume they can get away with it, as the majority of their customer base (present company excepted of course) won't even understand the above article. They're probably right.
Get a MAC and move, people - though where to these days as we rapidly approach a monopoly situation in our media and internet, I'm not sure.
What seems to me to be desperately needed these days is for a similar system to that for switching power and phone accounts. If we could change isps with the speed and ease we can switch power suppliers, instead of the rigmarole we suffer at present, I suspect a lot of isps would soon be feeling the pinch.
speed and ease of switching power accounts?
The last time I moved my electricity supplier (within the last couple of years), it took around three months for the two of them to sort out the transfer. The last time I moved ADSL with a MAC, it took less than a fortnight, so I'd say that the rigmarole thing works both ways ;-)
The difference between utilities suppliers and ISPs is that with utilities you are not held to a contract, at the moment if you want to switch ISPs then you need to either wait till the end of your contract or pay the cost...
The other problem is any change of service reuires a new contract.. I upgraded from the crappy capped connection to unlimited... new 12 month contract.
This does need to be addressed.
It's not so simple.
I have a choice:
Stay with VM and use a 10MB/s (or higher if I want to pay more) connection which stays up and at that speed most of the time and put up with this kind of crap.
Escape the DPI crap and enjoy a ~500KB/s unreliable connection and hope that the company I go with isn't eaten up by someone who uses DPI anyhow.
Until someone other than VM puts in post-1950's grade copper between many homes and the exchange there will be many of us who don't have a real choice if we want to enjoy the internet.
Er, all you guys talking about encryption... who's got they keys?
If all you mean is encrypt your traffic as some P2P clients have been doing for a while, it's pointless. The Man just joins the P2P community like any other P2P user and gets to see what IPs are tracked as offering what torrents (or whatever). Where's your encryption there? All it might have done is bypass simple-minded throttling hardware.
Encrypted VPN to an overseas server and take it from there. I see a business opportunity here...
If the man joins the swarm on an unlicensed torrent
he gives an implicit permission to copy files from himself, thus rendering the torrented material licensed.
There we go. Just turned Vuze to use and allow only RC4-160 bit encrypted connections, and my speed is better to boot by about 25%. Welcome to the war Virgin, you are going to spend a lot of money to find out you can't read anything. Governments just hate it when they can't read your traffic. Soon enough all Internet apps will be using encryption and I think it is a good thing.
Am I missing something?
Every time I see comments like this I wonder if i'm missing something, probably because i'm operations not networks. I'm sure someone from networks can shed a little more light on this.
Your planning on encrypting all of the traffic from peer to peer, which prevents the ISP from seeing the contents of your traffic.
However, you then goto a random website and download what amounts to being a plain text file detailing the contents of that file, and the location of the peers to start your P2P download. Does this not defeat the object of encrypting it all? Even if you encrypt this file from the server to the desktop, if I have the URL then surely I can just download my own copy of the file?
Because, by my admittedly rudimentary understanding of P2P networks your torrent files contains the title of the download. Therefore, surely the ISP does not need to peek at what your uploading or downloading. They'd just have to look at the torrent to get the title of the file your downloading which completely bypasses your encryption.
Or am I missing something significant?
Yes, You're missing the bleedin' obvious.
The title of the file is not necessarily an indication of its content.
How does this work?
Deep Packet Inspection. It looks at the packets rather than just the headers. OK. But what I haven't been able to find is an explanation of how it actually determines what it finds in the packets is (supposedly) illegally shared copyright material.
If I share an mp3 as an mp3 then the packets are going to look like parts of an mp3. If I put the mp3 in a zip file and share it the packets are going to look like parts of a zip file. If I put the mp3 in a tar file and share it the packets are going to look like parts of a zip file. Even if I leave the file as an mp3, the packets will look different depending on how it was encoded.
So how does DPI identify what the packets it looks at are a part of?
A ZIP has a readable catalogue right at the start? That may be possible to read if not a passworded ZIP.
Easy to defeat by creating a package format that bungs the catalogue at the tail of the file.
There are already huge databases online that have signatures of music which is an excellent way of tagging your music if you don't know the title, artist, etc, just by ripping a CD or analysing an existing MP3. e.g. MusicBrainz.
It's simple. Analyse the music, generate a signature. Compare against a database for a match or near match.
Similar also to how those services work where you can get your phone to listen to music and it tells you what the track is.
Zips. No problem. They can be treated like any other file system. Password protected zips are no defence unless they are encrypted (usually aren't).
The analysis doesn't have to be real time if they're just looking for evidence to supply to the industry, they just need to DPI to flag the traffic, gather and analyse on batch later (I suspect VM are doing this in preparation for the draconian Nu-Labour laws requiring ISPs to spy on their customers).
Some ISPs (e.g. PlusNet) already use DPI to categorise the traffic and throttle accordingly, though it doesn't consider where the content is legal or not (at least not yet).
That only works
if you know the data is music.
How can they tell the difference between a compressed encrypted Linux Distro and Lilly Allen's latest Oeuvre?
"There are already huge databases online that have signatures of music which is an excellent way of tagging your music if you don't know the title, artist, etc, just by ripping a CD or analysing an existing MP3. e.g. MusicBrainz."
It's simple. Analyse the music, generate a signature. Compare against a database for a match or near match."
The services that tell iTunes and the like what CD you just inserted work based on the number of tracks on the CD and the duration of those tracks. (http://en.wikipedia.org/wiki/CDDB) None of this information is available when someone's sharing a single track.
"Similar also to how those services work where you can get your phone to listen to music and it tells you what the track is."
More plausible. They would to assemble enough of the file to get a suitably long segment to analysis. Which I suppose might be possible if the info isn't need in real time.
How do they identify dvix rips of movies?
"The services that tell iTunes and the like what CD you just inserted work based on the number of tracks on the CD and the duration of those tracks. (http://en.wikipedia.org/wiki/CDDB) None of this information is available when someone's sharing a single track."
Services like MusicBrainz does indeed work just on individual tracks. That's why they're so good for tagging a mess of an MP3 collection. CDDB isn't so good as it just works on a CD signature based on headers of a CD rather than the content.
"How do they identify dvix rips of movies?"
Feasibly the same way. It's much the same as generating a signature for any kind of file. Like generating a hash signature. When it comes to content that may not be exact (i.e. depends on the ripping quality, algorithms, etc), then you just look for a confidence threshold.
They miss the point, don't they
I'd love to know if this DPI can "see" into encrypted P2P. Will they break the law to enforce a law?
The last time I bought a CD must have been 5 years ago. I. like others don't buy them now, because I'm not going to buy an album of filler tracks just to listen to two reasonable tracks. The music today is SHITE, mass produced industrialised SHITE. In fact we should coin a new use of the word SHITE to mean 21st century pop music. The reg needs another icon, as well as the thumbs up, the middle finger. Meanwhile i'll be trying to stay with virgin as I get a 10MB line and unlimited 24/7 UK phone calls for £25 a month. I used to be with Zen, but the copper lines in my area are shot. £25 might sound a lot, but the phone is used for a business, and gets a lot of use.
@Anonymous Coward 11:37 GMT
"The last time I bought a CD must have been 5 years ago........In fact we should coin a new use of the word SHITE to mean 21st century pop music."
Its 2009 mate, we were still in the 21st century 5 years ago.
"The music today is SHITE, mass produced industrialised SHITE."
Of course its mass produced, Do u even know what u are saying ??
"it will then peer inside those packets and try to determine what is licensed and what is unlicensed, based on data provided by the record industry"
Luckily the record industry are beyond reproach and have no history of using dubious or outright fake data to prove their point on piracy.
- How do you reliably determine whether copyright is being infringed ?
- Do you have the ability to determine the payload of encrypted traffic or, when for example looking at bittorrent , do you look at the swarm around a torrent, guess the copyright status by the file name(s) and then extrapolate from there?
I smell BS
Our uni has just got some peerscope hardware installed, so I looked into their product. I was flabbergasted! It's so much BS, but clueless bosses, the media, and the creative industry will gobble it up without looking deeper.
On one page, they say they have a database of copyrighted stuff, which the network traffic is compared to. How? Filenames? A certain 'release' hash (that can be encoded/packaged differently a thousand times etc)? ... and the onus is on the music/film/whatever industry to inform them!
However, on another page, they maintain they can spot illegal traffic without even checking packet contents. Amazing tech!
On a product page demonstrating how it works, 'Honeypots' was a major component, and then it all twigged.
Guys like this are the people that create fake torrents, they track those fake torrents, they report on how popular the fake torrents are, and boom, we have a filesharing epidemic (fake) and a company that can monitor it (themselves!). They have a top 100 shared files, and some are not even proper pirated releases... (DVD rip of Saw 6 tracked two weeks before cinema release?)
I think the filesharing 'problem' is actually overinflated, with gullible 'normal' people being duped into downloading stuff, and then massive figures being extrapolated from the entrapments. Companies like peerscore and in the article are not helping. However, the proliferation of the idea that piracy is massive and bad helps keep media profits up in a digital age, where distribution and talent are cheap.
To be fair, there's hardly any point being pirate anymore. Any song I want from Napster/Spotify for a tenner? Any DVD/Blu Rays I want from Lovefilm for £7? Bargains, and it's easy too! In our house we have Sky and Cineworld unlimited passes as well... we're consuming probably more content than pirates, at high quality, legally and fairly cheaply!
tl;dr: piracy is overinflated, there are now decent legal services for most stuff
Define "aggregated and anonymised"
If its truly nothing for us to worry about then they wont mind giving us an example of what's actually going to be stored about us.
It is our data after all...isn't it?
Licensed or Not ?
Copyright owners permission.
OK, yes, in theory you could have the copyright owners permission for a P2P transfer, so DPI cannot tell if the transfer is illegal or not.
HOWEVER, since the vast majority of "music" being transferred by P2P will not have the copyright owners permission, it is a reasonable measure of the extent of the problem.
The music industry needs to learn some new sports instead of using wreckingballs to crack peanuts.
@ John186... Simple - Get a Mac
Eh...? The operating system you use is irrelevant. Even Mac users have access to software that enables them to download from bit torrent sites (Transmission is an example, and even µTorrent has been ported to Mac now).
The packets whizzing across the network are still going to be intercepted, irrespective of whether they originated from or are destined for a Mac. This is all being done at the network level, it's not a client that Vermin Media are going to ask you to install on your Windows PC.
Personally, I think this approach is short-sighted. It will just speed up the adoption of encrypted file sharing, which no ISP will be able to examine - they may be able to see where your traffic is coming from & going to, and therefore assume that any encrypted traffic seen immediately after you've searched the Pirate Bay's website is going to be a DVD5 copy of the latest Hollywood blockbuster. But we all know what happens when you assume something ;o)
Get a MAC code..
Not an Apple Mac.
MAC not Mac
MAC as in to move provider...as opposed to an os perhaps?
MAC, not Mac
I think he meant MAC as in Migration Authentication Code to move providers. But not sure how this works with a VM connection (assuming it is not over a Copper line).
Does the DPI cause significant delay in delivering packets?
MAC, not Mac
MAC in this case is a Migration Authorisation Code, if I remember correctly, not an abbreviation of Macintosh.
He's imploring people to move ISP, not OS.
@Gareth Simple.. read the post...
MAC Migration authority whotsit, not an Apple Mac... the poster was suggesting leaving Virgin for another ISP!!
MAC != Macintosh
Migration Authentication Code - he means stop giving VM your business :o)