Spook firm readies Virgin Media filesharing probes

We don't know who's going to end up paying for this"

We are, of course.

Yeah right !!!

According to Klein there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers. "We believe identifying the consumer is an invasive use of DPI," he said.

did his nose grow longer when he said that ????

hands up all those that believe him.......

no way" CView could ever be used to report the IP addresses of individual filesharers.

But it is possible..........

And with the massive clause Mandy has left in his Paper it shouldn't be too difficult to change the legislation to allow for a more invasive penetration. I'm sure Mandy will be in favour of some Deep Penetration.

This is so wrong on so many levels. Thanks NuLabour.

Vote for somebody/anybody /just Vote!

Work traffic

I use a encrypted VPN traffic to both work systems and into clients systems.

I have to say that I know just how much extra logging is done (for "quality research") which will mean my work traffic will be in the hands of a now private company - who can/will sell this onto my clients competitors.

Time to move to a non DPI ISP.

Jacqui

So....

If they can't tell what is being transmitted, just that so much is being transmitted using those protocols - how long before the record industry tries to claim that my download of fedora is 10 lost album sales for them?

And yeah recording the IP is just a very trivial step away from this, and will probably factor into the next negotiating round for virgins new music business.

It's a service

Your next bill will come complete with tracks from Amazon that the ISP has detected you downloaded. You get to buy Jedwards latest MP3 for £5.99. If that wasn't the track there'll be a link at the bottom of the bill where you can tell them what track you did download.

Eh?

No Detica - actually YOU have missed the point. Data I send using the internet is mine. I own it - and I don't want you peeping into it. Get 'yer bloody mits off! Whether you trace the data back to me is a secondary point - you shouldn't be peeking at what I am doing ANYWAY!

Of course, your connection to the Intelligence Services doesn't make anyone nervous, does it? You know - those intelligence services working for that government that seems bloody obsessed with knowing everything I do, every waking minute of every sodding day?

Oh - and you're owned by BAE? Oh right - I feel SOOOOOO confident about your morals and ethics now...

Virgin - are you ****ing mad?

All this has done is lead me to :

a) Immediately port my data through a secure VPN.

b) Recommend to the many people who come to me for advice (as an IT professional) to stay the hell away from you. In the past week alone, I have managed to stop two people signing up with you... It's a shame, because as an ISP your service isn't that bad...

Oh - and I was never using torrents / file sharing in the first place...

Really Virgin, get some principles, and then live by them.

DPI my eye.

Deep packet inspection of encrypted bittorrent packets will tell you ..er..that it's an encrypted bittorrent packet. The payload of which is no doubt a copyrighted film of a bear shitting in the woods.

So. They're going to count the encrypted bittorrent packets and then take a totally unfounded guess as to how much copyright infringement is going on and sex it up with a few buzzwords. Then grease Mandelson's sphincter a bit more till he poots forth more restrictions on, and monitoring of, private people for the benefit of those who deserve nothing more than a swift kick in the nuts. Oh joy.

They can tell you're...

...downloading; they can tell WHAT you're downloading.... how do they then propose to prove "Beyond reasonable doubt" that you are ILLEGALLY downloading?

They can tell you're uploading; they can tell WHAT you're uploading; how do they then propose to prove boyond reasonable doubt that the person you're uploading to is NOT licensed to download it?

It's a long way from identifying someone who's up/downloading and proving that it's illegal.

I've heard this before

"The first thing we do is throw away the IP address" sounds suspiciously similar to something said by Phorm. We're still waiting to see the much vaunted legal opinion they possess which proves that Webwise is legal.

Saying things like "there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers." is nothing but spin, spin, spin. The next logical step is to record the IP address and try to see who is doing exactly what.

It's what the dying middle man heavy "entertainment" industry wants and it's what Sith Lord Mandelson wants.

Escape key - because I want to Escape from this country.

Vote for the pirate party

This is (still) a democracy, so we, as the average joes, should have the final say. And I say:

a) Vote for the pirate party. Despite the name, they have more sense in them than anybody else out there,

b) If the taxpayer receives the bill for all this nonsense, WE are not paying,

c) All internet traffic to and from Mandy's giant castle should be logged and made public, just to give the freak a taste of his own medicine.

I don't care about piracy, but I care about privacy. Some people are losing track of their priorities.

If Neil of VM and Dan Klein of Detica has nothing to hide ,They as nothing to fear...

"Dan Klein, Detica's media accounts director, and the man in charge of the trial."

If Neil of VM and Dan Klein of Detica has nothing to hide ,They as nothing to fear...

so lets Have the Full Quotes they made to clarify their position on this. a full and detailed graphical layout jpg, showing Exactly how they have integrated this DPI kit into the Virgin Media Core infrastructure, showing the Exact path your inspected VM customers data will take from start to finish for starters Please ASAP.

a pictur paints a thousand words and all that, clarity without compromise.

outbound path: PC>cable modem>UBR>detica DPI kit>VMrouters>interweb>requested web site...whatever

inbound path: web site>interweb>VMrouters>detica DPI Kit>UBR>cable modem>PC....

what happens to your data And the copy they take of it as it enters the DPI kit, and after it leaves ?

you get the picture, will the Virgin Media customers got them too as requested to help clarify this, or is that set of pictures far to to damning of the actual processes taking place unseen by mere paying customers, or will they not publicly appear for more than a nanosecond, then get taken down as the BT Phorm DPI picutures did way back when, thats the question.

so what it going to be Neil and Dan Klein, nothing to fear ,so provide this requested most basic information clearly, openly, and without obfuscation to clarify your position!

or are you going to hide behind the usual and often seen corporate VM and BT executive wall of silence, and darth of any real informative open data directly from the companies people wanting to install and operate this DPI for profit kit on their consumer protected user base.

PS :the names, addresses, and full copys of any legal teams opinions (redacted of any personal info OC) you may have as regards this stage of your plan for plain Public reading is also requested please, so is it nothing to hide or lots to hide and keep out of the pubics view.

Absolute rubbish

"According to Klein there is "absolutely no way" CView could ever be used to report the IP addresses of individual filesharers."

Absolute rubbish - if the system is able to identify what is an IP address and strip it from the data replacing it with a UID then of course it can be used to report the IP address - it just takes a few minutes of reconfiguring - nothing more. They must think we are all completely stupid or something.

Furthermore, how many times does it need stating that a UID is NOT anonymous - it is personally identifiable specifically because it represents a single entity and is unique for exactly that purpose.

Also Detica think that is wrong to use DPI to spy on people? Do they take us for complete idiots or are they just trying to insult us? This is the company who since 2006 have netted around £1.7M in payment from the Cabinet Office and Office of Public Sector Information to do exactly that! Lets see what an FOIA Request to GCHQ on how much money they have paid Detica for their DPI services delivers shall we?

CView is not compliant with RIPA, PECR or ECHR and VM's spin that they are exempt under RIPA is exactly that, spin. RIPA only allows exemptions for interception for the purpose of provision and operation of the service - this monitoring is in no way required for either and therefore is not exempt.

I am working about 12 hours a day on this issue at the moment and will not rest until CView goes the same way as Phorm - out of the UK.

Use of this technology for this purpose is a criminal offence.

Whatever results they come up with...

...will have a huge error margin. Encrypted data will no doubt be added to the 'illegally shared file' total. And the music recognition algorithm is by no means 100% accurate. I'd be amazed at 20% accuracy. In the end, if there was no illegal file sharing then the music business will lose out since fewer people will be buying music. Who would fork out money to listen to music that is highly likely to be shit. Try before you buy.

Encrpytion?!

Don't get me wrong, but doesn't a VPN only work between your PC and the Router. You can't setup a VPN between the router and your ISP without their permission, or at great expense, they won't let you do that for free. Surely the point is encrypting the traffic between the router, ISP and Internet.

Surely all we would need to do is encrypt the data stream from P2P client we are using?

Unless C-View intend on hacking the data, I don't see how they can "see" what is in your encrypted data stream. Fair enough if people are openly (and stupidly) downloading illegal files, but if some users are actually making the effort to cover their tracks CView won't be able to look at this, will it?

Lots more BitTorrent for me, then

First thought, for me, was "Oh, I'd better start downloading lots of Linux distros by BitTorrent again soon." If they're going to intercept perfectly legal filesharing traffic, let's make sure they get lots of it!

Acoustic matching

Good luck with that, especially if they're using Gracenote.

Re: Encryption

@takuhii

No, no. You're setting up a VPN *through* your ISP, no to it. Yes, you want to encrypt the wireless traffic between your computer and your router, because it is sent over the air and can be intercepted by anoyone in range of your wireless adapter.

But a VPN provides an encrypted tunnel through which other traffic can pass. All the ISP knows is that encrypted traffic is going to another host on the Internet, most likely on TCP port 1723.

This differs from encryped peer-to-peer traffic in that the ISP will not know the intended endpoint of your communications, nor the TCP port the endpoint is using. Encrypted peer-to-peer is like encrypted web, in that although the contents of the packet cannot be determined, the address and port of the recipient can be, e.g. www.yourbank.com:443.

So the (rather clunky) workaround for Virgin users wishing to game the system is to connect over a VPN to a system that is not on Virgin, which then forwards your filesharing traffic to your peer. You just have to hope that the peer is not also a Virgin customer.

stop using the reply button, it doesnt work well

people stop using the reply button, it doesnt work well, and means you may miss that interesting informative reply if you dont keep refreshing the pages and rechecking al the replys to date....

just use copy/paste for now untill Elreg sorts this messy thing out.

chris, can you have the Elreg techys make it post all future quoted replys to the end of the threads, as at least then your users page refreshs wil not miss potentially interesting feedback, adding in a direct URL link to the replyed post could be used to take people back to the OPs full entry too

ISP lose legal defense with this?

surely ISPs will lost the legal defence that they don't know what's going through their network and therefore can't be held accountable with this?

if an ISP know that's someone is using their connection to download copyright infringing material/etc then the ISP is facilitating this and could be help accountable, perhaps?

reducing the P2p traffic directly reduces the income and taxs receaved!

this is odd, market forces dictate that by actively reducing the P2p traffic directly like this it will also directly reduce the income for the ISP and the and taxs the Gov get month on month.

if your a VM customer and want to use P2p a lot, be it perfectly legal use or otherwise, statisticly your Far more likely to be taking the existing higher priced 50/Mbit/s Virgin Media package to overcome the existing upto 12 hours STM restrictions on all the other lower Virgin Media packages.....

if you then find you, or more likely your family members, decide they dont want to be *intercepted by a company they are paying good money to use, or given a UID (Unique ID), then theres the Very Large incentive to just drop your highest cost Virgin Media 50Mbit package right down to the lower level with all the restictive STM in place and so save a lot of cash, but that also directly reduces Virgin Media's income month on month, and so the Gov do not get the higher cost packages taxs income eather, reducing their intake too.

and thats a best case position, making a very large assumption that the Virgin Media consumer cant be bothered to go the whole way, and just get a totally different provider, as theres are no other cable providers OC as Virgin Media have a monopoly in the uk, For Now.. perhaps OFCOM etc need to look at that and Force Virgin Media chief exectuvie Neil Berket to Open it up to non some invasive providers ASAP...

i guess 3G and those Vm customers in the BT FTTC area's will be VERY popular over this christmas quarter for those wishing to just get off Virgin media's interceptin and inspecting network weather they use P2p or Not, hence more burden on the remaining customer base to to pay more for less to make up the shortfall.

hmmm , with the new very strict UK/EU advertising rules and regulations now in effect, does Virgin Media chief exectuvie Neil Berket and especially his PR sales teams now NEED to tell the potential New customers and their family members young and old, they are at risk of being intercepted and inspected as one of the 40% total traffic when they use Virgins cable network.

*( who does want to be intercepted and inspected ? and its nearly always the wife thats after saving money for other uses, usually her own use, and getting you off the interweb so she and the kids can use it far more remember)

Enough you want to illegally search my..?

Making this announcement may result in a decrease in bandwidth use. Which would help the known capacity management issues VM has (http://is.gd/5fjau). So why not use legal torrents to skew Detica' s data and use the service you're paying for?

Here's a few links that aren't Linux distros for variety...

The Open CD (open source for Windows). Cut budget? (http://is.gd/5fhwt)

The Humanure Handbook v3 (apt for a Sith Lord). (http://is.gd/5fhWY)

Georgia Wonder (http://is.gd/5fhdR) have a legal Pirate Bay torrent. (http://is.gd/5fhHb). If you like them, go to their site. http://is.gd/5fi2y.

Wonder how VM would cope if 1.4 million users all downloaded the 3.1 gigabytes of music from the SXSW 2007 site and one legal movie per day. How will Detica know the difference? And how will Detica tell the difference? Unless they're monitoring IPs...

You're already paying for the service. Be a shame not to use it, right? Oh, and angrily mention the DPI trial to a VM service rep and threaten to take your business to Sky. See what discount you get for the next year... :o)

Let the Cat and Mouse games behind

It's going to be amusing to watch this one. Having written one of the official responses to the UK Gov telling them this is a giant waste of time, I'm going to have a good time watching this one fail...

If only it was not going to cost the tax payer in the end. That is the real crime here.

Not recording the actual IP address is a *policy* decision

Not a technical problem.

Policies can change.

That sound is the Dark Lord whipping out his statutory instrument.

the games people can play with ISPs and their agents and contractors etc ;)

"Alan Woodland

Better yet # ↑

Posted Monday 7th December 2009 22:25 GMT

Better than that why not share some files that you own the copyright on with your friend who you've granted permission to download them from you. Then by their own admission they make an *unauthorised* copy of your copyrighted works!

"

see , we nearly missed this latest post place somewere up there butthe broken Elreg SW, as you didnt cut&paste and just posted it below, but used the 'reply' button istead.

what , you mean something like Dan bull posting his Dear Mandy, or the musicion that wanted to post his copyright songs on facebook but they blocked him as one of the Big Corps claimed they owned the HIS copyright when they didnt, cant remember the blokes name now but it happens.

given that VM/Detica are makeing an exact cloned copy of the childs/silver surfers full dataflow to work on elsewere, then assuming anything found is a valid P2p file with a given hash and not a false positive....

perhaps somone can write a quick hash equaliser that can be run on a given file and realtime , and produce a re-hashed file that meets the same values as the for personal use mp3 files these alleged unlawful file-sharers/bad people put on usenet and torrent sites, hell perhaps these so called alleged unlawful file-sharers/bad people can auto generate their hash values and put them in a free database for personal use only (and a 10000 UKP per use for commercial profit minimum commercial use being 10 units per transaction, delivered in cash, in pound coins at your designated location at 6 PM GMT on the day they grab it online to be provided with a swarn afadavid stating their intended purpose per use copyright restriction or some such legally binding commercial contract ;) ) for all users to then use to make all legal files look like the same bad mp3 files, masses of false positives all round shoudl give the the US investor owned Virgin Media something to ponder...

i dont mind...

i stopped downloading music after i started using spotify.

If the dpi can be used to reduce botnet activity on the VM network, thats a good thing.

Presumably if the bots need to communicate with the outside world (sending spam email) then the endpoint would need to be in the clear. While not halting bots, it would make spamming (and the spread of the bots) a bit harder.

if they started monitoring for tv shows however, id be a bit worried. :P

so yeah, encryption and stuff.

Here we go again.

These people understand what they're doing is illegal and that directors (including branson) can face up to five years in prison right?

The government is going to be compelled to act, there's every chance they're going to make a showcase out of the punishment just to show the EU that these breaches are going to be taken seriously after the phorm farce.

Have fun deep packet time wasting my SSL traffic.

Sorted

Acoustic matching won't affect me, I only ever listen to electronic music

Oi! Beardy! NNNOOOOOOOO!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Can't see how they'll make this work but we're all paying for it one way or another and it may well be turned against actual users once the DEB comes in.

Can only hope that they run out of time in parliament before DEB is enacted. There are many other worthy bills that should be passed or repealed but Mandy's mates seem to be first in the queue! Surprise huh?

Maybe it's ...

... time to start torrenting lots of large .txt or .jpg files renamed as .mp3 perhaps?