Reply to post: Re: How exactly does this work

New gear needed to capture net connection records, say ISPs

Warm Braw

Re: How exactly does this work

>Excellent questions

And questions to which there will likely be no answers before the legislation is passed. It will be up to the Home Secretary to determine precisely what information the ISPs are ordered to provide. The propaganda public announcements have suggested that there is an intent to capture information on which "apps" people are using on their mobile devices.

This suggests that actually it's the TCP connection details that are to be collected (that's technically equivalent to the host part of the URL for web traffic), but there's going to be an awful lot of that (since it's every image and script on every web page and every connection made by Windows updates and telemetry, etc, etc).

That's perhaps doable since you can spot the connection setup packets. However, it would be defeated simply by switching to using an application-specific protocol over UDP (or directly over IP). The only way to fix that would be to collect every new source+destination address pair and that would require some quite fancy kit to operate at wire speeds. And quite likely only reveal that the suspect was using a VPN.

And it's unlikely the Home Office is going to instruct small ISPs to do this anyway - it would put most of them out of business. They certainly didn't on the last attempt, so there's a get-out-of-jail-free card right there.

tldr:

Q: How exactly does this work?

A: It doesn't

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon