Amazon Tech Support

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Monday, 11 May 2009

Piracy, Net Neutrality & DPI - Imminent Failure

Posted on 23:52 by Unknown
At the moment, it's Europe's turn to have Net Neutrality in the spotlight - especially with regard to spotting illegal content downloads, and administering punishment to offenders. There is also a lot of renewed discussion about deep packet inspection, application-level prioritisation or charging and so forth. A new group of vendors, particularly coming from the OSS environment, has jumped on the bandwagon recently.

My view on both these areas is that the practice is going to be much more difficult than the theory, irrespective of how 'moral' or 'elegant' some of their advocates's concepts might seem. I also think there are huge potential pitfalls which threaten to make a bad situation even worse.

Let's start with the piracy issue. There are suggestions that if ISPs are not willing to "police" traffic on their consumers' connections, the media industry might set up a managed service provider to do it for them. Either way, there is a hope for network-level content monitoring as a means to identify the more egregious offenders, and potentially disconnect (or even ban them) from the Internet.

The BBC has an article here , which also highlights that the European Parliament seems to trying to limit the more draconian suggestions of disconnection. It appears to recognise that banning certain groups of people who are heavy file-sharers could work against its efforts for digital inclusion - it seems reasonable to believe that some of the lowest-income people (eg students) are likely to be P2P enthusiasts.

But the "rights and wrongs" seem to be almost irrelevant, because I can see numerous technical and practical difficulties in any scheme:

- Anonymity: in the UK and many other European countries, it is perfectly legal to use anonymous prepay mobile data connections, which may be completely distinct from the user's normal voice SIM and number. Fixed broadband is obviously difficult to anonymise to the same degree.
- Shared use: In theory, whoever pays the bill for broadband is responsible for the content transiting the connection. In practice, this means a parent is responsible for their children's activities, which is fair enough - but is it a proportionate response to excommunicate an entire family from the net because of an unruly teenager's download habits? By the same token, if an employee of a large organisation (eg a university or government department) transgresses the rules, do you cut their main connection to the IP universe?
- VPNs and encryption: As with more general concepts for DPI and application-level monitoring, one of the easiest way to kill the whole notion of monitoring is to stick all the traffic in a secure tunnel (or tunnels). Yes, you can infer lots of things about VPNs based on their destination IP address and other characteristics, but inference is even more vague (and challengeable) than circumstantial evidence when it comes to enforcement. I'm sure most of the P2P guys are a few years ahead in terms of thinking of new and clever ways to use VPNs for their software.
- Obfuscation: For both general DPI and anti-piracy content monitoring, there is a significant risk that software developers will try to "game" the boxes in the network, in ways that could backfire on ISPs in nasty ways. Looking for big file transfers as evidence of illegal content? Tracking P2P "signatures"? Then what happens when the bad guys' software pads out the pirated content with legal stuff? That could increase total traffic. Or P2P software just blends bits of legitimate shared P2P content with illegitimate, perhaps using steganographic techniques? You'll also probably get the open source crowd trying to find ways to spoof the system using "fake" traffic signatures - I wonder what happens to a DPI box if you flip the app signature once a millisecond?
- AJAX: Are you responsible for anything an active web page downloads in the background without your knowledge? Irrespective of the precise legal situation, it's the sort of thing that could mire the whole exercise in lawyers' bills for years. There's also numerous other issues around mashups which completely break the notion of "application" from a DPI perspective. How do you know if an application is YouTube.... or YouTube running in a Facebook page?
- Tracking and auditing: The onus of proof should clearly be on the accusers - and it's far from obvious that the current systems being suggested for piracy control or application DPI are robust enough to generate impeccable audit trails "proving" what is being tracked to a level that would stand up in court. Which, given that we seem to be moving towards Internet access as a basic human right, might be necessary if people start getting disconnected.
- Coverage: One of the themes at last week's Telco 2.0 was around "sender pays data" and various other ways of prioritising content delivery for those media companies or advertisers that pay for it. You can get gold-class service for your video download and get a sponsor to pay for it! Sounds great, but it falls down in mobile if you haven't got signal. There's not much value in 99.9% QoS, if you only get it 70% of the time.
- Network diversity: How do you deal with multi-network connectivity? If I'm simultaneously doing P2P (or legal video downloads) through the cellular network, and WiFi+home broadband, via different ISPs or operators, on the same device, it's going to be rather more complicated to spot. And even more tricky to enforce against. Add in the possibility of localised network-sharing - perhaps 10 smartphones 'pooling' their data connections via local Bluetooth or WiFi - and the problem gets exponentially harder still.
- Reverse engineering of policies: Any attempt to covertly degrade specific apps or streams is likely to be uncovered by the use of monitoring software designed to decode DPI policies. I'm expecting most operators to either publish their network management rules in detail - or cope with 3rd parties publishing reverse-engineered analysis instead.

In the past, I've said that I'm ambivalent about a lot of the Net Neutrality issues in the US, as competition or consumer legislation would kill any companies being stupid (eg blocking VoIP). If the vendors sell service providers the rope to hang themselves, so be it.

Now, as the attention moves to either piracy prevention or perhaps content prioritisation, I have a certain measure of sympathy for media rights owners or operators facing congestion. But I still think that they are set to waste a huge amount of money chasing after the myth of application-level (or content-level) monitoring and enforcement. That's not to say that all attempts at bandwidth management or monitoring are doomed to failure - they're not, and there are all sorts of other legitimate use cases that should work OK.

But operators need to be very wary of both vendor oversimplification, or content-owner indignation, when it comes to dealing with video or other media on their networks.
Email ThisBlogThis!Share to XShare to FacebookShare to Pinterest
Posted in | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Mobile social networking - how I'll know when it's going mainstream....
    This falls into the category of "amusing personal anecdotes" rather than "rigorous industry analysis". But it also refle...
  • Is it just me, or is 3G either really good or really bad, but rarely "OK"
    I've started noticing that my experience of mobile broadband (iPhone 3GS on Voda UK) is much more polarised than that of fixed broadband...
  • Multiple devices per account on WiMAX + also wholesale options
    I saw an interesting announcement this morning from Bridgewater Systems, about a solution to enable WiMAX operators to control the number ...
  • Telcos will find that API payments are a two-way street
    Various telecom operators are rolling out paid-for API programmes, typically for charging against a phone bill, sending an SMS and so forth....
  • 2011 events I'm attending or speaking at
    This is a quick post to list various conferences or other events I'm expecting to speak at or attend, primarily in H1 2011. Please let m...
  • Arbitrary "content control" from Vodafone
    I've just experienced an object lesson in why it's difficult to get any form of web/Internet application and content filtering ...
  • The Novatel MiFi - possibilities for new mobile broadband business models
    OK, I realise that I've been a bit grumpy and critical of some things recently. But before everyone assumes I'm getting more cantank...
  • Which operator app-level collaborations actually work?
    * Sign up for this blog's email list*     * Attend #TelcoOTT / Future of Voice workshops* I've just been having an email exchange w...
  • I'm picking a fight with a peer, about VoLTE and IMS
    It's quite rare for me to take direct pot-shots at other specific analysts. While I'm often confrontational, I try to avoid ad-homin...
  • The mobile industry buzzword of 2009 will be......
    OFFLOAD This year has been all about mobile broadband revenue and traffic growth. Dongles, iPhones, embedded PCs, Android, consumer BlackBer...

Blog Archive

  • ►  2013 (31)
    • ►  October (2)
    • ►  September (3)
    • ►  August (1)
    • ►  July (2)
    • ►  June (6)
    • ►  May (5)
    • ►  April (1)
    • ►  March (3)
    • ►  February (3)
    • ►  January (5)
  • ►  2012 (46)
    • ►  December (5)
    • ►  November (4)
    • ►  October (3)
    • ►  September (2)
    • ►  August (4)
    • ►  July (3)
    • ►  June (1)
    • ►  May (6)
    • ►  April (4)
    • ►  March (1)
    • ►  February (9)
    • ►  January (4)
  • ►  2011 (73)
    • ►  December (4)
    • ►  November (10)
    • ►  October (8)
    • ►  September (6)
    • ►  August (3)
    • ►  July (5)
    • ►  June (7)
    • ►  May (9)
    • ►  April (4)
    • ►  March (7)
    • ►  February (6)
    • ►  January (4)
  • ►  2010 (130)
    • ►  December (4)
    • ►  November (10)
    • ►  October (10)
    • ►  September (6)
    • ►  August (9)
    • ►  July (7)
    • ►  June (19)
    • ►  May (19)
    • ►  April (11)
    • ►  March (18)
    • ►  February (7)
    • ►  January (10)
  • ▼  2009 (126)
    • ►  December (4)
    • ►  November (14)
    • ►  October (9)
    • ►  September (8)
    • ►  August (9)
    • ►  July (10)
    • ►  June (21)
    • ▼  May (14)
      • Mobile broadband - a lack of loyalty built-in?
      • Does the mobile network standards process inhibit ...
      • Upcoming events - Open Mobile Summit and WiMAX Forum
      • LTE for heavy mobile broadband users? A paradox
      • LTE, mobile broadband & SMS - VoLGA vs. IMS
      • Evolved Packet Core in LTE
      • Are there risks associated with an LTE "monoculture"?
      • Microsoft - bearer-aware applications are the way ...
      • At the LTE Summit. With a herd of elephants in the...
      • Can mobile operators revenue-share with handset ve...
      • Piracy, Net Neutrality & DPI - Imminent Failure
      • Thoughts on managed ID services by mobile operators
      • Ubiquisys and Intrinsyc - femto-aware Android phones
      • Reconnecting again!
    • ►  April (2)
    • ►  March (11)
    • ►  February (15)
    • ►  January (9)
  • ►  2008 (94)
    • ►  December (24)
    • ►  November (26)
    • ►  October (25)
    • ►  September (19)
Powered by Blogger.

About Me

Unknown
View my complete profile