Follow Slashdot stories on Twitter


Forgot your password?
Privacy The Internet Your Rights Online

An Education In Deep Packet Inspection 126

Deep Packet Inspection, or DPI, is at the heart of the debate over Network Neutrality — this relatively new technology threatens to upset the balance of power among consumers, ISPs, and information suppliers. An anonymous reader notes that the Canadian Privacy Commissioner has published a Web site, for Canadians and others, to educate about DPI technology. Online are a number of essays from different interested parties, ranging from DPI company officers to Internet law specialists to security professionals. The articles are open for comments. Here is the CBC's report on the launch.
This discussion has been archived. No new comments can be posted.

An Education In Deep Packet Inspection

Comments Filter:
  • by mrbene ( 1380531 ) on Tuesday April 07, 2009 @05:36PM (#27496151)

    Taking a quick look through the content at the government site, I must say I'm surprised. CC licensed content, links to external resources, a collection of international points of view. I'd be truly impressed if they'd managed to get all these folks in a room together.

    Regardless, kudos to Canada for hitting the 21st century.

    And I was doubly impressed to notice the absence of web beacons / analytics scripts.

  • by snowraver1 ( 1052510 ) on Tuesday April 07, 2009 @05:41PM (#27496217)
    Judging by the things that I have viewed by the Gov't of Canada, that seems par for the Course.
  • by gsgleason ( 1241794 ) on Tuesday April 07, 2009 @06:00PM (#27496457)
    Yes. If using ssl to secure whatever application is in question, they cannot see past the transport layer.
  • by RiotingPacifist ( 1228016 ) on Tuesday April 07, 2009 @06:03PM (#27496501)

    It wouldn't be the first time [] somebody got +5 for linking to goatse []m im just waiting for the editors to let it slip into a summary.

  • by AK Marc ( 707885 ) on Tuesday April 07, 2009 @07:22PM (#27497285)
    Doesn't a good encryption system stop DPI from giving any useful information?

    Mostly. However, many DPI boxes are now including heuristics as well. Encrypted stream of 20k in and out to a single IP? Sounds like VoIP to me, toss it in that bucket. Encrypted 10k out and 1M in to a single IP? Sounds like a file download, toss it in that bucket. Encrypted 10k in from 20 hosts and 5k out to 15 hosts? Sounds like P2P, toss it in that bucket. If I can make such guesses easily, someone smarter than me has already coded those in and knows what your encrypted data is. Not what it contains, as that's never the goal of DPI, but what you are using it for. So encrypt it all you want. They'll know what you are up to anyway. Unless you do someting like Tor downloads and then it'll look more like P2P and you'll get even worse performance. Or, as someone else mentioned, if it isn't easily identifiable encryption, then they treat it like the least desired traffic. Hide all you want and they can still get you for it.

"my terminal is a lethal teaspoon." -- Patricia O Tuama