Anonymous: Deep Packet Inspection and it's role in the Revolution in Egypt

 "Neither rain, nor snow, nor heat, nor gloom of night stays these couriers from the swift completion of their appointed rounds." So wrote Herodotus of the fifth-century-BCE packet delivery service used by Xerxes, king of the Persians. This famous passage is inscribed on the general post office in New York City. Less familiar are the next words of the text: "The first courier transfers the message to the second, the second to the third, and thence it passes from one to the next."

Though the technologies have changed, the principles have not. Break the delivery chain into segments; provide fast service on each link; make your best effort to complete the handoff at each stage; and don't try to do anything else with the message except to deliver it.

In the Internet, "deep packet inspection" (DPI) is usually described as the practice by Internet Service Providers (ISPs) of looking at the contents of packets, not just their addresses, before deciding how to deliver them. In fact, DPI is more than that: "inspection" is a euphemism. As actually used, DPI may involve introducing forged packets into the data stream—packets apparently created by a sender, but in fact created by the ISP to alter the recipient's experience. Comcast used this method to "manage" communications by slowing certain data streams (mostly video), and drew a stinging rebuke from the U.S. Federal Communications Commission.

Some ISPs consider DPI to be a useful tool in their quest to provide high-quality service and rational allocation of limited bandwidth. In their view, regulation of DPI would hobble innovation in their business practices. Some have even suggested that anti-DPI legislation would be a precedent for government regulation of Internet speech itself.

In fact, DPI should be banned for two reasons. The first is privacy. DPI violates the universal expectation that delivery services won't read the messages they are delivering. Second is "generativity," to use the term coined by Harvard Law School professor Jonathan Zittrain to describe technologies on which users can build in unanticipated ways. Reliability of the delivery service is the mother of creativity at the endpoints.

Privacy first. Users do not expect service providers to examine packets en route, any more than they expect the phone company to decide by listening in whether a call merits a high-quality line. The Internet by design connects peers to peers. For example, "distributors" and "consumers" of movies streamed over the Internet are architecturally on an equal footing with email in and out of African Internet cafes. The real threat of censorship comes not from government guarantees of content neutrality, but from carriers discriminating on the basis of content, source, and destination—probably in favor of the powerful and against the weak. It has happened before, as when Western Union cut a deal with the Associated Press in 1867 to exclude other news services from its telegraph wires, and when Verizon denied a pro-choice group access to text messaging in 2007 on the basis that its agenda was "controversial or unsavory."

Analysis of packet protocols ("he's been downloading a lot of video lately") and origins ("those videos are from YouTube, not Comcast") is intrusive. Indeed, the presumption of privacy, and of neutral treatment of all data types and sources, is so strong that DPI might be self-defeating. Were it widely known that ISPs could lawfully exploit information they glean from peeking inside packets, Internet users might encrypt their communications to defeat the ISPs' payload analysis.

Generativity second. As Internet pioneer David Reed explained to the U.S. Congress, creative software engineers at the edge of the network gave us countless useful applications for which the Internet was not designed. Internet telephone protocols, for example, changed the international phone call from an expensive luxury into a routine part of millions of daily lives. Such creativity will continue into the future only if the functioning of the core of the Internet remains documented, consistent, and predictable.

The market won't sort out this conflict because necessary competitive conditions don't exist. When many areas have only one choice for broadband services, and few have more than two, service providers find it more profitable to sustain and manage scarcity than to build toward reducing it.

The Internet is a public good owned by private businesses, which enjoy monopoly or duopoly powers almost everywhere. Though any regulation must judiciously avoid hobbling future technological innovation, broad legal guarantees of the Internet's secure and transparent operation will serve the public interest. What do you think about DPI?


FinFisher was also found in Egypt. Read more about FinFisher

FinFisher seems to be an Intrusion and Spying software framework, developed and sold by a German company. It seems to include multiple components, including an "infection proxy" and various intrusion tools.

Published by:

CWZ's picture

Reza Rafati

I am the founder of and I focus on sharing and collecting relevant cyberconflict news., The goal of Cyberwarzone is to provide the world a portal with global cyberwar information. The effort in getting this cyberwarfare information is hard. But as the internet is growing we need to get an global cyberwar & cybercrime monitoring system., By the people and for the people. We will be gathering information about Cybercrime, Cyberwarfare and hacking. LinkedIn:

The Netherlands

My website