An open letter from Boards.ie to Minister Sean Sherlock

FreudianSlippers

I guess that answers the first part of my question in a round-a-bout way. In order to engage this DtecNet process of detection a "contested filtering system" must be in place I presume. Deep packet inspection is a "filtering system"? A process which is in direct defiance with the ECJ decision in Scarlet Extended.

If that is what his judgment means (and it's a judgment I have read many times - I just don't necessarily understand the technical jargon aspect of it as far as the ISP and DtecNet systems are concerned) that a filtering system (either by the ISP or a third party like DtecNet) would/should be put in place, then his judgment is open to appeal to the ECJ on the basis of the decision in Scarlet Extended.

As for IP addresses, the ECJ has also ruled them to be private data.

wiseguy

FreudianSlippers wrote: »

I guess that answers the first part of my question in a round-a-bout way. In order to engage this DtecNet process of detection a "contested filtering system" must be in place I presume. Deep packet inspection is a "filtering system"? A process which is in direct defiance with the ECJ decision in Scarlet Extended.

If that is what his judgment means (and it's a judgment I have read many times - I just don't necessarily understand the technical jargon aspect of it as far as the ISP and DtecNet systems are concerned) that a filtering system (either by the ISP or a third party like DtecNet) would/should be put in place, then his judgment is open to appeal to the ECJ on the basis of the decision in Scarlet Extended.

As for IP addresses, the ECJ has also ruled them to be private data.

Now how can we get our beloved TDs and Government to pass a law that would state in black on white that Deep Packet inspection technologies are not permitted to be forced on any ISP, that IP addresses are private information, and that no citizen should be ever disconnected from the internet

Speaking of Dtecnet and Attributor and the likes who love spamming with automated emails, their detection is far from perfect I have several emails with false positives from these people.
One of the most amusing ones I got was a complaint to take down a book file from a book published in mid 19th century that was scanned for (barely readable yellow paper etc) and is available for free on the archive.org e-texts project since this book in question was well out of copyright!

edit here is an example of format of emails they sent out (i removed identifying info):

Notice of Infringement via Email

Twentieth Century Fox Film Corporation
P.O. Box 900
Los Angeles, CA 90035

01/26/2012
<snip> http://<snip&gt;

Dear <snip>:

I, the undersigned, confirm under penalty of perjury that I am an authorized agent of Twentieth Century Fox Film Corporation and/or its subsidiaries and affiliated companies ("Fox") and am authorized to act on Fox's behalf in this matter.

I am writing to notify you of the infringement of Fox's intellectual property rights on your site as identified below and demand that you take immediate action to permanently stop the infringing conduct.

I have a good faith belief that the links / files identified in the attached addendum (below) are examples of links / files available through your site that are not authorized by Fox, any of its agents or the law, and therefore infringe Fox's rights. On behalf of Fox, I demand that you immediately remove and disable these links / files. To the extent that multiple different copies of the infringed copyrighted work identified in the subject line above can be found on and through your service, you are required to act expeditiously to remove or disable access to all such infringing copies.

This email is not a complete statement of Fox's rights in connection with this matter, and nothing contained herein constitutes an express or implied waiver of any rights, remedies, or defenses of Fox in connection with this matter, all of which are expressly reserved.


I may be contacted at:
Email: antipiracy@dtecnet.com

Sincerely,
DtecNet

If you have some issues please reply to info.antipiracy@dtecnet.com, reply to no-reply@dtecnet.com will be ignored.

Addendum to Notice of Infringement
<snip> - List of Allegedly Infringing Links:
<snip>

these are sent out by automated bots scouring the internet

and in case of Attributor they outsource work to people in Phillipines and Malaysia to work as human mechanical turks for a few peanuts a day.

Fionn

signed and sent a letter to the minister.
he didn't get my IP address either

Tom Harward

signed and sent !

Jericho.

Here's a short e-mail I sent to info@labour.ie

"Dear Sir/Madam,

I am writing a brief e-mail to you to inform you that should Minister Sherlock pass his “S.I. No. of 2011 European Communities (Copyright and
Related Rights) Regulations 2011” I will not be in a position to ever vote for your party again.

Regards,
Jericho." (Real name was used here)

Short and to the point. I really hope this doesn't pass in it's current form.

expectationlost

is a judge ruling saying he believes everything in it?

AntiRip

Over 60,000 signatures now.

Also came across this
http://www.wired.com/epicenter/2012/01/irelands-sopa/

This sort of approach to legislation could make it harder for Ireland to attract digital businesses. This could prove particularly problematic given that Ireland is trying to position itself as a hub for cloud computing.

This is already being viewed bad internationally, God its sad isn't it

M O N T O

Faolchu wrote: »

signed teh petition yesterday

also recieved this today via email not sure how true it is

This link shows an archive of Minister Sherlock's page circa July 2011, notice the vista icon in the top left hand corner! I think your picture is authentic!

http://web.archive.org/web/20110721130702/http://www.seansherlock.ie/



*edit* oops, tested that out, doesn't seem to work. If you go here :http://www.archive.org/ and type in ''http://www.seansherlock.ie/'' to the wayback machine You should be able to see it!

alphabeat

look
this is one of many stabs at the internet planned so that the internet as
it exists can be fully controlled by gov and large corp entitys.

the model they are aiming for is the web tv, all your tv , radio , music , film

AND

all you webaccess , will come via controlled web tv stations so to speak- direct to a web enabled tv.

you will pay a tv license type of fee, and extra subs to the isp or content provider
and receive only the web sites and content allowed.


it has been planned for the last number of years , and its kicking off in a big way.

5- 8 years from now you wont be browsing or downloading anything they dont want you to, and or cannot pay for.


that is the reality .

dusterd

I found this video on the whole thing. I'm no law expert but I think he has a point.

[-0-]

dusterd wrote: »

I found this video on the whole thing. I'm no law expert but I think he has a point.

I already commented on this. His facts are very lose. CBS didn't acquire CNET until 2008 so his point regarding that is moot - completely.

oscarBravo

FreudianSlippers wrote: »

Can anyone explain to me, perhaps, how exactly an ISP would monitor their network for "illegal" use; and/or how they can differentiate between legal and illegal downloading (I'm pretty sure they cannot IIRC).

We can't.

Let me explain a little bit about the "deep packet inspection" idea that's being bandied about. When you send information to or from the Internet, it is sent as a series of chunks of maybe a couple of hundred kilobits each. In order to get each packet to its destination, our routers glance at the IP header, which contains the source and destination IP address, and make a forwarding decision based on that. For example, we will send outbound traffic (uploads, or HTTP requests, for example) directly to a Google or Microsoft router; or perhaps we'll hand it off to Cogent and ask them to deliver it across the Atlantic for us. Conversely, inbound traffic gets routed to the specific customer.

We don't look past those headers to make routing decisions. But - in theory - our router could look deeper into an IP packet and see that it contains a TCP packet, which in turn contains a HTTP request, which in turn contains the URL being requested (or whatever). Obviously this would take vastly more processing power than simply looking at the destination IP address, which is always located 32 bytes into the IP packet.

The theory is that we could look into each packet, determine that it's a BitTorrent packet, and further that it contains an illegal file transfer, and therefore block the packet.

In practice, looking at any given packet tells you very little. Even a simple web page will be broken across a number of packets, and looking at each one in isolation is like hearing two words from a conversation and trying to determine their meaning out of context.

So the theory goes further that you keep track of the conversations, and monitor the state of each connection. This requires not only looking deep within each packet; it requires keeping detailed tables in memory and looking up each packet against that table to correlate them, and it requires that the device doing this inspection understand the protocols being spoken.

I just looked at a graph, and at 10pm we were forwarding twenty five thousand of these packets per second through our edge router - and we're a relatively small ISP. We have a pretty chunky (and bloody expensive) Cisco router slogging through all that traffic, and it needs some clever electronics and a chunk of memory just to make the forwarding decisions based on the destination IP address.

Think about that for a second, and think about the processing power and memory that would be required to perform deep packet inspection and connection tracking on all of those packets without adding latency to our customer traffic.

Now think about the fact that, if we were to implement such a system, we would be - in effect - snooping on every single message that passes in or out of our system. We would, basically, be reading our customers' mail. The privacy implications are unpleasant.

Further, think about the fact that if any of those connections are encrypted, all the DPI process is going to see is effectively white noise.

It's hypothetically possible, in the same way that it's hypothetically possible to send a manned mission to Venus. The problem is that it's a colossal burden on an ISP, and even with that, it's an exercise in futility.

I suppose my main line of thinking would be do the ISPs have to make or add any additional filtering systems to their current operation in order to implement the SOPA "process" (if I can call it that) from their point of view.

Definitely. We don't have the equipment to do it, and even if we were required to install it (which I don't think we can be, thanks to Scarlet) it wouldn't solve the problem and would negatively impact on our customers.

Any proposed injunctive relief is more likely to take the form of a graduated response, which raises a fresh set of questions about due process. The systems that the studios use basically work by joining the torrent swarm (or equivalent network), requesting a copyrighted file, and keeping track of whoever seeds it.

Citizen_Kane

From scanning snippets of the EMI vs UPC case, it seems to be that Cisco equipment has specifically been called out as THE thing that can put the Woozimajig in the CinTan for the forces of darkness to be happy.

Is this not by default anti-competetiveness being handed down by a judge? Or is Cisco going to Open Source their whole Kaboodle if this farce proceeds? (Ha, Ha)

nyarlothothep

alphabeat wrote: »

look
this is one of many stabs at the internet planned so that the internet as
it exists can be fully controlled by gov and large corp entitys.

the model they are aiming for is the web tv, all your tv , radio , music , film

AND

all you webaccess , will come via controlled web tv stations so to speak- direct to a web enabled tv.

you will pay a tv license type of fee, and extra subs to the isp or content provider
and receive only the web sites and content allowed.


it has been planned for the last number of years , and its kicking off in a big way.

5- 8 years from now you wont be browsing or downloading anything they dont want you to, and or cannot pay for.


that is the reality .

Yep, pretty much that's what has happened to every major technological revolution which has facilitated increased human connectivity and democratisation, the printing press, tv and radio etc. However I hope that the genie is out of the proverbial bottle and that they're so late off the the mark that they (namely those in the elites who want to control others, pathetic as such an ambition in life is) will get their asses handed to them, on plate, served with a glass of chilled Sancerre. I really hope that outcome comes to pass.

denballs

64819

More than 64819 signatures have been added to this petition. Thank you!

denballs

im not suggesting/asking or hopeing it happens....but id be fairly happy if a certain someone who signed a certain document got hung upside down from the spire by his genitalia.....then..........dropped ......died.......and went to hell....:)

_CreeD_

oscarBravo wrote: »

We can't.

Let me explain a little bit about the "deep packet inspection" idea that's being bandied about. When you send information to or from the Internet, it is sent as a series of chunks of maybe a couple of hundred kilobits each. In order to get each packet to its destination, our routers glance at the IP header, which contains the source and destination IP address, and make a forwarding decision based on that. For example, we will send outbound traffic (uploads, or HTTP requests, for example) directly to a Google or Microsoft router; or perhaps we'll hand it off to Cogent and ask them to deliver it across the Atlantic for us. Conversely, inbound traffic gets routed to the specific customer.


<snip>

It's hypothetically possible, in the same way that it's hypothetically possible to send a manned mission to Venus. The problem is that it's a colossal burden on an ISP, and even with that, it's an exercise in futility. Definitely. We don't have the equipment to do it, and even if we were required to install it (which I don't think we can be, thanks to Scarlet) it wouldn't solve the problem and would negatively impact on our customers.

<snip>

Actually not as hard to do as you imply, it all depends on the budget assigned. Everything you list as theory above can, and is being done regularly by many ISPs around the world (including my own stateside). It's not cheap but it's quite doable.

_Godot_

Signed the petition.

mikemac1

Emailed the local junior minister

He's a good sort, looking forward to what he'll say

Probably obey the party whip I suppose though and I'll get a vague non answer

oscarBravo

_CreeD_ wrote: »

Actually not as hard to do as you imply, it all depends on the budget assigned. Everything you list as theory above can, and is being done regularly by many ISPs around the world (including my own stateside). It's not cheap but it's quite doable.

This is true. It's also true that it's theoretically possible to deliver a fibre connection to every home in the country - it's done regularly by many ISPs around the world. It's not cheap but it's quite doable.

My point wasn't that it's physically impossible; my point is that it's several orders of magnitude harder than what we're already doing. My further point is that what we're currently doing is what our customers expect us to do: route traffic from them to the Internet. The whole deep packet inspection thing is something that's much harder to do (don't assume that because someone is doing it that it's trivially easy to do), is not for the benefit of our customers or for us (on the contrary, it's likely to harm the customer experience - no matter how beefy your router, a DPI will always take longer than a routing table lookup, and that means increased latency), and adds a great deal of expense to us with precisely zero upside.

Plus, it won't work.

Ciaran500

oscarBravo wrote: »

It's not cheap but it's quite doable.

Will it get much cheaper in the future?

oscarBravo

Ciaran500 wrote: »

Will it get much cheaper in the future?

Probably not much. Cisco routers are the de facto backbone of the Internet, and they're still pretty damned pricey. Something as niche as this isn't likely to drop significantly in price.

And it's still a cost to me (and therefore to my customers) with no corresponding benefit other than to a third party; it still raises privacy concerns; and it still won't work.

eta: I guess you were talking about fibre, duh. Yes, it will get cheaper. It's where we'll all be eventually, but that "eventually" means different things in different countries.

FreudianSlippers

oscarBravo wrote: »

FreudianSlippers wrote: »

Can anyone explain to me, perhaps, how exactly an ISP would monitor their network for "illegal" use; and/or how they can differentiate between legal and illegal downloading (I'm pretty sure they cannot IIRC).

We can't.

Let me explain a little bit about the "deep packet inspection" idea that's being bandied about. When you send information to or from the Internet, it is sent as a series of chunks of maybe a couple of hundred kilobits each. In order to get each packet to its destination, our routers glance at the IP header, which contains the source and destination IP address, and make a forwarding decision based on that. For example, we will send outbound traffic (uploads, or HTTP requests, for example) directly to a Google or Microsoft router; or perhaps we'll hand it off to Cogent and ask them to deliver it across the Atlantic for us. Conversely, inbound traffic gets routed to the specific customer.

We don't look past those headers to make routing decisions. But - in theory - our router could look deeper into an IP packet and see that it contains a TCP packet, which in turn contains a HTTP request, which in turn contains the URL being requested (or whatever). Obviously this would take vastly more processing power than simply looking at the destination IP address, which is always located 32 bytes into the IP packet.

The theory is that we could look into each packet, determine that it's a BitTorrent packet, and further that it contains an illegal file transfer, and therefore block the packet.

In practice, looking at any given packet tells you very little. Even a simple web page will be broken across a number of packets, and looking at each one in isolation is like hearing two words from a conversation and trying to determine their meaning out of context.

So the theory goes further that you keep track of the conversations, and monitor the state of each connection. This requires not only looking deep within each packet; it requires keeping detailed tables in memory and looking up each packet against that table to correlate them, and it requires that the device doing this inspection understand the protocols being spoken.

I just looked at a graph, and at 10pm we were forwarding twenty five thousand of these packets per second through our edge router - and we're a relatively small ISP. We have a pretty chunky (and bloody expensive) Cisco router slogging through all that traffic, and it needs some clever electronics and a chunk of memory just to make the forwarding decisions based on the destination IP address.

Think about that for a second, and think about the processing power and memory that would be required to perform deep packet inspection and connection tracking on all of those packets without adding latency to our customer traffic.

Now think about the fact that, if we were to implement such a system, we would be - in effect - snooping on every single message that passes in or out of our system. We would, basically, be reading our customers' mail. The privacy implications are unpleasant.

Further, think about the fact that if any of those connections are encrypted, all the DPI process is going to see is effectively white noise.

It's hypothetically possible, in the same way that it's hypothetically possible to send a manned mission to Venus. The problem is that it's a colossal burden on an ISP, and even with that, it's an exercise in futility.

I suppose my main line of thinking would be do the ISPs have to make or add any additional filtering systems to their current operation in order to implement the SOPA "process" (if I can call it that) from their point of view.

Definitely. We don't have the equipment to do it, and even if we were required to install it (which I don't think we can be, thanks to Scarlet) it wouldn't solve the problem and would negatively impact on our customers.

Any proposed injunctive relief is more likely to take the form of a graduated response, which raises a fresh set of questions about due process. The systems that the studios use basically work by joining the torrent swarm (or equivalent network), requesting a copyrighted file, and keeping track of whoever seeds it.

Thank you, that perfectly answers my question. You may expect a PM from me next week too!

Phony Scott

Does this mean we'll be doing all our illegal downloading through IRC again? :pac:

nesf

oscarBravo wrote: »

We can't.

Let me explain a little bit about the "deep packet inspection" idea that's being bandied about. When you send information to or from the Internet, it is sent as a series of chunks of maybe a couple of hundred kilobits each. In order to get each packet to its destination, our routers glance at the IP header, which contains the source and destination IP address, and make a forwarding decision based on that. For example, we will send outbound traffic (uploads, or HTTP requests, for example) directly to a Google or Microsoft router; or perhaps we'll hand it off to Cogent and ask them to deliver it across the Atlantic for us. Conversely, inbound traffic gets routed to the specific customer.

We don't look past those headers to make routing decisions. But - in theory - our router could look deeper into an IP packet and see that it contains a TCP packet, which in turn contains a HTTP request, which in turn contains the URL being requested (or whatever). Obviously this would take vastly more processing power than simply looking at the destination IP address, which is always located 32 bytes into the IP packet.

The theory is that we could look into each packet, determine that it's a BitTorrent packet, and further that it contains an illegal file transfer, and therefore block the packet.

In practice, looking at any given packet tells you very little. Even a simple web page will be broken across a number of packets, and looking at each one in isolation is like hearing two words from a conversation and trying to determine their meaning out of context.

So the theory goes further that you keep track of the conversations, and monitor the state of each connection. This requires not only looking deep within each packet; it requires keeping detailed tables in memory and looking up each packet against that table to correlate them, and it requires that the device doing this inspection understand the protocols being spoken.

I just looked at a graph, and at 10pm we were forwarding twenty five thousand of these packets per second through our edge router - and we're a relatively small ISP. We have a pretty chunky (and bloody expensive) Cisco router slogging through all that traffic, and it needs some clever electronics and a chunk of memory just to make the forwarding decisions based on the destination IP address.

Think about that for a second, and think about the processing power and memory that would be required to perform deep packet inspection and connection tracking on all of those packets without adding latency to our customer traffic.

Now think about the fact that, if we were to implement such a system, we would be - in effect - snooping on every single message that passes in or out of our system. We would, basically, be reading our customers' mail. The privacy implications are unpleasant.

Further, think about the fact that if any of those connections are encrypted, all the DPI process is going to see is effectively white noise.

It's hypothetically possible, in the same way that it's hypothetically possible to send a manned mission to Venus. The problem is that it's a colossal burden on an ISP, and even with that, it's an exercise in futility. Definitely. We don't have the equipment to do it, and even if we were required to install it (which I don't think we can be, thanks to Scarlet) it wouldn't solve the problem and would negatively impact on our customers.

Any proposed injunctive relief is more likely to take the form of a graduated response, which raises a fresh set of questions about due process. The systems that the studios use basically work by joining the torrent swarm (or equivalent network), requesting a copyrighted file, and keeping track of whoever seeds it.

And can't I just use VPN and encryption (or similar) to render the above useless anyway even if you set up the equipment?

Ciaran500

oscarBravo wrote: »

eta: I guess you were talking about fibre, duh. Yes, it will get cheaper. It's where we'll all be eventually, but that "eventually" means different things in different countries.

Nah, you got it right. Was just wondering as processing power and storage got cheaper year on year would deep packet inspection become much more viable.

oscarBravo

nesf wrote: »

And can't I just use VPN and encryption (or similar) to render the above useless anyway even if you set up the equipment?

Yes. Even with sophisticated and expensive DPI equipment, we can't see into encrypted transmissions, whether they be SSL websites or encrypted torrents.

This is a socio-legal problem. Trying to fix it with technological solutions can't and won't work.

Citizen_Kane

Ciaran500 wrote: »

Nah, you got it right. Was just wondering as processing power and storage got cheaper year on year would deep packet inspection become much more viable.

Even if EMI was paying ISP's to implement this this technology (which I suspect they may do), this needs to be buried as an 'option to solving the problem'.

If a private interest was trying to impose similar measures on the telephone system, a far broader spectrum of the country would be marching on Leincster House.

DeVore

oscarBravo wrote: »

Yes. Even with sophisticated and expensive DPI equipment, we can't see into encrypted transmissions, whether they be SSL websites or encrypted torrents.

This is a socio-legal problem. Trying to fix it with technological solutions can't and won't work.

Today is the first day I have thought about allow multiple thanks for a post. Cos I'd thank that many times if I could.

This is not a technical problem and none of the technical "solutions" will work. Stop trying to use tech to fix a nontechnical problem.


OB point about costs is also well made. Will Big Content pay our costs for protecting their IP? That's a service, shouldn't they pay us?

nesf

oscarBravo wrote: »

Yes. Even with sophisticated and expensive DPI equipment, we can't see into encrypted transmissions, whether they be SSL websites or encrypted torrents.

This is a socio-legal problem. Trying to fix it with technological solutions can't and won't work.

Yeah, and they can't feasibly block VPNs because so many people working from home/away from the office need to use them and have a justifiable requirement for encryption, as well as there being serious privacy issues to disallowing encryption of your web traffic.

This is just all so pointless, the technically proficient people already know about all this stuff and it really won't take long for others to figure out what a VPN or encrypted torrent is if they bring in DPI. It's like only setting up drink driving checkpoints on motorways and saying you'll never set them up on country roads.