Just like in the good old post days you should be able to rely on all your packets arriving without 'inspection' by any carriers.
The obvious solution to the whole net neutrality problem is to encrypt everything and to run the various protocols on every port imaginable after some form of handshaking.
I think that would work.
The stakes are high, I'd love to see a change of paradigm. But it's very hard given the immense economic and political interests against anything fair.
I then remembered that you can switch to alternative DNS providers. Google's comes to mind, because its 22.214.171.124 address is easy to remember.
Also your DNS request travels unencrypted through your ISP and a likely drop-in solution to packet inspection would just be a passive listener (typical solution with 0 configuration). So in this case, alternative servers don't help.
We don't correlate or combine your information from the temporary or permanent logs with any other data that Google might have about your use of other services, such as data from Web Search and data from advertising on the Google content network.
With regards of privacy, Google's definition of what's identifying or not is very dodgy. From your own link, the permanent record includes the timestamp, domain, geolocation and ISP. That's a lot of information if you aggregate it.
My point had nothing to do with your ISP packet inspection argument (notice I didn't address it). I was providing a counter-point to the "Google is the largest advertising and user-tracking system online. I would only use those DNS servers as last resource." My comment was simply to refute your indication that Google might be associating DNS with advertising or user tracking. They don't.
Edit: Can someone explain why the down-votes? Do you just disagree?
> My point had nothing to do with your ISP packet inspection argument
As does running your own DNS.
I mean, these are all possibilities. my concern is that if, for example, you make running an inward facing IDS illegal, selling (nearly) anonymous accounts on the cheap will be ah, more difficult. In theory, a good enough inward-facing IDS, if implemented by more ISPs, could largely mitigate the botnet problem we have now, where almost any site can be wiped off the internet by IRC kids. (now, my IDS system never got past 'experimental' and has been down for several years now. But when it was active, I think it was pretty neat; customers could see incoming attacks, and I could see outgoing attacks. Of course, like any ids, it had a huge false positive rate, so honestly, it wasn't all that useful, which is part of why it's currently down. I'm just interested in why people think that sort of technology is inherently a bad idea- a bad enough idea that there should be a law, even.)
Now, I think it's important that providers are very clear about what they do with a customer's packets... but I worry that codifying what a provider can do to a packet /with the consent of the customer/ into law will eliminate services I like.
I'm going to have to think about that for a bit, it's a tricky enough situation you sketch that there shouldn't be some kind of exception for it.
First thing to come to mind is maybe an electronic way of securing permission from the 'endpoint' of the traffic, since they benefit from not having their hardware and their connection abused as well.
The key is 'with the consent of the customer', and I think that such instances should be the exception rather than the rule.
So if there is no specific reason why a certain customers packets are inspected and it is done without their knowledge and consent it should be illegal.
Also, it may very well be possible to correlate enough transport layer data to figure out which packets are part of an attack and which are legit, but that might be computationally very expensive to do.
 note: this isn't final, but it's my latest working draft: http://wiki.xen.prgmr.com/xenophilia/2010/06/please-comment-...
In my perfect world, the EFF would publish several, modeled after the 'creative commons' licenses; each policy would grant different levels or different kinds of privacy, and the meaning of the policy would be fairly well understood by all parties just by stating the name of the policy.
edit: I don't mean /legally mandating/ these privacy policies... I'm suggesting something like the system in place for managing copyright (or,uh, left) - the idea would be that if there are standard policies, you won't have to read each policy all the way through for every service.
Something totally independent of both business and government run as a non-profit that reviews the various privacy policies, notices changes (by spidering them periodically) and alerts users to those changes and their consequences?
Even ignoring the cost in lawyer time to draw up and review the policies, knowing that a policy is 'reviewed by X' tells the user less than "ISP Y uses standard policy Z"
Also, just like there are different creative commons licenses that grant different rights, it's reasonable to have different privacy policies that grant different rights... and if you need a particular right, it's much easier to go "Oh, isp X uses policy Y which gives me what I want" than to go reading the custom policy that each ISP drew up.
In that case it makes perfect sense. I thought about all privacy policies and because there are so many different products out there it would be very hard to have a limited set of policies. But for the ISP subset that could definitely be done.
That's admirable, but I notice you're a hosting provider. I've never heard of a broadband ISP that wants to use IDS or DPI to provide better service; they only seem to talk about providing worse service.
Perhaps making such things opt-in would work; if the customer believes that it really benefits them, they won't mind opting in.
Unless you are one of those people who expects me to leave your box online after it has become compromised and is spewing abuse, the ids, assuming I use it how I say I'm using it to just detect compromised hosts, and assuming I'm careful about false positives, won't hurt you.
Mucking with the traffic is /much/ more difficult to do without damaging the service. However, there are many cases where if you muck with the traffic you can allow high latency high bandwidth bulk transfers without messing up your low-latency traffic as much as it would otherwise... e.g. it's possible, with traffic shaping to maintain better customer experiences while overselling your pipe.
this positive is realized by the customer through lower prices in markets with competition. obviously, the home broadband market is not one of those markets, so I don't know how much difference it'd make there.
If you notice, I'm a provider in the server space, where there is a lot of competition.
However I would expect you to get a notification before you started to murk around with my traffic, since it is liable to interfere with my use of the services that I have paid for.
but yeah... would just giving you access to all the information I had about your traffic be sufficient notification? That seems like the best way to handle it to me, I mean, if I've got a IDS all setup, it's no more work for me to let you see the results, and especially on incoming traffic, that has value to you.
>However I would expect you to get a notification before you started to murk around with my traffic, since it is liable to interfere with my use of the services that I have paid for.
Yeah. mucking about with people's traffic is tricky, and /certainly/ deserves a notification. Right now, the only time I do it is when you go over your transfer limits; in that case I use tc to bump you down to something that can't hurt me, and obviously, I tell you.
If I /wanted/ to provide a bulk transfer service, rather than limiting the overage accounts to 1mbps or less each, I'd take accounts that are in overage and let them have as much bandwidth as they want, just making that bandwidth a lower priority than the bandwidth of my paying customers.
Now, my experience with that kind of traffic shaping is that it's never perfect, you always interfere at least a little with the high priority traffic; or at least that's been the case every time I've tried doing that, so I don't. But, I've heard of others doing it with varying degrees of success; it's one of those things that can possibly make a cheaper service better if you allow the provider to muck with your packets.
I am simply trying to avoid having the passwords ending up in some log file somewhere where a second-rate cracker can get access to them and spam my webpages. Honestly if you have the power to fix the Border gateway protocol, chances are that you are not interested in spamming my redmine installation.
> Even the most troubling part of Google’s proposal – that wireless networks
> would be excluded for the time being – is not much different from
> what the FCC suggested.
Even for the rest of the corporations the wireless situation is very bad. They won't be able to have inexpensive communications over IP if it goes through wireless, like conference calls. They'll be forced to use oligopolistic and overpriced services for something already paid for.
This isn't bad just for end users and I think Torrentfreak missed the point. This proposal initiates a terrible false dichotomy of wired vs. wireless. It helps current use of peer-to-peer (the bait) crippling wireless (the real deal in the very near future.) Google doesn't care, or even worse, is against P2P services (private or commercial) because their core business is at odds with it. In som ways Google CEO want it to be the new IBM, the new central mainframe.
[Don't get me wrong, I love the technical people behind Google including its founders, but their higher management is out of control, and IMHO, "evil".]
TorrentFreak aren't saying it's great, they're saying it sucks just as much as the status quo, so piling onto Google is stupid because you're attacking the one person pushing for progress in one area because they aren't making progress in a more difficult area, double that stupid if you're acting like Google is dismantling something that doesn't exist, rather than just not fighting to have it created.
It's a legally grey area where different groups are asking different things. EFF, EPIC, and other civil rights related groups worldwide want content non-discrimination and permission of tethering for wireless devices. The telcos want carte blanche to block or throttle as they please. And I bet 3 letter agencies (and their counter-parties in other countries) are siding with the telcos for their own reasons.
Google changed their stance at least on content discrimination on wireless. A very meaningful example Skype calls or competing video distribution platforms. Google can't represent those competitors on this discussion. In particular if they are partners with telcos with their Android system. That's where the outrage comes from.
Err, that's exactly the point. Net neutrality already doesn't exist in a lot of ways, the Google proposal is seen by some (e.g. TorrentFreak) as an attempt to regulate something that can already be arbitrarily done in an unregulated way.
You can't take away a freedom or right that doesn't already exist.
Telcos want to have legal cover for that. That's new.
There is nothing new here in the Google / Verizon proposal. They can't be both killing wireless net neutrality and seeking 'legal cover' for already doing it, especially when it didn't exist because the current status quo of 'packet discrimination' on those networks isn't illegal.
Any law or proposal that leaves gaping holes to manipulate traffic at will is against Net Neutrality. And so, apparently, is Google.
And btw, Net Neutrality did exist, for the longest time in the Internet's history. That's kind of the whole damn point, it brought us to where we are today. The fact that it wasn't enshrined in the law doesn't mean it didn't exist. All of which means that Google's proposal is a proposal to bury it, not defend it.
Thank you for demonstrating my point.
Further, many ISPs over the years have blocked port 80 in or transparently proxied port 25 (or even port 80) through their own servers. I'm not necessarily against this but I think it should be a legal requirement for ISPs to share information about what they're doing so we can choose ISPs that fit in with our requirements.
People love complaining, but not so much helping. I see a lot of people saying why it's wrong but I dont' see fewer people making proposals. And I think the general message in the article is "hey, it's not perfect but at least google is doing something".
So they're being held to the standards that they themselves set in the past, hating google has nothing to do with it.
Net neutrality simply translates in to 'pipes are supposed to be dumb for regular traffic'. Anything other than that and the net is no longer neutral, and that's both what drove it to become what it is today and what will continue to drive that growth in the future. Turning it in to a series of ISP guarded walled gardens is not to anybodies benefit. Especially not the wireless portion, since that is where the future growth will be, so the current battle will draw the lines for one of the most important portions of the net in the near future.
And I think we all hoped that Google would stay on the right side in this, and feel disappointed that they didn't.
Hate doesn't enter in to it.
I for one don't just want people to not snoop around my data, I want more or less unbiased service. Remember, Comcast would throttle users who were constantly uploading a lot of information, which by the way, actually is a pretty good indicator of torrenting.
This is the reason you can't just encrypt everything (edit: as other users here suggest). It goes deeper than that. It's not about people looking into your content, it's about ISPs having to provide the internet as it is, and not simply as they want you to see it.
Also, I think he's deluding himself if he thinks the Google/Verizon deal is going to protect Bittorrent on wired networks.
De-prioritizing (what a word anyway) is not what it is all about it is about limiting. Prioritizing all the traffic is like selecting a volunteer by having someone step backwards.
ISPs sell bandwidth, so bandwidth is what they should deliver. They don't sell quality of service, at least, I've yet to see an ISP that offered me 250K down for torrents, 32K for voice and 128K for web traffic as a single package. They'll sell me 1, 4, 8, 10 or even 20 Mbps down and 2 Mbps up for X credits per time unit. So that's what I expect to receive.
And once they start doing deep packet inspection where does it end? Some websites have a deal with the ISP to prioritize their traffic at the expense of others?
Bottom line, is that net neutrality is about having an accurate picture of the internet, and not a picture that Comcast (or whoever) decides I get. THAT, as well as maintaining user privacy, is the goal here.
I should also add that ISPs have throttled upload-heavy traffic WITHOUT inspecting the packets for a long time, so even if you didn't inspect packets, the issue of net neutrality persists.
Again, I'm for net neutrality, but you do it a disservice with that argument.
Whereas I have just as much right to my bandwidth (the bandwidth that I paid for) as they have for theirs, which protocol is being used is irrelevant.
And you can't compare spam to torrents, spam is illegal, torrents are - surprise - not.
So, ISPs will have to rely on statistical modeling to determine how much they can oversell, not on throttling.
But anyway, your argument hinges on the supposition that ISPs guarantee your bandwidth all the time. In fact, most of them do not. If you are buying a strict guaranteed bandwidth, do tell me why it is that the ISPs don't actually say that themselves?
Hence the argument that throttling your traffic betters other customers.
Copyright infringement is illegal. Torrent files are not (they don't contain copyrighted information, they contain hashes).
Downloading a copyrighted work using any mechanism, including bittorrent is illegal in many places, but not everywhere.
> But anyway, your argument hinges on the supposition that ISPs guarantee your bandwidth all the time.
No, they have a best effort obligation to deliver what they'e sold. The fact that most of them don't make that effort does not mean they're in the clear.
> If you are buying a strict guaranteed bandwidth, do tell me why it is that the ISPs don't actually say that themselves?
Because it is to their advantage.
Well, Jacques, once again, that's actually precisely their argument: that they are "making their best effort" to preserve the user experience. You say they're not providing what you pay for and tell them why, and then they spin around and tell you that they are providing exactly that, because they are doing what you don't like.
And on top of that, they're not promising what you tell them you were sold: there is no bandwidth guarantee. It's like if you showed up to someone's house and bought a stereo, and then after you paid, loudly proclaimed that you actually bought their wife. Saying doesn't make it so, and since this is not a promise they have actually given you, it's a bit unfair to expect that they be held to it.
Remember, though before you head down that hole, that I'm not supporting them. I love net neutrality. It think it's great. I'm just saying that your buying bandwidth is not a good basis for argument of the position you elected.
>> If you are buying a strict guaranteed bandwidth, do tell me why it is that the ISPs don't actually say that themselves?
> Because it is to their advantage.
You're right. It's to their advantage not to sell that guarantee. That would be insane.
I Wonder why none of the bigger news outlets tried to compare between the two proposals.
> [...] will seek input on important questions such as whether wired
> and wireless broadband access should be treated differently
> in this context, and will invite new ideas.
Many people feel betrayed by the new Google behavior.
Google betrayed the trust of everyone who believed "Don't do evil". Full stop. How ISPs dealt with illegal traffic on their networks has nothing to do with any of this.
Of course, it does mean that I cannot download, say, a Linux ISO via torrent... now that is throwing out the baby with the bath water.
(That said, AT&T did stop offering Usenet last year, supposedly because there was too much illegal content.)
But it is completely unreasonable. If they don't have enough bandwidth, they can sell me a plan with a limit - then _I_ will decide what to use that plan for (including, but not limited too, porn, terrorist activities and peer to peer filesharing).
What the providers wont admit is that they are selling a commodity, which (in the area of wireless communication) is completely fungible -- therefore they get to charge no more than commodity prices, while everybody else gets to get rich of their services.
This proposal if sponsored by FCC or US Congress would give carte blanche to the telcos to do whatever they want on wireless, in particular 3G/4G. Google is not representative of the users (present or future) of those services.
Most of the people on the highway on my way to work are speeding. That doesn't mean the government should allow different cars to go different speeds depending how much the manufacturer pays.
If you join any community, try to learn its rules first. And don't hide behind the anonymity of down-voting.
Edit 1: rephrasing.
Edit 2: lowenskind comment was in the negative side when I wrote this, requiring at least 2 down-voting accounts.