Probably the most scary document I have ever read.
It’s a technical document written for engineers. Its aim is to translate the customer requirements, as passed to them by their commercial colleagues, in order to set a standard for the industry, so that all of the equipment from different manufacturers will work together. Customers – the ISPs and network providers - will have the choice of competitive product offers, safe in the knowledge that they don’t have to change out all of their equipment.
What makes this one special is that it gives life to the fears of all those concerned about how networks and governments could control not just the Internet, but us.
Ever since I first heard about deep packet inspection, in about 2008, I tried to understand what it is, and what it can do. Way back then, I discovered that it had been logged for standards work within the so-called Next generation network or NGA. The NGA is what engineers call the development of new broadband Internet infrastructure equipment – the routers and management systems that comprise the physical network.
I figured out just how much of yours and mine network traffic can be visible to the ISPs if they have the right system tools. A little later, I learned about the industry product road map, still an engineering level, to build DPI into every network system. ( See Traffic management - how deep packet engines will shape the Internet slow lane ).
DPI is like the heavy armour. Or to use a different analogy, it is like rolling out tanks down every street. Only they will be tanks with infra-red periscopes, able to spot your tiniest move, around any corner, by day or night. And they will be able to control where you can and can’t go.
This document confirms my findings. What is it? It is document number Y.2770, entitled Requirements for deep packet inspection in Next Generation Networks. It sets out recommendations for a technical standard for deep packet inspection. It was adopted at the end of last month by a special group within the ITU, known as the World Telecommunication Standardization Assembly (WTSA-12), which met prior to this month’s World Congress (WCIT-12).
That means it is an official document for people working in the telecoms industry, and it will be used by those developing DPI equipment.
Its author appears to be Chinese, and is working with the Telecommunications Technology Association. This is a Korean-based telecoms standards body, that appears to be a joint venture between the Koreans, Chinese and Japanese.
The Y.2770 document outlines a suite of requirements that will make authoritarian governments and the copyright industries, very happy. For example, DPI systems will have to be capable of detecting Bittorrent, eDonkey, multi-channel media, video, file transfer, voice telephony. They must be capable of detecting and blocking computer games traffic.
Under Y.2770, DPI systems will shape applications traffic, executed on a per packet basis. They will police peer-to-peer traffic and other applications. They will mark specific packet types. They will detect ‘abnormal’ traffic – which of course, could be for genuine security applications, but might not be.
Y.2770 DPI will block packets carrying data attachments of pre-determined sizes. They will use statistical analysis where traffic is encrypted.
Do you want me to go on, or is that enough?
Deep packet inspection systems, designed to Y.2770, will take action on an application-dependent basis, using built-in rules. DPI will look for audio content that is copyright protected and where stipulated, delete the audio.
This can be done by country, right down to the individual. They can even detect who your employer is, and take pre-determined actions if a rule is given.
One aspect that particularly worries me is the inclusion of FTP in the Y.2770 specification. This means that networks will be monitoring everyone who runs a website, and potentially could be asked to block you from uploading content.
This Y.2770 document is controlled by the Chinese. Far from being just an engineer’s technical specification, it has major political ramifications, and should not be permitted to go any further until there has been democratic debate. (See EU asks: should we regulate deep packet inspection? )
The list of functions is a censor’s dream. That why, for me, this document is a nightmare.
This is an original article from Iptegrity.com. If you refer to it or to its content, you should cite my name as the author, and provide a link back to iptegrity.com. Media and Academics – please cite as Monica Horten, The ITU’s DPI standard – that’s something to be afraid of ! in www.iptegrity.com, 6 December 2012 . Commercial users - please contact me.