[153083] in North American Network Operators' Group
Re: ISPs and full packet inspection
daemon@ATHENA.MIT.EDU (Keith McCallion)
Tue May 29 16:37:49 2012
Date: Tue, 29 May 2012 13:36:36 -0700
From: "Keith McCallion" <keith@mccallion.com>
To: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, May 24, 2012 7:36 pm, Jay Ashworth wrote:
> ----- Original Message -----
>> From: "Justin M. Streiner" <streiner@cluebyfour.org>
>> Aside from all of the business and legal sticking points that others
have
>> mentioned, there are also the technical aspects of capturing, storing,
transporting, analyzing, and managing those packets, and the appliances
that do the heavy lifting. As your traffic grows, that problem scales 1:1
linearly, at best, and more likely n:1 linearly, or worse. The added
overhead of the infrastructure needed to support this will also make
>> it more difficult to be price-competitive with your peers.
> TL:DR; The reasons for doing this on any kind of general basis have to
be *EXCEPTIONALLY* compelling to make a business case for it, apart from
any possible legal ramifications.
> I used asterisks *and* capital letters; that's about an order of
magnitude.
> Don't forget staffing.
I am a little surprised no one has referenced Wired's recent article about
Libya's Internet Surveillance systems:
http://www.wired.com/threatlevel/2012/05/ff_libya/all/1
It's good reading and I think does a good job of summarizing both the
technical challenges but also the political implications of such a system.
-Keith
