DEEP PACKET INSPECTION
HERD DOMINANCE
June 19, 2009FINALLY
June 23, 2009Iran’s Web Spying Aided by Western Technology (WSJ)
The Iranian government had experimented with the equipment for brief periods in recent months, but it had not been used extensively, and therefore its capabilities weren’t fully displayed — until during the recent unrest, the Internet experts interviewed said.
“We didn’t know they could do this much,” said a network engineer in Tehran. “Now we know they have powerful things that allow them to do very complex tracking on the network.”
Deep packet inspection involves inserting equipment into a flow of online data, from emails and Internet phone calls to images and messages on social-networking sites such as Facebook and Twitter. Every digitized packet of online data is deconstructed, examined for keywords and reconstructed within milliseconds. In Iran’s case, this is done for the entire country at a single choke point, according to networking engineers familiar with the country’s system. It couldn’t be determined whether the equipment from Nokia Siemens Networks is used specifically for deep packet inspection.
All eyes have been on the Internet amid the crisis in Iran, and government attempts to crack down on information. The infiltration of Iranian online traffic could explain why the government has allowed the Internet to continue to function — and also why it has been running at such slow speeds in the days since the results of the presidential vote spurred unrest.
Users in the country report the Internet having slowed to less than a tenth of normal speeds. Deep packet inspection delays the transmission of online data unless it is offset by a huge increase in processing power, according to Internet experts.
Iran is “now drilling into what the population is trying to say,” said Bradley Anstis, director of technical strategy with Marshal8e6 Inc., an Internet security company in Orange, Calif. He and other experts interviewed have examined Internet traffic flows in and out of Iran that show characteristics of content inspection, among other measures. “This looks like a step beyond what any other country is doing, including China.”
The article goes on to say that China’s packet inspecting technology is largely decentralized, but ALL of Iran’s internet traffic is routed through a central hub that is controlled by their government.
Who else has been toying with DPI over the last few years? That’s right.
