ross
join:2000-08-16
 ·Digizip
| reply to wierdo
Re: Hmmm..
said by wierdo  :said by ross :However, you identified certain of your users as intellectual property pirates. If you merely meant to say some percentage of an aggregate pool of users utilizing P2P protocols fell into certain demographic groups, that is quite different from identifying specific individual users as intellectual property pirates. The latter requires you to have inspected unencrypted packets to determine content, or to have made a stupendously egregious presumption. Or perhaps to have been called/written by content owners about the user's infringement? Sorry wierdo, but that is extremely unlikely. In fact, it would be more likely that he made the whole thing up, rather than have been notified by content providers. |
|
rahvin112
join:2002-05-24
Sandy, UT
| reply to rantou
If you are examining content you best be very careful about how you are doing it and for what reason. Based on your statements alone, in the right/wrong court (depending on whose opinion), you could be brought up on wire tap charges. Doing it to average people you probably won't be, but let me tell you if an "official" finds out you are doing it to them (such as a congressman) you will be brought up on federal wire tap charges. There's network management, and there is wire tapping. There is a fine line between the two and considering the jail time you are risking (20 year max sentence) if I was you, I would talk to a lawyer experienced in wire tap laws before I would be examining one bit of data for content.
There's a reason ATT and Verizion want Immunity for the illegal wiretaps they did for the Feds. You might take heed of their example. |
|
caffeinator
Coming soon to a cup near you..
Premium
join:2005-01-16
Spokane, WA
·WebBand
1 edit | reply to james
Well, not exactly.
CALEA
»www.eff.org/issues/calea
Hang around the chans...and wait for the party van.
Guilt by URL...you think a court of white-bread average Americans is going to think positivly if a user so much as was recorded visiting a site like 4chan or Rotten? Most people I know would throw away the key after spending 20 seconds there.
Granted they do push..but it's not illegal.
If I hang around neworder, does that make me an evil hacker, or just someone interested in security?
You really think the average jury would care?
ISP's have to cover their asses too ya know. I know I do.
-CaFF |
|
james
join:2001-02-26
antarctica
| reply to rantou
You lay out no facts. The only thing you NEED to know as an ISP is how many gb a user is using per month, and if you are able to continue to provide your service and still make money.
If your users are complaining about slowdowns then what does it matter if the traffic being used is p2p or grannies email, you should just split your available bandwidth equally, provide more bandwidth, or leave being an ISP to the big boys. |
|
james
join:2001-02-26
antarctica
| reply to rantou
said by rantou :So without being educated on how to run an ISP, please tell me, how would you do it? Two words: Dumb Pipe.
Seriously, it's none of your business if your client uses their connection to browse disney.com all day or downloads huge linux distros every day for no apparent reason. The only thing you should be keeping track of is:
"User A is using X GB/month, I can/cannot continue to provide this amount of bandwidth to them and still make money" Anything more is none of your business, furthermore you're discussing such things in a freaking public forum, how would you like it if your doctor went around talking about the disgusting genital warts you came in with the other day, while not mentioning your name but giving your age and occupation. |
|
muiredised
ESSE QUAM VIDERI
join:2007-06-11
Tacoma, WA
| reply to rantou
said by rantou :Find me one ISP billing software that you search an IP address and it doesn't come back with a name. Go ahead! See if you can find one. That's just the whole problem. So it's unethical then to search out who a person is by the traffic coming from their IP address? If I understand it correctly the billing software may return a name of the "account holder", and that does NOT identify the person "using the connection". By personalizing your statements regarding the users with gender and age you are making suppositions that may or may not be accurate. How do you KNOW that the primary user is male? Even if you survey the users directly and they volunteer the information, that still does not mean it is accurate. What if the wife is said to be the primary user but the husband is concealing a pornography addiction?
Manage your network, analyze your network traffic, but DO NOT make suppositions about the "users". What you KNOW is your top bandwidth consuming "account", anything more specific regarding "user" is a supposition on your part unless you are a voyeur and watch them as they use the connection.
--
Assiduus usus uni rei deditus et ingenium et artem saepe vincit |
|
wierdo
join:2001-02-16
Tulsa, OK
 ·Future Nine Corpor..
·Teliax VOIP
| reply to ross
said by ross :However, you identified certain of your users as intellectual property pirates. If you merely meant to say some percentage of an aggregate pool of users utilizing P2P protocols fell into certain demographic groups, that is quite different from identifying specific individual users as intellectual property pirates. The latter requires you to have inspected unencrypted packets to determine content, or to have made a stupendously egregious presumption. Or perhaps to have been called/written by content owners about the user's infringement?
--
It's wierdo, not weirdo. Yes, I know that's not the 'proper' spelling of the similar english language word.  |
|
ross
join:2000-08-16
·Digizip
| reply to rantou
said by rantou :Find me one ISP billing software that you search an IP address and it doesn't come back with a name. Go ahead! See if you can find one. That's just the whole problem. So it's unethical then to search out who a person is by the traffic coming from their IP address? Depends on why/what use you intend to make of that knowledge.
I never said anything about looking at URL history. I look at their traffic based solely on protocol and amount of traffic passed, which every ISP has to do these days. However, you identified certain of your users as intellectual property pirates. If you merely meant to say some percentage of an aggregate pool of users utilizing P2P protocols fell into certain demographic groups, that is quite different from identifying specific individual users as intellectual property pirates. The latter requires you to have inspected unencrypted packets to determine content, or to have made a stupendously egregious presumption.
If you want to see an ISP that does have relational data between URL history and who you are, look at AT&T, Verizon, and the many others that sell your clickstream data. That's what we were looking at in this thread; the unscrupulous activities of the major Telcos and Cablecos acting on behalf of out-of-control national security organizations, corporate intellectual property owners and their own desire to become the controlling portal monetizer/monitor/provider for/of all on-line content.
Sure, they're not selling the clickstream data with any kind of end user identification, but you know that they have that relational data in their systems, whether you like it or not. What makes you so sure that they don't, or, as importantly, they won't, in conjunction with the content filtering activities on behalf of intellectual property owners (read R.I.A.A., M.P.A.A., I.F.P.I.)?
I don't even sell clickstream data, nor have systems that would ever cache that information. For this, I applaud you!
The fact that I even know my customers is because, again, I work at a smaller provider where I do speak with my customers when they call in for technical assistance and I grab their calls, or because I even did their installations for them. I have tried to distance myself from customers by trying other methods with limited good results (bad contractors, bad language skills, etc.) and the bottom line is that if you want something done right, you gotta do it yourself. I hope you are speaking of set-up, troubleshooting equipment, maintenance of network resources and customer relations, rather than of spying on your customers.
Do/would you agree that surveillance, content filtering, protocol throttling, DNS redirection, and the monitoring, collection and sale of clickstream data are inherently invasive practices detrimental to subscribers when they become the tools of aggressive, and oppressive, factional third party interests? |
|
rantou
join:2002-06-04
Richardson, TX
| reply to ross
Find me one ISP billing software that you search an IP address and it doesn't come back with a name. Go ahead! See if you can find one. That's just the whole problem. So it's unethical then to search out who a person is by the traffic coming from their IP address?
I never said anything about looking at URL history. I look at their traffic based solely on protocol and amount of traffic passed, which every ISP has to do these days. If you want to see an ISP that does have relational data between URL history and who you are, look at AT&T, Verizon, and the many others that sell your clickstream data. Sure, they're not selling the clickstream data with any kind of end user identification, but you know that they have that relational data in their systems, whether you like it or not. I don't even sell clickstream data, nor have systems that would ever cache that information.
The fact that I even know my customers is because, again, I work at a smaller provider where I do speak with my customers when they call in for technical assistance and I grab their calls, or because I even did their installations for them. I have tried to distance myself from customers by trying other methods with limited good results (bad contractors, bad language skills, etc.) and the bottom line is that if you want something done right, you gotta do it yourself. |
|
ross
join:2000-08-16
·Digizip
| reply to rantou
said by rantou :Umm... sir... At the same time I have to know about router capacities, cpu loads, and everything else. What better way to understand that than to see what protocols are in use. It's not like it's actually seeing what URLs are being pulled, what files are being downloaded, or anything else... Your involvement with the subscribers use of their connections should be as distant and as impersonal as possible. Identifying aggregate traffic/protocal use is one thing, specific user identification according to protocol, along with specific content transferred, is quite another. You have identified specific users as PIRATES based on your surveillance of their IP/URL history and transmitted content. Not quite the altruistic manager you portray yourself to be.
Impersonal management of of network hardware and performance does not require detailed investigation of the content and surfing history of any individual subscriber, except in EXTRAORDINARY circumstances. Routine, specific, invasive surveillance and content analysis in violation of the privacy rights of your users is not unavoidable and inevitable. |
|
rantou
join:2002-06-04
Richardson, TX | reply to james
I would recommend reading my reply back to the last comment on this, because it clearly lays out several facts of the ISP business. |
|
rantou
join:2002-06-04
Richardson, TX
| reply to ross
Umm... sir... I will have you know that for an ISP to continue growing and knowing what kind of traffic they have running across their network, they DO monitor the network. If I put in a T1 and ran all of my customers off it with no monitoring, I'd really like to know how many customers I would have.
At the same time I have to know about router capacities, cpu loads, and everything else. What better way to understand that than to see what protocols are in use. It's not like it's actually seeing what URLs are being pulled, what files are being downloaded, or anything else.
So now are you saying that it's ill-mannered to MRTG each individual customer's connection device? You would be shocked how many people are dumb enough to call about something as stupid as "my internet is slow!" while paying for 3mbps service and are using their full 3mbps service while running the speed test in the background.
If you were running a provider, I would LOVE to know how you would go about managing it. Especially if you were working for the likes of AT&T, Comcast, Time Warner, or anybody else using accounting-based authentication systems such as DHCP or PPPoE authentication. Don't you think they know who their heavy users are? I just have a closer relationship with my customers because I am part of a smaller organization. I can go into my accounting system and pull a report for the past 30/60/90/120/365 days and see my top users by transfer for the time frame just like all other providers can.
So without being educated on how to run an ISP, please tell me, how would you do it? |
|
james
join:2001-02-26
antarctica | reply to ross
I also find his comments EXTREMELY CREEPY. I hope he presented his own comments out of context. |
|
ross
join:2000-08-16
·Digizip
| reply to rantou
said by axus :...I guess I just keep track of my users too much, but it's still an actual fact... Why are YOU tracking your users in the first place? Are you a voyeur, a tool, a professional informant, or just a twit? What difference does it make to YOU what is transfered over the connection/pipe that you provide for a fee. YOU HAVE NO LIABILITY for content transmitted across your servers, unless you are in the habit of ignoring DMCA take-down notices when presented. Inform your users of any notices received, and let them deal with it. Otherwise, it's none of YOUR BUSINESS! Just as it's none of your business what your users search for, or send, over their "paid-for" internet connection. Quit snooping! YOUR FUNCTION is to keep the connection up and functioning properly, and that is all! |
|
