Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Copyright Alert System - What say you? SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Copyright Alert System - What say you?

 It has been announced by some of the major Internet Service Providers (ISP's) in America that they will be participating in the "Copyright Alert System".  There already exists plenty of media and discussions written about this topic, however I would like to open some discussion here at the Internet Storm Center.  The crux of the Copyright Alert System is the illegal downloading or distribution of copyrighted media.  The ISP's are now moving to a "six strike system" where a user or business will be provided six notifications, after which time the ISP will begin active intervention.  This active intervention could be in the form of pop-up notifications, site redirection, bandwidth reduction, and possibly service interruption.  I am not singling out any one provider, only the approach and practice as a whole.

It is my intention and hope that on this slow summer weekend to stir some discussions here at the Storm Center on the possible impacts in this change of Acceptable Use Policy (AUP).  One of my first and foremost concerns is the impact to voice services.  Voice over IP (VoIP) in many places has replaced traditional voice services (fixed, copper-based, Time Division Multiplexing) for home telephone services.  Is it conceivable that a service provider would ever redirect traditional voice services in this manner?  What is going to happen when I pick up my VoIP telephone to make a call, while I am in dispute with my ISP over the current usage of my internet service?

So it is today that I ask our readers regarding this policy "What say you?"  I look forward to the discussions.

 

Tony Carothers

tony.carothers_at_isc.sans.edu

 

Tony

150 Posts
ISC Handler
I can see some pros and cons. An increase of compromised computers that can be used as "illegal media servers" or proxies. The owners of these computers will be affected by the ISP mitigation strategies without being the actual culprits. On the good side, though, it may help identify infected and compromised computers and reduce the number of these. I wonder what incentive the ISPs have (besides increasing their available bandwidth).
Anonymous
There has already (this last week) been discussion on Dave Farber's IP list that the PSTN will be completely converted from circuit switching to packet switching (VOIP) by 2018.
Anonymous
Politicians in the EU argue that IP is a basic right which is needed for freedom of speech (democracy) and for basic communication needs.
Basic rights can never be denied,
I agree!
So now change the constitution.

B.t.w.: no DOS or Virus needed anymore, just get the guy you don't like on the blacklist.

Anonymous
The integrity/correctness of the notification systems is not adequate to make a judgement about actual copyright infringement. The false positive rate will be a problem with a "six strike system." If customers are going to be punished by their service providers arbitrarily, expect them to find other providers, and the market will correct itself.
The problem is a behavior problem, not a technology problem.
Anonymous
I see grave privacy concerns.

This is an ISP-level DLP solution, right?

If they cannot see into your SSL encrypted sessions, then the solution is worthless; if they can man-in-the-middle your SSL encrypted sessions then it becomes something bordering on criminal. Using SSL means you have a reasonable expectation of privacy, doesn't it?

I don't see how this could possibly be worth it to the ISPs unless participation is being incentivised by the content owners.
Jasey

93 Posts
Lux, the problem with that argument is...what other providers? In my area the only reasonably high-speed provider is the local cable monopoly. I hate them, but I give them my money anyway because I essentially have no choice. DSL speeds haven't kept up with cable, to the point where DSL today feels like dialup did 10 years ago.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!