The Dark Cloud of Deep Packet Inspection

Cloud computing security conceptCloud computing is transforming entire industries by making massive quantities of computing power available to even the smallest companies on a pay-as-you-go, use-what-you-need basis. Like all new technologies, however, the innovations that have made cloud computing possible also have a darker side. In an article for Ars Technica, veteran journalist Sean Gallagher explains how network hardware manufacturers are combining packet inspection technology with cloud-scale storage and processing capabilities to build internet surveillance systems that can watch the moves that millions make online.

Packet inspection is a technology that allows internet servers to inspect the packets of information passing through them in order to accord different kinds of content differential treatment. If the packets of information that make up internet traffic are analogized to pieces of mail in a sorting plant, packet inspection would allow the postal service to make content-based decisions on how to process the mail. A “shallow” level of packet inspection might involve distinguishing parcels from magazines for differential treatment, while a “deep” level of packet inspection might involve opening envelopes to find love letters so that they can be expedited for delivery.

Packet inspection technologies have been with us since the early days of the internet and are used for everything from blocking streaming video on corporate networks (shallow inspection) to censoring websites containing banned keywords in countries such as China, Iran, and Syria (deep inspection). These conventional applications are controversial enough, but combining deep packet inspection with cloud-scale storage and processing capabilities opens up the possibility of recording, storing, and analyzing large quantities of network traffic for patterns of interest over a period of days, months, or even years.

While there are certainly some legitimate uses for this novel combination of technologies, such as identifying a pattern of hacking attempts in a morass of server logs, the marriage of deep packet inspection and cloud-scale computing has a wide range of sinister applications as well. Gallagher’s article explains that some of the products being offered by companies such as Barracuda Systems have the capability to decrypt the SSL-secured communications that make internet banking possible. Even more worryingly, deep packet inspection combined with cloud-scale computing can be used to track and identify users of applications such as TOR and Psiphon that are designed to circumvent national internet censorship systems.

Corporations in the rapidly evolving networking technology sector need to be mindful of their social responsibilities given the tremendous power their products place in the hands of their customers. In just the last twelve months, two major networking firms had their reputations sullied when their deep packet inspection equipment was found in the hands of the former Gadaffi dictatorship in Libya and the current Assad regime in Syria.

Networking technology companies therefore owe it to their shareholders, employees, and netizens around the world to vet potential purchasers of their products to ensure that their needs are legitimate. Likewise, organizations deploying such surveillance technologies on their networks — be they businesses, telecoms, or government agencies — need to be transparent about how and why they are using such devices if they are to retain the trust and confidence of their online community of users.

Leave a Reply

Your email address will not be published. Required fields are marked *


nine − = 4

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>