Tunneling your way around ISP traffic manipulation

Posted by Ryan Radia

Stuck with limited ISP choices, broadband users are increasingly angry with the growing number of providers that poke around in their customers’ traffic. From resetting Bittorrent sessions to sniffing packets for URLs, more and more providers are wielding their power as the “man in the middle” to monitor and manipulate traffic in unpopular and possibly illegal ways. While these practices can be beneficial, tech-savvy consumers are understandably agitated. Congress is now considering legislation that would outlaw these ISP practices.

Instead of urging lawmakers to enact sweeping new laws that would often do more harm than good, broadband users should look to the recent emergence of commercial secure tunneling services. These services remind us that the marketplace is perfectly capable of resolving skirmishes without government getting involved.

Numerous companies have begun to offer encrypted tunnels using Virtual Private Networks (VPNs).  These networks have long been used for a variety of reasons, and are popular with network security experts because of how well they protect data from outside snooping.  By tunneling traffic through secure links, broadband users can break free from the constraints imposed by ISPs on certain types of traffic. Routing peer to peer applications through these tunnels makes them almost entirely indistinguishable from other types of traffic—even to stateful packet inspection tools like Sandvine that are undeterred by header encryption.

Tunneling traffic via encrypted, remote servers is also one of the toughest targets for ISPs. Many corporate users and university students connect to VPNs for necessary reasons, and there’s no easy way for an ISP to distinguish “legitimate” VPN traffic from the other kind. And with new secure tunneling firms popping up all the time, simply blocking the IP-address ranges of known tunnels is no solution. Absent a VPN Whitelist—highly infeasible given the growing number of VPNs in the wild—ISPs will soon realize that, no matter how much they invest in packet inspection tools like Sandvine and Phorm, informed users will always find a way to stay a step ahead.

Continue reading this post »

 Email This Post Email This Post  Print This Post Print This Post

Tags: , , ,

05/22/2008 @ 1:44 pm | Personal Liberty, Privacy, Tech & Telecom | Comments

  •  
  •