More Ludicrous Marketing Claims About P2P Filtering
A few years ago, EFF debunked an anti-P2P packet filtering technology sold by Audible Magic. Twice. The notion that universities can just buy a piece of software to end file sharing on their networks forever is false. But it keeps coming back.
The latest product of this sort is from a company called SafeMedia. Its website is covered in dramatic marketing newspeak and includes a weird appeal to the Congress to install its software in "every public and private institution receiving Federal funds". So what are they selling, really?
SafeMedia's flagship filtering product is called Clouseau — suggestively named after the hillariously incompetent detective played by Peter Sellers in the Pink Panther movies.
The press release makes some grand and misleading claims:
?Pirates are smart and innovative, and so is Clouseau?. Our technology is dynamic, sees through all multi-layered encryptions, adaptively analyzes network patterns and constantly updates itself. Packet examinations are noninvasive and infallible. There are no false positives.?
Wow. We wonder if it sees through the encryptions with a comically big magnifying glass?
It's hard to be certain from marketing-speak on their website, but it appears that ?Clouseau? works in two ways:
- Recognizing protocol-identifying "magic numbers" or other distinctive patterns inside individual packets from a particular protocol (like Gnutella, or eDonkey, etc).
- Building up a "profile" of traffic by looking at a series of packets.
A system like this could indeed block many of the p2p protocols that are widely used today (including some encrypted protocols, without breaking the encryption). It certainly isn't, and will never be, "infallible." In fact, the claim is ludicrous. Detecting encrypted file sharing networks is very difficult, and blocking them without interfering with other encrypted protocols like HTTPS, IMAP/S, or SSH is next to impossible.
To illustrate this, suppose that SafeMedia attempts to block a program like Allpeers. They might succeed in doing so briefly, because the program tries to make its encrypted SSL conections over TCP port 36000 at first and only later switches to port 443 (the HTTPS port). On a TCP/IP network like the Internet, eavesdroppers can see the port numbers even if they can't decrypt the traffic. So if Clouseau was clever enough, it would remember the initial 36000 connection and stop that machine from using port 443 later (blocking https websites as a side-effect).
But if Clouseau started doing this, Allpeers could change their software to use port 443 from the beginning. If the SafeMedia engineers were really good, there might be another round of cat-and-mouse as Clouseau tried to perform traffic analysis on the sizes and timings of the encrypted packets, and Allpeers started changing their sizes and timings to look like a more typical https website.
Filtering tools merely drive the development of sharing tools that are resistant to monitoring (including small networks like Allpeers, and encrypted versions of BitTorrent and eMule), and drive students to start using them. They don't get us any closer to a real solution that gets artists paid while letting fans continue to share music. Universities are already being forced to expend significant resources doing the RIAA's dirty work, and they should think very carefully before implementing expensive tools like SafeMedia's.
Recent DeepLinks Posts
May 22, 2015
May 22, 2015
May 21, 2015
May 21, 2015
May 21, 2015
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Defending Digital Voices
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Encrypting the Web
- Export Controls
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2015 Copyright Review Process
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student and Community Organizing
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games