“It is a great honor to be recognized for the public good created by this act of whistleblowing.
“However the greater reward and recognition belongs to the individuals and organizations in countless countries around the world who shattered boundaries of language and geography to stand together in defense of the public right to know, and the value of our privacy.
“It is not I, but the public, who has effected this powerful change, to abrogation of basic constitutional rights by secret agencies.
“It is not I, but newspapers around the world, who have reason to hold our governments to the issues when powerful officials sought to distract from these very issues with rumor and insult.
“And it is not I, but certain brave representatives in governments around the world who are proposing new protections, limits and safeguards to prevent future assault on our public rights and private lives.
“My gratitude belongs to all of those who have reached out to their friends and family to explain why suspicionless surveillance matters. It belongs to the man in a mask on the street on a hot day, and the woman with a sign and an umbrella in the rain, it belongs to the young people in college with a civil liberties sticker on their laptop, and the kid in the back of a class in high school making memes.
“All of these people accept that change begins with a single voice, and spoke one message to the world: governments must be accountable to us for the decisions that they make, decisions regarding the kind of world we will live in, what kind of rights and freedoms individuals will enjoy are the domain of the public, not the government in the dark.
“Yet the happiness of this occasion is for me tempered by an awareness of the road traveled to bring us here today. In contemporary America, the combination of weak legal protections for whistleblowers, bad laws that provide no public interest defense, and a doctrine of immunity for officials who have strayed beyond the boundaries of law, has perverted the system of incentives that regulate secrecy in government. This results in a situation that associates an unreasonably high price with maintaining the necessary foundation of liberal democracy: our informed citizenry.
“Speaking truth to power has cost whistleblowers their freedom, family or country. This situation befits neither America nor the world. It does not require sophistication to understand that policies equating necessary acts of warning with threats to national security inevitably lead to ignorance and insecurity. The society that falls into the deterrent trap known in cultural wisdom as ‘shooting the messenger’ will quickly find that not only is it without messengers, but it no longer enjoys messages at all.
“It is right to question the wisdom of such policies and the unintended incentives that result from them. If the penalty for providing secret information to a foreign government in bad faith is less than the penalty for providing that information to the public in good faith, are we not incentivising spies rather than whistleblowers?
“What does it mean for the public when we apply laws targeting terrorism against those engaged in acts of journalism?
“Can we enjoy openness in our society if we prioritize intimidation and revenge over fact finding and investigation?
“Where do we draw the line between national security and public interest, and how can we have confidence in the balance when the only advocates allowed at the table of review come from the halls of government itself?
“Questions such as these can only be answered through the kind of vigorous public discussion we are enjoying today. We must never forget the lessons of history regarding the dangers of surveillance gone too far, nor our human power to amend such systems to the public benefit.
“The road we travel has been difficult, but it leads us to better times. Together we can guarantee both the safety and the rights of the generations that follow. To all of those who have participated in this debate, from the highest official to the smallest citizen, I say thank you.”
Posts Tagged ‘privacy’
Posted by Laurel L. Russwurm on September 2, 2013
Posted in Changing the World | Tagged: Chaos Computer Club, constitutional rights, democracy, Edward Snowden, Jacob Applebaum, Laura Poitras, Praxis Films, privacy, surveillance, Suspicionless Surveillance, Whistleblower Award, wikipedia | 1 Comment »
Posted by Laurel L. Russwurm on November 16, 2011
Yesterday the CRTC did an about face and reversed the terrible decision to allow Bell Canada to charge Usage Based Billing to the Independent ISP’s customers, effectively pronouncing UBB dead.
On the specific decision, the CRTC rejected the UBB model it approved less than a year ago, acknowledging that it was too inflexible and could block independent ISPs from differentiating their services. The issue then boiled down to Bell’s preferred model based on volume and the independent ISPs’ approach who preferred capacity based models. The Commission ruled that capacity-based models are a better approach since they are more consistent with how network providers plan their networks and less susceptible to billing disputes.
With Bell’s preferred approach out of the way, the Commission was left to choose between two capacity models – the independent providers’ “95th percentile” solution and MTS Allstream’s capacity model. The Commission chose a variant on the MTS Allstream model that involves both a monthly access fee and a monthly capacity charge that can increase in increments of 100 Mbps. That model is even more flexible than what MTS proposed, suggesting that the Commission was primarily focused on building in as much flexibility for independent providers as possible. In addition to this model (which the Commission calls an approved capacity model), the large ISPs can continue to use flat rate models which provide for unlimited usage.
Michael Geist, The CRTC’s UBB Decision: Bell Loses But Do Consumers Win?
Although I agree that further changes should be made, I’m not so sure I go along with all of Professor Geist’s suggestions. The CRTC clearly does not function the way that it should.
The CRTC’s mandate is supposedly to protect consumers. Looking at the history of UBB it is clear that the CRTC does not. In practice, consumers don’t even make it onto the their radar at all; the only CRTC concern is the ISPs.
The CRTC continues to allow Bell Canada to deploy:
- Deep Packet Inspection. This essentially allows Bell Canada total access to all unencrypted Internet traffic. Which means the technology gives Bell the means to read our email, and the CRTC allows this. With zero oversight. The CRTC trusts Bell with their privacy, but I don’t. And although I’m not even a Bell customer, my email is not safe from Bell, because my ISP goes through Bell. This is no more reasonable than giving blanket permission to Canada Post to open postal mail.
- Gouging Customers. I was aghast that the CRTC didn’t understand that most Canadians pay a lot for mediocre Internet access, and worse, didn’t seem to believe the issue was relevant to their deliberations. Have to move to a different geographical location in order to get an another choice of ISP is not “choice.”
- Throttling the Internet. This one still boggles my mind today just as much as when I first heard about it. When customers pay for a level of service, and the service provider deliberately impedes that service, providing inferior service than has been contracted for is wrong. And again, Bell is not only does this to their own customers, but to the customers of the Independent ISPs as well. Worse still, Bell decide singles out specific Internet traffic to discriminate against it. The CRTC gave Bell permission to do this, the implication being that is that all encrypted traffic is “Downloaders” It seems to me, even if someone is using the Internet for nefarious means, to illicitly download copyrighted content, say, it should not give an ISP the right to provide less bandwidth than the customer paid for. This argument is flawed; one crime doesn’t justify another.
Maybe I’m old fashioned, but I grew up in a world where deliberately short changing consumers was considered to be fraud, and when even the government law enforcement officials were required to get a warrant before they read my mail.
These are some of the reasons why I don’t think the CRTC is doing its job of protecting consumers. This could be fixed by making sure that the CRTC reflected its real constituency better. [hint: the CRTC should not be limited to past or present Telecom employees, but should also include consumers.] There shouldn’t have to be a major outcry before the CRTC hears consumer; if the CRTC is going to continue to exist, it needs to be responsive to the public.
If the CRTC isn’t reformed, it should be dissolved and replaced with something that does look out for citizens.
Both Bell and Rogers have far too much control over too many facets of the industries they inhabit. This sure looks like what our American friends might define as “anti-trust.” Where was the CRTC … how did things get this messed up if the CRTC was doing its job?
Rogers is apparently an even worse throttler than Bell, and in fact, “Rogers: The World’s Worst Throttler (Officially)”.
These corporations are not going to behave any better unless compelled to do so. Maybe its time they were broken up; the Internet is an essential service, perhaps it should be administered like any other utility, for the public good rather than the corporate greed.
[Thanks to both Robert & Joan!]
Posted in Changing the World | Tagged: Bell, Consumer Protection, CRTC decision, Deep Packet Inspection, Huffington Post, ISPs, Michael Geist, MTS Allstream, Peter Nowak, privacy, Rogers, Throttling, usage based billing | 1 Comment »
Posted by Laurel L. Russwurm on February 3, 2011
or, Why David Eaves Is Wrong about Usage Based Billing
David Eaves is a smart guy. The problem is that there is so much misinformation about Usage Based Billing, like so many others, he is terribly misinformed:
“One thing that has bothered me about these complaints is that they have generally come from people who also seem to oppose internet service providers throttling internet access. It’s unclear to me that you can have it both ways – you can’t (responsibly) be against both internet throttling and usage-based billing. “
—David Eaves, Why the CRTC was right on Usage-Based Billing
It’s understandable, really. UBB is difficult to understand, describe and explain. Because it’s so complex.
For instance, try explaining that Bell is a backbone carrier as well as an Internet service provider competing with their own wholesale customers.
It’s kind of like a song i heard when I was a kid, something about being your own grandpa….
First, the jargon is so new, much of it isn’t even in Wikipedia.
That’s one of the things I struggled to address when I started this blog. But it gets worse. Bell doesn’t use the words of jargon the same way other ISPs in other parts of the world do.
Let’s look at “throttling”:
- This is How Throttling works,
- Throttling PROVES that the Internet is NOT congested, and
- C: Deep Packet Inspection.
The short version is that Bell’s version of “throttling” consists of deliberately impeding traffic, which actually artificially inflates bandwidth consumption. Worse, they use DPI to discriminate against specific traffic. When you add UBB to throttling, the result looks very much like fraud. Which is why the American ISP Comcast was slapped down by the FCC when they did it.
Understanding Bell Throttling, excerpt from C: Deep Packet Inspection
Policing traffic above a certain rate simply consists of allowing dropped packets when there is Internet congestion. Using the infamously overused highway analogy, if there were two westbound lanes of traffic and the lead car in the fast lane has a blow-out and slams on the brakes and skids to a stop, the other cars in the fast lane can either rear-end this car or overflow the highway into the center ditch. Or both. The traffic in the slow lane just keeps moving along and none of it is lost.
So if the Internet truly is congested, some of it will go through fine but whatever doesn’t fit will simply be discarded, and become “lost” or “dropped” packets. The traffic that is not dropped moves as smoothly as ever. Without an acknowledgment of receipt, the dropped packets will eventually be resent when the recipient system places a “resend” request after the congestion has cleared up. Because this method of clearing up Internet congestion does not target any particular type of Internet traffic, it does not require the invasive deep packet inspection process.
Traffic Shaping or Throttling
The practice known as “Traffic Shaping” can also be called “throttling”.
Traffic Shaping is applied to Internet congestion by forcing all the traffic to slow down and conform to a certain speed by pushing it through a bottleneck.
In this process, no traffic is lost, it is simply delayed in a huge queue. Your computer’s packets will take longer to cross the Internet, and generally your computer will slow down its demands until the congestion is cleared. Revisiting the highway analogy, if we funnel four lanes of traffic into one, everyone gets to where they’re going, but the trip might take an hour instead of fifteen minutes.
This process called interchangeably Traffic Shaping or Throttling does not require the invasive Deep Packet Inspection process either, again for the same reason: it is not targeting a specific type of traffic, it slows down everything.
“ ‘Policing’ drops packets when a bandwidth threshold is exceeded, while ‘traffic shaping’ queues packets during high bandwidth use and releases them when bandwidth use reduces. No data is lost with ‘traffic shaping’. (Cisco, Comparing Traffic Policing and Traffic Shaping for Bandwidth Limiting)
‘Policing’ and ‘traffic shaping’ are protocol agnostic; all traffic is equally affected. Neither ‘policing’ nor ‘traffic shaping’ requires DPI.
Bell Canada’s throttling does neither.”
–Bob Jonkman, Sobac Microcomputer Services
What Bell Canada calls “throttling” is not the same thing as what the rest of the world calls “throttling”.
What Bell Canada means by “Throttling”
“ Bell uses Deep Packet Inspection (DPI) to identify peer-to-peer (P2P) traffic (CRTC filing), and most likely the Bittorrent protocol in particular. Bell Canada uses Sandvine’s equipment for DPI and throttling. With throttling, a forged reset is sent to the client for a percentage of transmitted packets. The client needs to re-establish the connection, as well as re-transmit the lost data (Robb Topolski first discovered the use of forged reset packets). Since Bittorrent transmits as much data as it receives, the re-transmission costs are significant.
In the US, this practice was ruled illegal by the FCC .
‘Policing’ and ‘Traffic Shaping’ sound like industry weasel words to make it sound like they’re doing a good thing. ‘Policing’, ‘traffic shaping’ and ‘throttling’ all degrade service for the party being policed, shaped or throttled. Of the three, Bell has chosen to use ‘throttling’, the technique that’s most disruptive to its customers.”
–Bob Jonkman, Sobac Microcomputer Services
In 2008 Bell Canada acquired Sandvine‘s Deep Packet Inspection equipment with the intention of charging their own customers for their bandwidth usage. Using the DPI process to peel back the packet layers, Bell Canada is able to acquire a lot of information from the packets that make up our Internet traffic. Unfortunately, DPI also shows the Carrier what the content is, unless the content is encrypted. If the content IS encrypted, DPI lets Bell Canada know it’s encrypted. Essentially Deep Packet Inspection gives Bell Canada the capability of reading any unencrypted packets we send across the Internet.
The original application of DPI was to allow Bell Canada to keep track of their customers’ bandwidth use. This necessarily requires information about both senders and recipients, because you can’t reasonably charge Usage Based Billing without knowing which customers used what amount of bandwidth. Bell Canada did not require permission to do this to their own retail customers, because the CRTC does not set Internet pricing. The CRTC allows the ISPs freedom to charge what they want, since the CRTC believes Canada enjoys competition. The idea here is that customers who are dissatisfied with the price or the service terms they are getting are able to change ISPs.
Interestingly enough, at the same time that Bell was busily “throttling” customers, it seems that Bell Canada had begun a new business enterprise: The Globe and Mail: Bell launches video download store. Although customers using Peer to Peer file sharing protocols for downloading were being throttled, it seems subscribers to Bell Canada’s own download service were not.
The problem began when Bell Canada took things too far. After deploying their Deep Packet Inspection package, it wasn’t long until Bell Canada took it a step further– Bell Canada began to use DPI to “throttle” their wholesale customers’ Internet traffic as well.
Certainly there is congestion. If you were using a 15 year old computer you would find it much slower than the one you’re using now.
The Canadian Internet infrastructure seems to be rather like that. At the beginning, Bell infrastructure was state of the art. It isn’t state of the art any more. This isn’t because of anything Bell has done, it seems to be what Bell has not done. It’s the same infrastructure they had back then.
Is that the fault of consumers? No. We pay some of the highest Internet rates in the world.
Non-discriminatory traffic shaping (slowing everything down, rather than singling out the traffic you don’t like) is the accepted practice in parts of the world where citizen privacy and equality is valued. DPI is illegal in many parts of the world because of its capacity for abuse.
The Internet is NOT full. The technology is not getting more expensive. Far from being a genuinely scarce resource, technology is getting faster and storage capacity is increasing while costs drop. Had Bell upgraded the infrastructure to leading edge five years ago it would have much cost far more more than it would cost today. And it would only be half as good.
I remember when my sister’s 2 gigabyte hard drive was unimaginably large. Today you can get a 2 Terabyte drive for around $100 and a 2 GB flash drive is barely adequate for my kid’s school work.
Canadians have been paying inflated costs all along that more than pay for infrastructure maintenance and upgrades, yet if there has been any of the latter I’ve not heard a peep about it. So long as the CRTC allows Bell to charge the customers of their competition UBB there certainly is no incentive for Bell to increase capacity.
People Don’t Understand Bandwidth
What is bandwidth? How much are you using? How can you reduce it?
The first thing to realize is that we are paying for our Internet connection. I pay TekSavvy, my ISP, the agreed rate. My ISP pays the Carrier, Bell, the agreed rate. UBB is an additional cost added to an already profit generating price structure. It over rides contracts.
When TekSavvy buys bandwidth from Bell, they have bandwidth they can redistribute at their discretion.
If you buy a basket of apples from a Farmer, and then give one apple to Tom, three apples to Dick, and 14 apples to Harry, the farmer can’t charge more because Harry took too many apples.
Yet one of the most persistent fallacies floating around is the idea of “bandwidth hogs.”
Actual usage costs range from less than a Canadian penny a gigabyte to possibly as high as three cents/GB.
Yet the big telcos want to charge a range from one to five dollars per gigabyte.
The Independent ISPs have contracted for finite blocks of bandwidth. They pay Bell what they have contacted — prices set by Bell — to pay for these blocks of bandwidth. UBB is a bonus that will be paid to Bell in exchange for providing zero in additional value. Without, say, having to upgrade.
Ultimately, unlike paying for a glass of water, Canadians don’t even know what bandwidth is. The CRTC claims that they support choice. Yet when the Internet first opened up, Canadians chose not to get involved. Originally, the Internet was all Usage Based Billing all the time, charged by the minute. Aside from Technophiles and the rich, Canadians stayed offline. It wasn’t until we could get the Internet at flat rates that Canadians jumped on board with enthusiasm.
Even Bell can’t reliably offer more than a “range” of what some internet activity will actually cost.
There is no meter we can see. Right now I could walk outside and wade through the snow and write down the numbers on my hydro meter. The federal government guarantees the accuracy of the equipment.
Yet there is absolutely no oversight for UBB.
Bell could pull figures out of the air, and consumers have no recourse.
Nor does Bell actually undertake to deliver speeds that they claim to offer.
And the CRTC allows this, instead of looking out for the best interests of consumers.
It’s not over yet.
Regulating Canada into the last century will not help our digital economy survive in this one.
We need to Stop Usage Based Billing before it starts.
If you haven’t already, sign the petition. There are only 13974 signatures.
If you have already signed, who else should you be asking to sign?
That’s easy: anyone who uses the Internet.
Because Usage Based Billing will harm not only Canadians, but our Economy.
You can also call or write your MP, MP postal code look-up
Heritage Minister James Moore – email: Moore.J@parl.gc.ca
Industry Minister Tony Clement – email: Clemet1@parl.gc.ca
Prime Minister Stephen Harper – email: Harper.S@parl.gc.ca
After all, they work for us, don’t they?
Posted in Changing the World | Tagged: Artificial Scarcity, backbone carrier, Bell, Bob Jonkman, carrier, Comcast, CRTC, David Eaves, Deep Packet Inspection, DPO, dropped packets, FCC, Formal Complaint of Free Press and Public Knowledge Against Comcast Corporation for Secretly Degrading Peer-to-Peer Applications, impeding traffic, inflates bandwidth consumption, infrastructure, ISP, persistent fallacies, policing, privacy, Sandvine, Teksavvy, Throttling, UBB, usage based billing | 3 Comments »
Posted by Laurel L. Russwurm on September 12, 2010
We all know spam is out there. We all get it. The only real way to stop spam is for no one to ever ever answer it.
Mark it as spam and delete it. But so long as one person somewhere in the world clicks ‘reply’ or ‘buy’, it will never go away.
But there are things we can do.
don’t make it easy for spammers
I can’t tell you how many times I’ve passed along this advice, because it is a simple thing that we can all do.
When sending email to many people it is much better to select “BCC” than “CC”.
- CC = stands for ‘carbon copy’
- BCC = stands for ‘blind carbon copy’
When you use “CC” every recipient gets access to every email address.
This is important because if even a single copy of your email goes astray and falls into the hands of a spam harvester, they get the bonanza of a whole pile of email addresses to send spam to or to sell to other spammers to send spam to. Spammers aren’t going away any time soon so we should at least try to make it tough for them.
BCC means that the recipients can only see your email address, their own, and the addressee if there is one. Sending them all BCC would mean that only 2 email addresses appear in the email.
Always use BCC
And no, I’m not saying that you can’t trust the people you sending email to.
The thing to realize is that email travels across the Internet. DPI is the equivalent of unsealing our email.
But in Canada, the CRTC allows Bell Canada to use Deep Packet Inspection (DPI) to look inside Internet traffic– which includes email. DPI is illegal in Europe due to privacy concerns. It just takes one unscrupulous person with access and spammers have our email addresses.
history lesson: the origin of the carbon copy
Before computers, people in the 20th Century had typewriters. Typewriters were machines used for writing. Pressing down on a typewriter key worked the typewriter machine by striking the corresponding letter shaped metal die onto an inked ribbon against paper rolled into the machine.
When using a typewriter, it was possible to make an exact copy by sandwiching a piece of carbon paper between two sheets of typing paper and rolling them both into the typewriting machine. The force applied to the key would first transfer the ink to the paper and then through the flimsy carbon paper transferring the carbon onto the second piece of paper in the shape of the typed character.
The drawback was that the second copy was not crisp. The advantage that every keystroke was reproduced. This second copy was called a carbon copy. It was considered good form for the typist to type “cc” followed by the name of the person who would receive the second copy. In this way, bot copies indicate who received the letter.
A duplicate made without indicating a second recipient was called a “blind carbon copy” or “bcc” since the original recipient is not privvy to either the fact of it’s existence or information about it’s disposition. Often a file copy would be made in this fashion so that the sender retained a copy of his side of the correspondence.
“No Spam” image by laurelrusswurm under a Creative Commons CC0 License
Posted in Changing the World | Tagged: bcc, bell canada, Blind Carbon Copy, Canada, Carbon Copy, carbon paper, cc, CRTC, Deep Packet Instection, DPI, email, email address, internet security, privacy, spam, spam harvester, typewriter, unscrupulous | 1 Comment »