CircleID

The Wall Street Journal's dubious story about Iran's use of Deep Packet Inspection (DPI) for spying, censorship and disinformation appears in a highly charged atmosphere. The US Republican right wing wants the US to talk tougher to Iran, to bomb-bomb-bomb, invade, or commit "regime change."

More questions than mine [original post here] have surfaced about the WSJ's story from a graduate student in Australia and from Wired's Threat Level Blog. Meanwhile, Free Press, the major driving force behind the Net Neutrality movement, seems to have swallowed the WSJ story hook, line and sinker accepted the major claims of the story.

Cui bono, these claims about DPI? Suppose the Right could co-opt US techno-leftists with claims about issues they care about, such as Net Neutrality and Internet spying, would it not further their Iran agenda? I'm not saying they ARE doing that, but suppose they were, would not the WSJ be a convenient channel for doing so?

Christopher Parsons, a doctoral student at the University of Victoria, wrote to Lauren Weinstein, who posted to Dave Farber's IP list,

I have some serious doubts that the WSJ is accurate in their depiction of DPI. I'm doing my doctoral studies on DPI as it relates to privacy, and neither I nor the network engineers that I have communicated with (who are using DPI appliances) are aware of ANY DPI appliance that is actually capable of doing what the WSJ is claiming is going on. I've written about this, informally, here.

If you follow the link above, Parsons writes, in part,

… Iran is either using DPI in incredibly complex and sophisticated ways that push the technology to its limits, or the WSJ is blowing smoke.

... DPI could, potentially, in an ideal world do what the WSJ is suggesting, but networking environments where admins are trying to regulate gigabytes of traffic each second are hardly these ideal environments for mass surveillance and content regulation using DPI appliances. Hopefully the pressure gets Nokia-Siemens or other network manufacturer to fess up about what they sold, but I'm not holding my breath.

Whereas my doubts are largely about the article's primary source, Parsons also casts doubt on one of two named secondary sources, Bradley Anstis, director of technical strategy with Marshal8e6, when he says,

I truly wonder just how accurate the story from the WSJ is on the technical capabilities of the DPI devices that are deployed, and am also incredibly interested to know what the tests are to see if DPI is being used. I'm not saying that such tests don't exist, but I'm not certain what, exactly, you'd be looking for. A network engineer would have a better grasp, but I haven't found any product that Marshal8e6 offers that would give them particular insight into this. Now, if we were talking about spam or phishing I wouldn't doubt their competencies. I also have to note that the data Marshal8e6 fed to the WSJ isn't available on their website anywhere that I could find it.

Threat Level Blog's Kim Zetter, in reporting on the WSJ story, says,

Although the Journal has published questionable "spying" stories in the past, we're willing to go with them on this one.

Zetter fails to say WHY Threat Level is "willing to go with them on this one."

Zettner also blogs Consumers Boycott Nokia, Siemens for Selling to Iran. This article is completely, totally unsourced, and seems to be the only primary information on this supposed boycott. If anybody knows anybody who is organizing this boycott, or participating in it, or a Web site for it, or any other free-standing evidence that does not originate with Zettner's story, please leave a comment or let me know!

Josh Silver, Executive Director of Free Press, an organization whose general aims I strongly support, has fallen for the dubious WSJ story. In an interview on Democracy Now, Silver says,

[The WSJ story has] been disputed by the European company, but the validity of the report seems solid.

Silver fails to say why the validity of the report seems solid. He fails to note that not only did "the European Company" (Nokia-Siemens) dispute the report, but also the primary source for the story, Ben Roome, a Nokia-Siemens spokesman, denies that he said what is attributed to him.

Just before the Iran election hit the fan, Free Press released a report on the use of DPI that outlines many REAL DANGERS that DPI poses, and the bulk of Silver's interview turns on these dangers. To Silver's credit, he does state that the WSJ story on Iran "has not been completely proven." But it is too bad that Free Press can't make their points about the dangers of Internet monitoring from higher, more solid ground.

Reminder: I'm not saying that Iran isn't using DPI. I'm not saying there's no Nokia-Siemens boycott. I am saying that I'm waiting for solid evidence. Got evidence? Please let me know.

By David Isenberg, Principal Prosultant(sm), isen.com, LLC. Visit the blog maintained by David Isenberg here.

Related topics: Access Providers, Censorship, Internet Governance, Net Neutrality, Telecom