Sunday, 28 October 2012 22:52

Are Time Warner and Bright House Performing Random Traffic Scans?

Written by

Reading time is around minutes.
84

Although many think that the dangers of bills such as SOPA and PIPA are dead and gone they are not. In fact far from it and to make matters worse the ISPs are now getting in on the action and playing a role that they were never intended to. To add insult to injury these same ISPs are complaining about the government trying to control them by regulating how they can treat traffic on their networks. Yet we have word from one of our sources that Time Warner is conducting random scans for certain traffic profiles. These scans are looking for certain protocols, file sizes and file types. If they find something that gives a return… well things get a little uglier from there.

According to our source; if a particular line shows fits any of these items a second scan using DPI (Deep Packet Inspection) will occur. Now we have heard rumors that Time Warner was using DPI and also routing certain people’s traffic through unusual routes (we even saw our own traffic routed like this), but we have never had anyone come out and tell us that it was actually taking place. For those of you that are not aware of what DPI is, it is a form of scan that can actually read inside the packets to see what are inside. In advanced forms of DPI they can even decrypt packets protected by SSL.  This is technology that has been in place for a while, but is normally used to help stop malware. Unfortunately it has other uses including peeking into your private communication.

As we mentioned we have heard rumors about this before, but now we have multiple clues that make this claim very likely. One of the first is that we have observed traffic being routed through unidentified systems that have IP addresses that are part of Residential DHCP (Dynamic Host Configuration Protocol) scopes. This means that either Time Warner is allowing customer traffic to pass through other people’s homes or they are passing through something a little more sinister. After seeing this (and actually calling to ask about it) we have noticed that Time Warner (and Bright House) is now assigning private IP addresses. Usually in the area where we are headquartered the IP address assigned by Bright House begins with 98. Now we are seeing that certain people are being assigned a new subnet. This time the first octet is a 172. This is very unusual as that class of IP address is reserved for private networks.

So why would Time Warner/Bright House want to do this? If they can assign an internal subnet of addresses they can route all of your traffic mush easier than simply supplying a normal public IP.  Now before you get upset and start thinking that this is illegal we do have to tell you that while this is very shady it is not exactly illegal. Under the last executive order that was signed individual ISPs are mandated with ensuring their networks are available for emergencies. It granted them quite a bit of leeway in ensuring this and we are sure that they would be able to justify all of this under that mandate. We are also sure that if they find what they are looking for they will be sure to pass it along to their friends who might hold copyright on any of the items being transferred. After all there are very few ISPs that do not have their own streaming media services now and they would not want to see their contracts dry up because they have users that are downloading files they should not be.

We called it when SOPA and PIPA were shelved; they only reason they were allowed to die was because they (the MPAA and RIAA) had plans to make this a reality without the need for that bulky law. We are only seeing the beginning of it now; the worst is probably yet to come.

What are your thoughts about ISPs scanning traffic? Tell us in our Forum

Read 3606 times Last modified on Wednesday, 31 October 2012 22:48

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.