#next Danger Room » The Kremlin’s New Internet Surveillance Plan Goes
Live Today Comments Feed Danger Room RSS Feed
WIRED
* Gear
+ Gadget Lab
o Review: Microsoft Surface Pro Review: Microsoft Surface
Pro
Review: Microsoft Surface Pro
o Xbox 360 Gets Exclusive Console Access to Redbox Instant
Xbox 360 Gets Exclusive Console Access to Redbox Instant
Xbox 360 Gets Exclusive Console Access to Redbox Instant
o Disney and Google Build an Amazing Interactive Circus to
Hype Oz Disney and Google Build an Amazing
Interactive Circus to Hype Oz
Disney and Google Build an Amazing Interactive Circus to Hype Oz
+ Autopia
o This Tank-Van Hybrid Will DJ Your Next Skiing Soiree This
Tank-Van Hybrid Will DJ Your Next Skiing Soiree
This Tank-Van Hybrid Will DJ Your Next Skiing Soiree
o Boeing May Resume 787 Dreamliner Flights to Identify
Battery Flaw Boeing May Resume 787 Dreamliner Flights to
Identify Battery Flaw
Boeing May Resume 787 Dreamliner Flights to Identify Battery Flaw
o Cadillac Working on Fix for Its Laggy, Unresponsive CUE
Infotainment System Cadillac Working on Fix for Its
Laggy, Unresponsive CUE Infotainment System
Cadillac Working on Fix for Its Laggy, Unresponsive CUE Infotainment System
+ Reviews
o Don’t Call It a Tablet Don’t Call It a Tablet
Don’t Call It a Tablet
o The Desktop Goes Mobile The Desktop Goes Mobile
The Desktop Goes Mobile
o Bring on the Bailout Money! Bring on the Bailout Money!
Bring on the Bailout Money!
* Science
+ Science
o Wired Science Space Photo of the Day: Pretty Veils in
Orion Wired Science Space Photo of the Day: Pretty Veils
in Orion
Wired Science Space Photo of the Day: Pretty Veils in Orion
o Live Chat: Are We Doing Science the Right Way? Live Chat:
Are We Doing Science the Right Way?
Live Chat: Are We Doing Science the Right Way?
o In Mysterious Pattern, Math and Nature Converge In
Mysterious Pattern, Math and Nature Converge
In Mysterious Pattern, Math and Nature Converge
+ Science Blogs
o First Look at the Giant Copenhagen Suborbitals Rocket
First Look at the Giant Copenhagen Suborbitals Rocket
First Look at the Giant Copenhagen Suborbitals Rocket
o Where to Launch and Land the Space Shuttle? (1971-1972)
Where to Launch and Land the Space Shuttle? (1971-1972)
Where to Launch and Land the Space Shuttle? (1971-1972)
o Pyroclastic Flow Deposits From the Paluweh Eruption
Pyroclastic Flow Deposits From the Paluweh Eruption
Pyroclastic Flow Deposits From the Paluweh Eruption
* Entertainment
+ Underwire
o Computer Chess Trailer Takes Droll Look at 1980s
Nerd Culture Computer Chess Trailer Takes Droll
Look at 1980s Nerd Culture
Computer Chess Trailer Takes Droll Look at 1980s Nerd Culture
o Game of Thrones Creator George R. R. Martin to
Develop New Shows for HBO Game of Thrones Creator
George R. R. Martin to Develop New Shows for HBO
Game of Thrones Creator George R. R. Martin to Develop New Shows for HBO
o Karen Russell’s Vampires in the Lemon Grove Is a
Darkly Surreal Treat Karen Russell’s Vampires in the
Lemon Grove Is a Darkly Surreal Treat
Karen Russell’s Vampires in the Lemon Grove Is a Darkly Surreal Treat
+ Game|Life
o Portal, the Movie: Valve, J.J. Abrams Team
Up for Future Games, Films Portal, the
Movie: Valve, J.J. Abrams Team Up for Future Games, Films
Portal, the Movie: Valve, J.J. Abrams Team Up for Future Games, Films
o Game|Life Weekly: Dead Space and More
Sequels Are This Week’s Big Games Game|Life Weekly:
Dead Space and More Sequels Are This Week’s
Big Games
Game|Life Weekly: Dead Space and More Sequels Are This Week’s Big Games
o $99 Ouya Game Console Will Hit Amazon, Target and More in
June $99 Ouya Game Console Will Hit Amazon, Target and
More in June
$99 Ouya Game Console Will Hit Amazon, Target and More in June
+ Playbook
o Playing for Fun Could Reduce Sports Injuries Playing for
Fun Could Reduce Sports Injuries
Playing for Fun Could Reduce Sports Injuries
o Blame an ‘Abnormality,’ Not Beyoncé, for the Super Bowl
Blackout Blame an ‘Abnormality,’ Not Beyoncé, for the
Super Bowl Blackout
Blame an ‘Abnormality,’ Not Beyoncé, for the Super Bowl Blackout
o A Doctor’s Prescription for Surviving Football Withdrawal
A Doctor’s Prescription for Surviving Football Withdrawal
A Doctor’s Prescription for Surviving Football Withdrawal
+ GeekDad
o New Monopoly Token Revealed New
Monopoly Token Revealed
New Monopoly Token Revealed
o Today’s Google Doodle Celebrates Anthropologist Mary
Leakey Today’s Google Doodle Celebrates Anthropologist
Mary Leakey
Today’s Google Doodle Celebrates Anthropologist Mary Leakey
o Kickstarting The Maze of Games Kickstarting
The Maze of Games
Kickstarting The Maze of Games
+ GeekMom
o GeekMom: Comic Book Corner — February 6th, 2013 GeekMom:
Comic Book Corner — February 6th, 2013
GeekMom: Comic Book Corner — February 6th, 2013
o Happy 100th Birthday Grand Central Terminal! Happy 100th
Birthday Grand Central Terminal!
Happy 100th Birthday Grand Central Terminal!
o Digital Manga: An Interview with the Editor of
Weekly Shonen Jump Digital Manga: An
Interview with the Editor of Weekly Shonen
Jump
Digital Manga: An Interview with the Editor of Weekly Shonen Jump
* Business
+ Business
o Amazon Launches Its Own Currency to Make It Easier to
Spend on the Kindle Amazon Launches Its Own Currency to
Make It Easier to Spend on the Kindle
Amazon Launches Its Own Currency to Make It Easier to Spend on the Kindle
o Viddy CEO Goes Out After Blaze of Glory Viddy CEO Goes
Out After Blaze of Glory
Viddy CEO Goes Out After Blaze of Glory
o Unused Office Space Is Like A Massive Untapped Natural
Resource Unused Office Space Is Like A Massive Untapped
Natural Resource
Unused Office Space Is Like A Massive Untapped Natural Resource
+ Enterprise
o Microsoft Bing Battles Bot Queries by the Billions
Microsoft Bing Battles Bot Queries by the Billions
Microsoft Bing Battles Bot Queries by the Billions
o Cloud Monitoring Company Bags $80 Million To Woo
Developers Cloud Monitoring Company Bags $80 Million To
Woo Developers
Cloud Monitoring Company Bags $80 Million To Woo Developers
o Google Chromebooks Rain on School Children, Invade HP
Google Chromebooks Rain on School Children, Invade HP
Google Chromebooks Rain on School Children, Invade HP
+ Innovation Insights
o No More Boring Software No More Boring
Software
No More Boring Software
o Why Some Companies Fail, Others Succeed — Lessons from
Steve Jobs as My Boss Why Some Companies Fail, Others
Succeed — Lessons from Steve Jobs as My Boss
Why Some Companies Fail, Others Succeed — Lessons from Steve Jobs as My Boss
o Navigating the Security Maze for Cloud Computing
Navigating the Security Maze for Cloud Computing
Navigating the Security Maze for Cloud Computing
+ This Day In Tech
o This Day In Tech This Day In Tech
Feb. 5, 1940: It’s Surreal Thing — H.R. Giger Born
o This Day In Tech This Day In Tech
Feb. 4, 1951: Major Assist Removes Enormous Cyst
o This Day In Tech This Day In Tech
Feb. 1, 1893: Lights! Kinetograph! Action!
+ Business Conference
o
Promotion
o Wired's Disruptive by Design
In today's business world, disruption is a constant force
that never lets up. At the annual WIRED Business
Conference: Disruptive by Design, we celebrate the
creative power of bold new ideas and the people that make
them happen.
See the event >
* Security
+ Danger Room
o Navy’s First 4G Network Will Head Out to Sea in March
Navy’s First 4G Network Will Head Out to Sea in March
Navy’s First 4G Network Will Head Out to Sea in March
o Drone Boosters Say Farmers, Not Cops, Are the Biggest
U.S. Robot Market Drone Boosters Say Farmers, Not Cops,
Are the Biggest U.S. Robot Market
Drone Boosters Say Farmers, Not Cops, Are the Biggest U.S. Robot Market
o How Obama Transformed an Old Military Concept So He Can
Drone Americans How Obama Transformed an Old Military
Concept So He Can Drone Americans
How Obama Transformed an Old Military Concept So He Can Drone Americans
+ Threat Level
o Genetic Privacy Front and Center at Supreme Court Genetic
Privacy Front and Center at Supreme Court
Genetic Privacy Front and Center at Supreme Court
o Vulnerability Lets Hackers Control Building Locks,
Electricity, Elevators and More Vulnerability Lets
Hackers Control Building Locks, Electricity, Elevators
and More
Vulnerability Lets Hackers Control Building Locks, Electricity, Elevators and
More
o Wireless Carriers Leave Millions of Android Phones
Vulnerable to Hackers Wireless Carriers Leave Millions of
Android Phones Vulnerable to Hackers
Wireless Carriers Leave Millions of Android Phones Vulnerable to Hackers
* Design
+ Design
o Raspberry Pi Announces $25 Camera Module Raspberry Pi
Announces $25 Camera Module
Raspberry Pi Announces $25 Camera Module
o Gun-Death Data Boldly Illustrates Stolen Years Gun-Death
Data Boldly Illustrates Stolen Years
Gun-Death Data Boldly Illustrates Stolen Years
o Hessian: The Product-Less Brand Your Company Can Buy for
Only $18,000 Hessian: The Product-Less Brand Your Company
Can Buy for Only $18,000
Hessian: The Product-Less Brand Your Company Can Buy for Only $18,000
+ Raw File
o Banishing Drug Lords From Rio de Janeiro’s Favelas in
Pre-Olympic Sweep Banishing Drug Lords From Rio de
Janeiro’s Favelas in Pre-Olympic Sweep
Banishing Drug Lords From Rio de Janeiro’s Favelas in Pre-Olympic Sweep
o Mushroom-Hunting Photos Recall Gold Rush-Era Living
Mushroom-Hunting Photos Recall Gold Rush-Era Living
Mushroom-Hunting Photos Recall Gold Rush-Era Living
o LomoChrome Purple Plays the Insta Filter Game the
Old-Fashioned Way LomoChrome Purple Plays the Insta
Filter Game the Old-Fashioned Way
LomoChrome Purple Plays the Insta Filter Game the Old-Fashioned Way
+ How To
o
Use Camera Tricks to Paint Light in the Sky
o
Build a Homemade Cell Phone Jammer
o
Check Your Mac for Malware
+ Webmonkey
o Create Better, Sharper Web Graphics With SVG Create
Better, Sharper Web Graphics With SVG
Create Better, Sharper Web Graphics With SVG
o Google, Mozilla Team Up for Skype-Killing Video Call Demo
Google, Mozilla Team Up for Skype-Killing Video Call Demo
Google, Mozilla Team Up for Skype-Killing Video Call Demo
o Webmonkey Webmonkey
Internet Explorer 10 for Windows 7 Coming Soon
* Opinion
+ Opinion
o Footnotes: Caffeinated Goats, Spiders on LSD and
Mickey Mouse’s Aerial Rampage Footnotes:
Caffeinated Goats, Spiders on LSD and Mickey Mouse’s
Aerial Rampage
Footnotes: Caffeinated Goats, Spiders on LSD and Mickey Mouse’s Aerial
Rampage
o We Need to Think Beyond the Aaron in ‘Aaron’s Law’ We
Need to Think Beyond the Aaron in ‘Aaron’s Law’
We Need to Think Beyond the Aaron in ‘Aaron’s Law’
o How Facebook Can Totally Undermine Apple and Google in
the Platform Games How Facebook Can Totally Undermine
Apple and Google in the Platform Games
How Facebook Can Totally Undermine Apple and Google in the Platform Games
* Video
+ Video Series
o
Game|Life Video: Reviews, previews and insider info from Wired's gaming guru
Chris Kohler.
o
Footnotes: A satirical yet informative exploration of the most ravishing
ideas from Wired.
o
Observation Deck: A weekly look at stories shaping—and shaped by—the Wired
world.
* Insider
+ Wired Insider
* Magazine
+ Current Issue
Wired Magazine
Subscribe
o Magazine Magazine
Decode | The Silent History Brings Serialized Fiction Close to Home
o 2013: The Year the Mystery Hunt Broke 2013: The Year the
Mystery Hunt Broke
2013: The Year the Mystery Hunt Broke
o Magazine Magazine
Merging Television and Online Gaming with Defiance
* Subscribe
+ Subscribe to Wired Magazine
* RSS
* Search
Search ____________________
Subscribe to Wired Magazine
Danger Room
What's Next in National Security
* Info War
* Russia
*
*
*
*
The Kremlin’s New Internet Surveillance Plan Goes Live Today
* By Andrei Soldatov and Irina Borogan
* 11.01.12
* 6:30 AM
* Edit
Russian communications minister Nikolai Nikiforov meets with president
Vladimir Putin. Photo: Kremlin.ru
On the surface, it’s all about protecting Russian kids from internet
pedophiles. In reality, the Kremlin’s new “Single Register” of banned
websites, which goes into effect today, will wind up blocking all kinds
of online political speech. And, thanks to the spread of new
internet-monitoring technologies, the Register could well become a tool
for spying on millions of Russians.
Signed into law by Vladimir Putin on July 28, the internet-filtering
measure contains a single, innocuous-sounding paragraph that allows
those compiling the Register to draw on court decisions relating to the
banning of websites. The problem is, the courts have ruled to block
more than child pornographers’ sites. The judges have also agreed to
online bans on political extremists and opponents of the Putin regime.
The new system allows ISPs not only to filter traffic, but to monitor
it on a nationwide scale.
The principle of internet censorship is not a new one to the Russian
authorities. For five years, regional prosecutors have been busy
implementing regional court decisions requiring providers to block
access to banned sites. To date this has not been done systematically:
Sites blocked in one region remained accessible in others. The Register
removes this problem.
The new system is modeled on the one that is used to block extremist
and terrorist bank accounts. The Roskomnadzor (the Agency for the
Supervision of Information Technology, Communications and Mass Media)
gathers not only court decisions to outlaw sites or pages, but also
data submitted by three government agencies: the Interior Ministry, the
Federal Antidrug Agency and the Federal Service for the Supervision of
Consumer Rights and Public Welfare. The Agency is in charge of
compiling and updating the Register, and also of instructing the host
providers to remove the URLs. If no action by the provider follows, the
internet service providers (ISPs) should block access to the site in 24
hours. The host providers must also ensure they are not in breach of
current law by checking their content against the database of outlawed
sites and URLs published in a special password-protected online version
of the Register open only to webhosters and ISPs.
Most importantly, however, the new Roskomnadzor system introduces DPI
(deep packet inspection) on a nationwide scale. Although DPI is not
mentioned in the law, the Ministry of Communications — along with the
biggest internet corporations active in Russia — concluded in August
that the only way to implement the law was through deep packet
inspection.
“At the end of August, under the chairmanship of Communications
minister Nikolai Nikiforov, a working group was held, drawing
representatives of Google, SUP Media (the owner of the Livejournal
social network), and of all the other big hitters. They discussed how
to ensure that the [filtering] mechanism — they used the concrete
example of YouTube — how to block a specific video, without blocking
YouTube as a whole. And they reached the conclusion that pleased them
all,” Ilya Ponomarev, a member of the State Duma and an ardent
supporter of the law, told us.
Are we are talking about DPI technology? we asked.
“Yes, precisely.”
Most digital inspection tools only look at the “headers” on a packet of
data –- where it’s going, and where it came from. DPI allows network
providers to peer into the digital packets composing a message or
transmission over a network. “You open the envelope, not just read the
address on a letter,” said an engineer dealing with DPI. It allows ISPs
not only to monitor the traffic, but to filter it, suppressing
particular services or content. DPI has also elicited concern from
leading privacy groups over how this highly intrusive technology will
be used by governments.
“No Western democracy has yet implemented a dragnet black-box DPI
surveillance system due to the crushing effect it would have on free
speech and privacy,” said Eric King, head of research at Privacy
International. “DPI allows the state to peer into everyone’s internet
traffic and read, copy or even modify e-mails and webpages: We now know
that such techniques were deployed in pre-revolutionary Tunisia. It can
also compromise critical circumvention tools, tools that help citizens
evade authoritarian internet controls in countries like Iran and
China.”
“There are basically two functions in DPI — filtering and SORM,” added
IBM East Europe Business Development Director Boris Poddubny, referring
to the Russian government surveillance system for monitoring both
internet traffic and phone calls. “There may be devices to copy
traffic. DPI helps analyze it. And there will be a detailed log: what
is downloaded by whom, and who looked for what on the internet.”
The Moscow headquarters of Russia’s Federal Security Service, the
successor to the KGB. Photo: Andrei Soldatov
Off-Guard
September of 2012 saw several prosecutors request that access to the
“Innocence of Muslims” video be blocked in various different Russian
regions. On Sept. 27, the three largest mobile and internet service
providers — MTS, VimpelCom and Megafon — restricted access to the
inflammatory movie trailer. VimpelCom blocked access to websites that
posted the video, which made YouTube as a whole inaccessible in
Chechnya, Dagestan, Kabardino-Balkaria, Ingushetia,
Karachay-Cherkessia, North Ossetia and the Stavropol Region. But MTS
and Megafon succeeded in blocking access just to the video itself
thanks to DPI.
It seems the Russian authorities have been busy testing the ground in
applying the most advanced internet-censorship technologies, an idea
that has obsessed the Kremlin for the last two years.
After the Arab Spring, the Kremlin gave serious thought to developing
facilities for averting “enemy activity” on the Russian internet. The
problem had, at various levels, been a hot topic since summer 2011. The
Collective Security Treaty Organization (the Moscow-led regional
defence alliance consisted of Russia, Belarus, Armenia, Kazakhstan,
Kyrgyzstan and Tajikistan), member states’ heads of state, prosecutors
general and the security services all addressed it. The growth of
political activism in their countries and the role of social networking
sites in mobilizing protesters only increased the paranoia.
Russia’s security services started developing a strategy for the
blogosphere and social networking sites, but had not managed to develop
anything concrete before the December 2011 protests that were prompted
by Vladimir Putin’s campaign to return to the presidency. The services
were used to dealing with threats of a more traditional nature, and
were confused when faced with a protest organization with no center —
but that instead worked through social networking sites.
‘This allows the state to peer into everyone’s internet traffic and
read, copy or even modify e-mails and webpages.’
According to our sources in the secret services, on a technical level
they were powerless to deal with social networks, especially any that
were based outside of the country, such as Facebook and Twitter (“What
can we do if [the pro-Chechen] Kavkazcenter opens a page on Facebook?”
was their most desperate question).
Not surprisingly, the best the St. Petersburg Federal Security Service
(FSB) department could do on the eve of the major protest rally in
Bolotnaya Square on Dec. 10 was to send a fax to Pavel Durov, the
creator of the St. Petersburg-based VKontakte social network, requiring
him to close down protest groups. Durov refused. The next day, he was
summoned to the St. Petersburg prosecutor’s office to explain himself.
Durov did not attend, the story came out, and that was the end of the
matter.
On March 27, 2012, this failure was indirectly recognized by the First
Deputy Director of the FSB, Sergei Smirnov. At a meeting of the
Regional Anti-Terrorist Structure within the Shanghai Cooperation
Organization — an international group founded in 2001 by China, Russia
and Central Asian states — Smirnov said: “New technologies are used by
Western secret services to create and maintain a level of continual
tension in society with serious intentions extending even to regime
change…. Our elections, especially the presidential election and the
situation in the preceding period, revealed the potential of the
blogosphere.” Smirnov stated that it was essential to develop ways of
reacting adequately to the use of such technologies and confessed
openly that “this has not yet happened.”
The solution appears to have been found in the summer, when the State
Duma approved the amendments, effectively raising the
internet-filtering system to a nationwide level, thanks to DPI
technologies.
Maybe because government officials had, for so many years, claimed that
Russia could not adopt the Chinese and Central Asian approach to
internet censorship, the solution took the national media, the expert
community and the opposition completely by surprise.
In fact, the ground had been carefully prepared over a period of years,
since DPI technology had first entered Russia in the mid-2000s for
purely commercial reasons.
(R to L): Duma member Ilya Ponomarev, IBM’s Boris Poddubny, RGRCom CEO
Roman Ferster, and Inline Telecom Solutions’ Alexander Shkalikov are
all intimately involved in expanding Russia’s deep packet inspection
efforts.
Suppression
“We got our first client in 2004, it was Transtelecom. But it was its
security department, so DPI was intended for its internal network,”
said Roman Ferster, CEO of RGRCom company, the main distributor of
Allot DPI technologies in Russia.
Ferster — short, stocky and energetic, with a slight Israeli accent —
founded RGRcom in 2003 to sell telecom technologies made by Israeli
corporations in Russia. Allot, which focuses exclusively on
manufacturing DPI solutions, suited his business perfectly. His small
team of just over 20 people is Allot’s exclusive partner in Russia.
They helped install Allot devices in the Tatarstan region, in the Far
East, in VimpelCom’s ISP network in Moscow, in the Ural regional
operator’s network, and so on.
Ferster’s company also offers Russia technology that can solve the
technical problem of blocking a single video clip instead of YouTube as
a whole.
Allot initially targeted corporate networks and small regional ISPs,
not the big long-distance providers and mobile operators. DPI did not
really arrive in Russia until the end of the 2000s, and now many of the
biggest DPI technology vendors have a presence in Russia: Canada’s
Sandvine, Israel’s Allot, America’s Cisco and Procera, and China’s
Huawei. By the summer of 2012, all three national mobile operators in
Russia already had DPI at their disposal: Procera was installed in
VimpelCom, while Huawei’s DPI solutions are in use in Megafon, and MTS
bought CISCO DPI technology.
“The first bell rang in Russia when we got torrents. Because the
torrents occupy all available bandwidth,” Ferster’s chief engineer
Vasya Naumenko recalled. “When it began, operators came to think how to
solve it. And it turned out that there is no other option except DPI.
No switch, no router, not even Cisco, can solve the problem. This is
the level of applications, and in any case it’s necessary to open the
packets and see what’s inside.”
“Mobile operators faced with that when they presented the mobile
internet. As soon as they began to distribute USB-modems, it became a
problem,” confirmed IBM’s Poddubny.
Poddubny shared his thoughts in a Starbucks at the center of the most
fashionable part of Moscow City, at the foot of the tower “City of
Capitals” on the Moscow river bank, next to the IBM headquarters. It’s
a striking contrast to RGRcom’s offices: a few rooms on the seventh
floor in a modest business center in the outskirts of Moscow. “We saw
that customers started being interested in DPI two-three years ago.
This interest arose for one simple reason: peer-to-peer protocols.
There are a lot of people who download audio and video files in large
quantities. According to some studies, this accounts for over 80% of
traffic.”
‘There will be a detailed log: what is downloaded by whom, and who
looked for what on the internet.’
It appears that the only decision the mobile operators found was
traffic shaping. This euphemism means that, thanks to DPI technology,
mobile operators acquired a tool they could use to suppress particular
services — in most cases torrents, peer-to-peer protocols and Skype,
which poses a threat to the VoIP solutions made by the mobile operators
themselves.
The ISPs turned out to be more hesitant in adopting DPI technologies.
All the engineers we have interviewed, who deal with DPI in Russia,
told us that most ISPs do not understand why they need to install this
technology.
“The key difference in approaches is the tariff system. Mobile
operators have lots of tariffs while ISPs enjoy a very strange
position: it’s not clear how they intend to make money because they
have turned themselves into the pipeline,” said Alexander Shkalikov, a
Systems Engineer at Inline Telecom Solutions, the company that started
to sell Sandvine in Russia in 2007 and is its main partner in the
country. Inline Telecom has just installed DPI devices on the network
of the national long distance operator Rostelecom in the Far East
Region. “As a result, every region from Kamchatka to Yakutia got the
Sandvine DPI,” said Shkalikov.
The introduction of the law requiring DPI to be in place has done
nothing to change the internet service providers’ attitude, Shkalikov
said. “Right now the ISPs want to shift the problem of the traffic
control to someone else’s doorstep. They don’t want to buy DPI
themselves, because it costs over $100,000 and small operators simply
cannot afford it.”
That said, small ISPs seem to have already found a cheap solution,
Shkalikov explained. “There is a big market of used CISCO DPI
solutions, you can buy them for truly laughable sums. Something like
$2,000 (in the US — in Russia the real figure is $7,000, bearing in
mind that a new device costs over $100,000). And software can be
stolen. CISCO is less functional than Sandvine, but it might at least
satisfy the state regulator.”
The governments in many countries with questionable democracy and human
rights records are fully aware of how to turn commercial advantages of
DPI into the tool of suppressing dissent activity online. The secret
services in Uzbekistan, for example, compel local providers to use DPI
to change the URLs of discussion groups in social networks.
Technically, it poses no problem, Alexander Shkalikov of Inline Telecom
confirmed. DPI allows for identification of those trying to access a
site or page even if it’s blocked. “It’s possible to identify not only
the IP, but logins, and that’s easier for the internet service
provider. We advise our clients to configure DPI to work with logins.
As a result they can have statistics about who is who. For example,
some ISPs are interested in identifying who the spammers in their
network are.”
In September 2012 it became clear, that DPI’s identification
capabilities could be combined neatly with the Russian nationwide
system of legal interception, the foundations of which were laid in
Soviet times.
Moscow’s Central Telegraph Building, which houses the Ministry of
Communications. Photo: Wikimedia
Crossed Lines
In the mid 1980s a KGB research institute developed the technical
foundations of what was later to be known as SORM — a nationwide of
automated and remote legal interception on all kinds of communications.
Full implementation of the project only happened in 1992, when the
Ministry of Communications signed-off on the first SORM-related
document, forcing telecom operators to allow the secret services to
intercept phone conversations and mail. The public first became aware
of SORM in 1998 when the FSB, Ministry of Communications, and
supervisory agencies developed new regulations for installing
interception devices on servers run by ISPs. In the first decade of the
millennium, SORM equipment was installed by all ISPs and operators of
mobile and landline networks.
If you know an opposition leader is a customer of a known operator, you
can copy all of his traffic.’
Meanwhile, there is a principal difference between SORM and today’s DPI
push. The SORM devices are manned by the agents of the secret services,
while DPI technology is at the disposal of the ISPs and mobile
operators. However, the line might be crossed very soon — which would
suit the companies and the Ministry of Communications just fine.
On September 27, Russia’s largest information security conference
featured a panel on “SORM in the Environment of Convergence.” The talk
was intended for professionals, and the room in the international
exhibition center Krokus Expo in the north of Moscow was filled with
the chiefs of SORM departments at mobile operators and the Moscow city
phone network, as well as representatives from surveillance equipment
manufacturers. The most honored guest was Alexander Pershov, deputy
director of the Department of State Policy at the Ministry of
Communications.
DPI quickly emerged as one of the hottest topics of the discussion.
Many in the room seemed certain that the only way to guarantee legal
interception in the new era of cloud computing and communications is
DPI technology. It was a conclusion that the representative of Huawei
in Russia was only happy to support.
The idea of connecting SORM with operators’ DPI seemed not to bother
anybody in the room. Alexander Pershov, long-serving official with the
Ministry of Communications, outlined the Ministry’s general way of
thinking: “The requirements for building networks need to be
coordinated with the FSB to ensure that everything is done properly in
terms of SORM.”
Technically it poses no problem, we were told by engineers dealing with
DPI.
“Allot is perfectly compatible with SORM, and we know it,” Roman
Ferster confirmed. “There is a very simple solution,” Alexander
Shkalikov said. “We did it. [With] DPI, [we] can simply mirror traffic,
not redirect it. This is very convenient because DPI [helps] you copy
not all traffic but only a certain protocol or traffic of certain
customers. For example, if you know that [Alexei] Navalny, one of the
most famous opposition leaders, is a customer of a known operator, you
may get all Navalny traffic to be copied through the DPI to the
external system. It’s real. And it even shows you which sites he has
been to.”
The surveillance technology that works for tracking Navalny can work
for millions of Russians. And the switch gets flipped on today.
A joint investigation by Agentura.Ru, CitizenLab and Privacy
International.
Pages: 1 2 3 4 View All
Tags: DPI, Feature, FSB, Info War, Russia, SORM, Vladimir Putin, You
can run...
* Post Comment |
* Comments (72) |
* Permalink
Back to top
*
*
*
* Reddit
* Digg
* Stumble Upon
* Email
* Follow Danger Room
* Twitter
* Facebook
* RSS
* Most Recent Wired Posts
* This Tank-Van Hybrid Will DJ Your Next Skiing Soiree
This Tank-Van Hybrid Will DJ Your Next Skiing Soiree
* No More Boring Software
No More Boring Software
* Wired Science Space Photo of the Day: Pretty Veils in Orion
Wired Science Space Photo of the Day: Pretty Veils in Orion
* Why Some Companies Fail, Others Succeed — Lessons from Steve Jobs
as My Boss
Why Some Companies Fail, Others Succeed — Lessons from Steve Jobs
as My Boss
* Genetic Privacy Front and Center at Supreme Court
Genetic Privacy Front and Center at Supreme Court
* Review: Microsoft Surface Pro
Review: Microsoft Surface Pro
* In the News | Portal, the Movie: Valve, J.J. Abrams Team Up for
Future Games, Films
In the News | Portal, the Movie: Valve, J.J. Abrams Team Up for
Future Games, Films
Most Popular
Portal, the Movie: Valve, J.J. Abrams Team Up for Future Games,
Films
In Mysterious Pattern, Math and Nature Converge
Review: Microsoft Surface With Windows 8 Pro
The End of the Web, Search, and Computer as We Know It
Tiny, Hackable Quadcopter Drone Launches Pre-Orders
[dangerroom_twitter_xrail.gif]
Subscribe to Wired Magazine
Subscribe to Wired Magazine
Subscribe to Wired Magazine
Subscribe to Wired Magazine
Renew
Give a gift
Customer Service
Advertisement
Masthead
Wired danger room
+
o Editor
o Noah Shachtman
+
o Senior Reporter
o Spencer Ackerman
+
o Reporter
o David Axe
+
o Contributors
o Robert Beckhusen
o Sharon Weinberger
o Michael Tanji
o Michael Peck
+
o Send us a tip
Services
+
Subscription:
Subscribe |
Give a Gift |
Renew |
International |
Questions |
Change Address
+
Quick Links:
Contact Us |
Newsletter |
RSS Feeds |
Tech Jobs |
Wired Mobile |
FAQ |
Site Map
(BUTTON) Collapse
Previous Article
Your Favorite Army General Actually Sucks
Gen. George Casey, left, the retired Iraq commander turned Army
chief of staff, is one of the villains of Tom Ricks' new history of
the modern Army, The Generals. Photo: U.S. Army Gen. George Casey,
left, the retired Iraq commander turned Army chief of staff, is one
of the villains of Tom Ricks' new history of the modern Army, The
Generals. Photo: U.S. Army
Next Article
Mexican Cartels Enslave Engineers to Build Radio Network
radio-tower radio-tower
Corrections | Sitemap | FAQ | Contact Us | Wired Staff |
Advertising | Press Center | Subscription Services | Newsletter |
RSS Feeds
Condé Nast Web Sites:
Webmonkey | Reddit | ArsTechnica | Details | Golf Digest | GQ | New
Yorker
[Subscribe to a magazine:] [Condé Nast web sites:]
[International Sites:]
Wired.com © 2013 Condé Nast. All rights reserved. Use of this Site
constitutes acceptance of our User Agreement (effective 3/21/12)
and Privacy Policy (effective 3/21/12). Your California Privacy
Rights.
The material on this site may not be reproduced, distributed,
transmitted, cached or otherwise used, except with the prior
written permission of Condé Nast.
Ad Choices