When the Man-In-The-Middle Wants Money
I drafted a post today for InternetEvolution that they edited.
Say you’re walking down the sidewalk having a talk with your best friend about all kinds of things. What if you found out later that the sidewalk you were using wasn’t really a sidewalk – but instead a kind of false-front giant copying machine, unobstrusively vacuuming up what you were saying and adding to its database of information about you? Or, say you send a letter to a client of yours (to the extent you still do this), and it turns out later that your letter was intercepted, steamed open, and the contents were read. Or, say you are having a telephone conversation with someone named Peter Brown and it turns out later that the voice you heard on the other end of the line wasn’t Peter Brown at all but instead some sounds aimed at convincing you that Peter Brown was still on the line.
All of these hypothetical situations have certain key elements in common: you’re communicating, and some intermediary that you thought was mutely, helpfully standing by to assist (the sidewalk, the postal system, the telephone line provider) turns out to have something else in mind. That intermediary may want to copy your datastream so it can target ads or different levels of pricing at you, or it may want to inject information into the datastream you’re seeing or hearing for its own purposes (that’s the phone example, analogous to what Comcast was caught doing late last year).
The ongoing flap about Deep Packet Inspection (DPI) has been triggered by just this kind of activity (or planned activity) by ISPs. . . .
The rest of the short post is here.