I worked for a company that made deep packet inspection based network equipment. Western customers mostly used it for "security" and
media streaming man in the middle attacks (actually a useful feature saving lots of bandwidth).
The boxes were also sold to Syria and Burma, and were used to facilitate censorship and human right abuses
And limiting torrent speeds to 40k/s during "peak" hours. Which I kinda understand, but not when its unilaterally launched against the 3rd party providers leasing the lines too!
(I guess Bell Canada, which also sells TV services, lost too many customers over this policy to their unthrottled competitors)
Doing some research, there was a very small period of overlap.
The ability for Napster to resume was a much later feature. You had to find someone sharing the exact same filename, and I don't think they made it easy. I can't remember if they eventually allowed multi-source downloading.
Independent Napster servers did continue to operate after the fall of Napster Inc as a service.
I recall using Napigator which provided a browse of official and independent napster servers and then modified your HOSTS file so your client would connect to the independent server instead of Napster Inc servers.
Ultimately you are like a kitchen knive maker whose knive was used in a stabbing. It was entirely the stabbers fault and does not diminish the utility of your product.
In a corporate setting, mitm'ing TLS and blocking sites by category is routine practice (better ways to stop bad stuff but expensive firewals are a waste when most traffic is TLS).
> Ultimately you are like a kitchen knive maker whose knive was used in a stabbing.
I don't know about this. The difference with knives is that they are an old technology, basically they have always existed. If you are responsible for creating a new technology, especially one that is not certain to exist without your involvement, the calculus is different.
Yes, and in the case of technology, it is REALLY EASY to simply sell no technology to any authoritarian regime, for any purpose.
There are dozens of academic and GNOs that track democracy, e.g., [0]. Just select a reasonable cutoff of some level of democracy, and don't sell to anyplace below that.
That does require management and sales to have ethics. Some do.
You're assuming only authoritarian regimes are capable of doing bad things.
You can have a perfectly democratic country without a sense of ethics when it comes to homeland security and/or espionage. So that line of thinking provides a false sense of virtue really.
No, I know full well that even democratic nation-states occasionally do bad things.
But if you cannot tell the difference between how democratic countries vs autocratic regimes deploy security & espionage technology, you are deeply ignorant. I'd suggest you go live in Russia or Myanmar for a while and report back.
Of course there are instances of overreach in democracies. They typically get reported and corrected. In autocracies, they are systematically rewarded and encouraged.
Of course everyone would rather have no security & espionage technology, but that is entirely unrealistic. If you want to live a self-determined life in a democratically controlled state, you MUST always be better armed and prepared than every bully and authoritarian out there, or you will soon be ruled by them. Security & espionage is simply a part of being better armed & prepared than the authoritarians (and in a democratic state, you REALLY aren't of the slightest bit of interest to the agencies).
Yes, I have a fairly good idea of how my country operates, including the understanding that fighting espionage, transnational criminal gangs, terrorism, and war get very dirty, and on all sides, including ours.
I also know at least the democracies have oversight & constraints in place that creates real constraints and corrects and punishes overreach. The fact that you and I know of some of the bad events is BECAUSE of that oversight and constraints.
I also know that the choices are to either lay down our arms and yield to the autocracies, or to continue fighting to remain a self-determining people.
You only need to look to Chechnya, Syria, Georgia, Ukraine, or many other places to see the consequences of either yielding or losing that fight.
Yes, we have some abuses like Abu Grabe and soldiers & leaders were held responsible & punished. Yes, there are times where surveillance overreaches.
What we do not have (yet) is literally political parties literally using the security apparatus to blow up multiple civilian apartment blocks as a false flag to influence the election; it's how Putin came to power in Russia. We do not have a wholesale co-opting of technology and industry, complete with mobile execution vans to ensure compliance, as does the CCP.
If you cannot tell the difference, I suggest that you learn some history, or just feel free to relocate to one of those other countries.
I also wish that none of the defense or espionage apparatus was necessary. But as long as there are local bullies or expansionist authoritarians, then staying better armed and prepared will be necessary.
Some call that nei-colonialism, you use economic/business opportunities as a way to undermine a country's sovreignity and enforce your puppet regime. Democracy is neither morally superior or a your manifest destiny to export against the will of foreign governments.
> In a corporate setting, mitm'ing TLS and blocking sites by category is routine practice
Deep packet inspection is a terrible practice in my opinion. It adds more security vulnerabilities than it typically helps avoid. I’ve seen one implementation use client software to extract keys from a machine to send to a centralized server. How some companies don’t see how this model can be easily exploited is beyond me. Me and a VP friend of an organization have had long debates about this topic and he insists it makes more sense for him because the employees have been more competent at the companies I’ve worked at than the company he managed (which could be true since his company had high turnover leading to many engineers being hired out of need rather than evaluated merit).
The difference is that most people have kitchen knives, and use them for cooking, not assault. Identifying buyers with ill intent in a retail setting would be impossible, and I suspect most kitchen knives used in crimes were purchased for cooking.
Selling deep packet inspection technology to the government of Syria is different as there is ample reason to believe that government would use it for human rights abuse.
Ho, I got the same one. Sold to me as a tool for low-cost ISPs (or hostels) (mostly in Africa at the time) to advertise mobile subscriptions as "Free MSN & Facebook, 1GB per month otherwise".
After a month or two, I understood it was sold to various dictatorships in south America to spy on citizen's MSN and Facebook private conversations. I left immediately, with a very upset boss wondering why every Linux kernel programmer was so political. Not proud of this one.
The boxes were also sold to Syria and Burma, and were used to facilitate censorship and human right abuses