[spacefight]

This case is a brilliant reminder to anyone working in deep packet inspection/blocking/filtering tech that your work negatively affects the safety of millions of people in such countries at once.

[s_q_b]

This case is a brilliant reminder to anyone working in fiber optics that your work negatively affects the safety of millions of people in such countries at once.

But seriously, deep packet inspection is evil now? It's an extremely useful security tool.

[spacefight]

Why do you misquote me?

Yes, it might be useful for some folks - it's really bad for others. People have died because of oppressive regimes targeting dissidents that way.

[s_q_b]

It wasn't a misquote. It was intentionally exposing the absurdity of the your argument.

The idea that anyone working on technology that could be used for surveillance is morally culpable is flat wrong.

People have died because of fertilizer and particle physics. It does not make chemical engineers or physicists evil.

[spacefight]

Your argument reads to me as "people kill people not guns".

Yea I know, morale is a difficult topic these days.

[s_q_b]

That's trite.

Your argument is essentially "engineers at steel plants make steel, which can be used to make guns, which can be used to kill."

At some point, the chain of causality is so remote that assigning unequivocal judgments of evil becomes logically absurd. Are port scanners evil now too?

[zeroxfe]

This is a ridiculous statement. You do know that this stuff actually enables safety, right?

[spacefight]

No it isn't. Blocking encrypted calls for millions of user _disables_ safety for exactly those millions.

[parent5446]

Do you possibly just have no idea that deep packet inspection has many legitimate uses, and is critical to security in many networks? Or are you simply ignoring that fact for the sake of your argument?

[spacefight]

I am not ignoring the legitimate use cases - and I never said that there weren't any. I simply pointed out that if you work in DPI/filter/blocking and your company sells to those regimes, that you support the oppression of the affected users.

I can help with some real world examples. One is Blue Coat.

https://en.wikipedia.org/wiki/Blue_Coat_Systems#Controversy

[parent5446]

That's not actually what you said. You said: "anyone working in deep packet inspection/blocking/filtering".

This is much different than (my own wording): "anyone working in DPI for a company they know is selling their products to a police state".

It is absurd to blame open-source developers, researchers, or even employees at company's whose software has a legitimate purpose but is illegally exported and misused. They're just doing their job, since the technology has legitimate uses, as you've acknowledged. Blame the governments, not the programmers.

[diafygi]

Interesting, can you expand on what the legitimate uses for DPI are? I'm not super familiar with their use in network security.

[parent5446]

It's mostly useful for production and other corporate networks. It's basically a more powerful firewall, where you can enforce contracts on your network concerning what traffic is allowed to go in or out.

As a quick example, one strategy (although personally I've always questioned it's viability, but it's just one of many examples) is a network admin may install a filter that deep searches packets for common SQL injection or XSS strings. This is done as a secondary measure to possibly prevent malicious requests.

Other examples are if you want to force employees to not be able to send certain documents or information outside of the company for compliance reasons, you can scrub traffic for that information. Obviously more complex.

The general concept is that it's useful for when you know you do not want specific traffic crossing your network. Ironically, it's the same use case scenario with draconian governments preventing encryption, but in the production or corporate scenario the use case is not ethically unsound.