There's a deeper point here beyond the Nokia/Iran drama.
We've built an entire cottage industry of "network security tools", many of dubious operational value, that all depend on being able to indiscriminately peek inside of TCP streams. It's easy to justify deployment of wiretap appliances inside of enterprises, who after all own the network connections they're snooping on, and have legitimate reasons to want to inspect what comes in and out.
But note well: when we started designing these tools, the Internet was much less important than it is now. Almost all digital communications happens over IP nowadays. We weren't anticipating a world in which things like Twitter and Facebook would be the key lifelines political movements in repressive countries.
So I have to wonder whether:
* The engineering teams that continue developing wiretap appliances (like SourceFire/Snort, or Arbor's DPI product line) have dedicated real dev cycles to building controls into their products to ensure they aren't abused, the same way "Lawful Intercept" engineers for Motorola and Nokia have to for their products.
* The sales teams for these products have official company guidance on what applications they'll sell their products for; will the EMEA regional sales director for a deep packet company sell wiretap appliances to resellers who aren't contractually prohibited to sell to Iran?
There is a lot of hype and falshoods about this on Twiter at the moment. For example someone earlier was warning everyone to remove batteries and sims from cellphones because "residual charge" can be used to track you. And that the authorities could turn on phones remotely and listen to what you say.....
Twitter has been great in getting news out but just as bad at propagating over the top panic myths :(
The thing that interested me was that on the BBC the Nokia spokesperson was saying that inspection technology (phones) is asked for by most governments in the world. The spokesperson tried to step around the issue but wanted to make it clear that this technology was nothing special to Iran.
We've built an entire cottage industry of "network security tools", many of dubious operational value, that all depend on being able to indiscriminately peek inside of TCP streams. It's easy to justify deployment of wiretap appliances inside of enterprises, who after all own the network connections they're snooping on, and have legitimate reasons to want to inspect what comes in and out.
But note well: when we started designing these tools, the Internet was much less important than it is now. Almost all digital communications happens over IP nowadays. We weren't anticipating a world in which things like Twitter and Facebook would be the key lifelines political movements in repressive countries.
So I have to wonder whether:
* The engineering teams that continue developing wiretap appliances (like SourceFire/Snort, or Arbor's DPI product line) have dedicated real dev cycles to building controls into their products to ensure they aren't abused, the same way "Lawful Intercept" engineers for Motorola and Nokia have to for their products.
* The sales teams for these products have official company guidance on what applications they'll sell their products for; will the EMEA regional sales director for a deep packet company sell wiretap appliances to resellers who aren't contractually prohibited to sell to Iran?