Testing of Conroy's internet filter flawed: expert

Mark Newton
17 December 2009, 1:34 PM


Send to a friend Print

A senior ISP engineer says the government's internet filter was never tested at high speed, nor did it meet the government's own performance benchmark.


Editor's note: Mark Newton is a senior engineer with one of Australia's major ISPs. Mark has written the article below as a guest columnist for APCmag.com.

It's difficult to imagine what possessed Senator Conroy to claim, as he did on Tuesday, that his trial results indicated that his censorship plan could be implemented without performance degradation.

Normally I don't spend a lot of time talking about speed, because there are so many better arguments to use against the ALP's plan.

For example, it's simple for someone who hasn't been following closely to understand that a Government with a habit of leaking blacklists probably oughtn't be trusted to maintain a list of the worst-of-the-worst Internet content and distributing it to 600 ISPs. That way lies madness, and the only possible outcome is to enable global consumers of illegal material next time Conroy's band of rocket surgeons accidentally publishes the list on the Internet.

But Senator Conroy has now spent two years insisting that speed is the only datapoint that matters, so let's have a quick look at what his report says about it.

But first, some context and history.

Senator Conroy first released the Technical Testing Framework defining the report's requirements in November 2008. That's ancient history in Internet terms; You may recall that in November 2008 Senator Conroy was still running late with his Expert Working Group report on the original FTTN NBN proposal.

That NBN proposal was to result in Australian homes and businesses receiving services from an FTTN network which would deliver a minimum of 12 megabits per second.

So upon its release, the ISP Censorship trial document dutifully asked on page four for the testers to measure performance at up to 12 megabits per second.

Conroy wore the criticism about how the maximum speed he was interested in testing was the minimum speed the NBN required, and pushed on towards testing. For all the talk about speed he clearly wasn't interested in performance for people who'd be getting 20 or 30 megabits out of the NBN.

Then the world changed: In April 2009, the Government abandoned its NBN plans, announcing a new 100 megabit per second FTTP to replace it.

But they didn't change their censorware testing protocols when the new proposal emerged. So when Enex won the contract to test censorship systems, all they had to do was run them up to 12 megabits. Left hand, meet right hand. Right hand, mee-- oh, never mind.

But the miasma didn't stop there. It's bad enough that the testing protocols only required testing to 12% of the NBN's intended speed, but Enex made it worse by ignoring the Technical Testing Framework and only running their tests up to 8 megabits per second, less than one twelfth of the NBN's intended speed. Appendix 1 in their report lays it all out in pictorial form, with graph after graph showing flatline performance at between 7 and 8 megabits per second, except for those ISPs who couldn't even deliver that much.

So technically, none of the tested systems met the Government's requirement.

With such an embarrassing result, it's no wonder that Senator Conroy sat on the report for three months before he raised the courage to lob it into the debate like a hand-grenade stinkbomb before running for the hills and leaving his long-suffering media guy to take the flack.

Those of us on my side of this debate welcome the report, because it confirms much of what we've been saying for ages: overblocking happens, circumvention is so close to inevitable that the censorship systems are as useless as chocolate teapots, they're expensive, and they're a dead-set management nightmare.

But one thing that the report doesn't make any definitive statement about at all is speed degradation in an FTTP environment.

If Senator Conroy is going to tell us that we're all going to get access to a 100 megabit per second FTTP network, he can't also tell us that it'll be immune to slowdown from his censorship proposal.

He might have been able to tell us that if he'd bothered to test it, but despite two years of promises and delays he clearly couldn't be bothered, and has absolutely no data to back up his performance claims.

I'd just love to hear him explain that one. The more he talks about this subject, the more he makes a fool out of himself, so I think it's in Australia's best interest that he prattle on about it for as long as he likes.

So over to you, Mr. Conroy. How's that NBN looking? And don't hold back, tell us what you really think.

The views expressed by Mark Newton here are his own as a private individual.


Post your comment



Comments

 RSS feed Email alert

Raindog (New user):

Thank you Mark for what is probably the most concise and easily understood explanation of what is Conroy's NBN, and central filtering, to date.

I am sure that Conroy has seen numerous submissions presented (requested/paid for) already, and I'm equally sure that these are essentially ignored, other than to quote, out of context extracts, that may back a feeble and ill conceived political line.

While Conroy's inaction may be a soft option it is certainly an expensive one and one which still stifles business and infrastructure development.

We have journalist making scientific claims, union hacks determining network infrastructure, and a mad woman claiming Sydney fireworks this year are the environmentally friendly kind. Our wide brown land has indeed gone mad.

Thanks for the contribution mark is shows there are still pockets of knowledge, sanity and professionalism out there.

17 December 2009, 2:29 PM (3 years ago)report abuse Send to a friend reply

Raindog (New user):

Mark Newton has presented expert technical opinion, for those interested Former High Court judge Michael Kirby has provided similar expertise in his field on why Conroy's plan is a very bad and devious one.

SMH Article 17-12-09

17 December 2009, 2:39 PM (3 years ago)report abuse Send to a friend reply

Phred (New user):

Quoting Raindog:
why Conroy's plan is a very bad and devious one.

Next I think he'll be taking a page out of George Orwell's book 1984 and introducing a 'Newspeak' bill

17 December 2009, 2:47 PM (3 years ago)report abuse Send to a friend reply

Raindog (New user):

deja vu

17 December 2009, 2:47 PM (3 years ago)report abuse Send to a friend reply

Patrick B (New user):

Censorship is a bad idea for so many reasons. But I don't agree with Mark that higher line speeds will necessarily cause a slowdown. In terms of router-based IP filtering, as long as the ISP has enough router capacity to deal with the traffic flow and size of the blacklist, there shouldn't be any slowdown. I mean, Cisco are now providing routers with even more memory/CPU power to handle IP-based blocking...

As for the deep packet inspection or proxy-based solutions, it would again rely on the ISP providing enough capacity to handle the traffic volume. But the time to inspect each packet would surely add only milliseconds to the latency of each request, not seconds. Presumably these types of filters would only check HTTP traffic, and I can't see that anyone is going to be using 100 Mbps bandwidth just downloading web pages. Even then, mere milliseconds of added delay will be imperceptible to the end user. Bandwidth and latency-sensitive protocols such as VoIP or video streaming could be routed straight through, and wouldn't be subject to any filtering delay at all.

I think censorship is a really bad idea. But I think the claim that it will massively slow down connections is wrong. The idea that "the report is flawed just because it didn't test faster speeds" is a straw-man argument, without any reasoning as to why faster speeds would cause significant problems. Unless someone can come back with some actual technical arguments as to why these mechanisms wouldn't scale, rather than just a bunch of maybes, I maintain that it would be far more worthwhile focusing on the other very good arguments against the idea.

17 December 2009, 5:56 PM (3 years ago)report abuse Send to a friend reply

Raindog (New user):

Quoting Patrick B:
But I don't agree with Mark that higher line speeds will necessarily cause a slowdown.

Despite Mark have presented the reasoning towards all of his expert and considered conclusions? Why would you refute those?


Quoting Patrick B:
it would again rely on the ISP providing enough capacity to handle the traffic volume.

The cost of this is, even if the necessary extra bandwidth is available? This nonsense is intended to be thrust upon us well before Conroy's "if ever" NBN. Should ISP's be forced to invest even more in network hardware likely to be mothballed if a NBN ever eventuates?
And guess who pays for it, at the end of the day? That's right the consumer/taxpayer.


strong>Quoting Patrick B:
But the time to inspect each packet would surely add only milliseconds to the latency of each request

Do you have figures to base your guesstimates? And if so what is the impact when you multiply those milliseconds by the millions of requests per hour that are heading around?


Quoting Patrick B:
Presumably these types of filters would only check HTTP traffic

A presumption based upon? Marks piece was not based upon presumptions, so they will do little to discredit his suggestions.


Quoting Patrick B:
and I can't see that anyone is going to be using 100 Mbps bandwidth

Bill gates couldn't see the PC requiring more than 64K of RAM just a few years ago. What will be the point of 100M connection without the back-end capacity to deliver that bandwidth?


Quoting Patrick B:
In terms of router-based IP filtering, as long as the ISP has enough router capacity to deal with the traffic flow and size of the blacklist, there shouldn't be any slowdown.

So if all ISP's have infinitely capable equipment there will be no problem right?


Quoting Patrick B:
Cisco are now providing routers with even more memory/CPU power to handle IP-based blocking...

And Cisco are distributing all this good fruit free to all ISPs as a humanitarian gesture, are they?


Quoting Patrick B:
The idea that "the report is flawed just because it didn't test faster speeds" is a straw-man argument

Why? Your argument is based on every ISP having infinite capacity, and access to infinite financing for new equipment. And sure the public have infinite pockets to cover the inflated costs of all this expense.


Quoting Patrick B:
without any reasoning as to why faster speeds would cause significant problems


The reasoning has been presented to you clearly and precisely, your infinite capacity mindset simply refuses to accept the reality that has been explained to you.


Quoting Patrick B:
rather than just a bunch of maybes

What maybes? It's all clearly explained, you simply resuse to accept this.


Quoting Patrick B:
I maintain that it would be far more worthwhile focusing on the other very good arguments against the idea.

Why white-ant any element which contains factual reasoning to why Conroys filter is plain dumb? It's dumb, ineffectual and unworkable technically, and its dumb and uncostitutional thically.


17 December 2009, 6:32 PM (3 years ago)report abuse Send to a friend reply

FostWare (New user):

Quoting Patrick B:
In terms of router-based IP filtering
NO-ONE uses IP based filtering, see Robtex records for 120.88.4.1 and consider how much collateral damage would be caused by just one of those customers ending up on the list.


After looking at the traffic websites like Connex had to put up with during peak periods, it puts a visible (1%+) load on a Cisco router. Now multiply that by all the major websites any one ISP's customers would browse and there's no way the filtering wouldn't slow down 100mb browsing.




18 December 2009, 2:14 AM (3 years ago)report abuse Send to a friend reply

Rohun (New user):

Said Mark Newton "It's difficult to imagine what possessed Senator Conroy to claim, as he did on Tuesday, that his trial results indicated that his censorship plan could be implemented without performance degradation."

"Try Motivated By Blind Religious Dogma" Said Rohun

17 December 2009, 10:24 PM (3 years ago)report abuse Send to a friend reply

Fornax (User):

If you can browse a web page inside a another webpage like pagewash it makes web filters useless unless you are also blocking all these sites too. Also the filter doesn't even attempt to address the issue of file sharing where most of this stuff is happening. Stop wasting tax payer dollars on prevention that doesn't work and spend the money on more police.

18 December 2009, 4:34 PM (3 years ago)report abuse Send to a friend reply

The Bigger Picture (New user):

I like boobs and think censoring of the internet is a foolish idea just like the fact they don't have an R18+ rating for video games.
It's all politically incorrect.

Isn't the second line of Australia's National Anthem "For we are young and free"?
So technically, Conroy confining us to limited sites and the caging of our internet to only a portion he wants us to view is a form of propaganda and also the removal of our freedom.

I used to ponder whether it was the fact labour was full of pensioners which concluded their foolish decisions but Conroy proves that it's the fact they are politicians in seek of power.

This event reflects upon George Orwell's 1984 and Animal Farm in so many ways, it's quite scary. If this is to end up going through then personally we should rally the troops and stop it with our sheer power.

Remember kids... Power In Numbers to beat the bully's

18 December 2009, 9:32 PM (3 years ago)report abuse Send to a friend reply

Horus (New user):

Quite right, it’s the god botherers, there use to be a time when you could ignore the Jehovah’s Witnesses, they’d go away, sure they might come back but you’d just ignore them again. Conroy is a different breed and unfortunately you need to be a little more firm about the intrusion into your personal space, maybe even organised and work co-operatively with your neighbour. I’m all for religious tolerance but not when it mean supporting their intolerance, and as for proselytism, if I wanted your wacked beliefs I ask for ‘em, until then Conroy, beat it!

19 December 2009, 2:14 AM (3 years ago)report abuse Send to a friend reply

ToshiBoy (New user):

~ stands up and claps ~

19 December 2009, 7:41 AM (3 years ago)report abuse Send to a friend reply

Serpent (New user):

Why is main stream media not being lobbied to publish the falsehoods of internet filtering? Surely this material is gold? Like it or not, main stream media is where you will effect change....

20 December 2009, 1:36 AM (3 years ago)report abuse Send to a friend reply

ahardline (New user):

This is just getting totality stupid. I am glad I found this link actually I have reposted it as part of a video about all this on youtube. You would have though that the net nanny thing that went around would be enuf get it if you want leave it if you don't it was a wonderful system.

anyway link to my video http://www.youtube.com/watch?v=9QTALCnjIiU
I am moving out if this gets though

21 December 2009, 4:05 AM (3 years ago)report abuse Send to a friend reply

ahardline (New user):

This is just getting totality stupid. I am glad I found this link actually I have reposted it as part of a video about all this on youtube. You would have though that the net nanny thing that went around would be enuf get it if you want leave it if you don't it was a wonderful system.

anyway link to my video http://www.youtube.com/watch?v=9QTALCnjIiU
I am moving out if this gets though

21 December 2009, 4:17 AM (3 years ago)report abuse Send to a friend reply

ahardline (New user):

This is one of the dumbest things the government could possibly be doing right now I can see in 20 years or so from now telling my kids about the old internet with wikipeida and you could find out anything you ever needed to know no matter want it was about and then them having to sit there looking though a Government Censored internet for information about how to build your own small engine or how to wire up a simple circuit but there being no information because of possible terrorists.

I made a short video on this if anyone wants to go have a look.
http://www.youtube.com/watch?v=9QTALCnjIiU

21 December 2009, 4:22 AM (3 years ago)report abuse Send to a friend reply

The Big Baboo (New user):

Ooooaaaaa I'm going to be getting 100Mb/sec network speed !!!!! Will this happen before I turn 85 and don't really need it anymore because like "Tommy" I'll be deaf,dumb and blind :) I have the amazing speed now of 432kbs/sec on a 512kbs/sec "Starter Pack". This is an amazingly fast ADSL1 connection and I just can't wait till "I.....ode" migrate me to the super-speed of an ADSL2 connection if ever and then I'll run up against Conroy's brick wall. Ah stuff it,I may move to China where this isn't a problem because they already don't have any internet.
"Land of The Free" yea right down with K Crudd & his band of Merry Men

21 December 2009, 7:43 AM (3 years ago)report abuse Send to a friend reply

Not signed in
anonymous user Anonymous user