Again, Twitter proves to be a useful blogging tool… Paul Alfieri, formerly of Motorola and now with Limelight Networks, directed followers this morning to CNET’s coverage of a proposed sweeping network bill:
politicians on Thursday called for a sweeping new federal law that would require all Internet providers and operators of millions of Wi-Fi access points, even hotels, local coffee shops, and home users, to keep records about users for two years to aid police investigations. “A provider of an electronic communication service or remote computing service shall retain for a period of at least two years all records or other information pertaining to the identity of a user of a temporarily assigned network address the service assigns to that user.”
Dave Eckert points out the technical challenges for novices in creating and maintaining those logs. To which I agree, and will take it a step further – nearly five months after instituting a 250GB broadband usage cap, Comcast (CMCSA) has yet to provide customers a means of tracking data usage. They also appear to have difficulty managing their own inventory, sending DMCA notices to the wrong household. And give out other customer’s passwords OnDemand. So, if a commercial ISP is incapable of accurately monitoring and controlling network access, it’s probably safe to assume that most individuals and small businesses would be unable to document access point authorizations.
Of course, that’s may be a bit of an exaggeration… As it appears Comcast reps have access to usage and will look it up upon receiving a private Twitter request. Which is inconvenient and not sustainable. But, by all means, please DM him each and every time you wonder. ;)
The Comcast FAQ says we can use a meter built into the McAfee security suite that they provide… which tracks data on exactly one computer, not taking into account what my Xbox 360, TiVo, Roku, Vudu, etc boxes are doing. The technically savvy and motivated could see if their router offers some sort of counter, or run replacement firmware (like Tomato) to keep tabs on things. Tyler Pruitt also pointed me to an interesting local network monitoring tool earlier today, which could come in handy. But my Comcast.net web dashboard really needs to display an accurate count of household usage per billing cycle.
I should also mention that the Comcast rep’s Twitter injections fired me up and inspired this post. Not everyone on Twitter is looking for help from a corporate entity. But it’s all good – I have limited time and prefer to blog topics that move me (positive… or negative). Thank you.
I ended up creating my own tools to collect throughput metrics from my edge router at home, sum them up, and predict the full usage for the month – since I have Comcast and they won’t tell me how much I used. As it turns out, even with three Tivo HD, two Playstation 3, a Wii, and six Macs (and I run a home web site and Vent server) I am only using about 30~40 GB of data per month. Not even close to the cap.
But tracking every DHCP request (i.e. “temporarily assigned network address”) on my two home WAPs and keeping that data for 2 years will be very time (and storage) consuming. And what am I going to track? The MAC hardware address of the requester? It isn’t like most homes have individual authentication required to connect to the WAP! And MAC hardware addresses can be re-written or modified. So there is no ability to track a specific DHCP provided address to a specific machine (much less the user of that machine).
And then there is the time stamp problem. What if my WAP isn’t time synced? Then my records for access will have no common reference to the law enforcement agency requesting the data. Are they going to force us to all time sync to a common agreed to time?
And what format do I have to keep the records in (or provide them in)? Am I obligated to provide in some standard electronic XML format, or can I just print to 8×11 sheets of paper and hand over a photo-copy of the pages?
There are so many technical issues here that the law as being described is silly.
I think with the exception of folks downloading a lot of HD video, most will not come close to Comcast’s cap. Which is more reasonable than some of the others I’ve read about. However, it could kill someone’s plans for a large initial cloud backup like Mozy or SugarSync. I’ve pretty much given up on backing everything up at this point. Also, I’d like to see a schedule for increasing that cap as we do consume more online video. How about Comcast automatically raise it 5-10GB per month?
Oh, and many good points on the complexity of monitoring access point connections. Even if you do identify (a potentially spoofed MAC), how do you know who is belongs to? From my apartment, I see over a dozen networks. Who presumably also see me. (I run WPA2. My SSID is hidden, but that doesn’t mean much at all.)
I think the measrue including homeowners is just to get people to turn security on. After that I just tell them that no one but my family used it. How else would the ytrack things. I also highly doubt they expect homeowners to track people that broke in.
McDonald’s and other such places may be the hardest hit by this and if a case goes bad may even be pushed to stop providing access which would be bad overall.