NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information

 


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Re: Thoughts on DNS Redirection


Let me introduce myself: I'm the past president of Italy's ISPs Association

In 2003 Italy's TLC incumbent operator Telecom Italia made DNS redirection for its DSL users ("Alice" is the name of their broadband offering).

A user trying to access any site on the Internet was redirected to an internal web site called "Casa di Alice" (Alice's home)

there they found a desktop with a living room metaphor where the user, if he wanted to buy some music, had to click on the radio; to buy a video, had to click on the TV set; to access the Internet had to click on the PC.

this was possible because there was no legal definition of what "The Internet" is and as a matter of fact they were advertising and selling a "broadband service" allowing to connect to the Internet.

they had discriminatory pricing on these services. e.g. the cost of traffic (not the cost of content) to access those services provided by Telecom Italia was 0, while there was a cost of traffic to access the Internet; furthermore users were requested to double-register in order to access the Internet. (There was no confirmation that all Internet traffic was logged, but there were rumors)

The italian ISPs association brought TI to the Antitrust in Brussels for anticompetitive behaviours, as they were building a walled garden and Telecom Italia was notified by trustbusters as an operator having Significant Market Power.

we succeeded and settled with Telecom Italia, obtaining that they close this "Casa di Alice" and provide users a plain access to the Internet.

"traffic discrimination" based on price is something very difficult to face with, in legal terms, but this is what is increasingly happening in Europe.

take for example Internet access provided by "mobile" operators, something that is increasingly popular thanks to the availability of HSDPA and HSUPA (3-4Mbps downlink)

you can send an SMS for 15Eurocents each. Should you want to use your Messenger on a smartphone, you need to establish a data connection which is charged 1Euro or more for a "connection setup fee" which includes the first 5 minutes (or more) of data airtime (which is good to download mail but obviously is not good to send a twit).

the net effect is that you are not going to use your Messenger on the smartphone but rather you will keep using SMS instead. Defend their traditional revenues through discriminatory pricing structure.

the consequence is that ALL sporadic transaction-based applications are heavily inhibited by pricing policies.

there is no mangling of traffic here, just pricing policies.

For example, you could subscribe to mobile broadband contracts with different data transmission pricing depending on the site you access: operator-partnered popular internet applications (youtube, myspace, ebay, google, maps) at 0,29Cent/session; the rest of the Internet at 1Euro/session. (Why did Google agree to this ?)

mobile operators are legally allowed to this as they are not notified by Antitrust of having Significant Market Power and hence they cannot be forced to avoid discriminatory pricing. (none of the mobile operators have >50% market share, something that allows lobbied authorities to say that "we have competition") (even with an HHI index of around 0,38)

For example, in Italy, we have two main mobile operators which have similar offers (with price discrimination of content) and they account for more than 80% of the subscribers. This two operators have around 45% gross margin and double digit net profit; the two remaining operators, due to the structure of mobile voice pricing (the largest portion of their business), having very little market shares, are trying to survive (even with historically negative gross margins).

Of course it is very difficult to prove in legal terms that there is a joint dominance (let alone a cartel). In Italy for example Antitrust has decide there is not.

Debt laden telcos (in Europe more than 50% of corporate bonds are emitted by Telcos (let's hope not a subprime-like story)) need to have big margins; they priced broadband based on demand elasticity rather than true costs (including cost of debt) and it's very difficult once you've broken somethng to put pieces back together (i.e. generally raise prices for plain vanilla-data connections). Margins from traditional services are shrinking as volumes reduce. Services are going outside of the operator's scope and, together with regulation imposing wholesale access to SMP operators) force the industry to restructure towards a low-cost industry.

in this process, the (wrong) idea that they could squeeze revenues from traffic discrimination, is just one important part of the story.

As ex-monopolists fixed operators have to provide access to infrastructure at wholesale, regulated, "cost-plus" prices, neutrality on the fixed network is more likely to remain (there are hundreds of fixed line ISPs).

As mobile operators are non monopolists (in legal terms) yet control an essential facility (and a couple of them in each country have significant margins), traffic and price discrimination on wireless/ mobile access is very likely to increase in the future.

Its effects will likely show-up later through bundling pricing on large fixed operators, as the industry converges toward mobile operators increasingly acquiring fixed-line operators.

Any legal provision in the US enforcing Net Neutrality and NON price discrimination will reverberate its positive effects in Europe as well.

So, please, don't understimate discriminatory pricing..

best, s.

Il giorno 18/mar/08, alle ore 00:34, Bob Poortinga ha scritto:

I am not surprised at all by this turn of events.  Everyone should
have seen this coming sooner or later as a result of the SiteFinder
fiasco.  At this point, the redirection appears to be for only
domains with an unrecognized GTLD or that return NXDOMAIN as a result
of a DNS query.  This is the first step in DNS hijacking, and,
although a nuisance, is fairly benign.  The main problem introduced
by this scheme is that some mail systems are configured to reject
mail with an unknown sender domain as an anti-spam measure.
However, anyone who runs a mail server should also be running their
own DNS resolver.  Running your own resolver won't work with ISPs
who actually intercept and proxy all DNS queries, though.

Taking DNS hijacking to the next level will involve substituting an
IP address of the ISP's choice for a the IP address returned from a
legitimate DNS query.  There is nothing in law (except maybe
trademark law) to prevent this from happening.  There is quite a bit
of ad revenue generated from type-in traffic for generic domain
names like 'weddingrings.com' and this will be the next type of
traffic that these ISPs will go after.  There will undoubtedly be a
huge confrontation over this, and, unless there are legal
protections for domain owners codified in law, the ISPs will
probably get away with it.

--
Bob Poortinga  K9SQL
Bloomington, IN  US

[ With this initial round of tests, we don't really know all
of the interception parameters or conditions. There is
likely to be considerable variation. For example, some results
so far suggest that HughesNet is intercepting port 53 UDP (ordinary
DNS lookups) but perhaps not 53 TCP (zone transfers). On the other
hand, early indications from initial reports are that Sprint EVDO
is intercepting 53 UDP and TCP.


    The nslookup and dig tests specified are quite explicit.  The
    test arguments specify that the query is to be made to a
    *specific* server.  By the way, there is no requirement that
    the contents of DNS servers only include globally-known TLDs --
    it is not uncommon for "private" names to be included in DNS
    servers for special purposes that can only be obtained with
    direct queries to those servers.

    To the extent that ISP port-based redirection prevents subscribers
    from directly querying specified DNS servers, and in fact return
    falsified data, this is potentially a pretty big deal even now.

      -- Lauren Weinstein
         NNSquad Moderator ]