andrewlighten.com

Big Girl has created a blog. We’ve considered this for a while and encouraged her to do it today.

I figure that she loves creative writing at school so giving her an outlet for this and to develop her sense of web savvy is a good thing.

You’ll find it at Gocky’s Blog.

She’s only 7, so don’t expect any literary brilliance – but she’ll have a darn good go at having fun with it.

This is my friend Nello (his real name is Neil). I worked with him for a bunch of years at CitiPower and although we’ve kept in touch through email I haven’t seen him for a while. When we went to the zoo a couple of weeks ago I bumped into him just as we were leaving and he invited me around for dinner. We got together last night and spent a few hours catching up.

At Big Girl’s school it’s the last day of term 2, so they had a fashion parade to finish off their term’s work on clothing. Here she is, strutting her stuff:

Her biggest fan was there, of course:

I took a few quick snaps afterward of her and her best friend:

The most horrifying sight during the parade was a surprise visit from the principal’s sister:

Taken from the walkway at Cement Creek, Donna Buang.

Disclaimer: These are my personal views and my personal comments. This article does not necessarily represent the view of my employer (Nokia Siemens Networks) or any of its other employees.

In what is possibly a bad move – time will tell – I’ve thrown my hat into the ring and declared my hand in a heated discussion that’s flaring up on Twitter right now.

At the centre of the discussion is the incorrect reporting that my employer, Nokia Siemens Networks, has supplied technology that allowed the Iranian government to intercept every piece of electronic communication throughout the country. The implication is that this technology was used by the government to harass, influence and punish people whose views were not acceptable, and in doing so, NSN have assisted in the suppression of freedom of speech.

I believe this is an exaggeration of what has actually occurred.

Lawful intercept

For those who aren’t already aware, I work on Lawful Intercept for Nokia Siemens Networks. The term “Lawful Intercept” means the ability to lawfully intercept communication on a data network. The team I work on is involved in lawful intercept of voice and data on mobile telephone networks.

The mobile network (known 3G in Australia, but it’s formally called UMTS) provides for the interception of both voice and data.

It is a fundamental requirement of the UMTS network as defined by ETSI (the European Telecommunication Standards Institute) that these intercept capabilities be present.

Within the UMTS network, to intercept mobile traffic, you need to identify an intercept target in one of three ways: via an IMSI (the USIM ID), an IMEI (the mobile equipment ID) or an MSISDN (the target’s publicly known number).

Having identified a target, the UMTS network will deliver the lawful intercept software all traffic associated with those identifiers.

As used in Australia (where I work, and where the Lawful Intercept software I work on is primarily used) the only way – the only way – to intercept UMTS traffic is for a lawful enforcement agency to obtain an appropriate warrant. The software requires a valid warrant reference be provided along with the intercept target details.

The warrant mandates the period of time for which an intercept is in place. Our software will only activate the UMTS intercept at the time the warrant comes into effect and will deactivate the UMTS intercept at the time the warrant becomes ineffective.

Capacity limits

The pieces of the mobile network (the ‘network elements’) that do the actual monitoring are limited in capacity. Voice traffic is intercepted by an element called the MSS (mobile switching server), and data traffic is intercepted by an element called the LIG (lawful intercept gateway).

Both can only monitor a fractional subset of the actual number of network subscribers because of practical limits in bandwidth.

The idea that the UMTS network could be used to intercept every mobile phone in a country the size of Iran is ludicrous. Anyone who knows anything about the mobile network would clearly understand that.

Deep Packet Inspection

Alongside UMTS mandated intercept requirements is a newish technology called Deep Packet Inspection – generally referred to as DPI.

DPI provides the ability to look inside data packets in real time and make decisions based on the packet contents. DPI is typically used to either intercept traffic (and therefore augment existing lawful capabilities) or influence the flow of traffic. The latter capability is often used in relation to P2P and bit torrent traffic, for example.

To the best of my knowledge, Nokia Siemens Networks does not have a DPI product. We use various third party DPI products depending on what the solution calls for.

Nokia Siemens Networks is a large multinational company, so I obviously don’t know about everything we do, but because of the area I work in I’m fairly certain of my facts here. We don’t have a DPI product.

The IRAN issue

The big issue that’s flaring up on Twitter right now is that NSN is reported to have delivered systems to the Iran government that allowed for the intercept of all types of electronic communication. I believe this is grossly incorrect.

Almost every comment points back to this Wall Street Journal article, which says, in part:

Every digitized packet of online data is deconstructed, examined for keywords and reconstructed within milliseconds.

This is clearly a reference to DPI, and not the UMTS network. The UMTS network is neither required to nor capable of doing what has been suggested.

The WSJ article talks actually about Nokia Siemens Networks using DPI to achieve this. I have no idea what was actually provided to Iran, so I don’t know if we actually provided a DPI component or not but I now know that DPI was not provided by NSN.

Facts

It’s not Nokia Siemens Networks’ policy to comment on individual customers, and I’ll do my best to respect that, but given my knowledge of this area of our business, the facts as I see them are:

• Nokia Siemens Networks provides UMTS compliant network elements, including the MSS and LIG, both of which assist in the lawful intercept of predetermined targets.
• Nokia Siemens Networks can provide DPI as part of a customer solution, but it does not itself have a DPI product. When we provide DPI we resell third party vendor offerings such as those provided by CloudShield, Allot, Sandvine, etc.
• Nokia Siemens Networks did not provide DPI as part of our solution in Iran. [Source]

My views

Those who look down on Nokia Siemens Networks should think twice before blindly following what the WSJ is saying.

Sure, NSN technology does provide lawful intercept components – specifically, those components that meet ETSI standards within the UMTS network.

Other vendors provide technology that supports Deep Packet Inspection.

Regardless of where it comes from, it’s ultimately up to a customer to decide what to do with a technology.

In Australia, our government has great respect for privacy and freedom of speech, and use lawful intercept in a perfectly appropriate way. Those familiar with the gangland killings in Melbourne of the last dozen years will appreciate that justifiable use of lawful intercept is a perfectly valid way to monitor criminal activities.

If another customer in another part of the world uses lawful intercept in a different way it is difficult for the technology provider to accept the blame for that.

It’s easy to suggest that no vendor should provide lawful intercept technology to oppressive regimes. In doing so you’re probably condemning people living under such conditions to having no access to mobile technology at all. Governments who wish to monitor their population as closely as is being suggested in Iran would simply not allow the use of a technology that doesn’t provide for interception.

As a final thought, if you really want to go after a company that provides the technology so that “Every digitized packet of online data is deconstructed, examined for keywords and reconstructed within milliseconds”, don’t look at NSN. Look at the DPI vendors.

Official statement

Nokia Siemens Networks have made an official statement on this issue and reposted that statement on a public blog where comments are encouraged.

Edit: Like the NSN blog, I will attempt to not moderate any comments in reply to this post except those that are purely abusive.

Quirky, but there’s something I really like about this shot.

Our big girl. She’s doing so well at the moment. Full marks (27 out of 27) for a presentation she did at school, then her first ever camp away from home with her Girl Guide group. We got her term 2 school report today. She’s way, way ahead in reading and writing, and doing very well in everything else.