The BBC is going to intercept WiFi traffic to find people watching iPlayer without paying the license fee

[bcredeur97]

just because you found me doesn't mean you're gonna do anything about it. 

 

What are they planning to do to these people they find, exactly? ask them to stop? lol

[Rune]

Well, at least they were up front in saying it.

[8uhbbhu8]

So basically all i need to do (if i lived in the uk lol) is in between my device and my wifi router and then again from my router is randomly pad my packets..... also wheres my tinfoil? I have some windows and walls to cover

[kirashi]

Anyone using a decent encryption key and Wireless Encryption Standard is going to be fine, as the license inspectors would need some kind of supercomputer to break down the encryption, especially if one was using WPA2-Enterprise and a Radius server to encrypt every packet sent with a different randomly generated rotating key.

 

But hold up there, I wouldn't even go that far as to upgrade my wireless gear to Enterprise standards. I'll just go buy some cheap directional antennas online, mount them on the outside of my home on each side and corner pointing out toward the street, and generate about 10,000 SSID's a second using Kali Linux. No agency's equipment is going to be able to handle being spammed on every wireless channel at such an absurdly high rate, and as long as each access point is under the legal broadcast limit, it's technically not illegal to do.

[Belgarathian]

I swear there would have to be easier, less invasive ways of tracking this. Say... the IP address of people who access iPlayer, which would currently be possible, and then checking the location of the IP address vs the location of the paid subscription. 

 

If the subscription hasn't been paid, then send a warning notification through the app. - Sure you're not going to get people with VPNs, but realistically that would have to make up like... <1% of the population using the app. 

 

33 minutes ago, kirashi said:

Anyone using a decent encryption key and Wireless Encryption Standard is going to be fine, as the license inspectors would need some kind of supercomputer to break down the encryption, especially if one was using WPA2-Enterprise and a Radius server to encrypt every packet sent with a different randomly generated rotating key.

 

But hold up there, I wouldn't even go that far as to upgrade my wireless gear to Enterprise standards. I'll just go buy some cheap directional antennas online, mount them on the outside of my home on each side and corner pointing out toward the street, and generate about 10,000 SSID's a second using Kali Linux. No agency's equipment is going to be able to handle being spammed on every wireless channel at such an absurdly high rate, and as long as each access point is under the legal broadcast limit, it's technically not illegal to do.

 

Your neighbors are going to hate you, so, so much. 

[kirashi]

2 minutes ago, Belgarathian said:

Your neighbors are going to hate you, so, so much. 

 

Well, I mean, it wouldn't be my fault that houses are packed so closely together in the UK. That sounds like poor civil engineering to me.

 

/sarcasm off. Yeah, your neighbors would absolutely hate you for broadcasting networks like this, so I don't actually suggest it. But still.

[Belgarathian]

1 minute ago, kirashi said:

Well, I mean, it wouldn't be my fault that houses are packed so closely together in the UK. That sounds like poor civil engineering to me.

 

/sarcasm off. Yeah, your neighbors would absolutely hate you for broadcasting networks like this, so I don't actually suggest it. But still.

What you do is hide the SSID of your networks, and then create a honeypot for your spam network so that when the network gets a client it generates SSIDs.

[thekeemo]

16 hours ago, LAwLz said:

This seems like an overly complicated system which is very impractical.

 

So they will be sitting there, measuring the encrypted WiFi packets, and trying to see if they match one of the sessions going to iPlayer? Remember, WPA2 gets applied at layer 2, so they won't be able to do a simple check of the destination IP.

Edit: They will have to sit there going "okay, this house just sent 4 packets roughly 175 bytes each, and a few ms later 4 packets similar to that just hit our iPlayer server with roughly the same size".

 

It will probably cost them more money to catch someone using the service without paying the license, than the license actually brings in. So is this suppose to be a deterrence? Because it's laughable. What a colossal waste of money.

I think they are going to sit there changing the packet size they are sending and see if it changes for that network the same amount

[thekeemo]

2 hours ago, kirashi said:

-snip-

Could be considered signal jamming which I think is illegal

Edited August 8, 2016 by thekeemo
Changed the quote for clarity

[kirashi]

15 minutes ago, thekeemo said:

Could be considered signal jamming which I think is illegal

Using encryption on your own network isn't signal jamming?

 

Unless you were trying to quote the latter section of my post about spewing out 10,000 SSIDs per second. That indeed could be considered signal jamming depending on where you live.

[thekeemo]

1 hour ago, kirashi said:

Using encryption on your own network isn't signal jamming?

 

Unless you were trying to quote the latter section of my post about spewing out 10,000 SSIDs per second. That indeed could be considered signal jamming depending on where you live.

Yes the second part  just snipped for brevity

[colonel_mortis]

8 hours ago, DildorTheDecent said:

can't recall that being a thing. It's covered by the licence iirc. 

 

https://i.gyazo.com/d3b31663459dedcba0c27c09c44d39a6.mp4

Yes, by pay, I mean have paid the TV licence.

[ShadowCaptain]

12 hours ago, Tomsen said:

Wouldn't it be all simpler if BBC's fee were covered by taxes (taxes would increase every so slightly), and have the whole thing done with.

Then all the stupidity about catching people trying to evade the license cost would go away.

It is a public service after all, isn't it?

 

NO, because the BBC is independent of direct government control, we dont want it to be government funded so that it can remain independant and free to publish what it wants

BBC is the oldest broadcasting network in the world and also the largest

the news is also the biggest news broadcasting in the world and is generally regarded as being impartial (compared to any other)

 

so yeah its kind of a unique thing

[Castdeath97]

11 hours ago, LAwLz said:

Does not help.

WPA2 is already (in practice) uncrackable and will prevent them from seeing what's inside the packets. What they do is look at the size of packets being sent to you, when they are sent, how often, with what latency, and so on, in order to determine if it matches a pattern of packets being sent from their servers.

No type of encryption prevents this (except one that pads your packets), because they collecting meta data, not the actual data.

 

 

Hiding your SSID doesn't actually do anything against any type of attack. Especially not this type.

So, technically they can't figure out the actual contents and will only be able to find out if you are using their stupid iPlayer service. If that's true we should be safe for now.

[Tomsen]

Just now, ShadowCaptain said:

NO, because the BBC is independent of the government, we dont want it to be government funded

BBC is not completely independent. It already is government funded.

Simply changing the type of tax that TV license is covered by, should be able to fix it.

 

 

[Daiyus]

Well this is just getting ridiculous. I haven't paid a TV license for five years and I'm not about to start now. If they manage to "catch me" with any evidence that is actually able to legally reprimand me then I'll just cut iPlayer out. My wife may not like being cut off from Casualty and Holby City, but they're not worth £150 a year damnit.

[ShadowCaptain]

23 minutes ago, Tomsen said:

BBC is not completely independent. It already is government funded.

Simply changing the type of tax that TV license is covered by, should be able to fix it.

 

 

How is it government funded? it is funded by tv licences... thats the whole point

 

They also make money selling BBC programmes internationally, like Dr Who for example

[Tomsen]

14 minutes ago, ShadowCaptain said:

How is it government funded? it is funded by tv licences... thats the whole point

How do we define TV license? In the UK, it is defined as a tax. Hypothecated tax to be precise.

BBC are in charge of collecting the license fee, however do not directly use of that asset. Instead that license fee is put into government funds, thats then spreads it out to fund different public broadcast services.

[ShadowCaptain]

3 minutes ago, Tomsen said:

How do we define TV license? In the UK, it is defined as a tax. Hypothecated tax to be precise.

BBC are in charge of collecting the license fee, however do not directly use of that asset. Instead that license fee is put into government funds, thats then spreads it out to fund different public broadcast services.

Its defined legally as a tax but only so people can be punished legally for not paying, but is collected privately by TV licencing which is a company directly under BBC control, the money goes directly to the BBC to fund TV, Radio and news

the money does not go to the government

[Tomsen]

Just now, ShadowCaptain said:

Its defined legally as a tax, but is collected privately by TV licencing which is a company directly under BBC control, the money goes directly to the BBC to fund TV, Radio and news

the money does not go to the government

 

From Televions Licensing in the UK wiki [https://en.wikipedia.org/wiki/Television_licensing_in_the_United_Kingdom]:

Quote

Although the money is raised for its own use, the BBC does not directly use the collected fees. The money received is first paid into the Government's Consolidated Fund. It is subsequently included in the 'vote' for the Department of Culture, Media and Sport in that year's Appropriation Act, and passed back to the BBC for the running of the BBC's own services (free from commercial advertisements). The money also finances programming for S4C and the BBC World Service as well as to run BBC Monitoring at Caversham

 

[porina]

The BBC operates through its Royal Charter, which as far as I understand, is influenced by politicians upon each renewal. I really do believe the BBC would be no worse being funded through general taxation and remove the unnecessary complication of having the separate fee. Independence from government is also a part of the Charter, and an independent body could be used to distance government and BBC funding decisions.

 

My other preferred solution would be the use of technological measures to limit access to those who have paid. In the same way you can't get premium channels without paying for it, why not apply that to the BBC also?

[ShadowCaptain]

4 minutes ago, Tomsen said:

 

From Televions Licensing in the UK wiki [https://en.wikipedia.org/wiki/Television_licensing_in_the_United_Kingdom]:

 

Its still not "government funded"  as its a separate fund specifically for running TV channels etc

 

its not like the government are using money from their own pockets to pay for shows which is what that language implies

[Tomsen]

44 minutes ago, ShadowCaptain said:

Its still not "government funded"  as its a separate fund specifically for running TV channels etc

 

its not like the government are using money from their own pockets to pay for shows which is what that language implies

There are separate funds specifically for running each category of public service. And everything under that category gets a share of that specific fund.

 

The government do exactly that. Governments pocket is it citizen taxes.

[mikeeginger]

How would this work when some one uses a VPN?

Also isn't this illegal ?

 

[jagdtigger]

18 hours ago, LAwLz said:

Does not help.

WPA2 is already (in practice) uncrackable and will prevent them from seeing what's inside the packets. What they do is look at the size of packets being sent to you, when they are sent, how often, with what latency, and so on, in order to determine if it matches a pattern of packets being sent from their servers.

No type of encryption prevents this (except one that pads your packets), because they collecting meta data, not the actual data.

 

 

Hiding your SSID doesn't actually do anything against any type of attack. Especially not this type.

Its not the encryption what matters in this case, its the overhead caused by using an OpenVPN tunnel... It adds a few thing to the encrypted packets so the size wont match. And i would bet it will throw off the "pattern" of the packets...

 

And one more problem, how they gonna get the info who is the owner of the AP? Their evidence wont hold up in court and besides routers have different MAC on the LAN and WAN side so its a dead end once again.

 

They found an impossible mission.