Here we go again - ISP DPI, but is it interception?

David Biggins David_Biggins at
Wed Aug 4 10:16:09 BST 2010

> -----Original Message-----
> From: ukcrypto-bounces at [mailto:ukcrypto-
> bounces at] On Behalf Of James Firth
> Sent: 29 July 2010 14:34
> To: 'UK Cryptography Policy Discussion Group'
> Subject: RE: Here we go again - ISP DPI, but is it interception?
> David Biggins wrote:
> > Hmmmm.....
> >
> > The other week, I requested some data from a SOAP web service...
> >
> > The XML response arrived, interestingly, broken, with javascript
> > embedded in it.
> >
> > The client and server machines are both clean, and the server most
> > assuredly does not send script in its responses.
> >
> > Regrettably, I didn't keep the response - deadlines loomed, so I
> > repeated the request, which arrived clean.
> >
> > Virgin Media is my ISP, and the last time I saw something like this
> was
> > during the Phorm trials.
> The last 2 cases of this I investigated turned out to be down to
> Internet Security running on the client machine.  I assume you've
> already
> considered this and will keep my ear to the ground.
> James Firth

Hi James,

Specifically to avoid such issues, this was part of a dedicated test
setup, with just the basic Vista 64 firewall, Avast AV (just the AV, no
additional "security suite" tools), and no other resident anti-malware
tools were running.

I guess it's possible that Avast's monitoring was somehow responsible.
I would have expected the problem to have been likely to recur since, in
such a case,  but I'll keep an open mind.

Thanks for the feedback.


More information about the ukcrypto mailing list