Iran has long censored the Internet, blocking access to international news sites and forums for dissidents. A few weeks ago, the country stepped up its game and started temporarily blocking access to any SSL-encrypted site. This measure makes it harder to use some censorship circumvention tools, but the regime’s main goal may just have been to cut off access to webmail services that were widely used to exchange information without any obvious traces.

“Basically, they disabled Gmail,” I was told last week by Mehdi Yahyanejad, who runs Balatarin.com, the Persian equivalent of the social news site Reddit.com.

Check out my video interview with Yahyanejad:

Balatarin, which aggregates social and political news in a Reddit-like fashion, sees some 1.5 million unique visitors and 13 30 million page views per month. Forty percent of these readers come from within Iran, despite the site’s having been blocked for years.

A year ago, Yahyanejad spent some time analyzing how Iranians access his site. The results: Thirty percent of Iranians used VPNs, and 30 percent came to Balatarin with the help of Ultrasurf, a tool built by Falun Gong activists in the U.S. to help followers of the religion in China. Usage of Tor was small at the time but growing, Yahyanejad told me.

The Tor project itself says it has around 48,000 daily users in Iran. Usage went down significantly when Iran enacted its new censorship measures a few weeks ago, but it has since recovered, as Ars Technica recently reported.

Activists involved in the Tor project as well as other anticensorship initiatives now want to make sure that access remains available in the coming days. A key part of these efforts is a software called Obfsproxy that obfuscates any Tor traffic.

“Iran keeps deploying more and more advanced deep packet inspection,” explained Tor Project Executive Director Andrew Lewman during a phone call on Monday. Obfsproxy is designed to thwart these efforts. “If someone is looking for SSL, then we don’t look like SSL,” he told me.

Lewman is confident that Iran can’t block Obfsproxy traffic, but that doesn’t mean citizens within the country will be able to access the Web freely over the next few days. Web usage in Internet cafes and on company computers is highly monitored, and tools like Tor and its new Obfsproxy solution aren’t always available. “Getting new software rolled out in the country has been the biggest challenge,” admits Lewman.

No one knows exactly what Iran’s government has in store for the next few days. Lewman said the SSL blocking seemed a bit like a test run, which was only in effect for a few days. It is possible the regime will start to block Gmail and other sites that encrypt Web traffic again this week; or it may just turn off the Internet altogether on the day of the election, as Egypt did last year in a futile attempt to quell the Arab Spring uprising.

Sites like Balatarin have also frequently seen denial-of-service attacks around critical events, and Yahyanejad told me he wouldn’t be surprised if his site gets targeted again this week. “It’s a cat and mouse game,” he told me. But Yahyanejad believes providing Iranians with free and uncensored access to information is worth the effort, despite all of these challenges. “The fight against censorship in Iran is one of the best things the outside world could do at this point,” he said.

Image courtesy (CC-BY-SA) of Flickr user marjoleincc

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Digg Relaunch Shows How Hard it is to Change Your Game
• GigaOM Research highs and lows from CES 2013
• How HR can make the case for workforce analytics

This time of year, a lot of companies are issuing their “top predictions for 2012,” and most of the trends they forecast are hopelessly obvious: Smartphone sales will skyrocket! or Apple will launch a new iPhone! But Sandvine’s top 5 projections for the new year are always worth a glance; its status as one of the telecom industry’s biggest packet sniffers gives it unique insight into how consumers use their mobile and wireline broadband connections.

This year, Sandvine had a lot of interesting things to say about how tablets will intersect with the wacky world of mobile broadband as well as the continued deterioration of carrier services and the advent of live streamed video. Without further adieu ado, let’s drill into what Sandvine thinks is in store for us in 2012:

Mobile data pooling plans will become popular

Our own Kevin Tofel has been predicting this trend for some time, and Verizon Wireless has confirmed it will launch its first family data plan next year, so this hardly a breathtaking suggestion. But what makes Sandvine’s prediction more interesting is that it posits pooled plans will be the critical first step to luring tablet and other emerging device users onto mobile broadband. That brings us to Sandvine’s next prediction:

95 percent of tablet traffic will be on fixed access networks

That’s a shockingly high number, since tablets are first and foremost mobile computing devices, but as the emergence of new WiFi-only tablets such as the Kindle Fire show, consumers are much less interested than carriers had hoped in the “mobile” half of mobile broadband. Part of the reason is the higher cost of 3G and 4G connected tablets, as well as the higher fees and data caps associated with a mobile connection. But Sandvine said a primary factor is the lack of pooled data options: Consumers simply don’t want to buy separate plans from their tablets and smartphones.

You would think Sandvine’s prediction on the adoption of pooled plans would reverse this trend, but Sandvine thinks most tablet users will continue to look at Wi-Fi rather than expensive mobile broadband services. Consumers may take advantage of these shared data buckets to buy more 3G and 4G tablet and connect them to their operators’ networks, but that doesn’t mean they will use those connections extensively. Consumers may choose to self-police which networks they use to due to the high per-megabyte cost of mobile broadband. A tablet loaded down with video applications can eat through a 2 GB or 5 GB plan in a matter of days, if not hours.

This is good news and bad news for carriers. Pooled plans will encourage more consumers to hook their tablets into their HSPA and LTE networks, but they won’t make money off consumers closely monitoring their data meters. Carriers will get incremental data revenue from tablets, but they won’t suddenly start seeing customers paying $100 a month for data.

The potential for bill shock will increase

Then again, there will be those customers who accidentally spend $100, or even $1,000, in any given month precisely because they aren’t monitoring their data use closely. Tablets can suck down an enormous amount of bandwidth, so as more of those devices make it onto the wireless network, the greater chance more customers are going to complain to their operators about exorbitant bills.

Messaging apps will take a bigger bite of operator revenues

When AT&T removed all remaining tiers in its messaging plans, it practically started begging its customers to look for SMS alternatives. Faced with either committing $20 a month for an unlimited messaging plan or paying the astronomically high rate of 20 cents a message, many consumers have turned to smartphone services like WhatsApp, GroupMe and Beluga, as well as the proprietary platform texting systems iMessage and BlackBerry Messenger. They all use the phone’s data connection rather than the SMS signaling channel, and since a text message uses only the minutest amount of bandwidth, consumers can send thousands of them without making the smallest dent on even the most restrictive data plan.

Operators make bank off of SMS and so any threat to their messaging services is bound to have impact on revenues and profits. That tide has already shifted, according to Sandvine. Its latest study of IP messaging trends in Asia-Pacific markets shows a full 8 percent of consumers in that region are using WhatsApp to bypass operator SMS fees.

Live video will explode

Saying video will be a critical application in 2012 is obvious, but Sandvine believes next year will be the breakout year for live video, seeing it penetrate beyond the broadcast airwaves and cable boxes to Internet-connected TVs, game consoles, smartphones and tablets. Sandvine pointed toward Bell Canada and Rogers, which jointly bought controlling interest in the NBA’s Toronto Raptors and NHL’s Toronto Maple Leafs. The barriers between live sports content and live IP streaming are rapidly deteriorating.

Of course, live streaming places a whole new set of expectations on operators, who can no longer even out the bumps in a stream through extensive buffering. The problem will become particularly acute on mobile networks, which are already cantankerous beasts when it comes to streaming. Solving problems with latency, packet loss and jitter will become all the more crucial.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Tablet market to hit over 377 million units by 2016
• The future of Wi-Fi in the enterprise
• Today’s Smartphones Give Rise to Tomorrow’s Robots

“We’re very similar to Google; they get a lion share of revenue from advertising,” said Gassewitz told me. “But Google’s search engine isn’t an incentive for advertising and our security product isn’t an incentive for us. We do real hardcore analysis to look for malware. If we didn’t have that, we wouldn’t have a business.”

Kindsight —  a spin-off of Alcatel-Lucent preparing to deploy with Internet service providers — will serve as a great test for how well it can utilize the controversial DPI technology to serve two distinct goals whose operations are intertwined. Deep packet inspection involves monitoring Internet data traffic down to the deepest layers and can be used for security, traffic management, spying or behavioral targeting. If Kindsight finds traction, it may signal the way companies can leverage DPI to good effect without stirring up the controversies in the past associated with companies like Phorm and NebuAd, who caused outrage when they monitored people’s online behavior and targeted them with ads.

While Kindsight is looking to sell its Internet security solution through the ISPs, it believes it needs the advertising component to be successful and help ISPs pay off the investment in the technology. It’s gone to great lengths to make its use of DPI not only palatable to users but appealing by offering free, enterprise-grade, network-based, security to consumers. Six ISPs in North America, Europe and Asia are trialing the technology, and Kindsight is talking to many more. By installing its deep packet inspection appliances inside the network, Kindsight said it can pick off tell-tale signs of malware traffic that get overlooked by traditional consumer security software that resides on a computer.

Where things get interesting is when Kindsight leverages its position inside the network to serve up ads. For users who take the protection service for free, Kindsight looks at the web traffic from a customer and builds an anonymous character based on their activity, from which Kindsight can infer their likes and interests. Kindsight then uses that information to help target ads for its base of 100,000 advertisers. Gassewitz said Kindsight doesn’t track individuals, doesn’t store any information and avoids scoring data on users from visits to sensitive sites that deal with politics, health, religion or children. Even without that information, Kindsight can glean a lot of good inferences because it inspects packets down to layer 7 of the OSI model.

The ad portion of the business is essentially what Phorm did but without informing users. Kindsight has learned from Phorm’s faux pas: it makes its service opt-in. Users will get prompted by the ISP, which will take them through a lengthy process if they want to sign-up. If they agree, they will get monthly reports on security and immediate alerts for intrusions. Users can opt-out at any time but will forgo the security service. Or they can choose to pay a monthly fee to keep the security protection while avoiding the targeted ads.

If Kindsight can get the formula down, it believes everyone can win. ISPs, who get a cut of the Kindsight’s revenue, can monetize their data and avoid becoming dumb pipes while users can get a valuable service, and Kindsight can make money selling the service. “From an advertising perspective, being inside the network is sensitive so you shouldn’t do this unless consumers understand what is occurring,” Gassewitz said. “Why we’re getting traction is the value to the consumer. There is a real value in network-based security.”

There is some irony in a company that uses DPI to sell security considering Phorm was called out as a provider of adware and spyware. But Gassewitz believes he can essentially redeem the reputation of DPI technology with Kindsight. Looking at the model, I can certainly see the appeal for Kindsight and ISPs. Consumers will have to get a straight pitch from their Internet provider and see clear results over time for this to work. And they have to be assured that Kindsight’s claims of anonymity are fulfilled.

But pairing deep packet inspection with online security is about the best way to use DPI technology for advertising and lets ISPs tap into the goldmine of user data they’re sitting on. It’s better than Phorm’s attempts to sell consumers in Brazil on DPI-based targeted ads. Phorm is working with two ISPs there to give customers personalized content on partner websites if they opt-in to the service. That seems like a less valuable offer compared to online security, which many people worry about. I’m not sure Kindsight can have Google-like success but it’s got a better shot than previous DPI companies.

Related content from GigaOM Pro (sub req’d):

• Who Owns Your Data in the Cloud?
• Could Privacy Be Facebook’s Waterloo?
• Facebook Tries to Navigate the Privacy Storm

Kindsight, which is owned by Alcatel-Lucent SA, said six ISPs in the U.S., Canada and Europe are testing its service though no ad targeting is underway. Phorm, which touched off a firestorm in Britain, is actively working the market in Brazil, where it’s signed deals with two ISPs and is looking to expand to the U.S. and South Korea. The two companies are hoping a different approach combined with new consumer expectations and market realities may set the stage for a return of deep packet inspection for ad targeting. It’s unclear if Phorm’s return is entirely new or just part of the Wall Street Journal’s attempts to freak people out as part of its “What They Know” series on web targeting.

The companies are trying to be more upfront with users, offering the ability to opt-out of the technology, and they insist they don’t collect personal information, read email or record a user’s browsing histories. But by going deeper into the data packets, companies can extract more data and create more complete profiles on users than a technology like cookies can. Kindsight said it’s able to differentiate between a user’s work and recreation character profiles when they’re online. The companies are also offering more benefits to users who opt-in. Kindsight is offering free security and identify theft protection, while Phorm offers users the ability to get a tailored experience when they visit a partner’s site. Kindsight said consumer expectations have also shifted in favor of more targeted ads. In a market research survey, Kindsight said about 60 percent of users were willing to take its security service for free in exchange for receiving targeted ads. There’s rich irony in people’s willingness to offer up their private web surfing habits to boost Kindsight or their ISPs’ profits, in exchange for protection from “bad guys” that seek to capture details of their private lives for financial gain.

It’s unclear if this will touch off the same type of firestorm as last time. The controversy in Britain killed deals Phorm was trying to strike with BT and two other ISPs. Congressional hearing two years ago targeted NebuAd, a company that has since gone out of business. The fact that we still don’t have a privacy policy from the feds is opening the door for this technology though that may be changing. The Federal Trade Commission and the Commerce Department are both reportedly preparing reports on online privacy, and the FTC is actually considering a “Do not track” option for users, similar to the Do Not Call registry, though it will likely face lots of opposition from marketers.

The desire of ISPs to wring more revenue from their networks means they’ll keep trying to use deep packet inspection to monetize their users. This has been a simmering issue, but has gotten even more pressing as ISPs are threatened with net neutrality and the prospect of becoming “dumb pipes.” If they can get the formula right and manage consumer concerns, ISPs can reap financial rewards not unlike Google, which also targets consumers with ads. But DPI technology can also strengthen an ISP’s relationship with its users by offering them more tailored or personal content. Plus it’s already used for security purposes. So at this point, absent a firm Do not track option, I think deep packet inspection will increasingly creep back into the picture. It’s too attractive an option to pass up.

Related content from GigaOM Pro (sub req’d):

• Who Owns Your Data in the Cloud?
• Could Privacy Be Facebook’s Waterloo?
• Facebook Tries to Navigate the Privacy Storm

Post and thumbnail photos courtesy of Flickr user dirac3000

BT has said it needs to focus on its fiber buildout and deployments of its triple-play bundle, but the concerns about privacy were likely a contributing factor to its ending its relationship with Phorm (although BT doesn’t seem to mind negative headlines about its service). Plus, there’s another business model around targeted advertising that may look more appealing. Mobile carriers in Europe are playing around with an opt-in model for targeted ads that are directed at the younger set. German carrier E-plus offers text messaging and credits to mobile users who release their personal information and personal preferences to advertisers and agree to receive a certain number of ads each week. Orange, a UK ISP and mobile operator, may also be entering into a partnership to deliver a similar service.

Ad-supported dial-up access is still around, so carriers may be eyeing some kind of opt-in for wired broadband as well, especially if the experience can be less intrusive than a giant ad taking up a third of the browsing screen, as past efforts have. If these efforts succeed, it will be a bittersweet victory for privacy advocates. If ISPs realize that opt-out ad services, in which a customer must elect to opt out of an advertising trial, don’t work, and instead turn to an opt-in model in which the ISP entices users to give up their personal information in exchange for some incentive, consumers would get more control over their data, but advertising would become more insidious.

So while Phorm and rival firm NebuAd are struggling, they may pop up again with a slightly less invasive form of advertising to sell to ISPs. After, ISPs don’t want to let a perfectly good stream of data flowing through their pipes make money for the likes of Google when they’re the ones providing the pipe. Consumers may pay for their monthly broadband, but ISPs definitely want to find ways to charge more.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Social media in Q1: commerce and discovery dominated
• Google doesn’t like walled gardens — except its own
• Controversy, courtrooms and the cloud in Q1

MSNBC has gotten a hold of a proposal made by New York Attorney General Andrew Cuomo to AOL that highlights the use of DPI tools from an Australian company called Brilliant Digital Entertainment. The company is pitching its CopyRouter product (PDF) to help ISPs monitor web traffic, compare it against a list of known child pornography files, and if it makes a match on existing traffic, send the offending subscriber a message warning them that they were about to download child pornography. According to MSNBC, the presentation also says Brilliant Digital could then pass the offender’s IP address over to law enforcement agencies.

Wow, that right there would violate the 4th Amendment preventing unreasonable search and seizure, and would put ISPs in the role of web traffic cop — a role none of them relish. Remember in August when the FCC yelled at Comcast for using deep packet inspection to find and block P2P files? During the hearing related to that enforcement order, FCC chairman Kevin Martin compared Comcast’s tactics to opening up a person’s mail and then deciding which letters to send on. Later, Gigi Sohn, head of the Free Press used that same analogy in describing what ISPs were doing when they used deep packet inspection from NebuAD and Phorm to view a user’s web surfing habits.

As much as I viscerally loathe the exploitation of children, I have to say that just because some of the country’s online “mail” may contain child pornography, it doesn’t justify the use of such software by private companies to enforce federal laws. Because while today it may be child pornography, and tomorrow, information on explosives, followed by those communicating with terrorists…and pretty soon wrapping your PC in foil starts to look appealing. Hey maybe aluminum prices will go up.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Social 2013: The enterprise strikes back
• Examining the rise of crowd labor platforms in 2012
• Social third-quarter 2012: analysis and outlook