Blog Post

Packet Inspector Kindsight: We’re the Google of Web Security

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Kindsight CEO Mike Gassewitz cringes when he hears his company described as a deep packet inspection firm. Yes, that is part of what the company does, but he believes the technology is an integral aspect of Kindsight’s primary mission: free computer security and identity theft protection. Where the company has some confused is that it is also using deep packet inspection to also help target ads for consumers. In that way, Kindsight is similar to Google: it offers up a free service and then monetizes it by delivering ads against its customer base.

“We’re very similar to Google; they get a lion share of revenue from advertising,” said Gassewitz told me. “But Google’s search engine isn’t an incentive for advertising and our security product isn’t an incentive for us. We do real hardcore analysis to look for malware. If we didn’t have that, we wouldn’t have a business.”

Kindsight —  a spin-off of Alcatel-Lucent (s alu) preparing to deploy with Internet service providers — will serve as a great test for how well it can utilize the controversial DPI technology to serve two distinct goals whose operations are intertwined. Deep packet inspection involves monitoring Internet data traffic down to the deepest layers and can be used for security, traffic management, spying or behavioral targeting. If Kindsight finds traction, it may signal the way companies can leverage DPI to good effect without stirring up the controversies in the past associated with companies like Phorm and NebuAd, who caused outrage when they monitored people’s online behavior and targeted them with ads.

While Kindsight is looking to sell its Internet security solution through the ISPs, it believes it needs the advertising component to be successful and help ISPs pay off the investment in the technology. It’s gone to great lengths to make its use of DPI not only palatable to users but appealing by offering free, enterprise-grade, network-based, security to consumers. Six ISPs in North America, Europe and Asia are trialing the technology, and Kindsight is talking to many more. By installing its deep packet inspection appliances inside the network, Kindsight said it can pick off tell-tale signs of malware traffic that get overlooked by traditional consumer security software that resides on a computer.

Where things get interesting is when Kindsight leverages its position inside the network to serve up ads. For users who take the protection service for free, Kindsight looks at the web traffic from a customer and builds an anonymous character based on their activity, from which Kindsight can infer their likes and interests. Kindsight then uses that information to help target ads for its base of 100,000 advertisers. Gassewitz said Kindsight doesn’t track individuals, doesn’t store any information and avoids scoring data on users from visits to sensitive sites that deal with politics, health, religion or children. Even without that information, Kindsight can glean a lot of good inferences because it inspects packets down to layer 7 of the OSI model.

The ad portion of the business is essentially what Phorm did but without informing users. Kindsight has learned from Phorm’s faux pas: it makes its service opt-in. Users will get prompted by the ISP, which will take them through a lengthy process if they want to sign-up. If they agree, they will get monthly reports on security and immediate alerts for intrusions. Users can opt-out at any time but will forgo the security service. Or they can choose to pay a monthly fee to keep the security protection while avoiding the targeted ads.

If Kindsight can get the formula down, it believes everyone can win. ISPs, who get a cut of the Kindsight’s revenue, can monetize their data and avoid becoming dumb pipes while users can get a valuable service, and Kindsight can make money selling the service. “From an advertising perspective, being inside the network is sensitive so you shouldn’t do this unless consumers understand what is occurring,” Gassewitz said. “Why we’re getting traction is the value to the consumer. There is a real value in network-based security.”

There is some irony in a company that uses DPI to sell security considering Phorm was called out as a provider of adware and spyware. But Gassewitz believes he can essentially redeem the reputation of DPI technology with Kindsight. Looking at the model, I can certainly see the appeal for Kindsight and ISPs. Consumers will have to get a straight pitch from their Internet provider and see clear results over time for this to work. And they have to be assured that Kindsight’s claims of anonymity are fulfilled.

But pairing deep packet inspection with online security is about the best way to use DPI technology for advertising and lets ISPs tap into the goldmine of user data they’re sitting on. It’s better than Phorm’s attempts to sell consumers in Brazil on DPI-based targeted ads. Phorm is working with two ISPs there to give customers personalized content on partner websites if they opt-in to the service. That seems like a less valuable offer compared to online security, which many people worry about. I’m not sure Kindsight can have Google-like success but it’s got a better shot than previous DPI companies.

Related content from GigaOM Pro (sub req’d):

7 Responses to “Packet Inspector Kindsight: We’re the Google of Web Security”

  1. no2phorm

    Still spinning I see, Stephanie.
    I was a BT customer who was entered into a Stealth Trial of Webwise (BT branding of Phorm).
    It was and still is evil.
    You state that Webwise was designed to be opt-in, Webwise was designed to be OPT-OUT until the ICO slapped your wrist and said, “think again”
    DPI will never be a non event, at least here in the UK.
    We, and there are lots of us, continue to scour the web looking for comments and news about DPI.
    If DPI doesn`t go away, neither will we.

  2. Jonathan Doe


    I was suddenly presented by a Pagesense Webpage in 2006 without warning!
    I was suddenly presented by a Webwise Webpage in 2007 without warning!


    I call that “Interception of my communications”

    Of course I did not know Phorm was responsible at the time, but I very very strongly suspected BT & their Servers!

    Both times I immediately shut down my Browser disconnected from the Web & thoroughly checked my system for MALWARE!

    I am much MORE hostile NOW not less!

  3. Stephanie

    Stacy – The article implies that Phorm launched commercially as a non-opt-in service. That is simply not the case and was never meant to be. I’m simply observing that there appears to be considerably less controversy about this type of service than there was two years ago when I worked at Phorm. P.S. Isn’t the first “commenter” on this article a copyeditor at giga om?

    • Cyndy Aleo

      I fail to understand why working at GigaOM classifies me as an air-quoted “commenter” rather than a regular commenter. I make no attempt to hide my identity, and I will occasionally disagree with them in the comments of their articles rather than having an email debate. Now that I look at it, I’m not sure why my name isn’t linked, but all comments I make on the site are while I’m logged in.

      Being a GigaOM employee surely shouldn’t prevent me from having an opinion on topics, should it?

  4. Stephanie

    There are several errors in this story. While BT trialed Phorm without notifying customers, the Phorm service was always designed to be opt-in at the ISP level. As far as I can tell, Kindsight is *exactly* the same service Phorm was proposing to ISPs. Phorm even considered offering security services in the bundle, along with personalized content. So it’s interesting that two years after the Phorm firestorm what a non-issue DPI-based targeted advertising is today.

    • Stephanie, should I assume from your email address that you are the Stephanie Willerton who was the spokeswoman for Phorm? Of your claim of several errors, I can’t find any. Plus, you only address one perceived claim in your comment.

      Phorm may have been designed to be opt-in at the ISP level, but in practice, which is what the story references, it was not. BT did not inform users and neither did other ISPs until the firestorm around the service became intense.

      As for the idea that DPI-based targeted advertising is a non-issue, I beg to differ. It’s still an issue, which is why companies are having to wrap it in a security blanker in order to sell it. I’m sure Kindsight will soon be issuing threatening releases about the dangers of malware that DPI will protect against so people feel compelled to sign up.

  5. Cyndy Aleo

    Why is everyone suddenly acting like DPI is the new black? I don’t care what terms they couch it in; it’s spying. I don’t buy for a second that it’s a great use for security, because they want to know where I’m going and what I’m doing. Malware is a priority for DPI? I think not. I note that “porn” isn’t included in the list of “sensitive” topics. Cuomo was on his DPI charge two years ago to follow folks’ dirtier web traffic: