Home
 » ISP News » 
Sponsored

NO, the BBC Probably Can NOT Snoop Your WiFi via UK TV Detector Vans

Monday, August 8th, 2016 (11:57 am) - Score 9,737
tv_licensing_van_bbc

Over the weekend it was reported that the BBC were about to deploy new technology that could capture information from your broadband based home WiFi network and “sniff out” any TV Licence fee dodgers watching iPlayer content online. You probably shouldn’t be worried.

Hopefully by now most people will be aware that a recent change in the law means that, as of 1st September 2016, a TV Licence will also be needed to download or watch BBC programmes on demand, including catch up TV, on BBC iPlayer.

Naturally licence fee dodgers will have been alarmed to read the Telegraph’s piece on Saturday, which warned that the TV Licensing Authority was about to launch a fleet of WiFi sniffing vans to help track them down.

The evidence for this was apparently a vague piece of text in a related report from the National Audit Office (NAO) and the mass media duly regurgitated it, even though the full paragraph is not quite as clear cut as originally claimed and does not mention WiFi.

Sir Amyas Morse’s report said:

“The BBC’s final detection and enforcement option is its fleet of detection vans. Where the BBC still suspects that an occupier is watching live television but not paying for a licence, it can send a detection van to check whether this is the case. TVL detection vans can identify viewing on a non‐TV device in the same way that they can detect viewing on a television set. BBC staff were able to demonstrate this to my staff in controlled conditions sufficient for us to be confident that they could detect viewing on a range of non‐TV devices.”

The very same report, on point 1.31 (page 40), clarifies that the BBC’s approach also would have to be rather limited because anything that could snoop on your WiFi, such as in the way suggested by the Telegraph, might also have access to traffic going to non-TV devices. “The BBC rightly acknowledges that this would be an inappropriate invasion of privacy,” said the report.

Now we don’t doubt that such vans do exist, but so far as we are aware nobody has ever been prospected via detection evidence in court and most such vans are merely used by enquiry officers when making house visits to those without a licence fee. Officers catch an average of almost 900 evaders every day, mostly through ordinary means (e.g. face-to-face chats).

The next challenge is one of technology and law. Admittedly anybody running an open WiFi network might be vulnerable to such snooping, although it would depend upon the amount of access allowed by the owner’s router and even then you might need to commit an act of hacking to gather that specific data from deeper within the customer’s home LAN.

However today most routers are secured and encrypted using WPA/WPA2 by default and, short of exploiting a vulnerability in the device to get around this (i.e. hacking, which the authority will NOT do), there’s virtually nothing that the BBC could do to sniff out your iPlayer usage.

Heck it would be easier for the TV Licensing authority to simply abuse measures in the forthcoming Investigatory Powers Bill (IPBill) and have ISPs keep a look out for iPlayer access, although this would still be technically very difficult to achieve with any accuracy (Deep Packet Inspection of traffic perhaps?).

The bill itself is also supposed to be aimed at serious cyber-crime (we’ll see how long that lasts), not TV Licence fee dodgers and lest we not forget the “inappropriate invasion of privacy” comment above. So far the IPBill does not appear to include a provision that precisely matches the TV Licence authority’s rather unique requirements and current laws would demand a warrant.

Alternatively they could perhaps track IP addresses via iPlayer and link that back to an ISP, which would then allow them to request details of the related customer(s) from a broadband provider via the courts. However accessing a particular iPlayer page doesn’t mean to say the content itself was watched and this kind of evidence is notoriously flaky, as well as being easily defeated by a VPN. Once again, WiFi has nothing to do with it.

In other words, short of looking through a window to see what’s on your screen, which is something that the enforcement officers may well attempt, there’s actually no real evidence to support the original claim of WiFi sniffing. Clearly the fear of such a van is far more effective than the van itself, which probably doesn’t even exist or at least not to any huge scale.

However, in playing devil’s advocate, we should say that nobody except the BBC and TV Licensing authority can say 100% for sure that they aren’t rolling around in vans, breaking into your WiFi network and snooping your Internets.

No doubt they’d end up sitting there for hours, observing your sessions of porn, cat pictures and inane Facebook postings, in the hope of catching that one time where you did something useful (to them) and viewed an old episode of Dr Who via iPlayer. So we can’t say for sure and there are ways to theoretically do it, but they’re probably using a much simpler approach that has zero to do with hacking into your WiFi network. Also..

Share with Twitter
Share with Linkedin
Share with Facebook
Share with Reddit
Share with Pinterest
Mark Jackson
By Mark Jackson
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on Twitter, , Facebook and Linkedin.
Leave a Comment
29 Responses
  1. Avatar rage

    So I had a think through and I think it’s actually technically possible, you can easily dump the traffic from a wifi network, that’s not up for dispute and with a directional antenna and the right radio hardware you could do so from some distance.

    If, for instance, an iplayer stream included a sequence of predictable packet sizes at a regular interval (i.e. something like, if every two minutes it sent a 10 byte packet, followed by a 35 byte packet followed by a 51 byte packet) then the chance of that repeatedly occurring randomly, in that sequence, is extremely small (like, if the sequence is 10 packets long then the chances get into the billion to one range…).

    Also keep in mind TV licensing could possibly enforce fines under civil law rather than criminal in theory, where the burden of proof is lower for them.

    It would actually be fairly difficult to circumvent as well, even if you used a VPN or padded the traffic in some other way the pattern would continue, just offset.

    Obviously, not using wifi would be the obvious option, though if they got the client side to send the sequence to a broadcast address then unless your wifi and wired networks were completely separate then it would leak out and be detectable.

    • Avatar Steve Jones

      I would question whether it would be possible to sue in a civil court. It would certainly not be possible to sue on the basis of not having a TV licence as that’s a purely criminal offence. That really only leaves open the opportunity to sue for breach of copyright which is, notoriously, an expensive thing to do with relatively low damages for purely personal use. In any event, this whole idea of using some sort of packet size signature for identifying the streaming source is highly questionable as sufficient evidence, and that’s before you even get into the ridiculous logistics of capturing vast amounts of WiFi traffic on the off chance of capturing something useful

      Far more likely would be by detecting iPlayer usage via the app or plug-in and using the geolocation APIs available (which work best with GPS enabled devices, but is till possible, albeit in more limited ways without GPS). That approximate geographical information combined with the public IP address of the streaming replay device, licence records and iPlayer service access history could suffice to get a court order for the relevant IP access records from the ISP. This could be done with bulk requests (for many IP addresses) as is done for piracy cases, thereby keeping costs down. There might also be sufficient device profiling information to allow for questioning in court (especially if the device profiling matched, say, a smart TV or a set-top box). A court case might not even be necessary as a scary-sounding letter might suffice. The existing letters sent out to households without licences are full of this sort of attempt to frighten individuals into buying a licence, without even having to provide evidence.

      Usinf an iPlayer app/plug-in detection is there is no requirement to send round expensive vans using dubious identification techniques which I doubt are financially viable.

    • You might be able to do something like that with the old WEP method and probably within the space of a few short minutes, but WPA2 and modern routers are another ball game. A court of law will also demand more evidence than a pattern.

      It would be simpler to catch the log and then brute force the encryption, but you’d need access to a very powerful computer / distributed computing and what if there’s no BBC iPlayer usage in that period? A lot of effort to try and find the needle and the possibility of breaching Computer Misuse laws.

    • Avatar Steve Jones

      I’d agree totally. I always thought the idea of enforcement via Wi-Fi snooping was nothing more than a scare story. I think enforcement via an iPlayer app/plugin is the obvious way to go on this one.

    • Avatar rage

      Cracking the encryption isn’t required. One just needs a decent WiFi adaptor and Wireshark. This method involves analysis of the packets as they fly through the air. Having the ability to view the content of the encrypted packets isn’t necessary.

    • Avatar Steve Jones

      @rage

      WPA2 frames are encrypted using sophisticated algorithms. Wireshark would be completely useless as you wouldn’t even be able to determine basic IP information, like the source and destination IP addresses and sockets. So the only way that anybody seems to have come up with is to modulate the size of iPlayer packets in some characteristic manner so that they can be recognised, which is all a bit hit-and-miss given that there could be many flows all happening at the same time on the same WiFi network.

      So perhaps you can explain how Wireshark can detect the use of iPlayer given it won’t even be able to identify a frame as carrying an IP packet, let alone any more detail.

    • I think the Wireshark one on WPA/2 is only useful if you actually have access to the network first (i.e. can connect to it), which kind of defeats the challenge 🙂 .

    • Avatar rage

      “So the only way that anybody seems to have come up with is to modulate the size of iPlayer packets in some characteristic manner so that they can be recognised”

      Pretty much this. Direct network access isn’t required to see packet frequency and size. iPlayer would send a burst of packets every X minutes, the size of each packet would be set to a specific size, creating a detectable watermark.

      Is this method technically possible in the lab? Yes.
      Will the BBC use it in the field? No. It’s just another pathetic scare tactic.

    • Avatar David Peters

      A packet stream “looking like” what one might typically expect to characterise player sessions is hardly evidence of anything. Even if such a pattern really existed. People can war drive off neighbours wifi, one of our elderly neighbours does this for convenience and her neighbour doesn’t mind. You could watch Iplayer, anywhere where there is wifi which is everywhere, cafes, pubs, tube, aircraft. Trains, anywhere you can get wifi. With an IPSec vpn, no amount of snooping is going to help. Loads of my friends use vpn to protect on line banking sessions. Dead easy. If you have wired connectivity at home, many do for smart TVs (especially as a wifi signal is relatively unstable usually if router not close to tv) then how are they going to break that? The bbc need to be in the room with you watching you turn on Iplayer on watching it. To monetise use of Iplayer, BBC just should do what all other paid for sites do. Good grief it’s really not rocket science. This is all academic anyway because I challenge anybody to find anything worth watching on the BBC. I have tried I really really have.

  2. Avatar dragoneast

    If only we could summon up anything like the same amount of energy into the things we’re supposed to be doing (like work) as for those things we’re not, the economy would be booming. Fat chance. The adults play more than the kids.

  3. Avatar New_Londoner

    It would be good if a way could be found to ensure the freeloaders pay like everyone else.

    • Make it part of general taxation 🙂 , which is not terribly popular. Mind you the government seems to use the BBC’s budget for all sorts these days, even broadband.

    • Avatar Steve Jones

      It’s not the BBC budget. There is nothing in the legislation for the TV licence that defines it as such. In that it is a hypothecated tax, it is for public broadcasting. It’s assigned to the BBC by executive action, and the fact that the BBC had an effective monopoly over the funds is down to successful lobbying (a monopoly save what was top-sliced for the digital broadcasting transitioning exercise – the unspent portion of which was used to fund BDUK).

      Now the BBC have it all back, but what they aren’t being funded for is the free licences for the over 75s, so in that respect they are picking up the costs of a social measure.

    • Avatar cyclope

      It would be even better if the BBC stopped mis reporting down playing terrorist attacks in this country and europe, and stops being no more than a mouth peace for the establishment and it’s eu paymasters, Time the bbc adopted a subscription model and sacked the tv tax,

      As for increasing income tax they wouldn’t gain anything by doing that as there are as many out of work if not more than those who wont pay the bbc’s peado ring and fat cats who waste horrendous amounts of money on hotels and travel tickets and taxis

  4. Isn’t a mandatory sign-in on iplayer a blindingly simple solution here? Could be accompanied by an option to buy a license with a credit card.

    Works well for Netflix. They even allow multiple accounts and police that.

    • Avatar Steve Jones

      I’d agree, and each TV licence could then come with the ability to enable a number of devices. Sufficient for a family’s requirements.

    • Avatar Oggy

      You can buy Netflix log ins on the dark net for pennies.

      The exact same thing would happen here.

    • Avatar Panda

      Of course a registration tied to your License Fee number/address is the obvious solution – but the BBC rely on their gang of bullyboy enforcers to scare people into getting licenses (often when not even needed).

  5. Avatar dan

    shouldn’t have to pay a tv tax for whats on the bloody thing typical ****** uk

  6. Avatar Crapita are C*nts

    my license fee was cancelled 3yrs ago and i have been harassed ever since, it now goes to more important things, like a VPN and a hard drive.

    These Tv Natzi’s seem to think that because i live in a house i must need a license, they also think that because i have bought a tv i need a licence just to bloody own it!
    I play games on it and watch dvd’s on it, so get F*cked

    I will not pay money to a corp that covers up pedo’s, spews out bullshit they call news, and pays far too much to their so called “talent”

    I now get what I want, when I want, and watch it when I want, and I dont give a fuck how many bald headed heavies they send to my door

    If i like something i will buy it, But I Will Not fund their 90-95% Bullshit.

    and the so called vans don’t exist, if they could actually prove i am watching tv, why would they send the heavies round every year, just “to see if you have moved sir”
    I know they have no vans and i also know the sneaky bastards park up the road in their crappy little cars.

    I have never used iplayer and i never will.

    • Avatar Steve Jones

      Now lie down in a dark room until you feel a little calmer…

    • Avatar cyclope

      Why even answer they door to them, or just answer it tell the crapita goons to f off and slam it in their faces, best rule is no contact bin the monthly threat-o -grams /begging letters and save over £100 per year

  7. Avatar Ron

    There is no Equipment in the Detector vans !.
    I have been in them 🙂
    It all kidology .
    There are some nice equipment racks with nice lights and knobs but they are empty :).

    • Avatar cyclope

      The sit in them vans perving into peoples bedroom windows using binoculars, they have never had any proper tv detection equipment that would stand up to scrutiny of a criminal court, which is why they have never used evidence from it to prosecute anyone, but they are known to use it one busy not technically minded magistrates when applying for search warrants, which again isn’t that common place

  8. Avatar Crapita are C*nts

    where are the knobs located, are they in the driver and passenger seat 😉

  9. Avatar Marc Sloan

    The only thing in the detector vans is a laptop with a list of non licence holders, there is no fancy tech it is just them trying to scare people into funding the lifestyles of many a pedophile.

  10. If they cared enough, it’s easy to trqck iplayer viewers from their webserver logs and get the owner’s details from the ISP.

    Surely as an operator of a website you know that you can easily track everything your users view on your website.

    • Avatar cyclope

      The bbc don’t host the content on their own servers, it is hosted by CDNS and there are least 2 different companies

  11. How does that change anything? Any CDN worth the title will collect and make available detailed analytics about the hosted content.

Comments RSS Feed

Javascript must be enabled to post (most browsers do this automatically)

Privacy Notice: Please note that news comments are anonymous, which means that we do NOT require you to enter any real personal details to post a message. By clicking to submit a post you agree to storing your comment content, display name, IP, email and / or website details in our database, for as long as the post remains live.

Only the submitted name and comment will be displayed in public, while the rest will be kept private (we will never share this outside of ISPreview, regardless of whether the data is real or fake). This comment system uses submitted IP, email and website address data to spot abuse and spammers. All data is transferred via an encrypted (https secure) session.

NOTE 1: Sometimes your comment might not appear immediately due to site cache (this is cleared every few hours) or it may be caught by automated moderation / anti-spam.

NOTE 2: Comments that break our rules, spam, troll or post via known fake IP/proxy servers may be blocked or removed.
Cheapest Superfast ISPs
  • Hyperoptic £16.80 (*22.00)
    Avg. Speed 50Mbps, Unlimited
    Gift: None
  • Post Office £20.90 (*37.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • TalkTalk £21.95 (*36.00)
    Avg. Speed 38Mbps, Unlimited
    Gift: None
  • SSE £22.00
    Avg. Speed 35Mbps, Unlimited (FUP)
    Gift: None
  • xln telecom £22.74 (*47.94)
    Avg. Speed 66Mbps, Unlimited (FUP)
    Gift: None
Prices inc. Line Rental | View All
The Top 20 Category Tags
  1. BT (2585)
  2. FTTP (2355)
  3. FTTC (1700)
  4. Building Digital UK (1643)
  5. Politics (1488)
  6. Openreach (1467)
  7. Business (1288)
  8. FTTH (1164)
  9. Statistics (1129)
  10. Mobile Broadband (1086)
  11. Fibre Optic (994)
  12. Ofcom Regulation (946)
  13. Wireless Internet (944)
  14. 4G (941)
  15. Virgin Media (890)
  16. EE (616)
  17. Sky Broadband (615)
  18. TalkTalk (594)
  19. Vodafone (556)
  20. 3G (424)
New Forum Topics
»
Latency with IDNet
Author: BigAlbert
»
Zen latency
Author: BigAlbert
»
»
Online gaming / ping
Author: BigAlbert
»
Gigacube users?
Author: hexdex
Promotion
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms , Privacy and Cookie Policy , Links , Website Rules , Contact