EFF Releases Tool For Testing ISP Interference 96
Placid notes that the EFF has announced Switzerland, a tool for testing if your ISP is interfering with your Net connection (e.g. by resetting BitTorrent transfers). It's command-line only at this point. Of course the tool is FOSS, and you can contribute to it via its SourceForge project. From the announcement: "Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs, and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets."
Somewhere... (Score:4, Funny)
A dozen Blackberrys are ringing.
Look, Tim. I know it's Saturday but I need you to get to the switching center and shut down project ticktock right away. We're about to have some serious liability issues with it.
After the weekend we can start on a workaround.
Re: (Score:1)
Ok, not much luck under windows so far. got an NTP error that I can't get around. Bored now. Moving on.
Re: (Score:3, Informative)
Python under win32 is a little on the odd side, i got it to work under cygwin python, Charter Com, in St. Louis Missouri, Doesnt Packet Shape, but the DNS Redir to a search engine is annoying.....
Re: (Score:1)
thanks. Actually haven't tried anything with cygwin, and it looks very interesting.
Re: (Score:1)
Re: (Score:2)
Looks like their server is having problems. I set up one at apollo.kynisk.com, but it would appear that I need *other* clients too, not just myself. Feel free to try it ;)
Re:HA! (Score:5, Funny)
Hey, who let their cat near the keyboard?
Warning to non-tech people (Score:1, Informative)
This things require root and I am not knoledgable enough to investigate the source code.
As I have not suitable testing environment, I will have to wait trusting Ubuntu or Debian for a pre-packaged version.
I strongly advice you, non-techy, non-programmer to be patient and wait a bit your Linux distribution or vendor to provide a package.
Re:Warning to non-tech people (Score:5, Interesting)
But it's from the Electronic Frontier Foundation! If you can't trust them to be non-evil, who can you trust?
Re:Warning to non-tech people (Score:5, Insightful)
If you can't trust them to be non-evil, who can you trust?
Completely? No one. Not even yourself.
However, it's likely this tool is relatively safe.
Re:Warning to non-tech people (Score:5, Funny)
However, it's likely this tool is relatively safe
so, working in the insurance industry too eh?
Re: (Score:1)
Re: (Score:2, Funny)
you just got trolled
Re:EFF not trustworthy (Score:5, Informative)
As with anything, there are ups and downs to a ruling... sure, Comcast may start charging by the bit and so forth. However, the big reason the EFF went after them was because they were forging packets, including the RST packets, and otherwise impersonating users on the bittorrent protocol.
The EFF was never saying they can't use traditional QoS on their network... they're saying companies need to reign in "bandwidth hogs" (as you put it) using protocol-agnostic methods, and they certainly shouldn't be forging any traffic.
Full disclosure: I'm a paid, card-carrying member of the EFF. Just gave them another $15 a week ago.
RST packets (Score:1, Troll)
The use of RST packets to administratively terminate connections goes back more than 15 years. I know, because my ISP has been doing it for that long -- as have many, many others. (The WebSense software has also been doing it for nearly that long.) It's a reasonable and in fact common practice. We started doing it back in the days of dialup... specifically to protect dialup users' privacy. When a dialup user hangs up, it's possible for the next caller on the same line to receive packets, containing private
Re: (Score:2)
I happen to agree with him, though.
You should not be targetting specific protocols or applications.
Also, i've had, and continue to have, RST forgeries on my comcrap account on time-sensitive, legitimate traffic to blizzard's servers.. usually when im about to heal the tank in an instance.
It's time to find a new QOS solution, because this one has gone from necessary to abused.
Re: (Score:2)
Re: (Score:2)
If the ISPs cannot handle P2P users, then they should explicitly make this known when they give the service.
They shouldn't promise a service they cannot actually give.
Also, their problem is the bandwidth used, not the protocol - so why don't they just place bandwidth limits on users, or sell bandwidth?
ISPs and P2P (Score:2)
Re: (Score:2)
ISPs have the right to stop costs from being dumped upon them, and therefore have the right to throttle, block, and/or prohibit P2P.
They have the right to stop costs from being dumped upon them, yes. They don't have the right to block an user from using the connection whatever way he wants. That right coupled to this non-right means they have in fact the right to pass costs to the user. And that's it. Don't block him, just charge him for his actual usage. Result: those using P2P pay more, those not using P2P pay less. Simple and perfectly fair for all parts involved.
Paying more to use P2P (Score:2)
Re: (Score:2)
My preference is for metering by the bit. This would lead ISPs to provide as much bandwidth to their users, and to as many users, as materially possible, instead of the layered system we have nowadays. After all, more bandwidth = a more enjoyable online experience = more time spent in front of computer downloading and uploading = more profits.
There's no reason to treat bits differently from, say, electricity, gas or plumbing. It's a commodity. Use more, pay more. Short on money? Use less, pay less. REALLY s
Re: (Score:2)
My preference is for metering by the bit. This would lead ISPs to provide as much bandwidth to their users, and to as many users, as materially possible, instead of the layered system we have nowadays. After all, more bandwidth = a more enjoyable online experience = more time spent in front of computer downloading and uploading = more profits.
what a crock.
If they charged by the bit you bet your life they'll charge a lot more than they do now. For an example of metering applied to a service which, unlike your examples, are NOT utilities whose prices are heavily regulated by the government, see: american cellular providers.
Only the wealthy will have "free access" to the internet under such a regime. Those who actually have to budget monthly will avoid places like youtube, MMORPGs, xbox live, netflix, etc...
You want to say "but they do it abroad",
Re: (Score:3, Insightful)
If they charged by the bit you bet your life they'll charge a lot more than they do now.
Nope. In fact, anywhere I can find a service under a "pay as you go" system, I subscribe to it instead of to the seemingly "cheaper" layered system provided by other companies. And guess what? In all cases I invariably end up paying less monthly than in the cheapest "fixed price" service provided by a competitor, all coupled to an absolutely outstanding service, since it's in the interested of a pay-as-you-go service provider that you use more of its services, not less, so they keep their customer service t
Re: (Score:1)
> ISPs have the right to stop costs from being dumped upon them, and therefore have the right to throttle, block,
> and/or prohibit P2P. If they can't, your bill will have to go up, because the ISP has to at least break even to
> keep providing you with service.
My ISP has a contract with me. They promised a service for a length of time, and are obliged to provide it. We can renegotiate when the contract is up.
I'm currently guaranteed service at 1500 inbound / 384 outbound which is unlimited, good 24
Re: (Score:1)
I was hoping Comcast would make BitTorrent the killer app for popular adaptation of IPsec. There is a solution to the problem of TCP packet forgery. We should be using it. With BitTorrent there is even a suitable trusted central authority for key exchange; everyone trusts the tracker. Keys could be transitory (per swarm) or permanent (if desired) for registered users.
Re: (Score:1)
Network neutrality just means that they can only block bandwidth hogs by the bandwidth they use, not the type of traffic they use.
If you happen to use live linux cds and have comcast, you can see exactly why they need network neutrality. The only way to get them close to release time is via bittorrent since the ftp/http mirrors are either out of date or user capped.
Behavior is as important as bandwidth (Score:2, Interesting)
Re:Behavior is as important as bandwidth (Score:5, Insightful)
There is a very simple, non-technical argument against all of this. I pay my ISP for a certain amount of bandwidth. This connection is not metered in any way, other than having a limit to the total amount of bandwidth available at any one time. It is an "unlimited" plan. It suited my ISP to offer this deal, and it suited my needs to accept and purchase it. Other users of this ISP have similar if not identitcal arrangements. Whether it's BitTorrent, running an FTP server, real-time video, or whatever, the principle here is that if anything that another unrelated user does can reduce the quality of my connection, then my ISP has failed because they have oversold their capacity. Everything you said about how multiple BitTorrent streams greatly increase the latency of applications like VoIP is quite reasonable, if you are talking about MY bittorrent client causing latency for MY VoIP client, but that is not what we were discussing.
... oh, unless you use an application we don't like, then we'll sanction you" is hypocritical the same way that saying "you have the right to free speech ... oh, unless you say something we don't like" is hypocritical.
Now, if ISPs decide they want to meter their connections (say, by the megabyte or gigabyte), or that they won't carry certain types of traffic, then let them announce this to their customers. If their customers decide they want to continue paying for this, great. If they don't, too bad. But what is happening right now, where ISPs want to sell "unlimited" connections and then surreptitiously place limits on them and screw around with my traffic to conceal the fact that they are overselling their capacity (and/or refuse to upgrade their equipment) is unacceptable. This is unacceptable whether TCP fails to manage this type of network congestion, whether BitTorrent really is a bandwidth hog, whether an RST is a good way to deal with that, blah blah -- you're getting caught up in minutia and missing the real point. Saying "you're free to use this connection as you please
Re: (Score:1, Troll)
Re: (Score:2)
I said it was unmetered. That's not the same thing as unlimited bandwidth/throughput, which is why I don't get 10,000,000 gigabytes per second. There is a reason why I put "unlimited" in quote marks in my previous post; the term has a well-known meaning within this industry (particularly for someone
Re: (Score:1)
[1] bandwidth shaping, account cancellation, whatever.
Re: (Score:2)
I mentioned free speech at all only as an analogy. I said that saying "you have the right to free speech ... oh, unless you say something we don't like" is
Re: (Score:1)
I mentioned free speech at all only as an analogy. I said that saying "you have the right to free speech ... oh, unless you say something we don't like" is hypocritical, which is true. I likened that to an ISP that has a user agreement which does not forbid any protocols or any forms of traffic,
Hmmm, let's call them Strawman Data ISP Inc. I've never seen an ISP that doesn't forbid some protocols or forms of traffic.
and then having that ISP covertly forge packets in order to forbid protocols or forms of traffic that they don't like, which is also hypocritical. The correct, non-hypocritical way for an ISP to proceed is either to keep the user agreement the same and never screw with users' traffic, or, openly spell out in the user agreement what they will and will not allow and follow it to the letter.
Or, perhaps, to ignore requests by bitTorrent for increased priority.
Whether I enjoy it or not, and I don't, I am forced to conclude that either you're dense and you sincerely believe that I was claiming that this is a free speech issue or you are deliberately using a straw man argument.
Me using a strawman? I wasn't the one drawing the analogy.
Re: (Score:2)
I never made the claim that there was something wrong with forbitting some protocols or for
Re: (Score:1, Informative)
OK, this is somewhat of a network techie/geeky thing, but you can hog the network even if your bandwidth is capped.
This issue isn't about capping, it's about fair-queuing.
This is due to a flaw in TCP, which does very weak, per-flow congestion avoidance.
No, this is due to a limitation in TCP. But that isn't the point. You are presenting a strawman argument, namely that "neutrality" means relying upon users to play nice (i.e. no fair-queuing). While using such a strawman would probably gain traction in a non-technical forum, it isn't going to get you very far here.
BitTorrent, which is used for downloads that are not time critical, seizes priority over other traffic such as VoIP, which really needs real time performance.
That's what the IPTOS_* bits in the IP header are for. Of course, you need to provide some incentive for users not to automatically req
Re: (Score:2)
Re: (Score:3, Funny)
Forth Amendment
I thought the code was Python...
Easy peasy (Score:2)
Re:Warning to non-tech people (Score:5, Informative)
Yeah, all tools that do tcpdump/Wireshark-style packet inspection require root (you don't want normal user programs sniffing everything). It's true that it's alpha quality code that does TCP communications, so it's a good idea to not leave it running all the time, and/or wait until a beta version has been released.
A bigger issue is that some of your sniffed packets are sent in the clear to EFF, so 1) it's possible that a third party could sniff those few packets (but it's only a handful of packets, but it could still cause problems, and 2) if you use EFF's server, you have to trust EFF with the handful of sniffed packets you send them (but you can run your own server). It's too complicated to summarize in a few sentences, see the README.txt in the package.
They do say they'll fix the issue that third parties could sniff your packets though (by doing the obvious thing and encrypting them between endpoints), so again, waiting for a later version might be a good idea.
Debian (Score:2)
Re: (Score:2)
This things require root and I am not knoledgable enough to investigate the source code.
paranoid much?
As I have not suitable testing environment, I will have to wait trusting Ubuntu or Debian for a pre-packaged version.
install it in a VM. why do you trust the noobuntuan devs more than EFF? do you even know what EFF is?
I strongly advice you, non-techy, non-programmer to be patient and wait a bit your Linux distribution or vendor to provide a package.
thanks.
Re:Warning to non-tech people (Score:4, Insightful)
Debian's not exactly the most trustable team considering they INTRODUCED a bug into what I'd consider the most important to security package there is(OpenSSL).
When the people who are responsible for verifying the security of a package add their own exploit, and nobody finds it for many months of heavy use.. you sort of just tore down your web of trust.
What? (Score:4, Funny)
Re:What? (Score:4, Funny)
close... (Score:5, Funny)
Windows are holes in walls or computers.
Re: (Score:1)
Re: (Score:2)
holes in (walls or computers)
not:
(holes in walls) or computers
Re: (Score:1)
In Switzerland, does the cheese have windows?
- RG>
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
It is. So it's a stupid name for the project, because it makes it harder to search for it. When will people learn that unique names make you easier to find?
It may be a lame name, but I don't think for that reason. I don't think your reason is a problem.
It is item #2 in a search for "switzerland ISP", #1 for "switzerland packet", #1 "switzerland interference", #1 for "switzerland software". The keyword phrases are entered into Google without the quotes.
Re: (Score:1)
It is.
Yes... I know. It was a joke, thus why it was rated funny.
Re: (Score:2)
Re: (Score:1)
The download link (Score:5, Informative)
Re: (Score:2, Funny)
Hey, that's me!
Re: (Score:3, Funny)
If I wasn't so lazy, I'd flame you.
Re:The download link (Score:5, Informative)
This is going to change fast so it might be a good idea to download directly from the repository:
svn co https://switzerland.svn.sourceforge.net/svnroot/switzerland [sourceforge.net] switzerland
Enjoy!
Meta? (Score:2)
hm... my svn co reported host not found /.ed?
Is the repos
Or is my ISP helpfully filtering -- ahem -- suspicious traffic for me?
From the Install ReadMe (Score:4, Informative)
Switzerland is alpha software. Remarkably, it runs on lots of different operating systems (we've seen it work on Linux, OS X, BSD and Windows XP), but because it's alpha software we can't promise that it's easy to install on all of these operating systems. We're looking for volunteers to help with a Windows installer!
So for those looking for an easy install in Windows, you won't find it yet. Seems like cgywin under Windows XP is indeed the way to go.
Re: (Score:1)
Re: (Score:1)
Also, after reading a few of the posts with those that DID have difficulty, those that used cgywin as I stated earlier did not have issues with it. Those that tried to follow the directions for windows without using cgywin DID encounter issues such as this guy. [slashdot.org]
Kudos for the
Re: (Score:1)
mehh (Score:5, Funny)
I'm working on a much more straightforward app that will be nearly as accurate on a large scale - it just scans your ip address and matches it against a list of known comcast ip classes - a hit means you're being throttled!
Re: (Score:1, Redundant)
does this deal with throttling, (delaying packets) or with modifying traffic? (forging RST etc) From what I read it doesn't care about how long your packets take to get there.
Re: (Score:3)
Sadly I can't really laugh at this. I live in Portland, OR. I use to not have a problem, when Ubuntu 8.04 was out, my torrent for that was blazing. I tried to download the updated disc image (mostly to see if Comcast had started to pull their shenanigans) and it starts out blazing then begins to peter out to 10-15k/s
Dicks
Dictionary words make bad project names (Score:3, Insightful)
It is often a bad idea to select a project name that is a common dictionary word. It makes the project almost ungooglable and also dilutes the original meaning of the name -- I wonder if the nation of Switzerland wants to be associated with this piece of software. The global English dictionary namespace isn't running out yet, so we don't need to start reusing words.
Re: (Score:1, Insightful)
I keep hearing people say this but yet no one ever suggests an alternative name, or fails completely at seeing the overwhelming number of projects/products with common names. And of course names like Snargleblad or some other BS are oh so easy to remember.
Ever think maybe that Switzerland was chosen for a reason? Perhaps because it is NEUTRAL??? As should be the internet, and this tool helps to determine if you ISP is in fact neutral regarding traffic management.
Re: (Score:2, Funny)
Re: (Score:2)
Ohhhhh, I really, really like that one. Snappy, witty and most of all easy to google!
Re: (Score:2)
Re: (Score:2)
It is often a bad idea to select a project name that is a common dictionary word. It makes the project almost ungooglable and also dilutes the original meaning of the name -- I wonder if the nation of Switzerland wants to be associated with this piece of software. The global English dictionary namespace isn't running out yet, so we don't need to start reusing words.
Yes, this is a fair point and we talked about changing the name before launch for this reason. But despite a lot of brainstorming, we couldn't think of a better name. If you want to search for Switzerland, add a word like "eff" or "isp" or "packet" or "network" to your google search. Maybe if we're successful enough we'll end up on the first page of results for a simple "switzerland" search at some point.
will they catch me?? (Score:1)
I have been ordering stuff from Red China over the Internet and paying with $ dollars.
Along the same lines... (Score:5, Informative)
There are a few packages available on the Network Neutrality Squad's website [nnsquad.org]:
(These were mentioned on Slashdot a little while back)
ttestx01 - spoon feed on ubuntu (Score:1)