An anonymous reader writes "Comcast has been singled out as discriminating against filesharing traffic in quantitative tests conducted by the Associated Press. MSNBC's coverage of the discovery is quite even-handed. The site notes that while illegal content trading is a common use of the technology, Bittorrent is emerging as an effective medium for transferring 'weighty' legal content as well. 'Comcast's technology kicks in, though not consistently, when one BitTorrent user attempts to share a complete file with another user. Each PC gets a message invisible to the user that looks like it comes from the other computer, telling it to stop communicating. But neither message originated from the other computer -- it comes from Comcast.'" This is confirmation of anecdotal evidence presented by Comcast users back in August.
I know that people are always bitching about how long (45 minutes+ for some people I know) it took them to download a patch... While at the same time I've been able to download patches over my non-Comcast connection at over 2MBytes/second... I don't know that all of those people have comcast, but I know that some of them do.
They're basically doing this with a "man in the middle" attack by sending false messages to both parties in the communication, pretending to be the other. This is why all net traffic needs to be encrypted and signed.
Just because it is their network DOES not give them the right to FORGE IP packets to look as if they come from elsewhere.
That would be like a courier service forging documents from 2 people wanting to communicate saying "Stop sending documents" if they didn't want them to talk. They'd never do something that stupid, and if they did, they couldn't get out of charges by saying they were only forging documents through their service.
Forgery is illegal. Someone who had a forged RST packet sent in their name should have forgery charges pressed and sue for impersonation.
A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.
A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.
Sure you could modify the source to ignore the RST flag, but that would probably completely hose your networking, since it's sort of an integral part of TCP/IP functioning. Sometimes the packet with FIN set does get lost.
I guess it might work for a while until you ran out of memory for tracking state of all the connections that never close.:D
Now maybe the "net neutrality isn't important because we can trust giant corporations not to screw their customers crowd" will shut up. Of course, the people getting paid to lobby or keep those bills out of Congress won't change their mind, but maybe regular people will. And that's a step in the right direction.
This story does make me wish I was not boycotting Comcast already though, so I could boycott it for this.
Now maybe the "net neutrality isn't important because we can trust giant corporations not to screw their customers crowd" will shut up. Of course, the people getting paid to lobby or keep those bills out of Congress won't change their mind, but maybe regular people will. And that's a step in the right direction.
This story does make me wish I was not boycotting Comcast already though, so I could boycott it for this.
Actually, this will hurt net neutrality because everyone is getting QoS confused with Net Neutrality!
QoS is legal, and it should exist. Prioritizing classes of traffic is OK, provided the classes are generic classes of traffic (e.g., email, web, ftp, p2p, voip, etc).
Net Neutrality is compatible with QoS. What Net Neutrality proponents want isn't avoidance of QoS, but to prevent deals where if you use Windows Live Search, it comes up instantly, while if you use Google, you'll find yourself waiting a good minute for the frontpage to load up. I.e., both use the same class of traffic (web), but service is differentiated based on who can pay.
So Comcast causing Bittorrent problems is OK for Net Neutrality. But if Comcast suddenly lets Blizzard's WoW updates unimpeded while causing problems for say, Linux ISO torrents, then that conflicts with Net Neutrality.
Basically, like traffic should be treated alike. But unlike traffic may be treated differently. So if Comcast charged an extra $10 for enhanced VoIP QoS, that's OK, as long as it's for all VoIP, not just say, Vonage only, or Skype.
Net Neutrality opponents like to bleat the Anti-QoS line because it's the easiest way to spread FUD, when they really mean "Google, pay us, or we'll make your page take ages to load, while making Windows Live Search load instantly".
If one wishes to find a legitimate example of bittorrent sharing of legitimate files, one need look no further than the largest MMORPG on the market - World of Warcraft. Patches are automatically (assuming the user doesn't disable the feature) downloaded using bittorrent. And Blizzard is more than aware of and approving of this, given that they programmed the feature. Needless to say, I think any internet service provider who disrupts a consumer's legitimate use of their internet connection is a service provider that doesn't deserve the consumer's money...
In my experience, bittorrent transfers are much faster on my Comcast connection when I choose to encrypt them. That suggests to me that Comcast is indeed throttling normal bittorrent traffic.
Given the nature of the "man-in-the-middle" approach they've taken here, it won't be long before they try to foil the encryption, too.
That's the entire premise of a man-in-the-middle attack - give both sides false keys, but hang onto the false keys and the real keys yourself, then encrypt/decrypt accordingly with appropriate keys in each direction to keep them oblivious to your presence.
Taking a stance like "well at least we still have encryption," rather than fighting for your rights is extremely dangerous. People keep saying "they aren't a common carrier, so they're within their rights."
What the hell? When is it within a carrier's rights to WILLFULLY LIE ABOUT OR MODIFY the correspondence or transmission they've been entrusted to carry? If the US postal service opened your mail and scribbled out sections of your letters, would you still feel so copacetic about things? I know I wouldn't....
This is a step towards being subjugated exactly like China. Step 1) Comcast imposes "totally legal" restrictions on internet traffic. Step 2) United States Government makes deal with Comcast to be sole provider for govt networks. Step 3) Congress passes legislation to help put other providers out of business. Step 4) Comcast becomes primary provider in US. Step 5) Government officials give kickbacks to Comcast to regulate "perfectly legally" what internet traffic is allowed to pass. Step 6) The US is adopted by a loving family, with an older brother named communist China.
Okay, so it's a stretch.... but this IS the beginning of a violation of rights. There is no shortage of evidence that the constitution was created to protect people from violations such as this, EVEN if you've agreed to it!
Why do you think we don't allowed indentured servitude anymore? It was a contract that was entered into willfully..... The law is there to PROTECT people from jackass people/companies like Comcast who try to decide that it's within their rights to violate peoples' rights, just because the law says they can.
To quote the declaration of independence.
That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed.
WE ARE THE GOVERNMENT. Whether we like it or not - those elected officials were picked BY us from AMONG us. If we are too stupid to choose people who will do something about it (and if we are unwilling to run for office ourselves) then we are consenting to whatever happens!
This is exactly a situation where if what Comcast is doing is "legal" it's time to enact some legislation to ensure that this kind of completely unethical behavior (which SHOULD be illegal) never happens again.
The law is(read: SHOULD BE) there to protect you and me, not big business. We have a congress, and not a king, for just this sort of situation.
Help me Obi-wan Kenobi(read: voters of the USA). You're my only hope.
If you're using a decent client like uTorrent, Azureus, KTorrent, or Deluge, just check the options.
encryption is useless in this case, however, since bittorrent traffic is obvious to an intelligent packet shaper such as the Sandvine systems that Comcast uses. Bittorrent usage generates a very distinctive signature even if you just look at the volume ant timing of packets. Once it figures out you're using bittorrent, it just needs to send the RST packet, which will have the same effect regardless of encryption: Your client will think that the remote peer closed the connection.
It appears to me that the Sandvine system uses a rudimentary heuristic to decide when something should be blocked. One can trigger the RST packets merely by making a few inbound connections to a Comcast IP. I have been unfortunately been triggering it for several months now by connecting to a machine at home with SSH. It will allow a few connections, (like, maybe 5-8 or so in a 30 minute period of time), before it shuts down *all existing TCP sessions that are inbound on the IP* and apparently *all* attempts at additional incoming connections to the IP in question. This lasts for some period of time around 30 minutes to an hour, then things work normally again. I've had to rewrite my file synching scripts so that they use SCP over a single SSH tunnel -- everything goes over one SSH connection, which I keep open the whole time I might need to transfer something from home. This has solved the problem, but the Sandvine system is anything but brilliant, and excessively heavy-handed. I had a detailed conversation with a Comcast rep. via the website chat thingy, and at the end, I said something like, "so, if I want to remain a Comcast customer, I have to be willing to deal with Comcast fiddling with my TCP sessions?", to which the rep. replied, "yes, basically." He then tried to upsell me some higher level of service which is $40 more per month than the $50 I am already paying.
I've posted this before, but it's pertinent and bears repeating, it's not just P2P traffic that Comcast is filtering. A sysadmin I know has been blogging on Comcast filtering corporate e-mail traffic as well.
After Comcast loses all their customers to DSL, will they complain about [whatever DSL company]'s unfair monopoly advantage?
This is exceptionally unlikely to happen. The social groups that Slashdot folks circulate in are not the average. I know it's hard to believe, but very few of Comcast's customers give a shit about BitTorrent of p2p, even if they where aware of their existence. Most of Comcast's customers are average low-volume (if at all) computer users who have Comcast to view television, and picked up Interweb connectivity as part of a package.
Comcast has decided that p2p degrades their system, for them it's more of a technical issue than a political one (though I'm sure the **AA Gestapo have been in touch with them).
When I read the words "discriminating against" I assumed that Comcast was simply giving higher priority to non-bittorrent traffic. Given what they are doing, I think "interfering with" would be better language. This isn't just a passive downgrading. This is active blocking.
Whilst I'd be opposed to such an idea being put into practice, why doesn't comcast request that legitimate torrent/tracker sites register with them in exchange for guaranteed non-filtering (similar to proposals against Net Neutrality)? It'd make comcast happy, since they're able to reduce the amount of traffic on their network and say that they provide options for legal P2P. I know that it would likely result in
Comcast is in many different cities - each office running independently of all others. Which offices are blocking bittorrent? I use it all the time, on Comcast, without any trouble. I have more issues at work (with traffic shaping junk) than Comcast. So, I do not see how this is a company-wide problem. It may be something only used in problematic areas.
This is the worst Internet injustice since the last thing that had Slashdot's panties in a wad. And that one was so horrible that everyone forgot about it.
1. What hardware/software would carriers have to use to do this?
2. Can it be defeated?
Fwiw, Rogers cable in Canada is rumored to be doing the same thing (and perhaps more). Michael Geist talks about this on his blog: http://www.michaelgeist.ca/content/view/1859/ [michaelgeist.ca]
Actually, Canadian users should file a complaint about Rogers misleading advertising with the Competition Bureau (not advising purchasers of their high speed service in their advertising that they will lower the speed of P2P apps). I have, and so have others. It really is a question or priorities and complaint volume though, and at present the number of complaints has been very few.
For anyone interested, the Competition Act [canlii.org] and there are numerous sections dealing with misleading advertising. By not advising they public they are actually reducing the speed of P2P apps, they are knowingly making a material misrepresentation to the public (Parts VI and VII.1).
You can file complaints with the Canadian Competition Bureau about Rogers, here [competitionbureau.gc.ca].
If I remember correctly, Comcast says that something like 1% of the user base causes 15% of the bandwidth, etc. Therefore, they throttle the thing that takes up the most bandwidth (torrents), in the name of helping out all the other users.
However, I would love to see stats on what percentage of their users actually use bittorrent. Until someone can prove that more than 1% use it, they can use that argument and 85% of people will shout"Yeah, more bandwidth for me, screw those pirates", without realizing the legitimate torrent uses (such as linux distro rollouts, patches as mentioned before, media defender email leaks, etc).
At leas the media is finally catching on, but until we get people to realizing that it is a slippery slope that affects them, there will not be enough uproar to stop them.
So, if we could only get our hands on how many people use it... we might be able to make some noise. Until then, the average joe will say "So What?"
If I remember correctly, Comcast says that something like 1% of the user base causes 15% of the bandwidth, etc. Therefore, they throttle the thing that takes up the most bandwidth (torrents), in the name of helping out all the other users.
Correction... they throttle in order to get the 15% back and resell it to more users, without having to upgrade existing infrastructure.
Could Comcast be found guilty of fraud law or violating some computer usage law because of this?
On one hand, they're deliberately pretending to be the person you're communicating with (fraud?). On the other they're deliberately degrading performance of a person's internet connection (vaguely DOS-ish), a person one who isn't necessarily their customer.
I work for a VoIP provider and of all our customers, only the people using Comcast have voice brake-up. All other broadband including myself (charter) have perfect quality. It's sad when we get blamed for this when in fact its not our problem. I was on the phone with Comcast many times over just to get them to clear the problem up so my sister could have good VoIP quality. It still has problems here and there but at least its good now for the most part.
BTW, This has gotten worse ever since Comcast started offering VoIP.
So, since, as it appears, they are sending spoofed packets... Couldn't you claim unauthorized access to your PC, impersonation of another person, and forgery of information... or something along those lines. Its certainly illegal to pretend to be someone else as a person, maybe not in and of itself, but as soon as you do something to harm one of the parties involved (thinking identity theft).
I just can't believe that somewhere along the lines there hasn't been a law made that makes spoofing illegal, they are claiming to be someone/something else to which you have agreed to communicate with.
Of course, if its not actually sending packets as if they came from the peer, then its a different story.
... if Comcast is essentially attempting to disable Bitorrent, are they by any chance either violating or subverting one or more RFCs? Substitute the proper term for 'violating', that was the strongest word I could come up with quickly.
I recall that in the Early Days of the Internet, not abiding by the RFCs would get you in hot water. Especially screwing up with SMTP would do it, but even bad behaviour due to your incompetence would get your T-1 unclocked, and it would take a few calls to the powers that be to assure them that you found someone who knew what they were doing and that problem wouldn't occur again. At least not for a while.
My point is, perhaps it's time for the other Internet providers to consider requiring Comcast to not mess with traffic in this way, or sanction Comcast.
Sanctions could be as graduated as throttling at the NAPs, degrading Comcast traffic, even disconnects.
Some providers have a stake in this. If the legal Bitorrent users (WoW for instance) get a crossed hair over this, why would they not ask their providers to pressure Comcast into stopping this?
Ultimately, this may be Comcast clinging to their ToS and 'server' restrictions, and that would mean Comcast users won't be sharing out Bitorrent files. Bummer.
Another wrinkle, I wonder if Comcast sends forged RSTs to Comcast users sharing with *other* Comcast users. Intranetwork traffic shouldn't 'cost' so much for Comcast.
My theory is simple - Imagine if ISPs started throttling or denying traffic from Akamai, because of the volume... What a mess. And while Bitorrent is used for all sorts of purposes, so is SMTP. So if they think the illegal use of Bitorrent is sufficient excuse for them to deny it, why don't they throttle/deny SMTP, since simple spam is bad enough, but the emails of worms/trojans/scams also are objectionable. even arguably illegal. And certainly harmful, to users and the Internet. Maybe even Comcast.
Of course, that's not the point. Comcast is trying to avoid costs due to the volume of Bitorrent traffic that leaves them paying for NAP ports, lines to other ISPs, and routers/switches to manage all this.
In other words, they are trying to control costs by controlling usage.
One of the reasons I got out of the business pre-2000. Couldn't make a profit with my business model. Network costs were too high.
Well, another option is to surcharge high-volume users. Or charge more to afford to provide the service ostensibly advertised.
It's not often I can be happy to have Cox Cable. My Qwest DSL before just sucked, but the traffic got through.
Good luck. My bet is the best avenue is a class-action over either false advertising or Magnuson-Moss.
Source quench [wikipedia.org] is an ICMP message, similar to destination unreachable but less severe. It's a way for a host to tell another host (or router) that it's sending data too fast for it to process and should back off. It was an early attempt at preemptive traffic control to throttle back before something has to start dropping packets.
There's not a whole lot of equipment that sends them, but pretty much every OS I've come across honors the messages to some extent. I don't know if the cheap NAT routers that many people use pass them along or not, though NAT in general tends to be fairly broken when it comes to ICMP.
If a man in the middle were to spoof ICMP source quench packets that looked like they came from either of the p2p nodes that were communicating, the effect would be that they would start sending data more slowly to each other. The connection would still be open, they just wouldn't transmit as fast as they could.
After reading the article it became clear that what Comcast is doing is much more evil. They're setting RST flags on packets (or maybe spoofing new packets in the right segment range with it set), which causes the entire connection to abort rather than just be slowed down. It could cause a lot of grief if their filter misidentifies something as p2p and starts shutting down the connections, as apparently happens to Lotus Notes [blogspot.com] traffic.
That last link has some good packet dumps of it happening.
From wikipedia [wikipedia.org]: "Internet Service Providers generally wish to avoid being classified as a "common carrier" and, so far, have managed to do so. Before 1996, such classification could be helpful in defending a monopolistic position, but the main focus of policy has been on competition, so "common carrier" status has little value for ISPs, while carrying obligations they would rather avoid. The key FCC Order on this point is: IN RE FEDERAL-STATE JOINT BOARD ON UNIVERSAL SERVICE, 13 FCC Rcd. 11501 (1998), which holds that ISP service (both "retail" and backbone) is an "information service" (not subject to common carrier obligations) rather than a "telecommunications service" (which might be classified as "common carriage")."
In their (partial) defense, their business model is probably something like:
- Offer a huge bandwidth that most people won't use
- Some will use it, costing us more than we charge, but that's overwhelmed by increased business by people who want the bandwidth from the ad while not actually using it
But then this happens:
- Whoops! File sharing is a Killer App that many people are using.
- On average we are now losing money.
Of course, the proper course of action is to alter their contracts (after the current ones expire) to charge more money for more use, perhaps in various rates. Yes, that will drive people to other companies who don't do this...who will also lose money.
Let the market figure it out.
Anyway, wouldn't generating fake signals to alter the operation of your applications be illegal? That's above and beyond throttling or blocking (gray enough as it is.)
This is nonsense. If you have any backing for your claim that the internet somehow relied on asymmetrical bandwidth selling, [citation needed], because your presentation doesn't add up. (I certainly don't have any clue how it works behind the scenes, but your description of the endpoints sounds silly.)
Enter P2P, and now there's a lot of data being transferred between the users, with noone paying for it.... we're all on flat rate, so noone pays. Every 1 MB I download is 1 MB that Blizzard didn't pay for.
But somebody somewhere is uploading that data that's being downloaded. It's not magically coming from nowhere. If the trick is that the cost of bandwidth is supposed to be shouldered by the uploaders, then it's shouldered by the uploaders, and it doesn't matter if it's being downloaded by p2pers or anything.
Which you vaguely get at later in your reply, but this sort of comment is nonsense: "Legal" BitTorrent transfers tend to fall in that category. Someone thought he's smart if he, basically, cheats the ISPs of the bandwidth price. Instead of putting the file on a site and paying for the bandwidth, now he leaves it to a bunch of users that the ISP can't figure out how to bill for it. Nobody posting legal files thinks anything like they're "cheating"! Even if your theory is true, nobody out there knows it, so how could they think they're cheating? They think they're 'spreading the load' somehow. They're using 'available bandwidth' that's not being used for anything.
Then you say:
2. To make things work, paying for the receiving end too was based on oversell and... well, a self-throttling sharing scheme.
Ok then. If all download bandwidth requires corresponding upload bandwidth, and p2p uses "average users'" upload bandwidth, and upload bandwidth for "average users" was oversold... then that means your argument ends up being "broadband vendors oversold bandwidth"! (Just that it's upload bandwidth, not download bandwidth like everyone thinks.)
But this all hinges on a rather bizarre claim about how bandwidth is sold (by upload bandwidth only) that does things like ignore people in the middle... it may be true but your presentation is so sloppy that it doesn't seem trustworthy at all.
You can take it as an example of a problem their own massive oversell created, if it makes you feel any better.
Yeah, gee, I think I'll do that, since that's what your argument boils down to.
I appreciate your effort to view all sides of this issue and bring
balance to the discussion. Unfortunately your points are utter
hogwash.
The pricing model for ISP's was based on the idea that the
provider of that content paid for the bandwidth. That's why you can get a flat rate, in a nutshell.
It's based on the users of bandwidth paying for that bandwidth.
How do you explain consumer-only ISPs that don't host content? How do
they stay afloat?
Enter P2P, and now there's a lot of data being transferred
between the users, with noone paying for it. If I download a WoW patch
from Tom, Dick and Harry -- the WoW patch downloader being a modified
BitTorrent client -- we're all on flat rate, so noone
pays.
Tell me how "flat rate" equates to "noone[sic] pays". ISPs charge
the cost of their bandwidth divided by the number of customers, plus a
little on top for their operations.
Keep in mind that all connections have bandwidth limits, and most
have monthly transfer limits. (The latter should be treated as
fraud by the courts; ISPs love to shout "unlimited!"
in their advertisements. But that's a separate discussion.) If you
start transferring a lot, uploading or downloading, you have to get a
higher-priced account or pay for the extra data transferred a la
carte.
Someone thought he's smart if he, basically, cheats the ISPs of the
bandwidth price. Instead of putting the file on a site and paying for
the bandwidth, now he leaves it to a bunch of users that the ISP can't
figure out how to bill for it.
Please. If I am a thoughtless user and I create a giant 10MB
dancing hamster video and mail it to my friends, and they start
forwarding it around, am I "cheating the ISPs"? (Collectively, by the
way... since when does everyone have to start considering the
welfare of every business out there? What happened to capitalism?)
The ISPs absolutely can figure out how to bill for it: charge by
connection time or by quantity of data transferred. Look at business
accounts; they have detailed billing for "burst" and "sustained"
transfers, transfer limits, and more. What they can't figure out is
how to avoid getting hoist by their own petard, after they made fun of
AOL for those practices, and then repeated AOL's mistakes.
What BitTorrent does, though, is best described as "not
playing nice" in that sense. It will keep opening more and more and
more connections until it fully saturates those 6 Mbit/s, everyone
else be damned.
So what are those "max connections" and "max bandwidth" settings
I've seen in every BitTorrent client I've ever used?
Now again, I'm not saying that Comcast and the gang are
doing the right thing there. I'm just saying what their problem
is. You can take it as an example of a problem their own massive
oversell created, if it makes you feel any better.
We're in agreement there. But why does your unbiased simple
explanation contain numerous factual inaccuracies which all back up
the terrible business practices and fraud of the ISPs?
What is surprising is that they RST on anything going over TCP from any of their customers to another of their customers. It is not just P2P. Lotus notes gets whacked in a similar manner and so on. Cable Internet Engineering at its best.
But we now have the "Hammer" method. Boycott the bastards, no matter what the cost. Then when the people we use as an alternative to Comcast start to mess with us, just DROP them too.
What a great idea! Okay, let me see, what's my alternative to Comcast? I know, DSL! Oh, wait, my house is too far from the CO, and AT&T isn't interested in expanding service in our location. Okay then, I'll go to FiOS! Oh, wait, it isn't available in my state. Alright, how about a satellite service? What's that? Half-second lag times? Well, that just about destroys any gaming or VoIP links, and costs a ridiculous amount in both startup and monthly costs, so that's out... Wireless? Nope, nothing in our area.
My choices are literally dial-up, Comcast, or nothing. And dial-up and nothing aren't really options because I often have to VPN into my office from home.
Ah yes, simple market response. I can choose any broadband provider I want, as long as it's Comcast.
See if Earthlink offers cable Internet through your cable system. They do where I am. Earthlink has it's own gateways, etc. They have better policies. They allow low-bandwidth servers on a residential connection. And no, I don't work for them.
Except for the fact that vast tracts of the good ol' US are exactly like he's describing. As soon as you move out of a major metropolitan area, your options start to get extremely limited.
I'm well within the Chicago metropolitan area, and have exactly his options.
AT&T has tried to sneak in some fiber into the area (Project Lightspeed), but continues to run into problems with deals local governments sign with Comcast. Namely, a $300k fee that villages charge new service providers and the requirement that telecom companies provide some sort of local service (i.e., local government access channels). AT&T says they're a utility and shouldn't have to pay that fee.
If Motorola's WiMAX manages to do something, they may be an option in the mid-term future. I'm not holding my breath.
Oh, yeah, I'm a whole thirty miles out of downtown Chicago. Holy cow, I must be plowin' fields n' chawin' tobbacky! GIT ON THE TRACTOR, MA! WE'S A-GOIN' TO SEE THEM THAR CITY FOLK!
Or in cases like this, when there is no one else to go to.
Comcast thrives in broadband because in many regions it is your only choice. You can't get alternative cable modem ISPs and DLS is not always available. Market forces are unlikly to effect them much.
Nope. This has been discussed ad nauseum already, but Comcast (and Sandvine, which they are in all likelihood using) isn't looking at the actual data, it's looking at the overall pattern of traffic. It is still going to send RST packets, regardless of whether or not your connections are encrypted.
Any World of Warcraft users... (Score:5, Informative)
Just wondering since WoW uses Bittorrent to distribute its patches (one example of a very legitimate use).
Re:Any World of Warcraft users... (Score:4, Interesting)
</anecdote>
Parent
Encrypt Everything (Score:5, Insightful)
Re:Encrypt Everything (Score:4, Interesting)
Are they allowed to do the same thing with Skype (or anything else they want) and tell the other side I want to disconnect? Where is the legal line?
Parent
Illegal forgery and defense (Score:5, Interesting)
Just because it is their network DOES not give them the right to FORGE IP packets to look as if they come from elsewhere.
That would be like a courier service forging documents from 2 people wanting to communicate saying "Stop sending documents" if they didn't want them to talk. They'd never do something that stupid, and if they did, they couldn't get out of charges by saying they were only forging documents through their service.
Forgery is illegal. Someone who had a forged RST packet sent in their name should have forgery charges pressed and sue for impersonation.
A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.
Parent
Re:Illegal forgery and defense (Score:5, Insightful)
Also probably very silly to do. And won't work unless both ends of the communication are doing it.
Parent
Re:Illegal forgery and defense (Score:5, Insightful)
I guess it might work for a while until you ran out of memory for tracking state of all the connections that never close.
Parent
Re:Illegal forgery and defense (Score:4, Informative)
http://redhatcat.blogspot.com/2007/09/beating-sandvine-with-linux-iptables.html [blogspot.com]
That was linked from the first result (a Digg article) for "iptables DROP RST".
Parent
Good (Score:3, Interesting)
Now maybe the "net neutrality isn't important because we can trust giant corporations not to screw their customers crowd" will shut up. Of course, the people getting paid to lobby or keep those bills out of Congress won't change their mind, but maybe regular people will. And that's a step in the right direction.
This story does make me wish I was not boycotting Comcast already though, so I could boycott it for this.
Re:Good (Score:5, Informative)
Actually, this will hurt net neutrality because everyone is getting QoS confused with Net Neutrality!
QoS is legal, and it should exist. Prioritizing classes of traffic is OK, provided the classes are generic classes of traffic (e.g., email, web, ftp, p2p, voip, etc).
Net Neutrality is compatible with QoS. What Net Neutrality proponents want isn't avoidance of QoS, but to prevent deals where if you use Windows Live Search, it comes up instantly, while if you use Google, you'll find yourself waiting a good minute for the frontpage to load up. I.e., both use the same class of traffic (web), but service is differentiated based on who can pay.
So Comcast causing Bittorrent problems is OK for Net Neutrality. But if Comcast suddenly lets Blizzard's WoW updates unimpeded while causing problems for say, Linux ISO torrents, then that conflicts with Net Neutrality.
Basically, like traffic should be treated alike. But unlike traffic may be treated differently. So if Comcast charged an extra $10 for enhanced VoIP QoS, that's OK, as long as it's for all VoIP, not just say, Vonage only, or Skype.
Net Neutrality opponents like to bleat the Anti-QoS line because it's the easiest way to spread FUD, when they really mean "Google, pay us, or we'll make your page take ages to load, while making Windows Live Search load instantly".
Parent
World of Warcraft (Score:5, Insightful)
Encryption (Score:5, Informative)
Re:Encryption (Score:4, Insightful)
That's the entire premise of a man-in-the-middle attack - give both sides false keys, but hang onto the false keys and the real keys yourself, then encrypt/decrypt accordingly with appropriate keys in each direction to keep them oblivious to your presence.
Taking a stance like "well at least we still have encryption," rather than fighting for your rights is extremely dangerous. People keep saying "they aren't a common carrier, so they're within their rights."
What the hell? When is it within a carrier's rights to WILLFULLY LIE ABOUT OR MODIFY the correspondence or transmission they've been entrusted to carry?
If the US postal service opened your mail and scribbled out sections of your letters, would you still feel so copacetic about things? I know I wouldn't....
This is a step towards being subjugated exactly like China.
Step 1) Comcast imposes "totally legal" restrictions on internet traffic.
Step 2) United States Government makes deal with Comcast to be sole provider for govt networks.
Step 3) Congress passes legislation to help put other providers out of business.
Step 4) Comcast becomes primary provider in US.
Step 5) Government officials give kickbacks to Comcast to regulate "perfectly legally" what internet traffic is allowed to pass.
Step 6) The US is adopted by a loving family, with an older brother named communist China.
Okay, so it's a stretch.... but this IS the beginning of a violation of rights. There is no shortage of evidence that the constitution was created to protect people from violations such as this, EVEN if you've agreed to it!
Why do you think we don't allowed indentured servitude anymore? It was a contract that was entered into willfully..... The law is there to PROTECT people from jackass people/companies like Comcast who try to decide that it's within their rights to violate peoples' rights, just because the law says they can.
To quote the declaration of independence.
This is exactly a situation where if what Comcast is doing is "legal" it's time to enact some legislation to ensure that this kind of completely unethical behavior (which SHOULD be illegal) never happens again.
The law is(read: SHOULD BE) there to protect you and me, not big business. We have a congress, and not a king, for just this sort of situation.
Help me Obi-wan Kenobi(read: voters of the USA). You're my only hope.
Parent
Re:Encryption (Score:5, Informative)
encryption is useless in this case, however, since bittorrent traffic is obvious to an intelligent packet shaper such as the Sandvine systems that Comcast uses. Bittorrent usage generates a very distinctive signature even if you just look at the volume ant timing of packets. Once it figures out you're using bittorrent, it just needs to send the RST packet, which will have the same effect regardless of encryption: Your client will think that the remote peer closed the connection.
Parent
Re:Encryption (Score:4, Informative)
Parent
Not just P2P traffic (Score:5, Informative)
I've posted this before, but it's pertinent and bears repeating, it's not just P2P traffic that Comcast is filtering. A sysadmin I know has been blogging on Comcast filtering corporate e-mail traffic as well.
http://kkanarski.blogspot.com/2007/09/comcast-filtering-lotus-notes-update.html [blogspot.com]
Subtitled: How To Lose Your Customers To DSL (Score:4, Insightful)
Re:Subtitled: How To Lose Your Customers To DSL (Score:5, Informative)
Comcast has decided that p2p degrades their system, for them it's more of a technical issue than a political one (though I'm sure the **AA Gestapo have been in touch with them).
Parent
Title Inapt (Score:5, Insightful)
Registering legitimate files (Score:4, Interesting)
Fix to comcast. (Score:5, Informative)
Almost all up to date bittorrent clients support this.
Doesn't the very act of policing content (Score:5, Interesting)
"Hello, RIAA. I have reason to believe Comcast is allowing illegal music trafficking to occur."
It's Comcastic!
Comcast... Where? (Score:5, Insightful)
I'm outraged! (Score:5, Funny)
On the other hand... (Score:4, Funny)
Question.... (Score:4, Informative)
1. What hardware/software would carriers have to use to do this?
2. Can it be defeated?
Fwiw, Rogers cable in Canada is rumored to be doing the same thing (and perhaps more). Michael Geist talks about this on his blog: http://www.michaelgeist.ca/content/view/1859/ [michaelgeist.ca]
Re:Question.... (Score:4, Informative)
Actually, Canadian users should file a complaint about Rogers misleading advertising with the Competition Bureau (not advising purchasers of their high speed service in their advertising that they will lower the speed of P2P apps). I have, and so have others. It really is a question or priorities and complaint volume though, and at present the number of complaints has been very few.
For anyone interested, the Competition Act [canlii.org] and there are numerous sections dealing with misleading advertising. By not advising they public they are actually reducing the speed of P2P apps, they are knowingly making a material misrepresentation to the public (Parts VI and VII.1).
You can file complaints with the Canadian Competition Bureau about Rogers, here [competitionbureau.gc.ca].
Parent
What would be nice (Score:5, Interesting)
However, I would love to see stats on what percentage of their users actually use bittorrent. Until someone can prove that more than 1% use it, they can use that argument and 85% of people will shout"Yeah, more bandwidth for me, screw those pirates", without realizing the legitimate torrent uses (such as linux distro rollouts, patches as mentioned before, media defender email leaks, etc).
At leas the media is finally catching on, but until we get people to realizing that it is a slippery slope that affects them, there will not be enough uproar to stop them.
So, if we could only get our hands on how many people use it... we might be able to make some noise. Until then, the average joe will say "So What?"
Re:What would be nice (Score:4, Insightful)
Correction... they throttle in order to get the 15% back and resell it to more users, without having to upgrade existing infrastructure.
Parent
Legal action? (Score:4, Interesting)
On one hand, they're deliberately pretending to be the person you're communicating with (fraud?). On the other they're deliberately degrading performance of a person's internet connection (vaguely DOS-ish), a person one who isn't necessarily their customer.
Thoughts?
I don't think this is all Comcast discriminates... (Score:4, Interesting)
BTW, This has gotten worse ever since Comcast started offering VoIP.
Sending spoofed packets (Score:4, Interesting)
I just can't believe that somewhere along the lines there hasn't been a law made that makes spoofing illegal, they are claiming to be someone/something else to which you have agreed to communicate with.
Of course, if its not actually sending packets as if they came from the peer, then its a different story.
This may have been considered already, but... (Score:4, Informative)
I recall that in the Early Days of the Internet, not abiding by the RFCs would get you in hot water. Especially screwing up with SMTP would do it, but even bad behaviour due to your incompetence would get your T-1 unclocked, and it would take a few calls to the powers that be to assure them that you found someone who knew what they were doing and that problem wouldn't occur again. At least not for a while.
My point is, perhaps it's time for the other Internet providers to consider requiring Comcast to not mess with traffic in this way, or sanction Comcast.
Sanctions could be as graduated as throttling at the NAPs, degrading Comcast traffic, even disconnects.
Some providers have a stake in this. If the legal Bitorrent users (WoW for instance) get a crossed hair over this, why would they not ask their providers to pressure Comcast into stopping this?
Ultimately, this may be Comcast clinging to their ToS and 'server' restrictions, and that would mean Comcast users won't be sharing out Bitorrent files. Bummer.
Another wrinkle, I wonder if Comcast sends forged RSTs to Comcast users sharing with *other* Comcast users. Intranetwork traffic shouldn't 'cost' so much for Comcast.
My theory is simple - Imagine if ISPs started throttling or denying traffic from Akamai, because of the volume... What a mess. And while Bitorrent is used for all sorts of purposes, so is SMTP. So if they think the illegal use of Bitorrent is sufficient excuse for them to deny it, why don't they throttle/deny SMTP, since simple spam is bad enough, but the emails of worms/trojans/scams also are objectionable. even arguably illegal. And certainly harmful, to users and the Internet. Maybe even Comcast.
Of course, that's not the point. Comcast is trying to avoid costs due to the volume of Bitorrent traffic that leaves them paying for NAP ports, lines to other ISPs, and routers/switches to manage all this.
In other words, they are trying to control costs by controlling usage.
One of the reasons I got out of the business pre-2000. Couldn't make a profit with my business model. Network costs were too high.
Well, another option is to surcharge high-volume users. Or charge more to afford to provide the service ostensibly advertised.
It's not often I can be happy to have Cox Cable. My Qwest DSL before just sucked, but the traffic got through.
Good luck. My bet is the best avenue is a class-action over either false advertising or Magnuson-Moss.
Comcast != Common Carrier (Score:4, Informative)
Parent
Re:Comcast != Common Carrier (Score:5, Informative)
There's not a whole lot of equipment that sends them, but pretty much every OS I've come across honors the messages to some extent. I don't know if the cheap NAT routers that many people use pass them along or not, though NAT in general tends to be fairly broken when it comes to ICMP.
If a man in the middle were to spoof ICMP source quench packets that looked like they came from either of the p2p nodes that were communicating, the effect would be that they would start sending data more slowly to each other. The connection would still be open, they just wouldn't transmit as fast as they could.
After reading the article it became clear that what Comcast is doing is much more evil. They're setting RST flags on packets (or maybe spoofing new packets in the right segment range with it set), which causes the entire connection to abort rather than just be slowed down. It could cause a lot of grief if their filter misidentifies something as p2p and starts shutting down the connections, as apparently happens to Lotus Notes [blogspot.com] traffic.
That last link has some good packet dumps of it happening.
Parent
Re:Common carrier (Score:4, Insightful)
Parent
Re:Common Carrier (Score:5, Informative)
From wikipedia [wikipedia.org]: "Internet Service Providers generally wish to avoid being classified as a "common carrier" and, so far, have managed to do so. Before 1996, such classification could be helpful in defending a monopolistic position, but the main focus of policy has been on competition, so "common carrier" status has little value for ISPs, while carrying obligations they would rather avoid. The key FCC Order on this point is: IN RE FEDERAL-STATE JOINT BOARD ON UNIVERSAL SERVICE, 13 FCC Rcd. 11501 (1998), which holds that ISP service (both "retail" and backbone) is an "information service" (not subject to common carrier obligations) rather than a "telecommunications service" (which might be classified as "common carriage")."
Parent
Re:Yea, right (Score:5, Insightful)
Parent
Re:Yea, right (Score:5, Insightful)
- Offer a huge bandwidth that most people won't use
- Some will use it, costing us more than we charge, but that's overwhelmed by increased business by people who want the bandwidth from the ad while not actually using it
But then this happens:
- Whoops! File sharing is a Killer App that many people are using.
- On average we are now losing money.
Of course, the proper course of action is to alter their contracts (after the current ones expire) to charge more money for more use, perhaps in various rates. Yes, that will drive people to other companies who don't do this...who will also lose money.
Let the market figure it out.
Anyway, wouldn't generating fake signals to alter the operation of your applications be illegal? That's above and beyond throttling or blocking (gray enough as it is.)
Parent
[citation needed] (Score:5, Informative)
Enter P2P, and now there's a lot of data being transferred between the users, with noone paying for it. ... we're all on flat rate, so noone pays. Every 1 MB I download is 1 MB that Blizzard didn't pay for.
But somebody somewhere is uploading that data that's being downloaded. It's not magically coming from nowhere. If the trick is that the cost of bandwidth is supposed to be shouldered by the uploaders, then it's shouldered by the uploaders, and it doesn't matter if it's being downloaded by p2pers or anything.
Which you vaguely get at later in your reply, but this sort of comment is nonsense: "Legal" BitTorrent transfers tend to fall in that category. Someone thought he's smart if he, basically, cheats the ISPs of the bandwidth price. Instead of putting the file on a site and paying for the bandwidth, now he leaves it to a bunch of users that the ISP can't figure out how to bill for it. Nobody posting legal files thinks anything like they're "cheating"! Even if your theory is true, nobody out there knows it, so how could they think they're cheating? They think they're 'spreading the load' somehow. They're using 'available bandwidth' that's not being used for anything.
Then you say:
2. To make things work, paying for the receiving end too was based on oversell and... well, a self-throttling sharing scheme.
Ok then. If all download bandwidth requires corresponding upload bandwidth, and p2p uses "average users'" upload bandwidth, and upload bandwidth for "average users" was oversold... then that means your argument ends up being "broadband vendors oversold bandwidth"! (Just that it's upload bandwidth, not download bandwidth like everyone thinks.)
But this all hinges on a rather bizarre claim about how bandwidth is sold (by upload bandwidth only) that does things like ignore people in the middle... it may be true but your presentation is so sloppy that it doesn't seem trustworthy at all.
You can take it as an example of a problem their own massive oversell created, if it makes you feel any better.
Yeah, gee, I think I'll do that, since that's what your argument boils down to.
Parent
Re:Not that simple (Score:5, Informative)
I appreciate your effort to view all sides of this issue and bring balance to the discussion. Unfortunately your points are utter hogwash.
It's based on the users of bandwidth paying for that bandwidth. How do you explain consumer-only ISPs that don't host content? How do they stay afloat?
Tell me how "flat rate" equates to "noone[sic] pays". ISPs charge the cost of their bandwidth divided by the number of customers, plus a little on top for their operations.
Keep in mind that all connections have bandwidth limits, and most have monthly transfer limits. (The latter should be treated as fraud by the courts; ISPs love to shout "unlimited!" in their advertisements. But that's a separate discussion.) If you start transferring a lot, uploading or downloading, you have to get a higher-priced account or pay for the extra data transferred a la carte.
Please. If I am a thoughtless user and I create a giant 10MB dancing hamster video and mail it to my friends, and they start forwarding it around, am I "cheating the ISPs"? (Collectively, by the way... since when does everyone have to start considering the welfare of every business out there? What happened to capitalism?) The ISPs absolutely can figure out how to bill for it: charge by connection time or by quantity of data transferred. Look at business accounts; they have detailed billing for "burst" and "sustained" transfers, transfer limits, and more. What they can't figure out is how to avoid getting hoist by their own petard, after they made fun of AOL for those practices, and then repeated AOL's mistakes.
So what are those "max connections" and "max bandwidth" settings I've seen in every BitTorrent client I've ever used?
We're in agreement there. But why does your unbiased simple explanation contain numerous factual inaccuracies which all back up the terrible business practices and fraud of the ISPs?
Parent
Re:ha (Score:4, Interesting)
Parent
Re:LOL (Score:5, Insightful)
Then when the people we use as an alternative to Comcast start to mess with us, just
DROP them too.
My choices are literally dial-up, Comcast, or nothing. And dial-up and nothing aren't really options because I often have to VPN into my office from home.
Ah yes, simple market response. I can choose any broadband provider I want, as long as it's Comcast.
Parent
Re:LOL (Score:5, Funny)
Nothing says you hate a service more than if you were to rip up the foundation of your life, career, and family just to avoid them.
Parent
Re:LOL (Score:5, Informative)
Parent
Re:you know ... (Score:5, Insightful)
Parent
Re:you know ... (Score:5, Interesting)
AT&T has tried to sneak in some fiber into the area (Project Lightspeed), but continues to run into problems with deals local governments sign with Comcast. Namely, a $300k fee that villages charge new service providers and the requirement that telecom companies provide some sort of local service (i.e., local government access channels). AT&T says they're a utility and shouldn't have to pay that fee.
If Motorola's WiMAX manages to do something, they may be an option in the mid-term future. I'm not holding my breath.
Parent
Re:you know ... (Score:5, Funny)
Parent
Re:LOL (Score:5, Insightful)
Comcast thrives in broadband because in many regions it is your only choice. You can't get alternative cable modem ISPs and DLS is not always available. Market forces are unlikly to effect them much.
Parent
Re:ha (Score:5, Informative)
Parent