Encrypted Traffic No Longer Safe From Throttling 268
coderrr writes "New research could allow ISPs to selectively block or slow down your encrypted traffic even if they cannot snoop on your transmitted data. Italian researchers have found a way to categorize the type of traffic that is hidden inside an encrypted SSH session to around 90% accuracy. They are achieving this by analyzing packet sizes and inter-packet intervals instead of looking at the content itself. Challenges remain for ISPs to implement this technology, but it's clear that encrypting your traffic inside an SSH session or VPN connection is not a solution to protect net neutrality."
Er, no. (Score:5, Informative)
First, encrypted traffic was never safe from throttling anyway. Second, FTA:
"So it seems the use of a tool like this would be limited to an extremely controlled environment where users are limited to a white-list set of network protocols (so that they can't use a different tunneling mechanism, stunnel for example) and only allowed to ssh to servers under the control of the censoring party. In which case you would wonder why the admin wouldn't just set the ssh server's AllowTcpForwarding option to false."
Kinda useless.
They can already throttle encrypted traffic. (Score:5, Informative)
Could be worse. Rogers and Bell, here in Canada, just throttle ALL encrypted traffic.
Re: Italian researchers have also found a way to.. (Score:3, Informative)
Mario Brothers would never be in the packets, as they travel through pipes, not tubes. :-)
Re:Why bother? (Score:2, Informative)
That'll mess up corporate vpn users with clout, and https connections to banks etc.
Probably not. In normal circumstances, these connections don't use anywhere near the same raw data transfer volume as one bittorrent with a few dozen connections.
Re:Why bother? (Score:3, Informative)
Go look at the traffic if you don't believe me. I've monitored the traffic on my connection as I play various online games - but not Xbox Live though.
In theory the server might get throttled affecting the game BUT online game traffic seldom adds up to gigabytes a day - all you are usually sending is "changes in state". In some cases yes game assets do get downloaded - but the clients seldom upload that much back to the server
This is because in practice it is rather hard to have all the game clients as equal peers in deciding on "What is Reality" in the game. It is simpler to have one machine being the final decider on what is reality, and the rest of the machines can only request changes to reality (and be denied - "Sorry you can't shoot - you ran out of bullets 2 seconds ago".
Having all the machines vote to decide reality will take too much time - imagine the latency and chaos that will occur.
Re:Why bother? (Score:5, Informative)
how would this work for gaming online? 16 different IP destinations and I play for hours on in. My understanding of Xbox Live is that it is P2P and if they throttle my Halo 3 game, I'm gonna get pwned even more than normal.
I totally agree. Steam creates a lot of connections to various content servers to bring down content faster for the Steam Client. It also creates a shitload of traffic when you refresh the server list via Steam Clinet > Servers Tab. The Steam Client is also P2P by definition.
Now this type of throttling would piss me off greatly.
Re:A Few Misunderstandings for Many (Score:4, Informative)
What you said about the problem being latency, is a little bit hard to swallow given that the core of most ISPs runs multi-terabit routers.
The fact of the matter is that not only have router CPUs increased in power exponentially, but also core router technology, has advanced to implement caching such as CEF (Cisco Express Forwarding), and build into regular router blades additional CPUs such as DCEF (distributed CEF), etc.
Case in point, core routers these days have SO much spare processing power that most routing cores run VRF (virtual routing and forwarding), which allows a single physical router to VIRTUALLY pose as if it is 100 or even 1,000 different routers, all inside the same box.
And further, the total throughput capacity of these routing processors today is measured in the TERABITS. The latest Cisco router can process some 15 Terabits of traffic in a single box. Even if packet sizes were inneficient, you're still looking at 1+ Terabits of throughput... which is many many many OC192s (10Gigabit Sonet rings).
So don't tell me we're hitting router processing capacity, because that's a complete joke, and if that were the case, Bell Canada would have been smart and presented that info right up front to the courts (they're currently being asked to justify why they throttle their end-users).
I think what it actually may come down to is peering costs with other ISPs... which for the most part isn't a problem for the biggest players which are Tier 1 providers. Tier1 here is defined as a Telco/ISP that is so big (i.e. AT&T) that all other providers pay THEM for packets to traverse their network, and they in fact don't pay anyone or their peering costs are way lower than their peering income.
So Tier1's aside, yes I can see ISPs having to fork out significant $$ for bandwidth per month, and of course torrent freaks doing 200+ GigaBytes/month are costing them significant money.
just my $2.22 cents,
Adeptus
I have a program that eats far more bandwidth... (Score:3, Informative)
It's called Camfrog. Look into it. I can saturate my connection down and up running a Camfrog server faster than I can torrenting the most popular Linux distro. It would look just like P2P traffic too.
I'd love to see them throttle my $200 Camfrog Pro server. The lawsuit for doing so and saying that it's 'illegal P2P' traffic would get them so owned in court.