Comcast Confirmed as Discriminating Against FileSharing Traffic

An anonymous reader writes "Comcast has been singled out as discriminating against filesharing traffic in quantitative tests conducted by the Associated Press. MSNBC's coverage of the discovery is quite even-handed. The site notes that while illegal content trading is a common use of the technology, Bittorrent is emerging as an effective medium for transferring 'weighty' legal content as well. 'Comcast's technology kicks in, though not consistently, when one BitTorrent user attempts to share a complete file with another user. Each PC gets a message invisible to the user that looks like it comes from the other computer, telling it to stop communicating. But neither message originated from the other computer -- it comes from Comcast.'" This is confirmation of anecdotal evidence presented by Comcast users back in August.

Any World of Warcraft users...

[mdm-adph]

...noticing problems downloading the patches on Comcast?

Just wondering since WoW uses Bittorrent to distribute its patches (one example of a very legitimate use).

Re:Any World of Warcraft users...

[ivan256]

I know that people are always bitching about how long (45 minutes+ for some people I know) it took them to download a patch... While at the same time I've been able to download patches over my non-Comcast connection at over 2MBytes/second... I don't know that all of those people have comcast, but I know that some of them do.

</anecdote>

Re:

[moderatorrater]

My comcast connection (10 megabit) takes 45 minutes to download a patch.

Re:

[SuperMog2002]

Mac or Windows? Back a few months ago, I had both a Mac and a Windows box, and the Mac always downloaded the patches MUCH faster (as in, more than 10 times faster) than the Windows box, even though port forwarding on the router was configured for the Windows machine,

Re:

[InvisiBill]

Ports aren't really the problem. If you don't forward ports, other people can't initiate connections with you - you can only initiate connections to others. That's just the way NAT and port forwarding work. If you and another guy both have port forwarding disabled, neither of you can connect to the other. If either of you have port forwarding configured, the other one can initiate the connection and sharing can commence. If you only have 10 people in the swarm, cutting out half the people due to a lack

Re:

[nuzak]

> how exactly is WoW supposed to open up ports on my router?

It's called UPnP. Most home routers speak it, and most decent BT clients use it. It's convenient, and not really a security risk if your router's smart enough to not enable it on the WAN interface. Sadly, some actually do.

Re:

[shoptroll]

I'm pretty certain Blizzard's BitTorrent downloader will pull via FTP from their servers if it can't connect via BitTorrent. That's the way it works when I went to grab the Starcraft II trailers earlier this year. You can also force it to use FTP only I believe.

Re:

[webvictim]

FYI, it actually pulls them via HTTP (rather than FTP) from Blizzard's servers. The problem is that on patch day (or anything up to about two weeks after it) the HTTP servers get massively overloaded, so if you can't use BitTorrent then it will take an absolute age to download a patch. This is why people started downloading the patches and then putting them on HTTP mirrors. It's quite often a much better way of getting a patch, particularly considering that Blizzard's download client doesn't seem to pay mu

Encrypt Everything

[Snowgen]

They're basically doing this with a "man in the middle" attack by sending false messages to both parties in the communication, pretending to be the other. This is why all net traffic needs to be encrypted and signed.

Re:Encrypt Everything

[Anonymous Coward]

Why isn't this illegal? It sounds like they are impersonating one of the sides of a conversation.

Are they allowed to do the same thing with Skype (or anything else they want) and tell the other side I want to disconnect? Where is the legal line?

Illegal forgery and defense

[Frank T. Lofaro Jr.]

It likely is illegal.

Just because it is their network DOES not give them the right to FORGE IP packets to look as if they come from elsewhere.

That would be like a courier service forging documents from 2 people wanting to communicate saying "Stop sending documents" if they didn't want them to talk. They'd never do something that stupid, and if they did, they couldn't get out of charges by saying they were only forging documents through their service.

Forgery is illegal. Someone who had a forged RST packet sent in their name should have forgery charges pressed and sue for impersonation.

A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.

Re:Illegal forgery and defense

[jimicus]

A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.

Also probably very silly to do. And won't work unless both ends of the communication are doing it.

Re:Illegal forgery and defense

[quantum bit]

A technical defense is to block RST packets. Probably not hard to do under Linux, and likely trivial.

Sure you could modify the source to ignore the RST flag, but that would probably completely hose your networking, since it's sort of an integral part of TCP/IP functioning. Sometimes the packet with FIN set does get lost.

I guess it might work for a while until you ran out of memory for tracking state of all the connections that never close. :D

Re:

[Agripa]

Sure you could modify the source to ignore the RST flag, but that would probably completely hose your networking, since it's sort of an integral part of TCP/IP functioning. Sometimes the packet with FIN set does get lost.

You would only have to block the RST packets on connections which are to specific ports. This can also be the case with bittorrent if setup appropriately.

I guess it might work for a while until you ran out of memory for tracking state of all the connections that never close.

At least with t

Re:Illegal forgery and defense

[deftcoder]

You could just disable it temporarily on that one port.

http://redhatcat.blogspot.com/2007/09/beating-sandvine-with-linux-iptables.html [blogspot.com]

That was linked from the first result (a Digg article) for "iptables DROP RST".

Dishonesty is not illegal

[fm6]

Once again, it's amateur lawyer time at Slashdot.

It likely is illegal.

Just because it is their network DOES not give them the right to FORGE IP packets to look as if they come from elsewhere.

That's certainly dishonest, but that doesn't make it illegal. They're basically lying to their customers (or rather, their customers' software). Lying isn't illegal unless you do it in connection with an actual crime. For example, you can go around telling people that you're Steven King, and not be breaking any laws.

Re:

[44BSD]

I may be wrong, but from the descriptions it sounds as though Comcast is simply forging TCP RST packets. From the articles, it seems as though the traffic type (at least in the Lotus Notes case) is determined solely by destination port. If this is the case, application-level encryption would not be an effective countermeasure.

This should be the topic of discussion

[Nymz]

This is why all net traffic needs to be encrypted and signed.

Instead of talking about World of Warcraft, or how much Comcast sucks, we should be discussing why & how to go about implimenting some type of encryption envelope around all our traffic.

While it's a nice idea in theory

[paranode]

In practice, it would require that everyone that gets a moderate amount of traffic to probably upgrade hardware to handle all the extra overhead of cipher processing. Also, since most users are clueless as to how it works, they will accept any old certificate and click "Yes" to everything.

Re:

[secPM_MS]

You didn't go far enough. Comcast and other carriers have a good commercial motive to use deep packet inspection and modification to remove adds from web pages being transferred and replace them with adds that they are paid to display. Clearly, additional results could be added to search results as well. This breaks the business model of the web.

The simplest solution, and one that I think the web sites will eventually support (once they get over the cost for HW encryption support) is to use SSL / TLS. Thi

Re:

[headbulb]

All net traffic? Why? That isn't addressing the original issue of the carrier messing with packets it shouldn't.

Instead if all traffic being encrypted along with taking lots of otherwise unused cpu and perhaps Bandwidth. Lists of ip address that are suspect will have their packets dropped at random instead.

The fight isn't on any technical means, it's more on a political means.

So in the end, encryption while a good technical work around. Is escalating the fight. This isn't what we should be fighting for, we

Re:

[Anonymous Coward]

you can't encrypt the TCP handshake. The Comcast attack (by sending false TCP resets/RSTs) still works against encrypted traffic. Encrypted traffic is carried as the data payload with in-the-clear TCP headers. As long as Comcast can discern (or even cares to discern) which traffic is undesirable from the TCP headers themselves (e.g., TCP port number, weighted aggregate traffic, many-to-one traffic connections, etc.) Comcast can still send your box a TCP RST and torch the session.

Good

[Actually, I do RTFA]

Now maybe the "net neutrality isn't important because we can trust giant corporations not to screw their customers crowd" will shut up. Of course, the people getting paid to lobby or keep those bills out of Congress won't change their mind, but maybe regular people will. And that's a step in the right direction.

This story does make me wish I was not boycotting Comcast already though, so I could boycott it for this.

Re:Good

[tlhIngan]

Now maybe the "net neutrality isn't important because we can trust giant corporations not to screw their customers crowd" will shut up. Of course, the people getting paid to lobby or keep those bills out of Congress won't change their mind, but maybe regular people will. And that's a step in the right direction.

This story does make me wish I was not boycotting Comcast already though, so I could boycott it for this.

Actually, this will hurt net neutrality because everyone is getting QoS confused with Net Neutrality!

QoS is legal, and it should exist. Prioritizing classes of traffic is OK, provided the classes are generic classes of traffic (e.g., email, web, ftp, p2p, voip, etc).

Net Neutrality is compatible with QoS. What Net Neutrality proponents want isn't avoidance of QoS, but to prevent deals where if you use Windows Live Search, it comes up instantly, while if you use Google, you'll find yourself waiting a good minute for the frontpage to load up. I.e., both use the same class of traffic (web), but service is differentiated based on who can pay.

So Comcast causing Bittorrent problems is OK for Net Neutrality. But if Comcast suddenly lets Blizzard's WoW updates unimpeded while causing problems for say, Linux ISO torrents, then that conflicts with Net Neutrality.

Basically, like traffic should be treated alike. But unlike traffic may be treated differently. So if Comcast charged an extra $10 for enhanced VoIP QoS, that's OK, as long as it's for all VoIP, not just say, Vonage only, or Skype.

Net Neutrality opponents like to bleat the Anti-QoS line because it's the easiest way to spread FUD, when they really mean "Google, pay us, or we'll make your page take ages to load, while making Windows Live Search load instantly".

Re:

[brunascle]

but that can be done by the user at their end, if they want to. it doesnt have to be a universal policy enforced by the ISP. what if, today, i dont care if my calls get dropped because i really want this torrent to finish ASAP?

World of Warcraft

[whisper_jeff]

If one wishes to find a legitimate example of bittorrent sharing of legitimate files, one need look no further than the largest MMORPG on the market - World of Warcraft. Patches are automatically (assuming the user doesn't disable the feature) downloaded using bittorrent. And Blizzard is more than aware of and approving of this, given that they programmed the feature. Needless to say, I think any internet service provider who disrupts a consumer's legitimate use of their internet connection is a service provider that doesn't deserve the consumer's money...

Re:

[mashade]

Good example. Another is the Ubuntu release that came out yesterday -- all the mirrors were crushed, while this was Bittorrent's time to shine. [tipotheday.com]

Re:

[shoptroll]

OCRemix.org also uses BitTorrent as a distribution mechanism for people who wish to grab large file sets from the site, namely collaboration projects centered around remixing specific game soundtrack.
Eclipse.org uses it as a distribution channel for their IDE.
I believe podcasts/netcasts (and most likely video podcasts/netcasts) make use of it as a distribution channel.
There's also linux ISOs, movie/game trailers, game demos, game mods make use of it as well.
XFire uses something similar to BitTorrent for sha

Re:

[langelgjm]

Also, besides common cry of "Linux ISOs!" (which, you have to admit, is a pretty lame argument for most people out there), BitTorrent is used for legally distributing such things as:

- "America's Army" (the U.S. Army's free video game). I've uploaded over 80 GB of that alone in the past few weeks.

- Aronofsky's director's commentary for the movie "The Fountain," which was not included on the DVD release

- The Pirate Bay's "Steal This Film - Part 1", which talks about the raid on their servers

I.e.,

Encryption

[Drachemorder]

In my experience, bittorrent transfers are much faster on my Comcast connection when I choose to encrypt them. That suggests to me that Comcast is indeed throttling normal bittorrent traffic.

Re:

[JesseMcDonald]

In my experience, bittorrent transfers are much faster on my Comcast connection when I choose to encrypt them. That suggests to me that Comcast is indeed throttling normal bittorrent traffic.

An alternate explanation would be that most of the well-connected peers may require encryption by this point; then you'd see the same effect even without interference from Comcast.

Re:

[CodeBuster]

Comcast and the others who engage in packet shaping are only hastening the day when encrypted protocols protected by strong encryption (AES probably) are commonplace. Perhaps they realize this and are using the packet shapers as a stop-gap measure while they upgrade their infrastructure to handle the increased loads, but I doubt it.

Re:Encryption

[ZeroFactorial]

Given the nature of the "man-in-the-middle" approach they've taken here, it won't be long before they try to foil the encryption, too.

That's the entire premise of a man-in-the-middle attack - give both sides false keys, but hang onto the false keys and the real keys yourself, then encrypt/decrypt accordingly with appropriate keys in each direction to keep them oblivious to your presence.

Taking a stance like "well at least we still have encryption," rather than fighting for your rights is extremely dangerous. People keep saying "they aren't a common carrier, so they're within their rights."

What the hell? When is it within a carrier's rights to WILLFULLY LIE ABOUT OR MODIFY the correspondence or transmission they've been entrusted to carry?
If the US postal service opened your mail and scribbled out sections of your letters, would you still feel so copacetic about things? I know I wouldn't....

This is a step towards being subjugated exactly like China.
Step 1) Comcast imposes "totally legal" restrictions on internet traffic.
Step 2) United States Government makes deal with Comcast to be sole provider for govt networks.
Step 3) Congress passes legislation to help put other providers out of business.
Step 4) Comcast becomes primary provider in US.
Step 5) Government officials give kickbacks to Comcast to regulate "perfectly legally" what internet traffic is allowed to pass.
Step 6) The US is adopted by a loving family, with an older brother named communist China.

Okay, so it's a stretch.... but this IS the beginning of a violation of rights. There is no shortage of evidence that the constitution was created to protect people from violations such as this, EVEN if you've agreed to it!

Why do you think we don't allowed indentured servitude anymore? It was a contract that was entered into willfully..... The law is there to PROTECT people from jackass people/companies like Comcast who try to decide that it's within their rights to violate peoples' rights, just because the law says they can.

To quote the declaration of independence.

That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed.

WE ARE THE GOVERNMENT. Whether we like it or not - those elected officials were picked BY us from AMONG us. If we are too stupid to choose people who will do something about it (and if we are unwilling to run for office ourselves) then we are consenting to whatever happens!

This is exactly a situation where if what Comcast is doing is "legal" it's time to enact some legislation to ensure that this kind of completely unethical behavior (which SHOULD be illegal) never happens again.

The law is(read: SHOULD BE) there to protect you and me, not big business. We have a congress, and not a king, for just this sort of situation.

Help me Obi-wan Kenobi(read: voters of the USA). You're my only hope.

Re:Encryption

[garbletext]

If you're using a decent client like uTorrent, Azureus, KTorrent, or Deluge, just check the options.
 
  encryption is useless in this case, however, since bittorrent traffic is obvious to an intelligent packet shaper such as the Sandvine systems that Comcast uses. Bittorrent usage generates a very distinctive signature even if you just look at the volume ant timing of packets. Once it figures out you're using bittorrent, it just needs to send the RST packet, which will have the same effect regardless of encryption: Your client will think that the remote peer closed the connection.

Re:Encryption

[jlabelle]

It appears to me that the Sandvine system uses a rudimentary heuristic to decide when something should be blocked. One can trigger the RST packets merely by making a few inbound connections to a Comcast IP. I have been unfortunately been triggering it for several months now by connecting to a machine at home with SSH. It will allow a few connections, (like, maybe 5-8 or so in a 30 minute period of time), before it shuts down *all existing TCP sessions that are inbound on the IP* and apparently *all* attempts at additional incoming connections to the IP in question. This lasts for some period of time around 30 minutes to an hour, then things work normally again. I've had to rewrite my file synching scripts so that they use SCP over a single SSH tunnel -- everything goes over one SSH connection, which I keep open the whole time I might need to transfer something from home. This has solved the problem, but the Sandvine system is anything but brilliant, and excessively heavy-handed. I had a detailed conversation with a Comcast rep. via the website chat thingy, and at the end, I said something like, "so, if I want to remain a Comcast customer, I have to be willing to deal with Comcast fiddling with my TCP sessions?", to which the rep. replied, "yes, basically." He then tried to upsell me some higher level of service which is $40 more per month than the $50 I am already paying.

Not just P2P traffic

[TheHappyMailAdmin]

I've posted this before, but it's pertinent and bears repeating, it's not just P2P traffic that Comcast is filtering. A sysadmin I know has been blogging on Comcast filtering corporate e-mail traffic as well.

http://kkanarski.blogspot.com/2007/09/comcast-filtering-lotus-notes-update.html [blogspot.com]

Hey! Mod Parent Informative

[asphaltjesus]

Really.

Subtitled: How To Lose Your Customers To DSL

[fz00]

After Comcast loses all their customers to DSL, will they complain about [whatever DSL company]'s unfair monopoly advantage?

Re:Subtitled: How To Lose Your Customers To DSL

[Frosty Piss]

After Comcast loses all their customers to DSL, will they complain about [whatever DSL company]'s unfair monopoly advantage?

This is exceptionally unlikely to happen. The social groups that Slashdot folks circulate in are not the average. I know it's hard to believe, but very few of Comcast's customers give a shit about BitTorrent of p2p, even if they where aware of their existence. Most of Comcast's customers are average low-volume (if at all) computer users who have Comcast to view television, and picked up Interweb connectivity as part of a package.

Comcast has decided that p2p degrades their system, for them it's more of a technical issue than a political one (though I'm sure the **AA Gestapo have been in touch with them).

Re:

[bsane]

I'd love to try DSL... Unfortunately like most comcast customers I don't have any other broadband options available.

Title Inapt

[jkabbe]

When I read the words "discriminating against" I assumed that Comcast was simply giving higher priority to non-bittorrent traffic. Given what they are doing, I think "interfering with" would be better language. This isn't just a passive downgrading. This is active blocking.

Registering legitimate files

[name*censored*]

Whilst I'd be opposed to such an idea being put into practice, why doesn't comcast request that legitimate torrent/tracker sites register with them in exchange for guaranteed non-filtering (similar to proposals against Net Neutrality)? It'd make comcast happy, since they're able to reduce the amount of traffic on their network and say that they provide options for legal P2P. I know that it would likely result in

1) Comcast charging for the privilege

2) Outcry from legitimate sites

3) Losing paying customers who pirate

Re:

[timeOday]

Your idea would be terribly damaging for the Internet. Innovators need to be able to provide online services without individually registering themselves with every ISP on the planet. Allowing this would make ISPs the gatekeepers and judges of the Internet, and I don't want that.

Fix to comcast.

[Lumpy]

Set your bittorrent client to only use encrypted traffic. It fixes comcast's little red wagon fast.

Almost all up to date bittorrent clients support this.

Re:

[garbletext]

Incorrect. The Sandvine appliances that comcast uses do not need to inspect the packets to classify them as Bittorrent, they can do so by other methods e.g. pattern and timing analysis. Not many network protocols generate packets the way bittorrent does; it's a dead giveaway. As long as they can identify your usage as bittorrent, the RST trick still works. Of course, you could change set your client to open a very conservative number of connections, possibly thwarting traffic analysis, but then you'd be

Re:

[Sax Maniac]

You probably need to prioritize TCP ACKs across saturated asymmetric connections. Otherwise outstanding upstream ACKs will slow the downstream side. My el-cheapo router does this, once I reverse-engineered what the marketing department named it ("TurboTCP"). You can probably do it in software if you look hard enough.

Doesn't the very act of policing content

[sdkramer]

make them somewhat responsible for what content is on their network?

"Hello, RIAA. I have reason to believe Comcast is allowing illegal music trafficking to occur."

It's Comcastic!

Comcast... Where?

[Kainaw]

Comcast is in many different cities - each office running independently of all others. Which offices are blocking bittorrent? I use it all the time, on Comcast, without any trouble. I have more issues at work (with traffic shaping junk) than Comcast. So, I do not see how this is a company-wide problem. It may be something only used in problematic areas.

I'm outraged!

[Kohath]

This is the worst Internet injustice since the last thing that had Slashdot's panties in a wad. And that one was so horrible that everyone forgot about it.

Interesting note

[shoptroll]

When people were first talking about issues, I setup Azureus again to help seed some of the site projects over at OCRemix. However, in the last two weeks I've noticed that I'm getting NAT Ok? and Firewalled status messages on Azureus, despite it still allowing me to push through at 20kb/s upload (which seemed like a fairly good upload seeing as I could barely muster 5 kb/s on Charter at my previous residence). I know for a fact I haven't been monkeying with my firewall or NAT Router since I got everything

On the other hand...

[pushing-robot]

Their [youtube.com] commercials [youtube.com] make sense on a whole new level now.

Question....

[8127972]

Actually two of them:

1. What hardware/software would carriers have to use to do this?

2. Can it be defeated?

Fwiw, Rogers cable in Canada is rumored to be doing the same thing (and perhaps more). Michael Geist talks about this on his blog: http://www.michaelgeist.ca/content/view/1859/ [michaelgeist.ca]

Re:Question....

[kwandar]

Actually, Canadian users should file a complaint about Rogers misleading advertising with the Competition Bureau (not advising purchasers of their high speed service in their advertising that they will lower the speed of P2P apps). I have, and so have others. It really is a question or priorities and complaint volume though, and at present the number of complaints has been very few.

For anyone interested, the Competition Act [canlii.org] and there are numerous sections dealing with misleading advertising. By not advising they public they are actually reducing the speed of P2P apps, they are knowingly making a material misrepresentation to the public (Parts VI and VII.1).

You can file complaints with the Canadian Competition Bureau about Rogers, here [competitionbureau.gc.ca].

Dubious legality of forging resets...

[isaac]

Comcast would be well within their rights to drop or deprioritize bittorrent packets, but it's not at all clear that sending TCP reset segments with forged source IP addresses is kosher.

If all traffic flowed through a Comcast-controlled proxy that was disclosed, there probably wouldn't be a problem, but Comcast is actually forging source addresses on both sides with the effect of concealing their actions and fooling the parties on each end into terminating their connections at (what they believe to be) each other's legitimate request.

I imagine this method of traffic limiting could be litigated sooner or later since it affects customers who are not party to the RST-inserting carrier's TOS.

-Isaac

Re:

[Anonymous Coward]

http://www.cnet.com/8301-13739_1-9769645-46.html [cnet.com]

This article does seem to put forth an interesting idea. I wonder if a case could be reasonably put together for Comcast impersonating its users in violation of the law.

but why.....

[apodyopsis]

...are people surprised?

if enough people complain or walk then they will change their practices.

By the way - well spotted.

Forget "throttling," what about "masquerading?"

[dpbsmith]

The issue of traffic shaping should be kept separate from the issue of:

--Comcast using forgery or masquerading

--Comcast deceiving customers about its true terms of service

--Comcast hiding what it is doing, thereby giving no means to complain or give them feedback about technical problems

What would be nice

[Cryophallion]

If I remember correctly, Comcast says that something like 1% of the user base causes 15% of the bandwidth, etc. Therefore, they throttle the thing that takes up the most bandwidth (torrents), in the name of helping out all the other users.

However, I would love to see stats on what percentage of their users actually use bittorrent. Until someone can prove that more than 1% use it, they can use that argument and 85% of people will shout"Yeah, more bandwidth for me, screw those pirates", without realizing the legitimate torrent uses (such as linux distro rollouts, patches as mentioned before, media defender email leaks, etc).

At leas the media is finally catching on, but until we get people to realizing that it is a slippery slope that affects them, there will not be enough uproar to stop them.

So, if we could only get our hands on how many people use it... we might be able to make some noise. Until then, the average joe will say "So What?"

Re:

[realmolo]

Comcast is probably breaking the law. And what they are doing is shitty.

But they are well within their rights to throttle Bittorrent traffic. And they NEED to.

I used to run an ISP, and I've worked at many, and let me tell you, Bittorrent traffic is EVIL. It HAS to be throttled. It's an extremely inefficient, "talky" protocol. It opens thousands of connections to every BT client (yes, you can limit the number of connections your BT client *accepts*, but those connections still have to be *routed* to you befo

Re:What would be nice

[Mad Dog Manley]

If I remember correctly, Comcast says that something like 1% of the user base causes 15% of the bandwidth, etc. Therefore, they throttle the thing that takes up the most bandwidth (torrents), in the name of helping out all the other users.

Correction... they throttle in order to get the 15% back and resell it to more users, without having to upgrade existing infrastructure.

Legal action?

[Thaelon]

Could Comcast be found guilty of fraud law or violating some computer usage law because of this?

On one hand, they're deliberately pretending to be the person you're communicating with (fraud?). On the other they're deliberately degrading performance of a person's internet connection (vaguely DOS-ish), a person one who isn't necessarily their customer.

Thoughts?

I don't think this is all Comcast discriminates...

[Krojack]

I work for a VoIP provider and of all our customers, only the people using Comcast have voice brake-up. All other broadband including myself (charter) have perfect quality. It's sad when we get blamed for this when in fact its not our problem. I was on the phone with Comcast many times over just to get them to clear the problem up so my sister could have good VoIP quality. It still has problems here and there but at least its good now for the most part.

BTW, This has gotten worse ever since Comcast started offering VoIP.

Sending spoofed packets

[BitZtream]

So, since, as it appears, they are sending spoofed packets ... Couldn't you claim unauthorized access to your PC, impersonation of another person, and forgery of information ... or something along those lines. Its certainly illegal to pretend to be someone else as a person, maybe not in and of itself, but as soon as you do something to harm one of the parties involved (thinking identity theft).

I just can't believe that somewhere along the lines there hasn't been a law made that makes spoofing illegal, they are claiming to be someone/something else to which you have agreed to communicate with.

Of course, if its not actually sending packets as if they came from the peer, then its a different story.

In other news: Hammer sales in u.s. up by 30%

[unity100]

what goes around, comes around as a hammer.

This may have been considered already, but...

[rickb928]

... if Comcast is essentially attempting to disable Bitorrent, are they by any chance either violating or subverting one or more RFCs? Substitute the proper term for 'violating', that was the strongest word I could come up with quickly.

I recall that in the Early Days of the Internet, not abiding by the RFCs would get you in hot water. Especially screwing up with SMTP would do it, but even bad behaviour due to your incompetence would get your T-1 unclocked, and it would take a few calls to the powers that be to assure them that you found someone who knew what they were doing and that problem wouldn't occur again. At least not for a while.

My point is, perhaps it's time for the other Internet providers to consider requiring Comcast to not mess with traffic in this way, or sanction Comcast.

Sanctions could be as graduated as throttling at the NAPs, degrading Comcast traffic, even disconnects.

Some providers have a stake in this. If the legal Bitorrent users (WoW for instance) get a crossed hair over this, why would they not ask their providers to pressure Comcast into stopping this?

Ultimately, this may be Comcast clinging to their ToS and 'server' restrictions, and that would mean Comcast users won't be sharing out Bitorrent files. Bummer.

Another wrinkle, I wonder if Comcast sends forged RSTs to Comcast users sharing with *other* Comcast users. Intranetwork traffic shouldn't 'cost' so much for Comcast.

My theory is simple - Imagine if ISPs started throttling or denying traffic from Akamai, because of the volume... What a mess. And while Bitorrent is used for all sorts of purposes, so is SMTP. So if they think the illegal use of Bitorrent is sufficient excuse for them to deny it, why don't they throttle/deny SMTP, since simple spam is bad enough, but the emails of worms/trojans/scams also are objectionable. even arguably illegal. And certainly harmful, to users and the Internet. Maybe even Comcast.

Of course, that's not the point. Comcast is trying to avoid costs due to the volume of Bitorrent traffic that leaves them paying for NAP ports, lines to other ISPs, and routers/switches to manage all this.

In other words, they are trying to control costs by controlling usage.

One of the reasons I got out of the business pre-2000. Couldn't make a profit with my business model. Network costs were too high.

Well, another option is to surcharge high-volume users. Or charge more to afford to provide the service ostensibly advertised.

It's not often I can be happy to have Cox Cable. My Qwest DSL before just sucked, but the traffic got through.

Good luck. My bet is the best avenue is a class-action over either false advertising or Magnuson-Moss.

Been saying this for years about Cox Communication

[JohnnyComeLately]

I've had people get into arguments saying it's MTU or someother issue with P2P, but I've been just going on emperical data and personal observations. My internet connection to Cox ONLY becomes spotty (at best) when I fire up ANY version of a P2P software. I can go months without rebooting my PC, Router, and Cable modem, but the moment I fire up LimeWire it drops to slow performance and often locks up within 5 minutes. Rebooting the cable mode can instantly fix it. Dont run Limewire? It'll go back to normal. Run Limewire after rebooting? Back to slow performance and a reboot it right around the corner. Again, I've tried different types of P2P, so I'm not buying any breakdown in the TCP/IP stack (MTU problems, etc). It's almost as if they drop my IP lease because I still see traffic but nothing works. Their "stop communicating" message would also make sense.

Re:

[Frosty Piss]

Comcast isn't a "common carrier". Also, their cable, their rules, don't like it, ditch Comcast. Now, IANAL, but maybe your argument would apply to DSL, being over the phone lines and all.

Re:

[ultranova]

Also, their cable, their rules, don't like it, ditch Comcast.

While the cable is theirs, they have leased it - or some capacity on it - to the customer, and are now actively and purpsefully preventing the customer from using the service he has bought. While the contract likely has a clause which lets comcast terminate the service and/or alter it at any time at will, I wonder if such a clause wouldn't be ruled unconsciable; after all, it essentially states that Comcast is not really bound by the agreement

Re:

[Frosty Piss]

While the cable is theirs, they have leased it - or some capacity on it - to the customer, and are now actively and purpsefully preventing the customer from using the service he has bought. Leased? I don't think so. And, did you read the contract for service when you signed it? It describes the services that Comcast is offering you, and probably Comcast's rights to do whatever the fuck they like, and so on. I'll bet there is a berbage about restricting services that in their opinion degrade their system.

I w

Re:

[Frosty Piss]

Yes but even as a land lord there are strong restrictions on your ability to evict people. It can take weeks or months after a violation is identified.

Look, the landlord analogy doesn't apply, Interweb access isn't the same at all. Comcast sells a consumer service over its own equipment which is not a "common carrier". It's not a house. You're not just "sitting" on their service. There is a contract. Part of the contract allows Comcast to restrict ("throttle") p2p if they want. Maybe it's at the request of

Re:Common carrier

[moderatorrater]

Yes, but sending fraudulent messages could be against the law, which is what they're doing here.

Re:

[wizardforce]

Also, their cable, their rules, don't like it, ditch Comcast

do you really think if people had an alternative they would be using comcast? the whole problem is that comcast is your only choice in certain areas, there is no one to switch to- either you go with them or no internet for you.

Re:

[Waffle Iron]

Also, their cable, their rules, don't like it, ditch Comcast.

Since they usually operate under exclusive franchises dished out by local governments, it's not as simple as "ditching" them. It's not possible for anybody else to install a cable to create any kind of competition. If you're lucky, you might have DSL, but a duopoly is rarely much better than a monopoly.

Re:

[Zenaku]

"Ditch Comcast" is a lovely sentiment that has little to do with the world in which we live. For a lot of us, that means ditching internet service, as our only other option is to have our data transported through the tubes by invisible magic bit-fairies.

I am a Comcast customer not because I like Comcast, but because they bought out Time Warner in my city. I was a Time Warner customer not because I liked Time Warner (Though they certainly are better than Comcast), but because I DID ditch Qwest DSL for havi

Re:

[Zenaku]

Having my choice of two equally horrid alternatives somehow gives me no comfort.

As I mentioned, DSL is an option here. Qwest owns the lines. And I already employed the suggested vote-with-your-dollars strategy because they suck. So what would you have me do? Keep switching back and forth between them every month? And by the way, DSL requires doing business with Qwest because they own the phone lines, so the dial-up option doesn't change anything.

My point is that you act as though its a free and open ma

Comcast != Common Carrier

[winkydink]

This is a very common misconception.

Re:

[poetmatt]

unfortunately, it's not a misconception. [slashdot.org]

Also the original forum post from DSLreports [dslreports.com] user funchords = Robb. Notice the stuff said. I helped him investigate and can verify that comcast has been and still does this, via Wireshark. They send RST packets to you and the people you're uploading to on a random 1-18 second timer if the user is not a comcast user themselves. (It used to be an automatic 8 second timer but now they added a small degree of "randomization"...they seem to be exploring it, there was a

Re:

[quantum bit]

They send RST packets to you and the people you're uploading to on a random 1-18 second timer if the user is not a comcast user themselves.

Whoa. When I read the description I figured they were spoofing ICMP source quench messages or something to slow down the connection. Resetting random connections is just downright rude.

It's official, cable companies are evil. Though AT&T isn't much better...

Re:Comcast != Common Carrier

[quantum bit]

Source quench [wikipedia.org] is an ICMP message, similar to destination unreachable but less severe. It's a way for a host to tell another host (or router) that it's sending data too fast for it to process and should back off. It was an early attempt at preemptive traffic control to throttle back before something has to start dropping packets.

There's not a whole lot of equipment that sends them, but pretty much every OS I've come across honors the messages to some extent. I don't know if the cheap NAT routers that many people use pass them along or not, though NAT in general tends to be fairly broken when it comes to ICMP.

If a man in the middle were to spoof ICMP source quench packets that looked like they came from either of the p2p nodes that were communicating, the effect would be that they would start sending data more slowly to each other. The connection would still be open, they just wouldn't transmit as fast as they could.

After reading the article it became clear that what Comcast is doing is much more evil. They're setting RST flags on packets (or maybe spoofing new packets in the right segment range with it set), which causes the entire connection to abort rather than just be slowed down. It could cause a lot of grief if their filter misidentifies something as p2p and starts shutting down the connections, as apparently happens to Lotus Notes [blogspot.com] traffic.

That last link has some good packet dumps of it happening.

Re:

[arivanov]

Cable companies are not carriers. They are information providers (or the equivalent status) in the USA and almost everywhere else. They are not subject to any of the limitations to which carriers have to comply.

Indeed it is - Mod parent up

[laing]

They will either have to back away from this policy, challenge the rules themselves, or start filtering traffic even more agressively than the Chinese.

Re:Common Carrier

[Frosty Piss]

ISPs generally don't have common carrier status.

From wikipedia [wikipedia.org]: "Internet Service Providers generally wish to avoid being classified as a "common carrier" and, so far, have managed to do so. Before 1996, such classification could be helpful in defending a monopolistic position, but the main focus of policy has been on competition, so "common carrier" status has little value for ISPs, while carrying obligations they would rather avoid. The key FCC Order on this point is: IN RE FEDERAL-STATE JOINT BOARD ON UNIVERSAL SERVICE, 13 FCC Rcd. 11501 (1998), which holds that ISP service (both "retail" and backbone) is an "information service" (not subject to common carrier obligations) rather than a "telecommunications service" (which might be classified as "common carriage")."

LOL

[zoomshorts]

But we now have the "Hammer" method. Boycott the bastards, no matter what the cost.
Then when the people we use as an alternative to Comcast start to mess with us, just
DROP them too.

Simple market response.

Re:LOL

[glindsey]

But we now have the "Hammer" method. Boycott the bastards, no matter what the cost.
Then when the people we use as an alternative to Comcast start to mess with us, just
DROP them too.

What a great idea! Okay, let me see, what's my alternative to Comcast? I know, DSL! Oh, wait, my house is too far from the CO, and AT&T isn't interested in expanding service in our location. Okay then, I'll go to FiOS! Oh, wait, it isn't available in my state. Alright, how about a satellite service? What's that? Half-second lag times? Well, that just about destroys any gaming or VoIP links, and costs a ridiculous amount in both startup and monthly costs, so that's out... Wireless? Nope, nothing in our area.

My choices are literally dial-up, Comcast, or nothing. And dial-up and nothing aren't really options because I often have to VPN into my office from home.

Ah yes, simple market response. I can choose any broadband provider I want, as long as it's Comcast.

Re:LOL

[Howitzer86]

You could relocate, that'll show em!!

Nothing says you hate a service more than if you were to rip up the foundation of your life, career, and family just to avoid them.

Re:LOL

[dajalas]

See if Earthlink offers cable Internet through your cable system. They do where I am. Earthlink has it's own gateways, etc. They have better policies. They allow low-bandwidth servers on a residential connection. And no, I don't work for them.

Re:you know ...

[immcintosh]

Except for the fact that vast tracts of the good ol' US are exactly like he's describing. As soon as you move out of a major metropolitan area, your options start to get extremely limited.

Re:you know ...

[lpangelrob]

I'm well within the Chicago metropolitan area, and have exactly his options.

AT&T has tried to sneak in some fiber into the area (Project Lightspeed), but continues to run into problems with deals local governments sign with Comcast. Namely, a $300k fee that villages charge new service providers and the requirement that telecom companies provide some sort of local service (i.e., local government access channels). AT&T says they're a utility and shouldn't have to pay that fee.

If Motorola's WiMAX manages to do something, they may be an option in the mid-term future. I'm not holding my breath.

AT&T U-verse is coming to Chicago soon

[Brian Stretch]

and while its FTTN architecture is severely inferior to Verizon FIOS's FTTH, it might expand the territory AT&T is able to provide high-speed Internet service to. AT&T is sending in techs from Michigan to help deal with the 200,000+ installations already on order. If you see any big new metal boxes sitting on concrete pads in your neighborhood, they might be U-verse nodes.

U-verse's "Elite" Internet tier is 6M/1M. Slower downloads than Comcrap but faster uploads and only $40/mo, or $30/mo if you a

Re:you know ...

[glindsey]

Oh, yeah, I'm a whole thirty miles out of downtown Chicago. Holy cow, I must be plowin' fields n' chawin' tobbacky! GIT ON THE TRACTOR, MA! WE'S A-GOIN' TO SEE THEM THAR CITY FOLK!

Re:LOL

[jythie]

Or in cases like this, when there is no one else to go to.

Comcast thrives in broadband because in many regions it is your only choice. You can't get alternative cable modem ISPs and DLS is not always available. Market forces are unlikly to effect them much.

Re:ha

[arivanov]

What is surprising is that they RST on anything going over TCP from any of their customers to another of their customers. It is not just P2P. Lotus notes gets whacked in a similar manner and so on. Cable Internet Engineering at its best.

Re:ha

[Wildfire Darkstar]

Nope. This has been discussed ad nauseum already, but Comcast (and Sandvine, which they are in all likelihood using) isn't looking at the actual data, it's looking at the overall pattern of traffic. It is still going to send RST packets, regardless of whether or not your connections are encrypted.

Re:

[Agripa]

Maybe. One thing I am certain about however is that Comcast is courting a tragedy of the commons. As more high volume internet traffic has to resort to obfuscation, it will become more difficult to apply accurate traffic shaping where it is really useful. What do you do when everything looks like IPSEC and SSL or - God forbid - streaming video?

Re:Yea, right

[Anonymous Coward]

It's not the legality that Comcast takes issue with, it's the use of bandwidth. You're not supposed to actually use the bandwidth you buy, you see.

Re:Yea, right

[Impy the Impiuos Imp]

In their (partial) defense, their business model is probably something like:

- Offer a huge bandwidth that most people won't use

- Some will use it, costing us more than we charge, but that's overwhelmed by increased business by people who want the bandwidth from the ad while not actually using it

But then this happens:

- Whoops! File sharing is a Killer App that many people are using.

- On average we are now losing money.

Of course, the proper course of action is to alter their contracts (after the current ones expire) to charge more money for more use, perhaps in various rates. Yes, that will drive people to other companies who don't do this...who will also lose money.

Let the market figure it out.

Anyway, wouldn't generating fake signals to alter the operation of your applications be illegal? That's above and beyond throttling or blocking (gray enough as it is.)

[citation needed]

[nothings]

This is nonsense. If you have any backing for your claim that the internet somehow relied on asymmetrical bandwidth selling, [citation needed], because your presentation doesn't add up. (I certainly don't have any clue how it works behind the scenes, but your description of the endpoints sounds silly.)

Enter P2P, and now there's a lot of data being transferred between the users, with noone paying for it. ... we're all on flat rate, so noone pays. Every 1 MB I download is 1 MB that Blizzard didn't pay for.

But somebody somewhere is uploading that data that's being downloaded. It's not magically coming from nowhere. If the trick is that the cost of bandwidth is supposed to be shouldered by the uploaders, then it's shouldered by the uploaders, and it doesn't matter if it's being downloaded by p2pers or anything.

Which you vaguely get at later in your reply, but this sort of comment is nonsense: "Legal" BitTorrent transfers tend to fall in that category. Someone thought he's smart if he, basically, cheats the ISPs of the bandwidth price. Instead of putting the file on a site and paying for the bandwidth, now he leaves it to a bunch of users that the ISP can't figure out how to bill for it. Nobody posting legal files thinks anything like they're "cheating"! Even if your theory is true, nobody out there knows it, so how could they think they're cheating? They think they're 'spreading the load' somehow. They're using 'available bandwidth' that's not being used for anything.

Then you say:

2. To make things work, paying for the receiving end too was based on oversell and... well, a self-throttling sharing scheme.

Ok then. If all download bandwidth requires corresponding upload bandwidth, and p2p uses "average users'" upload bandwidth, and upload bandwidth for "average users" was oversold... then that means your argument ends up being "broadband vendors oversold bandwidth"! (Just that it's upload bandwidth, not download bandwidth like everyone thinks.)

But this all hinges on a rather bizarre claim about how bandwidth is sold (by upload bandwidth only) that does things like ignore people in the middle... it may be true but your presentation is so sloppy that it doesn't seem trustworthy at all.

You can take it as an example of a problem their own massive oversell created, if it makes you feel any better.

Yeah, gee, I think I'll do that, since that's what your argument boils down to.

Re:Not that simple

[vsync64]

I appreciate your effort to view all sides of this issue and bring balance to the discussion. Unfortunately your points are utter hogwash.

The pricing model for ISP's was based on the idea that the provider of that content paid for the bandwidth. That's why you can get a flat rate, in a nutshell.

It's based on the users of bandwidth paying for that bandwidth. How do you explain consumer-only ISPs that don't host content? How do they stay afloat?

Enter P2P, and now there's a lot of data being transferred between the users, with noone paying for it. If I download a WoW patch from Tom, Dick and Harry -- the WoW patch downloader being a modified BitTorrent client -- we're all on flat rate, so noone pays.

Tell me how "flat rate" equates to "noone[sic] pays". ISPs charge the cost of their bandwidth divided by the number of customers, plus a little on top for their operations.

Keep in mind that all connections have bandwidth limits, and most have monthly transfer limits. (The latter should be treated as fraud by the courts; ISPs love to shout "unlimited!" in their advertisements. But that's a separate discussion.) If you start transferring a lot, uploading or downloading, you have to get a higher-priced account or pay for the extra data transferred a la carte.

Someone thought he's smart if he, basically, cheats the ISPs of the bandwidth price. Instead of putting the file on a site and paying for the bandwidth, now he leaves it to a bunch of users that the ISP can't figure out how to bill for it.

Please. If I am a thoughtless user and I create a giant 10MB dancing hamster video and mail it to my friends, and they start forwarding it around, am I "cheating the ISPs"? (Collectively, by the way... since when does everyone have to start considering the welfare of every business out there? What happened to capitalism?) The ISPs absolutely can figure out how to bill for it: charge by connection time or by quantity of data transferred. Look at business accounts; they have detailed billing for "burst" and "sustained" transfers, transfer limits, and more. What they can't figure out is how to avoid getting hoist by their own petard, after they made fun of AOL for those practices, and then repeated AOL's mistakes.

What BitTorrent does, though, is best described as "not playing nice" in that sense. It will keep opening more and more and more connections until it fully saturates those 6 Mbit/s, everyone else be damned.

So what are those "max connections" and "max bandwidth" settings I've seen in every BitTorrent client I've ever used?

Now again, I'm not saying that Comcast and the gang are doing the right thing there. I'm just saying what their problem is. You can take it as an example of a problem their own massive oversell created, if it makes you feel any better.

We're in agreement there. But why does your unbiased simple explanation contain numerous factual inaccuracies which all back up the terrible business practices and fraud of the ISPs?

Re:

[WidescreenFreak]

Of course! Because each download always and forever equals one lost sale! The RIAA and MPAA have declared it so! There is NO legitimate purpose for file sharing! NONE!! Get that through your head!

I mean - for example, how much money is Ubuntu losing because of all BitTorrent downloads of its latest version of Linux? Er... wait...

Re:

[Malevolyn]

Not sure why you were modded Informative, but you make a weak point. Cable providers (internet or otherwise) are very much regional here in the US, even inside the same company. I can drive 30 minutes in one direction and the TV channels are the same, but 30 minutes in the opposite direction and all the channels are different. And that is just Bright House Tampa and Bright House Central Florida, not yet different providers.

But what happens is a small company starts up, gets gobbled by a larger company (Ti