Slashdot Mirror
VPN Clients Not Allowed On Residential Service
wayn3 writes "ComputerWorld reports here that two of the major cable companies have language in their terms of service that VPN clients are forbidden for "residential" class, forcing clients on their "business" offering which is at twice or more times the cost of residential service.
Has any been bit by this, and do those companies consider SSH a VPN client? This would stop me from telecommuting since my company would not be able to afford the business service."
I can't believe I'm saying this: I'm glad I'm an AT&T customer!
Video Game News, FAQs, etc
I've keep asking them, but noone seems to know. I would prefer a quality-of-service agreement with them.
main(){char I,l,O[]={'-',1-1,0,(1<<5)-1,0+'-',-10-1,-10,11-0,
Don't use this companies. Period.
If they don't allow VPN, you just have to avoid them. The problem is for people that can't avoid them, because the company is the only one that gives service in their area, or the like.
My weblog in spanish
SSH probably won't count, since it's not a Microsoft VPN, which is what they likely are against.
I do it anyway. what are they going to do, cut me off?
I mean, you're using the connection for business purposes, you should be willing to pay for that. If your company can't afford it, then tough. It's not rocket science. Not only that, if you require 24-7 availability of your systems, you can always install a modem or two and connect that way.
If you require internet access for work, then you get a work account. If you require it for home, then it's a home account.
Hell, if you work from home, get the damn work account, then deduct the cost from your income taxes.
Seriously, who here runs a VPN that doesn't connect to their office? I can't really see a use for a VPN besides connecting widely distributed corporate offices and internal networks, which is most certainly deserving of business-class rates.
Is your company running tools written by ma
That said, I don't think this is fair. I also don't think it is fair when a company *cough*Verizon*cough* offers "full Internet service* but then blocks ports on the router and outlaws servers in the TOS. If all they want to sell is a watered down, "just look at the pretty pictures and don't do anything technical" service that's within their rights--but then say so on the label.
Hate trolls? Troll 'em back...at home!
The obvious question is "what classifies as a VPN?" A VPN is a Virtual Private Network which usually is constructed using a secure IP layer such as IPsec. While it is easy to scan for IPsec usage (it has it's own protocol number - even as TCP and UDP has), it is much harder to scan for other types of VPN solutions.
Even encrypted HTTP, HTTPS, can be used to build a VPN-similar type of thing (think "VNC"). Since HTTPS is used to encrypt on-line banking traffic, e-commerce sites and such, they cannot just stop everyone from using HTTPS.
Furthermore, since the data (by definition) is encrypted, it is impossible to peek at the data to determine if a data stream is "a VPN" or just some other HTTPS transfer.
The conlusion is that they will have huge problems trying to enforce this.
AFAIK, this has been the case for quite some time, but let's be real here... They're not checking for VPNs. And as long as you're not abusing this fact by telcommuting full time over a VPN, they will most likely never find out nor will they give a darn. The acceptable use stuff is just there to cover their butts.
Girard said cable business-class service "is not any better than residential, yet they charge you more."
Imagine your phone company doubling your bill because they analysed your calls and decided you made a call to the office!!
I buy bandwidth. What I do with the bandwidth is nobody's business (obvious exceptions included..)
Backward%20compatibility%20is%20over-rated
What if I'm not using a VPN but just doing research on the web for work? Are the cable companies gonna stipulate that you can't do anything for a business from home, even browsing the web?
--"Karma is justice without the satisfaction"
Their TOS are terrible, and getting worse every rev. They have always had a 'no servers for the use of others' policy, and I've always run sshd because it's a server for my own use. On the last rev they disallowed 'any servers at all', which I didn't take seriously because IRC is broken without ident. Besides, technically ICMP could be considered both client and server, and the whole freakin' net is broken without it. Finally, my sshd is for my use only, and is configured and firewalled that way.
Also on the last TOS update they disallowed sucking feeds on their mostly-broken newsservers. They really don't know what they're doing, because in the grand scheme of things, they're just pushing those people to a sucking feed on an external newsserver, and eating their head-end bandwidth. Besides, an off-hours sucking feed would probably be more benign, and I'd be happy to adjust my cron setup to cooperate.
AFAIK they have no anti-VPN wording in their TOS, but IMHO that's only because they aren't clued in to its existence to forbid it.
IMHO, Adelphia wants to be in the 'TV for your computer' business.
The living have better things to do than to continue hating the dead.
right now, none of these services providers do anything to check. They just say no and then leave it to you. If a big stink is made, they may take notice. This is the second mention I've seen of it here and it was also discussed in some newsgroups lately (no links b/c *I* don't want to make a big deal of it).
we speak the way we breathe --Fugazi
It highly depends on their desire to really do business with you, but one thing I have done, when signing a contract with my ISP, is to quite simply cross out the terms I did not agree with. For instance with Time Warner, they have clause saying that no NAT devices can be used. I crossed that out, told the salesman and signed the contract. Also, making more people aware of these onerous business practices is a good thing, as more people will let the businesses doing these thing know there displeasure with their pocket books and otherwise.
Have you tried UNIX today, its most satisfying...
--sdem
I can. I have family in the area, some with broadband of various kinds. If we shared files more (which will probably happen in the future), it would be nice if we could be hooked up on a VPN so we could just drag and drop to various locations, rather than emailing. It would be simpler and it would take up less bandwidth (one copy vs one upload + one download).
Hate trolls? Troll 'em back...at home!
I have a cable modem supplied by ntl UK and work from home. I don't know what the licence says (this is just a standard residential contract), but we use a home-grown (our software is all about secure comms, so it wasn't a big deal to write) simple app that uses SSL to make secure connections for email, CVS etc - all of which, I guess, could be seen as a VPN. There has never been any problem from ntl. Note that my machine is always the client.
IIRC the licence is pretty clear on not allowing servers (although I've also run servers for short periods for very low traffic internal testing and had no problems either, apart from dynamic addressing).
Posting anon just in case!
#include "myisp.h"
char *ssh = "Secure SHell";
char *vpn = "Virtual Private Network";
if (!strcmp(MY_ISP, "crazy") && !strcmp(ssh, vpn)) {
printf("Time to get a new ISP!");
}
else {
printf("Woo Hoo!");
}
Location: Mt. Xinu
As long as people are complacent and accept these kinds of bully tactics from their providers, they really have no standing to complain about it later. Don't like the fact that your cable company wants to be your net.babysitter, and tell you what you can or can't do on the Internet?
Well, rewarding this kind of arrogant big-brother attitude by giving them even MORE money for business-class service is certainly going to encourage a change for the better, wouldn't it? Or, perhaps, you should tell them to shove their port filters, and their DHCP garbage, up their network interface, and switch to someone else who does indeed provides real internet connectivity.
People really need to vote with their feet, and stop agreeing to put on their Internet provider's straightjackets. There are ISPs who will sell you a residential class DSL service, with a static IP address, and let you run servers. That's real Internet connectivity.
to determine if you're using a VPN client, you can always implement something like this.
Hey, is HTTP based, so how would they tell the difenrence ?
What ? Me, worry ?
"This would stop me from telecommuting since my company would not be able to afford the business service."
If you are TELECOMMUTING then you ARE a business customer. The only difference is that you aren't PAYING as a business customer.
Everyone can argue about if there should be different "classes" of service, but that is the business structure the Providers have chosen.
There will be people posting here "I use VPN but not for business." With those people I agree: Simply claiming the using VPN makes you a "business" customer is unfair.
But in the case where you ARE using the service as a business but want to only get charged the residential rate:
Quit your whining and stop being cheap
A business has the right to charge you the rates they see as fair and you have the right to not use their convenient service and start driving to work.
---"What did I say that sounded like 'Tell me about your day?'"---
I did tech support for Rogers@Home here in Canada for a while, and while it was not explicitly stated that VPN was not allowed, we were told by our senior techs that it was a common cause of connection problems. I'm not sure if I believe them though ;)
I have RCN and all of a sudden in the last week or so I can't SSH or FTP back to my Linux box at home from work, so maybe the do consider SSH a VPN service. Why do the rest of us have to suffer just because the world is too stupid to be using Windoze? ;)
I personally use VPN on my cable line for access to my home box from school. The thing is that I Have firewalled out the rest of the world from accessing the ports the VPN Server uses for it's little Java client web server and the acctual server, Except for the place I am comming from. So unless my Cable provider does some strange thing with spoofing addresses they can't really see them. What they can't see can't hurt them. I am lucky enough though to not have either one of the "C" Cable internet companies so I really don't have to worry that much.
(Score:0, Interesting)
Berto
Assuming that the text string you assign to the point will be allocated for you? Shame on you. You never know if you might want to change the string, and you never know if the particular compiler you're using assigns that memory array read only.
Why does it look the other way around?
True, and even more technically I left out stdio.h and string.h... But who's going to try to do this anyway? =)
Location: Mt. Xinu
To get to the other side?
I mean, I may be being naieve here, but since it's encrypted, how would they know it was vpn traffic? The authentication packet/header? If the ports were non-standard, the payload encrypted, I suppose all that'd give it away would be some part of the IP source/dest combination, say NATed addresses....but even that could be anything?
Could they filter on IKE? ESP? AH? This baffles me, arguably no VPN sage....i'm currently muddling thru FreeSWAN; this is of interest...
Vinylone, the accidental buddhist...
These company's do not actively scan for VPN connections. It is just that if you are using a VPN connection then don't call into the help desk if it doesn't work.
I work on a help desk and we do not support VPN connections/software either. The customer can still use it, just don't call in if you have no idea how to configure it. I think that these company's have a business class service that cost more to support service level agreements for these business class customers.
Of course doctors using a VPN connection to get patient information are going to want and deserve a higher level of service then someone downloading music. But if they are on a home class service and only paying for a home class service why should they get priority. If you want a service level agreement that supports you as a priority customer then you pay for it.
Here's the point: Business usage (phone, cable, whatever) CAN be more costly to the provider because these users will scream louder and demand quicker restoration of service when something goes wrong (line failure due to snowstorm, flooding, you name it). They also threaten to sue for lost business revenues due to the company's failure to restore said service in what they think is a timely manner. Residential customers don't bring that baggage.
So, they don't really care if you USE the line for business, because you won't be able to file suit as in the case above -- according to the TOS you weren't supposed to be using it for that purpose anyway. BUT, if you want them to treat your service as an essential component of running your business, you have to pay business rates...which is not wholly unfair IMHO.
It's not funny till someone gets hurt.
The ZoomTown (god I hate that name...) service in Cincinnati doesn't have this clause, but the way they've configured their NAT for residential clients "breaks" many VPN clients. The upgrade is, as stated in the article, about twice the cost.
SSH works fine, though, and a clever tunneling setup can bypass their silly MAT trap in a lot of cases.
-- Minds are like parachutes... they work best when open.
Find the loop hole, (In my case ppp over ssh over httptunnel). NOONE CAN STOP ME!!!!
So, let me get this right, only businesses have information they want to remain secure? I don't think so. Amusingly, it seems that it would be unacceptable to use MS .Net with at-home broadband if the application you were using happened to have been implemented using call backs and had "security" turned on. Fantastic... in any case, unless all home traffic is being intercepted and understood, it would be impossible to enforce a 'NO VPN' rule - that is unless they refine their ideas.
I'm a grad student. The resources at the university I attend suck (the gta office has 1 computer in it, a 486 with windows 3.1). If I want to do work I have to either go to one of the big labs (big, not quiet, lots of people, can't get stuff done) or use the small physics lab which isn't equipped worth a shit. The solution? My home machine, which is a $400 alpha running linux. I ssh from the physics lab and do whatever programming I need to do, or check my email, or whatever. End result, if you classify ssh in the vpn category and expect me to pay 10x what I pay for connectivity then you are a fool. I don't have any options here - I've tried to get real machines in the gta office, even ONE machine that's worth a crap in there - it's a lost cause.
I invesigated Comcast cable a while back, as I'm out of range for DSL. Their terms of service were, in a word, unacceptable.
I suspect that you could get away with practically anything as long as nobody complained and you didn't generate too much traffic.
Oh, as to their "business solution"? DSL. Not an option. Near as I can tell, there is no such thing as "business class cable" Internet.
No high-speed internet for me. Sigh.
Welcome to the Turing Tarpit, where everything is possible but nothing interesting is easy.
What a crock. Sure, as businesses they are entitled to price their services however they like. However, in the case of cable co's, they are NOT simply freestanding business, but have been granted a monopoly service that, in many areas, has NO competition.
They can never enforce this because it would break a fundamental right to privacy. There are a number of reasons someone might run a VPN or a VPN-like system for personal, hobby, or entertainment reasons having nothing to do with business. For them to intercept or discern what precisely is going on over that network sounds an awful lot like corporate wiretapping.
-Styopa
Did anybody read the article:
"Amirshahi said that while Cox doesn't "actively scan" its network to detect the ports used by VPN clients, it does scan the network for excessive bandwidth usage."
Most cable providers will bitch and moan if you use too much bandwidth no matter how you use it.
>>A business has the right to charge you the rates they see as fair and you have the right to not use their convenient service and start driving to work. This is valid so long as the business in question isn't a monopoly, such as Time-Warner or one of the Baby Bells, for example. Those rates are regulated because the state has agreed to give them a limited monopoly. If you don't have much choice in broadband connectivity, then I'd argue that they do not have the right to raise prices willy-nilly as suits their suits.
"No, no, no. Don't tug on that. You never know what it might be attached to."
They've all but said that outright. They don't sell bandwidth. They sell a high speed web surfing experience.
This should no longer surprise anybody here. Let's get over it.
My Heart Is A Flower
In the USA, there is a premium charge on any phone line that will primarily be used for business purposes. This reflects the fact that the line will be used primarily for making money, and it helps to subsidize the very reasonable residential rates. Seems as if cable access is in the same league, even though the telephone market is regulated and can't be compared too closely. If you're using your link to make money, it's a business account. It's all a matter of ethics, really. If your employer demands you get a broadband connection for your job, tell them you need the business-class service. If they're legit they'll get you the appropriate service.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
that these companies are not providing internet connectivity, but something else, crippled
...
The same goes for disabling port 80,
No way can your business "not afford" $200/mo for internet. If you are a 40k/yr employee that equates to less than 5 hrs of pay (considering an employee generally costs 2x their hourly).
Considering the costs of maintaining an office alone, it seems like a heck of a bargain.
that has been there from day one. Excite is the ones forcing the issue and always have. Look at AT&T's TOS now that they sluffed off the leeches called excite. servers allowed, linux specifically mentioned and unofficially supported (as in they'll tell you the ip information instead of saying it all has to be dhcp or we'll kill you or the funny, the dns servers ip address is prepriatory information I cant tell you.)
I'm sure comcast and cox will get a clue when they also fling excite the bord later next year.
Do not look at laser with remaining good eye.
Why should that matter? Do you pay more for bus/train/toll because you are going to work, instead of to the movies?
You should pay for the service you're getting: bandwidth, IP address and quality of service. What you do with it is non of the ISP's bussiness.
...richie - It is a good day to code.
I have had two different cable providers so far (comcast@home and Adelphia - I moved from Philly to Pittsburgh) and they both have these clauses. With both providers I used VPN to "dial-in" to work, and I have run servers (FTP and Web) - although not full time. They can't block the ports because there are other (legitimate) use for them.
I think they put these clauses in their contract so that *IF* you abuse of your priviledges, they have the rights to pull the plug. And even then, the only way they'd know is if everybody on your block complained of piss poor performance, and they decided to start investigate who is sucking all the bandwidth.
I have never gotten a call, email or letter from the providers complaining about this. I am not going to worry about it.
I have used two different VPN clients over the two years I have been using cable modem. One is a weird Nortel client that works in combination with a SoftID token generator. Whenever I use it, no matter if it is here at home or at the office, it will pretty much kill anything not pointing towards the network we were connecting to.
The SecureRemote client is what we use to connect thru our Checkpoint firewall. This one is weird because it only works whenever you try to reach servers that are behind the firewall. It does not disturb my other communications. The first time I connect to an internal machine (say, I open Outlook and it tries to talk to the exchange server) it authenticates me. If I am connected to any protected resource it will ask me to authenticate every few hours, but it works without messing up everything else like the Nortel client does.
Why are these two so different? Anyone can point me to a FAQ? As for @home, around here they enforce things selectively. Basically keep a low profile and nobody will ever bother you.
Pedro
----
The Insomniac Coder
Why does it matter? The way I see things in an ideal world, when I purchase a network connection from an ISP, it shouldn't matter how I use it. If my ISP started to regulate my network activities to that extend, I'd go find another ISP with no bullsh*t.
Skiers and Riders -- http://www.snowjournal.com
"But in the case where you ARE using the service as a business but want to only get charged the residential rate:
Quit your whining and stop being cheap "
What exactly classifies as business use? If I'm researching work projects at home is that bussiness use? If I'm a network administrator and read slashdot, lwn, and freshmeat at home to keep up on the latest in the Linux world, does that make me a bussiness user?
I have always taken the VPN for bussiness wording in the TOS to mean you can't setup a multi-office distributed bussiness across your cable companies network without paying for it. Just because someone has a VPN connection with their main office downtown doesn't mean they should be paying exhorbitent rates.
Steve
I'll take a hit for this, but...
YOU SIR ARE A FUCKTARD
Now if you would like to have a rational discussion about why your opnion is wrong..
haplo@epithna.com
Power Corrupts,Absolute Power Corrupts Absolutely, leaving one person(group)in charge is absolutely corrupt.
as another poster pointed out, most don't allow servers, but lots of apps are technically a server (p2p file sharing anyone?)...
although using a VPN does increase the amount of bandwidth for that connection, what about the graphic artist that uploads 2 gigs of media daily? Most web users never upload more than their email, people used to just surf around, now they're all sharing 20 gigs of MP3 files, makes a vpn connection seem trivial.
There is no identifiable difference between what I telecommute to do and what I do for home use except that what I do for home use requires a tremendously larger amout of bandwitch. I don't browse newsgroups at work. I don't pull ads off of Adcritic at work. I don't browse around to see what neat and new things are out there. In short, my business use ties up a hell of a lot of bandwidth than my play use does. The original reason for business class phone lines was to pay for the extra quality of service that should you have a problem with your phone line, they would attempt to fix it faster than anyone else's residential line. However, the quality of cable does not change for the increase in price. As an Excite@Home customer, the way I have been treated is just ridiculous. To think that I would pay more for no change in service is stupid, at best. This is why I think that DSL is going to win in the end, which I didn't think until recently. Cable has totally overloaded itself.
My two cents,
Chad
Bel, the mostly sane.. "Of course I can't see anything! I'm standing on the shoulders of idiots." -- Me
Why waste your time with VPN???? Use Term Server or Citrix (or an Open Sourse alternative)! All you're sending is keystrokes, mouse movements, and video refreshes anyhow. Not like anyone could make any sense out of that ecen if they were running a sniffer on the line anyhow!
The choice is not using a different company. The decision is use broadband from THE company servicing your community under THEIR terms or revert to dial-up service.
*IF* you're lucky, you can "choose" between the monopoly cable company's service and the monopoly phone company's service. If you are REALLY lucky, you can get DSL from a CLEC or COVAD reseller. If you are insanely fortunate, you can get wireless service or your buddy next door has a T-1 you can tap into.
I live a few miles from AOL, mci/worldcom/uunet, and many other MAJOR data centers. Yet *my* choices are: Cable modem, overpriced IDSL service, ISDN, or modem. People living in spitting distance of the main MCI center can't even get my limited selection.
There is no choice, the broadband providers are well aware of that fact, and they are determined to keep it that way.
Down udner where not allowed servers,
no mail servers,
no ftp servers,
no napters/p2p servers
no runing a game server...
no http server... no nothing..
mind you thats only on boradband..
You have 5 Moderator Points!
Which Helpless Linux zealot/MS basher do you want to mod down today?
No, but do you get charged more if you go to a movie and you're a business person as opposed to a student? Students pay less at movies then someone who works... even though you're both going to see the same movie.
The situation is the same. Residential people are less willing to spend money on internet connectivity and they are charged a lower price to entice thier usage of the system. business are willing to pay more and are charged accordingly.
god, i forget what the term is, but there's an economics word for this. old people and students get discounts in the real world, non-workers get discounts in the virtual one. annoying, but fair.
--
RumorsDaily
Dude. A LOT of businesses can't afford this. If it was for somebody who worked exclusively out of the home (or at least most of the time) then it might be worth it. But otherwise there is no way that is affordable to many places. A lot of people don't make 40k (or anywhere close)... I sure don't. $200/mo. is a lot of money.
Anyway. $40k/yr comes out to less than $20/hr. so this would be 10 hours of work time monthly.
-jay
Broadband service is not priced on a "pay what you can afford basis". It is a commercial service not public radio.
My original contract had language indicating that the cable provider (Cox) was not responsible if someone on the network broke into my machine. But it also said that firewalls were not permitted. Didn't stop me from putting up a firewall.
The VPN clause has been in there since I first had service installed (6/89), yet I've had no problem using Nortel VPN client or ssh. What I find amusing is that they claim that VPN clients eat up bandwidth, yet they've already placed bandwidth restrictions on us.
They can manage the traffic if they want. But claiming that VPNs cause "excessive" traffic is ridiculous. I've either purchased bandwidth, or I haven't. They shouldn't care what protocols I'm using (none of their business). And in fairness to Cox, they have NEVER raised the issue of VPN use with me. (Contract language is probably there to cover their a$$ in case they do decide to get nasty.) None of this should be news to anyone with the service. Read the contract before you sign it, and decide whether or not it's worth signing.
Why should that matter?
Because life isn't fair, and Internet access isn't a right, it's a product.
If you don't like the way Company A sells their bandwidth, don't purchase from Company A.
The Constitution doesn't guarantee you Fair, it guarantees you (and AT&T) Free. Fair is a socialist concept.
Plus they recently added a nationwide dialup service. 10 hours / month for free, 99 cents an hour after that. In the past year I've had only three memorable outages and one was at 1am.
Do this make me sound like Scott Case's bitch or what?
Remember an article about cable traffic being monitored by the US government?
VPN might make this more difficult so using VPN may be considered an act of terrorism.
Right now this just a business trying to squeeze more money out of customers but I wouldn't be suprised if this leads to not being able to have encrypted communication without paying a premium. Those willing to pay could be put in two groups: obvious business users and the people we don't know what the hell they are doing but are now defined in a smaller group that can be more closely monitored.
If you look in the contract you signed, I'll bet that they've got a clause that nullifies any crossing out you may do. Lawyers figured this one a long time ago. Feel free to cross out whatever you want, the contract says that it doesn't count. The only use it *might* serve is to let the company know that you don't like it. Of course, since you signed it anyway (and, like I said, it doesn't matter that you crossed it out) and nobody at a level that would have any kind of decision making power will ever see or know that you crossed it out... it's just a "feel good" kind of thing to do.
The most important notice IMHO is that a service should be the same price for end-users and companies, because they are offered the same services. Does your computer has a different price if you buy it for the office? It's probably even cheaper for companies!
ISP's should provide their services to anyone for the same rate. The fact that a business is using it and it has more dough does not matter in that.
All comes down to a more honest solution, where ISP's offer many different types of accounts, suiting peoples needs, and for reasonable pricing.
Imagine a freelance working person getting an expensive business account but only checks e-mail once a day!!! That is structurally wrong IMHO.
So, ISP's please don't differ, provide more and different accounts!
what's wrong with this picture?
higher prices and customer harm are signs of a real monopoly...
I also agree. Especially since the business should pay for it (if you are really telecommuting, per the description). And especially especially because paying two or three times my current subscription rate BUT being able to have more free reign (not blocking port 25, for example) Would Be Wonderful.
Jack Valenti and the MPAA are to technology as the Boston strangler is to the woman home alone
>What exactly classifies as business use
I'll say that when the service goes out for an hour, any you say "shoot, guess I'll go iron my socks for a while and call support if it isn't back up when I'm done" then you are not a business customer.
If the service goes out for ten minutes and you are on the phone right away screaming at them to restore your service RIGHT NOW because every minute that goes by you are losing money, then you are a business customer.
char* string=(char*)malloc(numbytes+1);
string=strcpy(string,"Foo!");
string=strcat(string,"\0");
I'm glad C++ has std::strings!
Actually, in many places you do pay extra for the bus/train/toll. Rates are often higher during rush hours, so even if you want to do some personal errand, you're going to pay more.
Charging more for VPN is a crude measurement, but the logic is if you're using a VPN, you're probably using more bandwidth.
We all wish for metered bandwidth but ignorant consumers are scared of that scheme because they don't know what 5G a month is. Until that is resolved, we have to live with these blunt tools.
-benJ
Cable companies are used to consumers of one or more of their products who can't do anything more with that product then choosing to consume it or not, after having paid for it. You pay for a cable subscription, one or more extra packages and you hope to receive them when you want to watch. As long as the signal is available everywhere, no problem. Your customers cannot influence the cable reception of their neighbours.
Some 'bad' customers get a cable splitter and connect a second TV to the same cable connection (oh the horror! the cheapskates!). By the way, in my country (the Netherlands) I can't get a second cable subscription in the same house. I'll have to get my own splitter and/or amplifier.
Then cable modems came. And all of a sudden there is a lot more diversity to what people can and can't do with their cable (modem) connection. Even send data back to the Internet! (gasp!). Or even worse, somehow have that Internet available on more then one computer!
So cable companies have to play ISP. Do really new stuff like provide reliable mail and reliable connections to the Internet.
And make users somehow pay for their usage. They try to make this fit into simple models.. Joe Sixpack home user who would have otherwise dialed into AOL for many hours and Brent Bussinessman who wants to be online for the office. Because their billing model can only deal with so many different pricing structures.
There is a different system that might work. The cable company provides 'IP transport' between your cablemodem and the ISP, and the ISP connects you to the Internet and your e-mail, your news and other services.
This model now works for (A)DSL in the Netherlands. The phone company doesn't play ISP, they just connect my line to the DSLAM in the exchange. By my login I select the ISP I want and the rate I want to use (my adsl login is koos@xs4all-basic-adsl) and the router in the telco network sets up a virtual circuit with my ISP, xs4all.
This can work with any transport protocol that supports logins and sessions, like PPPoE and PPTP. Which also lowers the chance of unauthorized hookups and cable packet sniffing.
I get two bills, one from KPN, the phone company for the adsl link and one from XS4ALL, the ISP for the Internet connection and services. If I use too much bandwidth I may get charged extra for that (XS4ALL isn't clear on this matter, I just wish they would say N bytes per month and extra bytes cost you this fee).
Why don't the cable companies go to this model ? The only reason I can think of is that they always had virtual monopolies and don't want to have competitors on their turf. The ISP's are no competitor for KPN since KPN is not an ISP itself. (KPN indirectly owns a number of the ISP's that offer ADSL connections but in the day-to-day reality KPN and the ISP are two different parties to deal with).
This model has its disadvantages. The problem with your connection is in the equipment of the (Telco, ISP) depending on who you ask (ISP, Telco). At this moment, moving from one address to the other and trying to keep a working ADSL connection is a nightmare.
About running servers at home and sharing the connection for multiple computers.. XS4ALL encourages the users to do just that. XS4ALL had deals on cheap routers and tells people that they can run their own webserver, gameserver at home. As long as you don't use up too much bandwidth, which is the only thing that XS4ALL will count for your connection.
Any other classification of your traffic ('business use') is also a violation of your privacy.
Going back to the cable company, the only difference between a 'consumer' and a 'business' subscription would be (for me) that the business connection would be available for at least a certain percentage of the day and that outages longer then a certain time would automatically mean that I get part of the subscription money refunded (a service level agreement).
The Virtual Bookcase: book reviews
Scenario:
:)
My office has a great line abroad
My home ISP got a sucky line abroad
How can I set up a vpn that allows me to route my traffice through the office line instead of my home line?
I've been looking at setting up a ssh-tunnel, is this the easiest way? Or should I look into other tools?
I need to tunnel all outbound traffic tcp/udp, all ports through a encrypted line to my office.
I'd appreciate any help you guys might have
Since when works mean security?
I still want data to be encripted when I connect to any friend's box.
After reading about this kind of shit on a daily basis, I'm so happy I'm with Cablevision. It looks like they are the last decent broadband ISP in the country. Grok this: download speeds between 3000-5000 kbps, uploads around 900kbps, and I'm talking peak time. Semi-decent tech support. Formally they don't allow servers but from what I hear they won't enforce it unless you generate enormous amounts of traffic. They are cool with Linux and other esoteric OSes (they won't provide support, but hey, who needs OS support). It's DHCP, but my IP stayed the same for the last 6 months. And all this for $30 if you have their TV package ($40 if you don't). I'll tell ya, if you're in NY, NJ or CT it can't get any better....
If con is the opposite of pro, is Congress the opposite of progress?
Jennie Moyer, a spokeswoman for Philadelphia-based Comcast, said her company "does not support VPN residential services," adding that teleworkers or their companies can purchase Comcast Pro service, which supports secure VPNs, at a cost of $95 per month compared with $39.95 per month for the residential broadband service.
Are they automatically changing your monthly rate because they detect you using a VPN? I didn't see that. Just don't call up and ask for help getting you VPN to work with their service unless you are willing to pay.
Did I miss something? This doesn't seem as bad as the write-up implies.
The plain and simple truth of the matter is that these companies are not making a lot of money. Broadband is a commodity business that has huge upfront costs, high operating costs, and a rather meager income stream.
How much did it cost to connect you as a customer in the first place, probably $1000 or more. How much does it cost a month to service you, maybe $10 or more. All to receive $50/month. It takes forever to even recoup the initial investment.
Charging business customers more helps them to make some money. A % or two makes a big difference in such a tight business. It can mean the difference between losing money and breaking even. Look at the balance sheets of some of these ISP's. They don't look pretty.
If you use broadband for work then you are getting much more benefit from it than a residential customer. I use it to connect to my customers without leaving home. This saves me in travel time and travel costs. It also means that I can fix things when they call me without getting on a plane. I get more done in less time and make more money.
Have you noticed how slowly new services are being added? How long before the broadband speeds are increased? Probably never in the current business climate. The simple truth is that nobody will invest in it if there is no profit to be made. By insisting on the cheapest connection you are condemning yourself to poor service and no upgrades in the future.
Also, to the original poster. If your company can't afford an extra $50/month then their business model is probably worse than that of the broadband suppliers. You may want to brush up on your resume.
That's right. Internet access is a product and I want to pay for the product. The product in this case is bandwidth and quality of service.
I'm willing to pay for that. Why should I pay more, for using less as a typical VPN/bussiness user, that some teenager who stays all day on Gnutella downloading videos?
...richie - It is a good day to code.
Some ISPs are blocking pcAnywhere, SSH, VPN...etc.
What's next? Will ISPs start blocking FTP? Telnet? This is crap.
I see a day in the future where ISPs only allow ports 53, 80, and 443....sad, very sad.
-ted
After my client spent a whole lot of money putting together a VPN solution, we found out the hard way that Cox strictly forbids IP protocols that they don't explictly allow, IPSec being one of these. So why didn't we use ssh as a VPN? Anyone who asks that question is obviously not in the business of providing these kinds of solutions to clients. Ssh might work for a hacker like me but for an average Joe user, this solution is not very seamless.
The problem here is that most people who use VPNs to connect to their workplace aren't telecommuters, but people who need a file or to check mail or something simple on an infrequent basis. Relatively few people truly telecommute (i.e. work from home most or all of the time). This more expensive business use, as well as actually running a business (servers, whatever) should cost more. But it seems unfair for someone to have to shell out the extra dough so they can check their mail from home.
Obviously there are secure ways besides VPNs to implement this functionality, and eventually I think we'll see a move towards these. The question remains how will the enforce this prohibition? And if it's allowed on business connections, does that mean they'll support it, too?
See, the real issue here isn't "no you can't do that here," but that certain types of users call with certain kinds of questions, and this allows those answering the questions to segregate the questions so the right people can answer them. IP/SEC traffic requires certain very specific protocols and ports to be opened which may not normally be open on a standard ISP network. Most legacy hardware, and much current hardware doesn't support IP/SEC, so it cannot work. Your cable modem/router probably doesn't, unless it's high end or very new.
By prohibiting this activity on their "home" networks, they need not burn cycles explaining why "you can't do that, it just won't work," while really saying "our hardware can't handle it." The latter unfairly casts a negative shadow on an ISP who simply didn't design their network to handle this traffic, and perhaps doesn't see that as being cost effective to do.
So this is another attempt to cover themselves for not providing any sort of support for VPN, including enabling the funcationality on their hardware. It's like their not supporting more than one machine in your house, or not supporting linux on their cable network. It would cost them way more to do it right than it's worth. They aren't doing anything wrong, though they're not doing anyone any favors, either. They aren't likely to tell you to stop, just not to ask for help. IP/SEC may never work on these networks, but other VPN-like items will probably fly under the radar.
So, the Cable Companies don't seem to realize two things:
1. Private, residential users use VPN technology, too. I've done site-to-site VPN with friends and relatives.
2. As time goes on, more and more home technology will gain internet connectivity, virtually ensuring that security measures, such as VPN become *very* widespread home/residential technology.
Ed R.Zahurak
You know, oblivion keeps looking better every day.
What he doesn't say is he just gets a 16kbps link. And as you can see, that isn't fast enough for a first post.
None are more hopelessly enslaved than those who falsely believe they are free. Johann Wolfgang von Goethe.
And are we going to start seeing Cease and Desist letters because of opportunistic IPSec usage?
Or is it going to be: "Your bandwidth usage is more than two standard deviations from the mean... which is not allowed under your residential use contract".
I can't imagine this behavior not blowing up in their faces.
It appears that the real issue here is bandwith consumption and not content. If these companies are incapable of providing flat rates for unlimited use, they should charge according to usage - or for usage beyone a given allowance.
I wonder if this infringes in some way on freedom of speech ? - (I'm a computer guy, not a lawyer)
X
The policy says
In reality I have and continue to use ssh for unix connectivity without hearing a thing from them. I've used pptp in the past when I was forced to work on Evil Empire(tm) OSes and that worked fine. I've got some GRE stuff running now between Cisco boxes on cable modem and that is fine as well.
The only thing they really watch for here is overall transfer volume. Use a gig a day every day for a week and you'll get The Phone Call. Other than this monitoring they don't have the time, energy, or hardware to observe/filter anything else.
I'd say go ahead and use it as you see fit
I am very easy to get along with, but I don't have time to waste being nice to people who are being stupid. -Theo
The model no longer applies. First, there is no valid regulation. This is evident from the unilteral change clauses in TOS, which essentially say, "We have the right to screw you at will. Pay up or go away." Second, the private companies in question have no intention to subsidize anything. They are simply squeezing what they can from who they can. We no longer have regulated public telcos.
What we have is a cartel of rapists. In the best of all worlds, competition would come to the rescue and drive all of the greedheads out. In this world a small number of private interests have been given control of access to publically built networks and do not allow competition. The variable TOS are proof of their dishonesty and the high cell phone, long distance, cable and local phone bills you pay each month are the result.
What the fools don't realize is that regulation can return and that it can be made reasonable. They think they have been given this magic tollbox that they can squeeze and squeeze. The electric utility deregulation effort should sober them up. That they are pulling tricks like this shows that they are total fools. In time the public will get fed up, just like it did over Ma Bell's policies. People's expectations will change.
All that being said, I'd love to see the cable companies ban M$'s brand of bandwith hogging "VPN". Their tools are so sad. The IT folks tried one of those "services" on my machine a month ago. It was so slow that it was unusable. Bandwith capping would do this, as the goofey stuff uses megabytes of useless tranfers each second. The dinky little cable gets clogged up fast when people start using that trash.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
You are right. As an investor, I want these companies to make money.
I think some of the cost blame should be laid at the feet of these dumb ass CEOs.
Back in the "old economy" you started a buisiness. The buisiness grew and made a profit. The profits went back into the buisiness in the form of expansion (i.e. better coverage area, more features). Look at cable TV and cellular phone service...these systems took 20 years to become what they are today. No one can argue that these services didn't have high startup costs; the reason these industries suceeded is that they grew sensibly.
In the world of venture capital this theory of growth went out the window. Stupid CEOs fueled by VC grew their networks to gain "market share" beyond sustainable levels. Everyone wanted broadband to be as widespread and as cheap as telephone service.
Guess what, not everyone wants broadband. My grandmother and mother, for instance, don't give a damn about the 5 megabit cable modem connection I own, but they do rely heavily on their analog telephone.
It will take years for the broadband network overbuild to work itself out. It should take about 10 years (roughly the time when my 13 year old sister will be able to afford a broadband connection on her own since she can't live without it.)
...when they start saying that you can't play games and start to do url filtering on business accounts, so you can't go to any "fun" or nonwork related websites.
This doesnt sound that bad until the think of its counterpart.
What would they block on a business account?
Are you sure this isn't just their way of not supporting your VPN? There are similar requirements that you use Windows or Mac OSes, Netscape/IE and these rules are simply to shield tech support from alternative OS/browser questions but I've never received a notice to shut off my Linux systems running SSH, CIPE, Apache (not on port 80), FTP, etc....I also don't call their support and ask how to configure httpd.conf...
-- @rjamestaylor on Ello
"But I was just doing some online banking!"
The real trouble here is the arbitrary application of a fee with no real value in return.
In some cases, yes you are right about VPN being a business activity. In many other cases there are home users that can take advantage of VPN access when their employer is not funding it, or provides a nominal kickback that is = to a $20/mo dialup fee. Or perish the thought, you run a VPN host at home so you can grab stuff off your personal machine when away.
I can agree with them nailing bandwidth hogs with a surcharge or higher (expensive) class of service. When I get tier 1 access from a GSP, I pay for volume and service level - and they don't care what the content is. I don't think it unreasonable to pass those charges down within reason.
Sure the phone company charges a higher business rate. But wait! they will put in a bare-bones 2nd line for $10/mo. That often gets used for fax (or dialup for broadband challenged). What they don't give you is a commercial level of service. Go figure.
Airlines charge higher business fares. Maybe because business travelers want to book at the last minute and make 6 itinerary changes during the trip. Cool... you get that extra service for a fee. If I plan a business trip in advance and get a restricted fare, they don't just upcharge because I used my corp AMEX. I just get the cheap fare and get upcharged if and when I need extras like last minute changes.
You Get What You Pay For - just don't charge me extra for crap I'm not using!!!
Even if this is true; what does this have to do with broadband buisiness connectivity?
-ted
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
Unless of course the theaters don't have a student discount. Only one out of at least 8 does where I live.
Absolutely NOT. :)
I telecommute when I can, but I am not the business, I am a residential customer trying to save some time and money by not going to work every now and then (75 miles). My company does not sponsor my internet service -- I do. I am a residential customer. My primary use of internet is personal, the only "business" use is not my own business. By and large, the internet itself is comprised of business. So what's next? Amazon.com purchases must be business class usage activity. Because it too is a business, and you are making secure connections to give your credit card number. Well, other than that we're all boycotting them right?
There was a time that I would have loved to have cable ISP service. SprintBroadband Sucks Hardcore where I'm at. I MAY get up to 500Kbps downstream (that's a small 'b' as in bits) and usually get less than 30kbps upstream. According to Sprint, that's "acceptable". So I'm stuck with the service or a $200 cancellation fee.
This VPN clause has been around for at least a year-and-a-half now with @home. Nothing new, but they're quickly becoming less and less tempting to switch-over. Hosting a business site, selling Internet Service, or running a home based business with multiple employees using internet service IS business use. Joe Schmoe, checking his e-mail or configuring a server remotely is NOT business use. If anything, I use LESS bandwidth when connected to my employer than I do with personal activity.
Business class services usually take priority over residential. This means that they usually have a lower density and that trouble reports are handled with a higher priority. Downtimes for business are usually a matter of hours compared to days for residential. So in this guy's particular case, I feel that business grade service is desirable for more than just secure transactions.
However.
Forcing residential users to upgrade to business grade service for no other reason than the ability to use encrypted communications is asinine.
I have comcast, and I dont see this written anywhere in the TOS, and Ive been looking at them for a while. I'm reading them here, and I see nothing about VPNs or that I interpret as VPN usage.
Ive been looking at these TOS for a while, becuase a whole lot of crap has been going on with comcast lately. Here are some of the email I've recieved from them lately.
They are changing mail services. This means my address changes from user@mediaone.net to user@comcast.com (or comcast.net, cant remember). No prob, EXCEPT the new addres becomes active Dec 29th, old address is deactive Dec 31s. This means we have 3 days to make the udate to all our online accounts, subscriptions, mailing list, etc. and what 3 days do we get? Sat, Sun, New Years Eve. If I have a problem making this update for one of my accounts, good luck finding someone to help, since most companies will be closed these 3 days.
Furthermore, until mid Jan, we will only have 1 comcast email address. What about those of us now that have 2 or 3 address. We only have 1 until mid Jan. I have an email, my wife has an email, some families have kids with emails. I guess someone in the household get left out in the cold for half a month (luckily for me/my wife, I've already transitioned to my own personal domain with email, so its not an issue for me, but Im sure it is for MANY, MANY people). They wont get email in that time, and what happens when they try to switch over one of their accounts in mid jan, and the system tells them "to confirm your update, we have send an email to your previous address. Please click the link in that email to complete your update".
What else have they told me lately...oh yeah. They send me an email all about how some home pages are going to change, something really minor. Then, burried 5 paragraphs down, they mention that, by the way, there will also be a new acceptable use policy effective Jan 1st, 2002 which "includes new information on several subjects, including use of bandwidth". Are they going to charge us for excessive downloads or uploads? I tried to look up these changes at the URL I posted above, but I see nothing about bandwidth. It says what I can/cant do, but nothing about how much of it I can do. Im puzzled. Are they getting worried about wireless neighborhood area networks?
What else...oh yeah. Im getting a new modem mailed to me that I have to hook up by end of year. According to them "This new modem will prepare your computer for upcoming Comcast High Speed Internet product enhancements including improved reliability and new features". I talked with some people, and came up with rumors that they are decreasing our upload speed to 128Kbit. I currently get 250Kbit up, and I know people that get almost 400Kbit up. I looked on their site, and nowhere do they mention upload speeds anymore, except on one pricing chart, they list the serivice as "1.5/128K" (1.5Mbit down/128Kbit up). Im afraid this new modem is their attempt to "upgrade" my upload speeds.
Oh, yeah, I almost forgot about the letter I got through postal mail last week...price goes up $5.
YEAH COMCAST!!!!!!
Word for word from help.rr.com:
"VPNs allow users working at home or on the road to connect in a secure fashion to a remote corporate server using the routing infrastructure provided by a public internetwork (such as the Internet). From the user's perspective, the VPN is a point-to-point connection between the user's computer and a corporate server.
You may use the Road Runner service as a connection for VPN; however, Road Runner does not provide support for installing or troubleshooting VPNs. Road Runner is not responsible for troubleshooting problems that have occurred from using your Road Runner service with the VPN."
What?
I'd love to dump my port 80 and 25 blocked cable "provider".
My alternatives? DSL? No, they all get screwed by the local Bell which has no interest in anything but owning it all and making sure it never ever competes with it's telco services. Dial up? Sure I could step down like that to someone else being bullied by large ISPs. I wold get to pay more for less that way.
The two real alternatives are to do what I want anyway and to agitate for reasonable regulation of telco services. If the local cable company wants to do without my $50/month, that's their problem. I'm not going to be hogging up the bandwith with anything stupid like M$ whole desktop exported as a bitmap trash, or "Planet of the Apes". If they chose to toss me off for sharing baby pictures over ftp or port forwarded http, I'll have more time and motivation for agitating.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
The resulting angry reaction in the ntl newsgroups was fascinating to watch, and as someone who uses ssh to connect home, I was interested in the results.
It appears that NTL did in the end listen, as the terms and conditions for hosting servers were changed substantially. In brief (see section 16. Servers), NTL provide detailed rules that seem to amount to simply requiring responsible use.
god, i forget what the term is, but there's an economics word for this. old people and students get discounts in the real world, non-workers get discounts in the virtual one. annoying, but fair.
The "economics word" is "price discrimination". And under the Robinson-Patman act, it is sometimes illegal.
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
The Constitution doesn't guarantee you Fair, it guarantees you (and AT&T) Free. Fair is a socialist concept.
Actually, the constitution doesn't guarantee AT&T free, Dartmouth v. Woodward did that when it granted natural personhood to corporations. But you never hear conservative originalists braying about that one, do you?
Plus, the constitution grants the government the right to regulate interstate commerce and the right to provide for the general welfare. That includes fairness in commerce, Mr. "everyone I disagree with must be a commie".
microsoftword.mp3 - it doesn't care that they're not words...
Anyway, as a residential user who mainly uses his broadband connection to work from home I could not agree with you more. As a matter of fact, I could not agree with you at all. If it were not for the ability to control my servers remotely over my broadband connection then I would not HAVE a broadband connection. I don't do anything else online to justify the $50/mo expense. I hardly think I'm alone, and I doubt my provider would push this issue, either -- UNLESS I made demands for support ...or...*ding*
- [Lights On]
...try to sue my ISP for damage to my business becaue of some outtage or other service interruption.My bet is that these clauses exist only as a defense from support requests / lawsuits.
What stresses their service more: CNN video streaming or SSH connections to my servers?
-- @rjamestaylor on Ello
What little chance I had of sympathizing with the "no business use" restrictions of residential service vanished once I realized that residential service is ALL there is.
The places that talk about the restrictions on residential service seem to imply that just by paying more, one can sign up for a "business class" service that is essentially the same as residential service but without those restrictions.
Unfortunately, that's not the case. Business class service (except briefly for some of the areas served by Cox cable) over cable lines does not exist. It is a strawman that cable ISPs use to pretend that their restrictions on "business" use are somehow rational. This is a re-occuring thread in various @Home newgroups.
Hopefully having an article in ComputerWorld will produce more explicit explanation from cable ISPs about what exactly they mean by business use.
Consider that a common Comcast@Home commercial shows someone auditioning for an acting job halfway across the country through an @Home webcast. If that's not allowed, I smell a bait-and-switch lawsuit.
I have no problem with the concept of paying more for a 'business class' connection at home if I'm going to be working there. However, for the extra money I expect to see 99.8% uptime service level agreements just like i expect from any other pipe provider for office links.
Somehow I kinda doubt the cable companies are doing anything other than taking more money from the customer as part of their 'business class' services, though so i won't hold my breath on that.
I've used both Mediaone (for 4 years) and now Adelphia, and if either of them had been my bandwidth provider at the office, they'd have been gone post haste. The cable providers don't seem to have the first clue about long term uptime, and seem to think that (at times) daily outages are no big deal. So, charging for 'business class' service when they can barely provide a decent service to a hobbyist is insane.
Why??? Are they monitoring their traffic? To make Carnivore's job easier???
It's clear to me what's going on. The econommic squueze is having an effect on the dibidend pile for the corporates and so the executive team has decided to squeeze their customers a little harder.
Personally I find this level of service sickening, why did'nt they proclaim this earlier?Boycott any company who restricts service.
Really, I hope you are right but I'm afraid they are all a bunch of greedheads looking to stick it to you every way they can. Find me the words, "public interest" in any of the contracts.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
I have colleagues who have worked on rolling out VPNs for telecommuters, and this has been their biggest headache. The problem comes from cablecos that restrict VPNs or servers but don't offer a service which allows it, at any price. Some block port 500 (as well as 25 in both directions, and 80 incoming) to enforce their ToSes, which just adds to the cost of troubleshooting and support.
I understand the rollout for a major US company has been stalled for the last two years because there is no @work version of @home in most markets, and now there is even less @home. About 30% of their employees were on cable systems who blocked ports, or randomly cut off accounts without warning. Negotiations were tried, and failed, since the cable companies just didn't have the business acumen to understand money being waved under their noses. They had settled on @home as the only viable service, and didn't want to build the extra reliability/stability necessary for @work, even if the margins were higher.
The other problem is that for the few cable companies who offer a business rate, the ToSes still don't allow VPNs or servers, nor do they offer Service Level Agreements or static IPs or allow NATing. About the only thing they offer is money back for when the service is down.
Until every cable (and DSL) company is forced to offer a TRUE business class of service, with acceptable TOSes, static IP (or multiple static IPs), no firewalling of any kind, etc, companies are going to be forced to use residential service for their telecommuters. Its just the state of broadband today, it may take years to shake out given the level of corruption of politicians in the US and the EU.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
Business class cable internet service does not exist. It is a myth concocted by the lawyers who wrote the Terms of Service.
So they should charge more for gas if it's a business trip you're taking in your own car?
They should charge you more for water that you're drinking if you're drinking it during a business meeting?
They should charge you more for an alarm system on your home because you bring your briefcase home from work?
Get real.
How is changing the ftp port going to help ssh you moron?
Paying extra for higher suppport and services is different than being restricted by rules intended to gouge money and keep support simple.
Obviously business class users will do what is necessary to obtain the dedicated service that fits their needs. And home users will as well. But to restrict home users outright from equal opportunity when all the necessary parts are in place is deplorable.
Cable companies are reverting back to the seperate drinking fountain philosophy. Fuck them and their AOL/MSN sanatized version of the web.
.forsight
Wouldn't examining packets violate local and state wiretapping laws? It would be the same as if the phone company listened in to your conversations, and charged you more if you talked about buisness. (Oh, IANAL, and laws vary from state to state.)
Also, get your county government involved. To a small extent, cable companies exist in a county at the sufferance of the local government. Local governments like telecommuting becuase they hope it will alleviate trafic problems. Let the local government know that the cable company is playing games with them.
W
Crap like this pisses me off. Megacorporations who own all the wires (twisted pair or coax) suck. It's their wires, and they can block whatever traffic they want, at any time, and outside of bitching and moaning, there's not much we can do about it.
The deeper problem is that laying all that wire (especially to the home) is *expensive* and an almost impossible barrier for new competitors to enter the market. (Can someone say CLEC?)
So, in most markets, we have two choices: Megacorp One offering cable access with draconian user agreements, or Megacorp Two offering dsl access with draconian user agreements.
What needs to happens is secure, reliable wireless net connections.
A smaller company is in a much better position to put up a few towers and charge for the service than they can lay a few million miles of wire to truly be able to compete with aoltimewarnercoxcomcastatt with even footing.
But it's got to be secure and reliable.
Fuckin' corporations.
Software Wars
It's called third-degree price discrimination. Basically, a firm has a way to segment its consumers into different groups, and it can therefore charge each group a different price based on that particular group's elasticity of demand. At a movie theater, consumers can be differentiated by requiring a student ID card, for example; the cable companies' problem is that they have difficulty being able to determine which group to which a consumer should belong.
Sig (appended to the end of comments you post, 120 chars)
Real? Most utility companies have a legal monopoly. I.E. Sanctioned by law. Much different then in illegal monopoly.
I can't believe I'm hearing people say that they should rightfully charge more just to use VPN. How about this... GET F&*KED!! Just because I use a specific protocol I should get charged more for my Internet service??? That's rediculous. It's just another way for the cable companies to make an extra buck. If there was some kind of guarentee that I'd see MUCH better upload speeds maybe I'd consider buying "business class" Internet services from a cable company. If I wanted business class ISP service, I certainly wouldn't be paying a cable company for it. Pfft, and you guys are sooooo anti-Microsoft.
Oh... by the way... I work for a large corporation that runs a VPN Concentrator and we have 400+ field employees using cable to connect to it, at no additional charge.
I currently use insight@home and have been unable to get VPN working to connect to my local university. VPN would be extremely beneficial as the university limits your access to many resources based upon your IP address. I don't know if they have blocked VPN access or my ignorance has stopped me from getting it to work.
Plus, the constitution grants the government the right to regulate interstate commerce and the right to provide for the general welfare.
You complain about being tarred with the socialist brush, but you make the classic liberal mistake of conflating "promote the general welfare" with "provide for the general welfare?"
My school is contemplating using a VPN to connect to its network if a student lives off-campus. This is clearly not business related, so there should be no business charge for it. Do they stipulate that only business VPNs are not allowed, or all VPNs are not allowed? This could become a very trickey policy to enforce.
Why should the ISPs need to "support" VPN, Linux or anything else? The phone provider does not offer support for the handset, answering machine, modem etc (unless they have supplied them) so why should an ISP support, or be expected to support, end-user equipment and software. All they should have to support should be IP connectivity. If customers suspect an ISP problem they should just have to submit the traceroutes, tcpdump, ppp traces, etc to the show the errant behaviour.
Comapines often have rules that sound a little absurd, but are there to cover them. In this case I expect the reason has to do with lawsuits. IF you are using an internet conenction for bussiness uses, and it breaks, you are going to be more pissed off, and posibally sue them for lost money (the law provides for that). Well, if they are going to be open to that kind of liability, they want mroe money per month from you to cover for it. You pay more for better service as a bussiness because you need it. So the reason they prohibit this on a home account is so that if you ARE using it to do bussiness work, and you loose money because of an outage, they can say "well, the contract said you shouldn't be doing this, you need a bussiness account for that".
I'll give you another example, here are some selected acceptable usage policies from the dorms at my university:
"The provision of network services from user computers (e.g., BBS, Chat, DHCP, DNS, FTP, IRC, NNTP, POP2/POP3, SMTP, Telnet, WINS, etc.) is prohibited. Users who have a bonafide academic need to provide such services from their personal computer must have prior written authorization from ResComp administration prior to activating any such service(s) on the ResComp network."
According to this literally, you can be busted for having a personal FTP server to access your stuff from a lab. Do we bust people for this? Hell no, the reason for the policy is so that if someone is running a huge website from their dorm room and eating up bandwidth, we can make them stop. Many Linux users in the dorms have a number of personal servers on their computers and I've never seen any of them busted (I work for Network Operations).
"To conserve server resources for all users, pop mail clients (e.g., Eudora, Netscape Messenger, Outlook, Outlook Express, etc.), if set to automatically retrieve mail from the server, must be set to retrieve mail no more frequently than every thirty (30) minutes. Users may manually retrieve mail as frequently as they wish."
No, you won't get in any trouble if you set it yo 10 minutes. The purpose again, is just a CYA incase some moron sets it to once every 30 seconds or something.
"The residential network may only be used for legal purposes and to access only those systems, software and data for which the user is authorized. Sharing access to copyrighted software or other copyrighted material (including MP3 files from copyrighted music media and digitized video from copyrighted motion pictures, etc.) on the network is prohibited."
Makes sense, but some take it to mean that we police the network. We don't, and I'm sure plenty of this goes on. This policy is in there so if you do it, the RIAA/whoever whines about it, we can shut down the network conenction and refer you to this section of the code.
"Under no circumstances may users give others access to University systems."
Again, not a nazilike policy. If someone is in your dorm room and you have a remote X session open to a CS server or something, and you let them compile something on it, noone will know or care. IF you do something stupid like give out your login to said system, you'll get in trouble.
The rules sound a little stupid and strict at time because we want to protect ourselves from potential lawsuits and problems. I suspect these rules are for the same reason.
Explicit acknowledgement in their service agreement that I can use Linux, that I can run a web server (as long as its not commercial), that I can connect more than one computer. So what if my friends with Comcast may have faster connections, mine is fast enough.
What's a sig?
"If the service goes out for ten minutes and you are on the phone right away screaming at them to restore your service RIGHT NOW because every minute that goes by you are losing money, then you are a business customer."
Actually that would be son while playing his on-line games. So, by this reasoning, my son playing on-line games is classified as business use.
Steve
I thankfully have DSL via a regional ISP who doesn't block port 80 inbound or VPN traffic (it doesn't block any traffic). The philosophy is: I contracted to have 'n' amount of bandwidth and I should be allowed to use it however I wish, provided I'm not disrupting other serivces or hacking.
Suppose they did block VPN? The SSH questions are relevant since my company has a VPN solution, but it is *much* more convenient to setup one-or-more SSH tunnels and get access that way. SSH is reasonable traffic (especially if you're accessing Net CVS resources, distance-learning university accounts, or wrapping access to IMAP/POP/etc servers). If they block SSH (port 22) use it on a different port! It they look for SSH protocol traffic, use stunnel! There are always alternatives.
If you signed a metered bandwidth contract on what you thought was a full-speed DSL/Cable line, then shame on you.
We saw this coming. For these types of dumb ISP's, we sign up our employees on "business" DSL or Cable. It costs more than residential, but it's still cheaper than setting up/maintaining regional modem banks or contracting with a large telco to have them do the dial-up and lease pipes back.
Still, the tunnel is the best backdoor approach (to get around ISP stupidity and corporate security!)
Mind the gap...
In a few years anything execpt mail and web will be Business! Bah
The problem is that the cable companies are telling you what you can and can not do with your connection. They should not be allowed to do this to anyone, for any reason.
The appropriate thing to do would be to set tiers of bandwidth usage. If you use more than X amount of bandwidth then you fall into a business class category and your rate goes up.
Internet usage is about freedom, or should be. I don't have a problem being charged more for using more bandwidth, but I don't think it is appropriate for anyone to tell you HOW to use the bandwidth.
Just my 2 cents.
Cheers!
Tory
Does a router constitute as a VPN?
Got Freedom?
Thinking?
Yes, Comcast does offer a business-class service. See the Comcast Business Communications site for more details. We have the Comcast business-class service. It works. We have discussed Comcast internet access issues extensively on CTDATA.com.
-- Dave Aiello
I called up Cox because I wanted to run SSH on my FreeBSD box. I asked for a static IP and they said they didn't offer that to Residential users. So I quietly said ok and life went on for awhile. After about 3 weeks I called back and said I needed a static IP so I could access PcAnywhere from work. They quickly got some information from me and said I would be charged $15 extra a month. I think it helped to throw in some idiot talk like I didn't know what I was doing but a static IP is a static IP even if I had to lower my self. So now I have a static IP I use to access SSH from school and work. SSH really isn't much diffrent than PcAnywhere execpt its all text so maybe I am not using as much bandwidth. I found out later that alot of the geeks in my area had been doing that. I even had a friend running a pretty bizzy webserver with his static IP.
--Jon
If you happen to be a customer of a company that is disallowing vpn connections, just have the company you work for change the port that accepts vpn connections. Sure, your isp will see some kind of communication going on with some strange port, but the conversation is encrypted. They won't be able to prove anything.
-- Give me ambiguity or give me something else!
I can hit my home box from work (outside world) at port 80, no problem, and I'm on ATTBI. SSH, FTP, and SMTP are no problem, either. I think ATTBI is still doing filtering at the local level, since different people are seeing different things, just as it was with AT&T@Home.
-- Never hit a man with glasses. Hit him with a baseball bat.
I've got AT&T Broadband in New Hampshire, and I recently found out something interesting. Apparently, AT&T has different TOS restrictions for different states/areas. In other states, the subscriber agreement specifically forbids servers of any kind. In NH, it simply says "it is the sole responsibility of the customer to keep their machines secure, including configuring any servers they choose to run."
:)
I found this out when I mentioned servers while talking to a tech support guy, and he told me that servers were prohibited. I challenged him to show me the clause in the agreement that said this, and he pointed me to a web site. On the site, it asks for your zip code, and you get a different version of the agreement depending on your location. He was looking at the Massachusetts version, and I was looking at the New Hampshire one. Apparently he hadn't been aware of the distinction either until then
-- Brett
Having briefly worked as tech support for @Home, allow me to show a brief glimpse of why providers may want to do this.
An inordinate amount of cable internet support calls are VPN related. If you thought that clueless people having trouble connecting to their AOL email was a tech support nightmare, you've not seen anything until you get someone unable to connect to a VPN. A typical call would go like: "Dammit, why can't I get online!" After asking a few questions and running some tests it's made clear that the connection is fine, and they're able to connect through their desktop machine, just not their laptop. "Okay," I'd say, "It's probably just an error in the settings somewhere." I'd then proceed to describe how to open up the relevant controls in NT4 (it was always NT4...) "What? Are you kidding?!" they'd scream "This is my companies laptop and we're not allowed to touch anything on it!!!!!" "That's a problem, then," I'd say. "You'll have to have your sys admin check the settings for you then." "You're fucking kidding me! I'm in Redmond, WA and the company is in Denver! I work from home!"
The story was always the same: dumbass company gives employess laptops so they can work from home, and told them they had to get a broadband internet service, but didn't configure the machines for even DHCP or give the employees the admin passwords to configure things. You'd get that call about 20 times a day.
I'm so fucking glad I'm back in research. :)
We all wish for metered bandwidth?
I think not.
I have a feeling what we all wish for (except you obviously) is unmetered unrestricted bandwidth for a reasonable cost per month.
"Business" lines are usually sold to brick-and-mortar businesses, e.g., a pizza shop, because they tend to use the phone far more than most residential customers. This requires more resources (switches, physical lines), and they are charged more. By the time a business has a PBX, the lines may be use constantly.
But then modems came along - and the telcos had to beef up their switching equipment because evening residential usage jumped way up. That's why there was a short-lived proposal for a modem tax. But the telcos eventually figured out that selling second (and third lines) for modems, teenagers and other heavy users was more profitable than that tax, and a lot less politically explosive.
Nowadays, I doubt many telcos care about home business use - during the day there's excess capacity in the residential areas since they're currently designed to handle everyone getting online in the evening.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
My wife has a VPN for her work. While I do not expect to get "support" from the cable company fo r it, I do have enough knowledge to set the dang thing up. Also, my wife using what is essentially a terminal emulation program, uses almost ZERO, to very little bandwith when working. If I did pay for business in my area, while the service would not be better I would get some benefits such as a static IP and I would be allowed to run a server. I do believe that this is a bad policy. I bet that even their own workers probably break policy when the login to work from home to fix things (I bet that they get free service, but I would also bet that they don't get business class service for free). Too many people PAY for their own service so that they CAN dial up to work at home and at a decent speed too. I get free dial up at work, but because it's too frickin slow I pay alot more so I don't have to use the dial up (which was free for me you know). I would rather pay for my own rather then tying up my landline. Cable companies should put their enforcement efforts towards badwidth abusers and not folks just trying to read their work e-mail from home using a VPN.
If they do want to charge a bit extra to allow use of VPN's and work uses other then running a server at home I would not mind that in the least but I don't need to run a server at home. I don't NEED(or want) a static IP. I am actually happy with service as it is. I would pay say 5-10 extra just for the ability to do this, but not twice as much! Personally, I don't think they have to worry about folks using VPN's much cuz it just doesn't cause others to slowdown.
In fact, if you think about it, people telecommuting usually do it when you are at work also. Isn't during the day slower for them then say the hours between 7pm and 11pm??? They are using the network when it's NOT busy! They are not the cause of the slowdowns in prime time!
Gorkman
Hmmm... laws passed to make monitoring of cable connections legal recently... you know, it might be possible. I wonder if they'd use the information gathered this way to enforce this particular policy. But it would tip their hand that they're monitoring you, which defeats the purpose of clandestine monitoring.
As for SSH/telnet over SSL, I think the same policy would apply if only to make sure they're not missing anything.
Proteus' Child
Doko ni datte; hito wa, tsunagette iru.
Let's see here, I'm sure you can do the math. $0 to drive in, or $200 for "business class ISP". Which is your company going to pick? $50 is somewhat exceptable, not $200.
We have posted a number of articles about our experience with Comcast internet access on our Web Site. Our latest article talks about the ComputerWorld article and our experience with both the business and residential Comcast cable modem services. Basically, we think that people who are serious about VPN use need the QOS guarantees and 24-hour tech support that Comcast offers to business users.
-- Dave Aiello
And if cable companies and phone service providers were in free competition I would have no objection to your argument. Unfortunately most cable providers (in the US, at least) operate under monopolisitic contracts granted to them by state and local governments.
My choice in purchasing has been curtailed. In return, the cable companies are supposed to adhere to the terms of whatever contractual agreement was reached, under the oversight of those same goverment entities. In practice, however, the only consequence for ignoring their obligations, presuming whoever's in charge even catches on, is an occasional fine or strongly worded letter. There are exceptions, but the whole arrangement pretty much sucks.
And from what I hear DSL service isn't much better. Outside of cities or in areas with older lines availability and service is spotty at best, and the local telcos are generally not anxious to assist the competition in competing with them.
"A business has the right to charge you the rates they see as fair and you have the right to not use their convenient service and start driving to work." Actually, they don't. There are many federal laws with regard to price gouging. Additionally, I believe there are laws which prohibit the charging of different prices to similar customers. It's basically based upon the idea that if two customers receive the same utility from the product then the prices should be commensurate. Regardless of this, the real problem is when telcos and isps want to distinguish between customers, residential and business, charge different rates, yet provide the same dismal service to both. When a business customer pays twice as much for the exact same service, that is wrong. And usually, without purchasing a premium business class service (i.e. more money), as opposed to the regular business class, you won't receive things like guaranteed uptimes, static ip's, faster speeds, and carte blanche in running whatever servers you want. Unfortunately, isp are trying to get out of the bandwidth business. They want to provide just enough bandwidth to get the advertising to you and collect their demographics, but don't want to provide any more utility than necessary. Inevitably, you have to know that at some time internet users will have to somehow free themselves from commercial isp's, either through small collectively owned networks, or maybe the use of some reused technology like ham radio.. I don't know, but as more and more isps go out of business, the choices are getting worse and worse.
Comment removed based on user account deletion
Correct me if I'm wrong, but on a cable modem network all bandwidth is inherently shared and the same physical infrastructure serves both residential and business customers. If someone takes out a utility pole and knocks out my cable service it's not going to get fixed any faster than my neighbor's just because I'm a business customer. And if the cable company's DHCP server dies (all IP's are DHCP locally, tied to MAC addresses if you buy a static) then, again, we're all equally screwed.
What improved service, exactly, can they actually offer?
I use VPN on an occasional basis when I'm on call and have to resolve some problem. Just as I use my phone to make more that a few business related calls. That doesn't make me a business customer, and I am using rather less bandwidth than my teenager uses for gaming (or downloading pr0n).
That's something solved by language such as "VPN access not supported", not by expressly forbidding it. Not supporting a certain service is a sign of limited human resources, whereas not allowing smacks of money grubbig.
-
Assuming that the text string you assign to the point will be allocated for you?
...";
What on Earth are you going on about? First off, that doesn't quite make sense. What is "to the point"? Regarding allocation issues, he has none.
char *foo = "bar";
is perfectly legitimate. You do NOT need to allocate memory for string literals. Doing so would be bad, because once you assign the string literal to a variable the old, allocated address is lost. An example of what's wrong (in real life you'd of course do more checks):
char *foo = malloc(1024);
foo = "this is my shiny new string";
Now what happens to the allocated memory? It's gone! Poof! Disappeared. If you try to say that
foo = "this is
is illegal, please read over the C standard again. It's OK, I can wait.
You _are_ correct in the fact that changing the string literal isn't a good thing. Doing so causes undefined behavior which is to be avoided at all costs.
Go somewhere else. I went shopping when I was looking for DSL. Of about 10 ISPs I looked at, Speakeasy's web page was by far the most clueful and had the least odious terms of service. I pay them a hefty hunk of change each month for static IPs and 768 both ways. They stay out of my hair and have one of the most clueful tech support lines I've ever talked to. About the only thing they say I can't do in the TOS is run a porn site, and I'm willing to abide by that. If I want to set up www.livegoatporn.com, I'll lease a T1 to do it.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Oh, goody, someone just finished reading Atlas Shrugged...
If you don't like the way Company A sells their bandwidth, don't purchase from Company A.
How about, if I don't like the way Company A sells their product, I rescind the government granted right-of-way that allowed Company A to dig up countless miles of public and private property to bring their product to me?
Fair is a socialist concept.
So is eminent domain, but without it we wouldn't have any cables (or utilities) reaching our homes at all. If we're already granting corporate monopolies based on one socialist theory, why stop there?
It's all well and good that companies want to make more money off of other companies. It's the little guy who gets caught in the middle as usual.
But there is another side to this. Higher Education. Many universities (like mine) have VPN's for commuters. My school alone has nearly 7,000 commuters out of a total of 9,000 students. Everything we do is online. Distance Learning courses, access to the online databases in the library, Registration, Webboards for classes, etc. We can even pay our bills online. But with these regulations it means that college students are classified in the same league as telecommuters.
I read Slashdot for the
> Why waste your time with VPN???? Use Term Server or Citrix
As if those are a quick drop-in solution--run the install and you're set. Using Terminal Services etc implies a fundamental architectural change in the way IS deploys applications. It's not something you do on a whim. OTOH, VPN access is pretty much a no-brainer add-on. IS installs the equipment, does the requisite security etc testing, and then employees simply access the same LAN resources that have always been there, just from home.
-
How about, if I don't like the way Company A sells their product, I rescind the government granted right-of-way that allowed Company A to dig up countless miles of public and private property to bring their product to me?
Ok by me. Go for it.
"we all wish for metered bandwidth"
Ok, I'll clarify. It's known that a small percentage of users use a disproportionate amount of the bandwidth.
Without that top 5% of users, ISPs could support a much higher number of users per Mbit/second. They are faced with spreading their costs for this top 5% over everyone.
The 95% of us that don't use excessive amounts of bandwidth would rather not shoulder that additional cost. I would happily pay a reasonable fees for metered bandwidth so that my expenses are comparable to my usage. For the 5% that want to transfer gigs of data, let them pay for it.
Compare it to cell phones. The naive wish is for unlimited usage. Many plans exist that offer "virtually unlimited" options (1000 minutes/month? I certainly don't talk on the phone for 16 hours a month), but then we'd all pay $50/month for cells, instead of being able to get a basic plan for $15.
If you wish for unlimited unrestricted use, your costs WILL go up. Metering is the only way to let people some get in the door for less.
Per this thread, the cable companies are mistakenly assuming that VPN users are in that top 5%.
Now, correct me if I'm wrong, but most cable companies' ToS have nothing in them about total bandwidth, do they? How can they determine what is excessive in a way that is not arbitrary if they don't spell it out in the ToS? I don't think any ToS I've read for U.S. cable internet providers includes any definition of excessive bandwidth usage.
And they really shouldn't be checking for excessive bandwidth usage at all if there is no clear rule against it. I'm wondering why they don't check for VPNs when they clearly state it as being against the rules (regardless of whether it makes sense for VPNs to be against the rules), but they do check for excessive bandwidth usage even though there is no download cap for a lot of cable internet services. If they want to limit bandwidth, it's pretty simple to institute a download cap or charge extra beyond a certain amount, like they do with cell phone minutes.
I hope this clause is just in there to ensure against getting sued if they cause a business disruption with downtime. I think they would have to be a lot clearer about what they allow and don't allow, and try to actually enforce it, for a the law to side with them if some kind of suit came out of something like this.
Also, VPNs have been disallowed on residential cable service for quite a while as far as I know. When I was looking at cable before getting dsl about a year and a half ago, Comcast (actually, it may have been before Comcast bought the local cable company) already was saying in their terms that VPNs were not allowed.
-N
If my isp ever told me i'd have to pay for a business conection, i would call em up, tell them in no uncertain terms where they can shove their tos, and that they just lost a customer.
In that case, you have three choices:Will I retire or break 10K?
In case you don't know, your standard, Microsoft software-based VPN solution makes an initial connection over TCP port 1723, then sends all encrypted traffic in IP:47 (Generic Routing Encapsulation?) packets. Completely seperate from your normal, TCP/UDP web games/https/ftp traffic.
GRE is used for pretty much nothing but PPTP / software VPN, and it's easy to filter at the router. They don't need to packet sniff to see if you, personally, are trying to use a VPN. They just block the lot.
-EvilMagnus
The cable modems are set up to limit your up/down pipe anyway, so why should the service provider care how many systems you have NAT'd behind it, your single acces point (the cable modem) is still going to only allow what they've set for your bandwidth. Either there are some very stupid people working at the service providers or they're blatently trying to squeeze the extra $$'s from subscribers. Oh, btw COMCAST, the next time authorized-scan1.security.home.net scans looking for my FTP server, don't be surprised that you can't find my box.
I know it may not be possible for your area, but hell, there are plenty of ISP's that do allow VPN, even AOL! My company has quite a few clients that access our systems via VPN so we let them know ahead of time: "if your ISP doesn't support VPN, switch!" And let them know why you switched, too. It won't be long until they get it through their thick skulls that singling out certain ports to charge access to isn't going to work.
[pink beam of light]
Similarly, if you run servers you're a business user.
Not necessarily. As c_g_hills (who unfortunately posts at -1) pointed out in the above comment:
Not all servers are business servers. Had you said "Similarly, if you run servers for commercial purposes, you're a business user," I would agree, provided also that business users get stronger quality of service assurances.
Will I retire or break 10K?
They cable companies are bridged networks. They do not want you to have private networks (such as 10.0.0.0, 172.16.0.0, or 192.168.0.0). Many people do this between each other for a private network from house to house. They do not mean VPN software. It has been said here in previous posts why VPN software would be impossible to filter.
Whats to stop people from simply running their servers on different ports? It doesn't seem like a battle the cable companies can conceivably win. I personally REJECT the cox "service spiders" at my firewall.
After re-reading this article several times, I still find it hard to believe. The writer is complaining that his company can't use a business VPN on a residential cable line. While I'm sorry - that is why they offer business services.
.com's were a sure thing. So tell your company to cough up the dough and get a business line. If they are having trouble paying that, maybe you should look at another company, since your salary may be next.
This is really akin to zoning in the real-estate market. I don't want businesses in my residential area, and I don't really want a home in a commercial zone. And I really don't want businesses taking up my already clogged network pipe.
It seems there is too much of a whine/complain culture around here - maybe we are all too spoiled from getting free stuff while
you need a static IP to run a VPN server the correct way.. is your 'homeuser' rate going to allow for that?
Cable and DSL IPs tend to be almost static, that is, DHCP doesn't change them more often than once every few months for a customer that remains in good standing.
I suppose you could call your family before connecting to see what the IP of the week is.
Or use DynDNS.org, which provides DNS hosting with TTL 4 hours. Yes, if you want better Quality Of Service, you need a business account.
Will I retire or break 10K?
Comcast @Home in eastern PA actually blocks ipsec.
incase anyone cares.
but they do let ike traffic through. you can use cisco vpn solutions though, cause they tunnel ipsec through udp (iirc). But if you wanted to von two openbsd boxes you can't do it. I was thinking that if you just changed the protocol number in the source, would that help? I think ipsec is 47, so what if you used 46 or something. I'll have to try some time.
I researched business class offerings for Charter Communication's broadband offerings about a year ago and found the prices to be absolutely excessive. For business services, they were offering 256K d/l and 128K u/l for almost $150/month!
I bet if you check into the offerings by Comcast and Cox under business you'll find similar types of pricing schemes. It is absolutely outrageous. The local representative I talked with tried to convince me that I get a higher quality of service since problems with business customers are resolved with higher priority than residential customers. Unfortunately, in practice, this doesn't hold true.
In the two years I have been using cable broadband, the only outages I have experienced were outages that took place with equipment in NOCs, not problems with equipment on-site or in the 'last mile'. So priority would have done no good whatsoever - they'll fix the problem that is affecting thousands of subscribers just as quickly as they would if some of those subscribers were business customers (which I'm sure they are).
I presented this to the local rep and started getting attitude - why did this guy get defensive? Maybe he's used to dealing with types that can't call his company on their policies. I believe I certainly did.
Why pay between $150 and $250 per month for 256k-512k/128k service via cable when the local telco offers non-shared business class DSL at 768k symmetrical for less than $100 per month?!? I presented the local rep with those hard numbers and he gave me the lines about long waits for installing DSL ... which is why I would pay $50 to $150 a month more for the length of the service, so that I could be up and running in one week vs. two to three weeks? I think not.
Incidentally, the local telco hooks up business DSL far faster than is average in the DSL industry - I experienced two DSL hookups in Chicago (both residential) via Covad (local 'last-mile' was Ameritech, go figure) and found the waits and lack of service (status reports) unforgivable. Locally, however (Madison, WI) a business DSL line was installed at the same time that phone service was installed (new office) and the DSL was active by our move-in date (2-3 days later)- no problems there!
I think what's wrong with the outright ban of VPN by either policy or blocking is that the cable companies are making decisions on what is and what is not appropriate residential Internet usage. VPN can and is being used for non-business purposes.
Exactly. How much do you think your company is spending on rent/furniture/utilities? Add in you your costs for transport (vehicle, upkeep, tolls, gas). Add in "opportunity costs" of that lost time in your commute.
Telecommuting is a huge plus, don't expect your employer to automatically pay for you to sit around in your underware working from home.
when they say they provide *full* internet access, that means they *will* provide *full* internet access... whatever it is you want to run or access as long as it lives on the internet... any service you cant access because it is being blocked is a breach of contract...
ISP owned last-leg network access is part of the problem... if you can seperate Internet access from the wiring to the home you might be able to create REAL competition...
There are some interesting things happening in the area of community networking. Could you imagine a municipal dark fiber network maintained like the roads and sewers? home and business users alike could pay to get connected to the network at 10-100Mbit/s (fiber lit from the home!) Then any ISP that connects to the network could offer Internet access on whatever terms they like, but the last-leg wouldn't be owned/operated by the ISP! Wanna change ISPs? just change your default route.
One very interesting side effect would be that users could be connected to each other like a giant ethernet! (without traversing "the Internet" with the associated costs) We could all have super-cheap 100mbit ethernet to sites on the municipal network. (drool...the games!)
No stupid corporate access policy for the basic network, just for the Internet access you may buy...
check out www.smartcapital.ca for interesting stuff happening in Ottawa!
It could be like electricity, new homes have to have lines connecting them to the municpal grid. Then it's up to the resident to choose a power provider and pay for electricity... new homes come with fiber from the curb to the demark, then it's up to the resident to decide whether to lease a fiber channel (or 50) and (optionally) buy Internet access from an ISP.
bear in mind that the current cost of a fiber network connection has more to do with what the ISPs think they can get from you because they think only "special needs" people actually need that much bandwidth. The actual cost of deploying a fiber network is much lower that you might think!
-Deadplant
It's interesting that I haven't read any posts from anyone claiming that their method of VPNing has been actually disabled.
Having spent a significant amount of time working for a (smaller) ISP, I can tell you that there are many, many people out there who want their residential-class internet service to do business-type things. That's great and fine from the ISPs point of view, so long as it doesn't cost the ISP more money (or resources) to allow the residential user to do so.
What happens all too often is that residential-class customers who aren't capable of supporting themselves call the support line expecting tons of help on business-type services (web design, VPN setup, scripting support, etc).
These customers also tend to demand (understandably) a much higher uptime percentage, much "cleaner" throughput, etc.
Providing this type of support and service guarantees costs the ISP money.
The result is that many ISPs add clauses like this to their Terms of Service simply so that when a customer calls with a problem that is obviously business-related, they can inform them that those services aren't supported on their residential account. This allows the ISP to actually recoup the cost of the additional support.
At least in the case of my former ISP employer, we never would have actually disabled anyone's VPN service, but we sure weren't willing to provide support to residential customers who didn't have the knowledge to set it up themselves, so we included such clauses in our Terms of Service.
Two other major cable companies, AT&T Broadband and AOL Time Warner Inc., as well as Cablevision Systems Corp., which serves 3 million subscribers in suburban New York, all say they allow the use of VPNs by residential subscribers but they won't provide user support.
It doesn't state that they're not allowed, it says it's not SUPPORTED.
There's a difference.
Errr, no, that is why you cross out the clause that says you can't cross anything out first. Duh!
You're missing the point.
If you VPN in to work once a day to check email and grab a file, you're not a business customer.
Just like the phone company does NOT make you get a business class line (at 100$ or more a month) because you call in to check your voicemail, or call in to do a conferance call, from time to time.
If the majority of your usage is business, then yes, suck it up and pay for business class. But if you use it for normal stuff, with the occasional business usage, then you should not be charged a business rate.
I doubt anyone here is defending the guy who works from home every day from boston and his office is in new york, it's the guy who doesn't wnat to drive to work to grab a file.
Frankly, I doubt that the intent is to use VPN as a bandwidth metric. Seems more akin to that airlines' "cheaper flights if you stay over a weekend" policy, which is designed to differentiate fares according to the customer's ability to pay, not the service provided. Corporations have deeper pockets, and this is just an attempt to identify customers who are using their service on the behalf of a company that might then be expected to cough up additional dollars.
These cable clowns won't give up until they turn broadband into a product that nobody wants. Why not get it over with and block ALL the ports? For $39.95/month you get port 80 unblocked. Then they could have a list price for any other port you might want unblocked. That would achieve their objective of bandwidth conservation, as well as reduced calls to the help desk! I would think it would be fairly easy to support a network if all the data were eliminated.
If some data still remains on the network after phase one of the plan, they move on to phase two, where you pay per hop. At the basic rate of $39.95, the maximum hop count is five. If you pay for "expanded basic" it goes to ten, and "business class" is unlimited (at least for the first three months)!
These guys would license the number of mouseclicks and keystrokes if they thought anyone would pay. I think it's all part of a huge conspiracy to make dialup service more attractive.
All joking aside, the real issue with VPN has nothing whatsoever to do with bandwidth. It is more about controlling the availability of ports and access to IP addresses that might otherwise be blocked. Carried to it's logical conclusion, you get a few people with commercial high speed connections and unrestricted access -- then a few thousand cable customers using VPN to circumvent access restrictions by the cable company. It still has nothing to do with bandwidth, because in an unrestricted environment this type of VPN would be unnecessary -- you would still have the same packets going to the same destination (probaby via a more efficient route).
If these guys have any brains, they are fearful of a P2P like utility that might facilitate the exchange of quasi-public VPN logons, which would create a "Massive Rogue Virtual Network" (MRVN). In the pefect nightmare scenario, we throw in a bunch of house-to-house 802.11b users that eventually hit a residential cable modem "gateway" that allows entry to the MRVN world. Of course, all of this could be solved with reasonable pricing and fewer restrictions, but they're not that smart.
I have just about had it with their incessant "dumbing down" of the service. As time goes by, broadband costs more and more while it delivers less and less.
That red manifesto, the US Constitition, contains both terms.
And if Company A has an absolute monopoly on the product in question...?
In that case, why don't they charge by bandwidth?
Every year I have to pay 17.50 for the my schools ethernet service. And for the entire school year I get unlimited bandwidth over the 100Mbit network. I am not sure the exact bandwidth, but I have downloaded over 6.0Meg a minute. They also guarantee a satic IP for all four years unless you change your network card and then you can call in and have them change it. And you can run whatever kind of server you want, as long as it is non-profit. After all, I only use the internet for academic purporse of course. The only problem is what to do for the 4 months during the summer. It is probably cheaper to go to summer school then to get a highspeed connection.
Work for me is 3,000 miles away in another country. I couldn't start driving to work if I wanted to.
That aside, why the hell should I use a business internet connection? It doesn't offer me anything that I really need above the residential service. Don't tell me any bull about service or reliability, I haven't been bothered by that since I started this 2.5 years ago.
You don't seem to offer any valid reasons why somebody should *have* to use a business connection if they're working from home. You seem to be saying that if somebody works from home then they fall into a business category and so should use a business service... it sounds like you've bought in to the ISP and/or telco's money grabbling business model. Sorry, but I don't believe in that model, and as a consumer looking to spend my money wisely, I refuse to buy into it. Why should I pay more for something that I don't need?
My thinking is that if I should be able to have a menu of services to choose from and I should be able to pay mostly a la carte for those services. Right now if I got a cable modem I could get "home service" or "business service" which leaves me no room to get what I really want.
What would be ideal is if they provided a deal where you pay say $40 a month and get certain minimum specs and perhaps some restriction on what you were allowed to do with that connection. But if I'm willing to pay another 40 or 50/month, I should be able to get a static ip address or two, some better upstream bandwidth, and freedom to do what I want.
The problem right now is that there's no fine gradients in the system. Either you are paying $40/month with irritating TOS, bandwidth caps, etc, or you are paying $150/month+ for "business grade" service which I really don't need.
This sig has been temporarily disconnected or is no longer in service
I have Pacific Bell DSL AKA SBC Internet.
Just spent 10 minutes TRYING to find an "Acceptable Use Policy" or something similar.
It's just NOT THERE... Really, it seems, they don't *care* what you do with your Internet Service! Basic rate is $50/mo, Biz use starts at $65. (I subscribed to a plan they no longer offer, a single static IP for $50/mo)
I know, I'm in bed with that evil monopoly, Pac Bell, but Hey! This is COOL! I've run my own DNS/Web/Mail/Proxy/NTP/etc Linux server for 2 years without a hitch. No complaints, nothin' - and reliable bandwidth to boot.
I *LOVE* these guys! (Even if they ARE an evil monopoly)
-Ben
I have no problem with your religion until you decide it's reason to deprive others of the truth.
>Fair is a socialist concept.
So is eminent domain, but without it we wouldn't have any cables (or utilities) reaching our homes at all. If we're already granting corporate monopolies based on one socialist theory, why stop there?
Now, I doubt that. Most of us like having utilities, after all. "Excuse me, may I dig up your yard to provide service to your neighbor? If you say no, I'm afraid we can't provide it to you, either". I think most people would cooperate. Utilities would form agreements to share conduits, etc. Eminent domain isn't actually irreplaceable.
This has been covered and discussed before but now I must ask another question.
If I use SSH on my own machine (or SSH to a shell account) do I get kicked?
One thing though I've noticed is that on Road Runner I've been getting kicked off from my Windows machine because it's using the cable modems USB feature to connect. I could see how easy it is to send a signal to the cable modem that simply says: "Turn Off"
Otherwise, VPN is something that has been not allowed on High Speed access for long now. My other question: How do they know what you are doing?
I seem to get 'kicked' while either accessing binary news groups or ANY filesharing service.
Get your Unix fortune now!
FINE! I'll set up port mapping and nat and just run everything on port 80. Screw them, and BRING IT ON!
I'll just run separate boxes. VPN? port 80; proxy server? port 80; ftp? port 80.
I have one word for them.... "WHATEVER!" (copyright Superstar Mike Morris, KFAN!)
YES, there is a McDonald's in Hanoi Square.
But dosen't the DMCA prohibit them from bypassing, reverse engineering or otherwise 'compromising' the encryption?
So how would they know you're using VPN unless they analyse the contents of the packets?
I had a choice (miraculously) when ordering broadband: DSL from SBC/PacBell via my ISP, or cable from @Home. @Home prohibits VPN. My ISP said "bring it on." Cable would be faster, but I use VPN to telecommute. So it was a no-brainer for me.
This is a company operating in the most litigious environment in the world. Now, let's say you're using your "home" class link to telecommute, and for some obscure reason something goes badly wrong and costs your company a lot of money.
Is your company going to sue the ISP?
With this clause in the T&Cs, they can turn around and say "Not our problem. Read the T&Cs".
Apologies if somebody else has raised this point already, but I got bored round about the 30th whinge about "I'm paying for this, lemme do what I want!"
This reminds me of a situation I was in about 20 years ago. I was looking to upgrade the memory on an NCR mini. NCR was telling me it would cost $5000, so I was looking for a third-party/used vendor. Eventually I found one which would sell me the board for $2000. But, fine fellow that he was, he told me that usually NCR had shipped the computers with memory maxed but had set the DIP switches to a lower setting and not documented how to change the settings. Ten minutes later, I had my memory for $0. Our local NCR rep was mad, but the contract was clearly in our favor.
An ISP provides customers bandwidth. They don't have to tell you how to use it most effectively or efficiently; they can even attempt to deny service to certain protocols. But if you or your company is able to use that bandwidth in ways that the ISP didn't envision, all they can do is go away grumbling. The fact is, it's their infrastructure that makes it all possible. So they either have to do some re-engineering or realize that innovative customers will always be ahead of the curve.
I bet in todays soft market all of this is fluff to keep the beancounters and other control nazis happy. Think about it, they don't want to lose *any* custumers with the economy the way it is now.
- just keep it running and stay solvent. We'll decide what to do with it. 1.5/128 is what you promised - are you saying now i can't use it all?
Can you imagine if the telcos did this? If you call your boss the monthly line charge goes from $13 residential to $39 business?
Please.
This is what happens when you have zero regs on a business. We can't complain to any ombudsmen agency, govt or otherwise.
First they fail to give local cable any competition, then they grant it only after the market is saturated, then they allow them to carry data and do it in an unregulated fashion.
Grab yer ankles, sports fans!
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
This is one of those things that i have to wonder about, because technically i'm a business. Yep, just me. I go to work every day, sit at their desk, user their computer, their bandwidth, and all that, but due to the current economic situation and for their bookkeeping, i'm a consultant. I pay taxes as if i employ myself, etc...
This is the same thing that makes the SSH (assuming _anybody_ uses actuall SSH (as opposed to OpenSSH) anymore) license agreement such a pain in the ass. Most of my friends are their own businesses on one level or another... Even the guys who are waiters, cooks, bartenders, etc... They play in bands and sell their CD's and play shows and get paid for it. It is not very meaningful to draw the business/personal distinction these days, and it's downright obnoxious to limit the applications you can run based on it. IP traffic is IP traffic. If i'm within whatever bandwidth limit they've set, it's my perfect right to send packets of random noise to a friend accross town and they lump it and deal.
---
Play Six Pack Man. I
I know for a fact that MSN doesn't and they're one of the biggest DSL ISP's.
Everyone seems to be concentrating on how bad or dumb Comcast and Cox are being, or how it's a simple free market decision on their part. But think about it this way. These Terms of Service are as much a way to *cover a company's butt* than they are a way to tell people what they're getting; probably even more so. (This is the case with almost every mass consumer boilerplate contract.) Now, here's the deal:
Business-related activities are far more valuable (economic-wise) than other kinds of activity. Businesses have much more stake in the reliability of internet connections for telecommuters; they risk a lot, not having the person in the office. Thus, if there's a problem with the connection, resulting in lost/missed communication or just general loss of productivity, businesses have enough reason and resources to sue the provider of the connection. (This would be a simple breach of contract, except that Comcast/Cox/etc. have deep pockets, so litigation will end up being more expensive for them.)
By explicitly stating that VPNs are not allowed, they completely disclaim any responsibility for screwed up business-related stuff or communications. If they had said "we don't support VPNs", they're still sticking their neck out in terms of liability -- they would just be saying they don't have tech support for that kind of activity, and could still feasibly be sued.
Oh, goody, someone just finished reading Atlas Shrugged...
Oh, goody, someone just confused Objectivism with Conservatism.
'course I haven't actually READ the subscriber agreement... Ignorance is bliss.
U.S. Democracy: born 7/4/1776, died 12/12/2000 R.I.P.
LOL!!!
If you have the type of job where you telecommute, and your employer can't afford the extra $100/month, you should be looking for another job cause your company is in an extremely precarious financial state.
I first saw Comcast's change to their TOS RE: VPNs a little less than a year ago. I wasn't happy, as running a VPN connection to work is one of the things I do with my Internet connection. I already knew that DSL was out, since I'm a whopping 22,000 feet from the Verizon CO I was connected to. At that time, RCN was in the middle of building out their cable (fibre) plant in my township (Upper Darby Twp, adjacent to Philadelphia). As soon as they got to my neighborhood in August, I switched. I'm satisfied with the service, and since they have their own network (i.e., not part of @Home), service wasn't interrupted recently. I also switched my phone service from Verizon to RCN (on the same connection), but decided not to switch my cable TV, since RCN doesn't have any plan as cheap as I have through Comcast ($11/month). Having a choice of cable systems is one advantage to living in a densely populated area.
They spend at least twelve million dollars a month on salary, yet they won't spend twenty thousand a month to conform to the terms of service of broadband services for their telecommuting workers? I realize that paying employees is closer to the heart of the company, but if they can't afford the spare change to work telecommuting properly they should just not support it as an option.
Even Slashdot wants to hide some things
I think most people would cooperate.
How many is "most people"? 99%? Then if there are as few as a hundred independent property owners between me and the water company, I've got a more than 60% chance of having to bring my drinking water in buckets from the river (assuming my surrounding property owners are willing to at least let me cross their land with buckets, of course).
I'm a libertarian, but you can take things too far. In that world, I think what would be more likely is that any group with the money to do so would start buying up loops of land via a bunch of pseudonymous holding companies, charge all the traffic will bear to let anyone inside trespass to get out, then buy up the interior of the loop at fire sale prices.
Are they just not supporting the customers with help if their VPN does not work, or are they blocking VPN connections ala packet filtering?
I was very paranoid about the Encrypted packet clause the entire time I had my cable service, since I had multiple reverse SSH tunnels comming in to my home network. What was funny is that I never got in any trouble for that. Rather, when I went to cancel my service I gave the reason as being only 72% uptime over a six month period. (Monitored by BigBrother) I was then told that it was a violation of the TOS to montitor the service in such a way. I laughed and said fine shut me off. I have yet to figure out what verbage in the TOS covers this, but really don't care anymore since I'm cooking on DSL.
-Praxxis
Not if they want to stay a Common Carrier. That status says in brief "Hear,no evil, see no evil, say no evil"
...
This is seperate them from any lawsuits that involve the 'owner' of passed over their systems. (ala the post office)
In a lot of ways the 'internet' in general is becoming a common carrier, but the ISP are in a strange place. They have the unique position of allowing/using filters to filter content simply. (Spam anyone?) A traditional common carrier is not allowed to do this.
I would like to see a opt-in or customizable (by user) method for the ISP to do some filtering for me.
Ok, now where is that DeCSS code
make Linux, not Microsoft. sin(beast) = -0.809016994374947424102293417182819
You are nothing but a waste of bandwidth!
For an ISP to dictate this type of usage restriction is like the phone company making me sign an agreement stating that I will only use my phone to talk to certain groups of people and only about certain aproved topics of conversation. My phone line has certain usage and privacy restrictions. Basically they are that I can use my phone however the hell I want to, and as long as I'm not breaking the law the phone company is to mind their own business, provide me with a line and charge me for it.
As long as the ISP isn't being abused by the subscriber, and the subscriber isn't breaking the law, then they should just butt out. If they want a more successfull business they should focus on efficiency and growth, not extorting more money from the current subscriber base by dictaing how the service will be used.
-=-=-=-=- osjedi uses Debian GNU/Linux. -=-=-=-=-
If I buy their "business service" is my cable is routed through "special" switches on a more reliable and fault tolerant network than my "residential service?" All they really want is a reason to charge more money for the same service.
"Stop whining!" - Arnold, as Mr. Kimble
Folks,
I checked their support website yesterday. They explicitly say that they don't support home networking (thought they have a FAQ on that) VPNs and also they are blocking incoming port 80.
One thing that baffles me is, they somehow figure out you are inactive (I am yet to figure out what determines that) and remove your lease on the IP. Everytime I come home in the evening, I HAVE TO release and renew the IP address!
However, they do claim that one of the advantages of DSL over cable modems is that some cable modems don't allow VPN use. So PacBell Internet has claimed in marketing literature that they allow VPN usage.
>you are on the phone ... screaming at them to restore your service ... because ... you are losing money
>my son playing on-line games is classified as business use.
Your son makes money playing online games? Sweet!
Pings already blocked, both in /proc and the firewall. For that matter, sshd only listens to places I might connect from, and that's also done both by config and firewall.
Because of the news TOS change, I've moved from leafnode to noffle, and have changed things around to make its behavior act like a conventional news client. And it stinks. I've seen leafnode wrapper scripts that give finer control to its downloads, and I may try that with noffle. At the very least, I still get the cache, so I can look back.
They can't find me by scanning, but that's not the point. I'm really trying to stick by the spirit of the TOS, yet not turn into an inet luser. I have ssh crammed down as tight as I can make it, and still have it *usable by me.* I'm working at tuning down my news cache to as 'interactive-like' as possible, and still get acceptable news response. (Right now it's interactive-like, but not acceptable.)
I just hope they don't get a clue about VPNs. There's been the discussion about business use. But my VPN use is occasional, normally my bandwidth is dominated by personal use. If the ratio were the other way around, I could see the requirement to get a business account. But the moment you get the Company to spring for it, they want to see Cost Justification, and you have to forswear your family even when at home.
The living have better things to do than to continue hating the dead.
The main problem with per protocol blocking or per protocol traffic shaping is that it forces coders to make their protocol look just like HTTP.
File sharing has gone this way, and I imagine if VPN is blocked it will go this way too. This creates a nightmare for any sane netword admin that is just trying to manage their network.
Internet protocol cannot just be blocked, they'll just mutate and become completely unmanagable.
Sure, commercial service is twice as expensive as residential, BUT IT'S ONLY $100 A MONTH!!1 It's not like that's a lot of money, plus you get a static IP and with commercial service, you don't have to worry about stupid TOS agreements that ban servers.
I'm proud of my Northern Tibetian Heritage
You need to find a new job. If your company can't afford to spend another $40 a month for your services, it's got some serious financial problems.
I don't like the server clause, but they never check (or they don't care). And, even though they use DHCP, the addresses never change. I've inquired about @Work, but it's not available in my area. Maybe AT&T knows that if they start switching addresses or blocking ports, we'll switch to DSL in an instant. Ok, maybe it'll take a few weeks.
I'd say charge us like the cell phones. You get n bytes per month and get charge m nanocents per byte after that, as long as n is adequately large and m is fair. I don't believe that the average personal page or small business web site comes close to the demands of a music/movie trader.
Does this mean that AOL over these connections is against the AUP?
i think im gonna go setup a vpn with vtun right now
Doh, IE is annoying, you hit the enter key and it hits submit anyhow...
When you pay for broadband, it's as if you are renting hose from the local firehouse. The ISP/Cable company owns the line (or they lease it off someone else). Thus, they can tell you what you can use it for. It's a classical example of "they own the hotel they decide who gets to use the pool". If they are a monopoly, then that's a separate issue, but the legality of their user contract isn't questionable. Also, they own the networking hardware, including switches and routers. It belongs to them. They paid more for that stuff than you ever will for internet access. Thus, since they administer the network, they can block anything they want, provided they inform you they are doing it...
I use a locally owned (AFAIK) cable modem solution, for $99 a month I get business class cable (1 static 8 dhcp IPs and can run servers).
:) SO I use the static IP for a secondary DNS for my company.
I looked and looked for a TOS/AUP on their site www.pclnet.net and couldn't find more than the "FAQ".
They annoy me on some things:
#1 can't post to usenet, just read it (WTF)
#2 ICMP is blocked at their core router, traceroute? ping? forget it.
#3 they know me by name and know that I have no less than 5 computers at any time, and they absolutely will not let me downgrade my service to basic residential. They know for a fact I'll setup linux with ip masq and run all the machines off of it
--- www.f-theocean.com
Do I have to be running a server to download linux ISOs, pr0n videos and public domain (50-year-old) movies?
Sorry, but the only public domain movies are those first published on or before December 31, 1922. Almost anything first published on or after January 1, 1923, is under effectively perpetual copyright in the United States, under a precedent set by the Sonny Bono Copyright Term Extension Act and the Eldred v. Ashcroft decision that gives Congress the power to set arbitrarily long terms on copyright.
Guess when the first Technicolor movie was made? 1923.
Will I retire or break 10K?
Likewise, if there's no technical limitation or increased impact by you running a vpn as compared to any other allowed service, then I don't think they can force you to switch to business. Well, they can force you, but I think the FTC or some state authority might have something to say about it.
Too big to fail? Does that make me to small to succeed?
DHCP is actually a misleading name in that it actually Checks your ethernet MAC address. In that sense it is not dynamic at all. It assigns an IP to you based on rules they set up.
True, but what if the "rules they set up" include a lease renewal to a randomized IP address every two hours?
Will I retire or break 10K?
Let's see here, I'm sure you can do the math. $0 to drive in, or $200 for "business class ISP".
Not $0 to drive in by any means. For each employee who drives in, the company has to pay for the lease on the office space, pay for furniture, pay for climate control and ventilation, pay for electricity, and possibly pay for petrol or bus fare. Does this add up to less than $200/mo?
Will I retire or break 10K?
Explicit acknowledgement in their service agreement ... that I can run a web server (as long as its not commercial)
How do they define "commercial"? Do they use the BBC H2G2.com standard of "if it links to an external web site that links to a web site controlled by a producer or vendor of a product, it's commercial; take it down now"? Is posting your resume considered an action taken for commercial gain?
Will I retire or break 10K?
A phone/cable/telco company is arguably a natural monopoly. Anyone who wanted to compete with them would have to build their own network from scratch, lay cables, etc, and do it all while charging a price lower than the existing company charges. I think it would be awfully hard for anyone to do this.
So if you had no government involvement at all, the company would still be untouchable by competition, but would also have no limits on how they could use their monopoly power. When governments contract with the company, they agree to maintain the monopoly (which would have happened anyway) while setting restrictions on how the company can do business. Seems to me like it may be a win for the consumer.
When you hear the word "monopoly" don't immediately assume the free market has failed and you're being unfairly screwed. Monopolies are an expected occurence in free markets.
Actually [a person complaining about losing money for every minute the service is down] would be son while playing his on-line games. So, by this reasoning, my son playing on-line games is classified as business use.
Is your son an EverQuest admin or something?
Will I retire or break 10K?
Cable service is sold as always-on service, at a specific bandwidth. Since a major company probably knows what it's doing well enough to keep me from grabbing extra bandwidth, it has to be assumed that I am being made to pay more to use it
I was sold a certain amount of bandwidth per second, and the right to use that bandwidth whenever I want - what's the diffrence if I am downloading a game demo, surfing for myself, VPN'ing into work or letting a few people connect to my FTP server? The only possible rationale for this is that I don't actually have the bandwidth I paid for, or the unlimited usage rights they said I had to it.
When you also look at the fact that the residential and bussiness services are technically identical; it's almost as if they have said "Well, we know you paid for it, but to use it you have to pay extra." That is a grossly abusive business practice.
I work for a company who has several offices where they can't get VPN over DSL in several of their offices in Virginia, even though they are willing to pay a little extra. What the companies do is block IP Protocol 50 entirely. I mean, Verizon knows that a business class DSL line can be used for VPN and cost a whole lot less than a T1. So why the heck are they going to allow VPN over business class DSL? They won't. No one in the industry likes VPN. We had an office in the eastern part of Virginia than we tried to implement DSL VPN. But guess what- the packets got dropped in the middle! Another companies router (through which our info was passing) was dropping IP Prot 50 packets and there wasn't a single thing we could do about it. We are having to buy T1s and install ISDN modems. All it takes to break VPN is for one company on either end or in the middle to decide they won't allow it. To build your company of VPN is just plain stupid, unless you have a contract with the remote access vendor, your T1 vendor, and any telcos/corps in between that might decide to drop YOUR packets. Now, concerning residential service allowing business use- I have a question to start out with... why don't the cablecos restrict access to the truly objectionable material on the internet? Stuff we all agree is vile? Censorship issues aside, the point I am trying to make is, restrictions are put in place because they benefit the bottom line. The cablecos aren't asking what's right or wrong, but what is profitable. What the cablecos have apparently sold is X Mbps down/X Kbps up. If I use all of that all the time, is that abuse? The easy answer is no, because that's what was advertised. The cablecos answer is yes, you dummy, you know full well we can't handle everybody like that. The cablecos are saying in essence- you have to respect our profits. The cablecos are deceitful cheapskates who refuse to do one of the following to make themselves honest: 1. Advertise lower bandwidth rates that the cable user can saturate 24/7 without charges of abuse 2. Invest the capital to expand their network as different groups of users begin to saturate the bandwidth they bought 3. Advertise their access as web/email/file transfer/streaming only and block other ports. Any of these would likely trim profits in the short term, but-- I don't feel the need to finish that last sentence because all that matters to a public corporation are profits and stock price.
Fuck off.
I'll stick to Speakeasy SDSL thank you very much.
The journey is better then the end.
Point 1: If @whatever requires people to have a business class account to VPN, and they need VPN for work, then their work will pay for it if there is a true need.
:)
Point 2: I believe there was a story about cable companies letting various spooks spy on connections lately.
Point 3: Business traffic is not interesting to spooks.
Point 4: In the eyes of the spooks, there is a good chance that people who a:run VPN's over a cable link and b:aren't doing work-related material might be doing unsavory things, like conpsiring to blow up a building.
Conclusion: This very well may be a veiled attempt to weed out any possible "TERRORISM" communications on the network.
Yes, yes, i know that all the geeks are paranoid and want eleventy-billion-bit encryption on every byte they send or receive, and i'll get flamed for this, whatever. Just playing devil's advocate and conspiracy theorist.
Hey Taco! Looks like you're using the "infinite monkeys and typewriters" scheme to generate Ask Slashdots again...
True
Most legacy hardware, and much current hardware doesn't support IP/SEC, so it cannot work.
Wrong. You do *NOT* need anything more than the ability to forward protocol 50 (like tcp and udp are protocol 6 and 17 respectively) and allow udp port 500 through their network firewalls (if they have them), or routers.
This is *basic* IP functionality needed to forward any type of internet traffic! In fact, if the devices (routers, transparent proxies, etc.) tried to modify the packets, that would disable IP/Sec, not "Support" it.
If you didn't know, now you know. Otherwise, you just look like someone who has half knowledge and is trying to pass off as something you're not.
Mike
There: Something at a specific location.
Their: Owned by someone.
Please make sure your english compiles.
..if I buy a car and I drive to work everyday in my car, does that make my driving a buisness activity as well?
if I buy my cable modem, and pay for the bandwidth... I expect to use it to go to work, just like my car.
This isn't as bad as the other restrictions.
Cox specifically prohibits the use of a router (and NAT). This is so Cox can sell you another IP at $7 a month.
Of course that doesn't prevent me from using one.. you'd have to be pretty stupid to call up Cox and tell them you're using a router.
This is just a shakedown, pure and simple. They're tyring to charge more because they think they can. It has nothing to do with cost, just what their marketing people perceive the market value of their product to be (and wishfully, I might add).
This is nothing but a shakedown. They're trying to charge more only because they think a "business class" customer has more to spend. There's no difference in their cost, etc. It's like the classic "luxury car" oil change at quick-lube places. Luxury cars use the same oil and the same filters, and the service procedure is exactly the same. But they're charged more, because the company thinks they can get away with it. So do you always just roll over and play dead when you're being overcharged? I feel sorry for you...
Ultimately, it's a customer service issue. If your customers aren't happy, they will leave at the first opportunity.
I use Macs to up my productivity, so up yours Microsoft!
Oh phooey. You mean I'm not allowed to download 600 MB ISOs anymore? Because EVERYBODY knows that since it's HUGE, it must be a VPN. Anyway, what if it's a 600MB ISO image of a VPN server? They'd have to shut me off for that... But OTOH, it's a server, not a client....
hmmmhhh.....
--pi
At work I'm required to use both VPN and ssh, without SSH, I wouldn't be able to connect to our unix servers, and without VPN I wouldnt be able to access the internal network at the main office. Services which forbid things like that make you want to look twice for better carriers.
Also, check if your NAT box has firmware upgrades available - several products such as Linksys originally shipped without VPN-transparency, but have later firmware you can flash-upgrade to add the capabilities.
As the economy tanks, you can expect some stupid and greedy employers to say "aha, we'll put the screws to our workers, get rid of perks, and make them show up at the office at 9:00 or treat them like that Neo guy". You can also expect some smart and greedy employers to say "aha, I need to get the most possible work out of my employees so I'll make it easy for them to work for ME anytime, anywhere, any way they can" and some extra-smart, extra-greedy employers to say "aha, in this economy I need all the productivity and creativity I can squeeze out of the few employees I can afford on my limited venture capital and annoyingly-low sales revenue, so I'll try treating them like *real*human*beings* and act like I respect them and spend the budget I can scrape up on productivity enhancers like fast network connections and good coffee and extra disk drives instead of $1000 chairs, especially since enticing them with stock options is a lot harder than it used to be." Of course, any manager, from the dumb to the extra-smart, will try to get around greedy cable-tv-company restrictions on applications :-)
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
You would think this comes as a suprise.... Large Pipes cost Large bucks. Very Simple. Every one starts pumping IP's down these VPN's...and pretty soon people are doing backups with rsync across their vtun tunnels that are encrypted with blowfish or the like.
Of course it's a pretty hard thing to prove if you use the above software packages.... Just think port of the day! Or I'm just downloading a really long movie....... via ftp!
They won't be able to disable SSL. People who are determined to use a VPN will use SSL based VPNs.
The main reasons they don't want VPN-like things are
Because what you need most are Lots More Customers.
* Some of the business-class cable or DSL services actually do offer better-for-business service - better help desk response time or service quality, for instance, and in some cases higher bandwidth, plus obvious business-related services like more flexible billing, and bundled email and web services. It's tough for cable modems, though, because the fundamental service-scalability models behind the $40/month cost assume that It's Just Television, so the number of installation/repair technicians and trucks and help desk people assumes that if the service goes out on a snowy Friday night, you can read a book or talk to your kids or something and they'll fix it in the daytime after the storm's over and maybe credit you a few bucks or make HBO free for the next week. For a business client, you can put up with dial for a couple of days or read a manual or something, but actually providing business-server-class service isn't realistic; you'd have to provide a lot more trucks and technicians to make repair times much shorter.
Disclaimer: This is just my personal opinion, not my employer's, and it's Friday after 5:00 and I'm not wearing a suit, so don't bug them about it.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Agreed total BS there, I have use some old routers to pass VPN GRE IPSEC based traffic and had no problems at all. Think this guy got feed some horse shit somewhere.
Pretty much all of my extended "virtual team", in our hours of endless conference calls, share desktops via Netmeeting with those of us in the office.
Our IM org (oh wait, we're in the IM org! ;) )cringes, but it's so widespread there's really no stopping it.
Definitely more bandwidth than "checking email", though!
Kineska: Cinema, soapbox, music & musings
You aren't very bright, are you? I'm sorry to break this to you, since you obviously love to be a red-baiting idiot, but being a liberal does not mean that a person is a socialist. Furthermore, given that socialists run the gamut from Marxist state socialists to anarcho-syndicalists who are more opposed to strong government than even the most ardent Libretardian idiot, given that capitalism also runs the gamut from fascism to anarcho-capitalism, being pro-government also does not a socialist make. Your stupidity is especially amusing given that socialism is an economic philosophy whereas liberalism describes a range of political philosophies. May I suggest that you actually try learning something about socialism before you make yourself look even more uninformed than you've already managed to?
Finally, should you manage to stop spewing hot gas long enough to actually read the Constitution, you'll discover that it does, in fact, contain both terms.
$100 definitely is a lot of money!