Slashdot Mirror
VPN Clients Not Allowed On Residential Service
wayn3 writes "ComputerWorld reports here that two of the major cable companies have language in their terms of service that VPN clients are forbidden for "residential" class, forcing clients on their "business" offering which is at twice or more times the cost of residential service.
Has any been bit by this, and do those companies consider SSH a VPN client? This would stop me from telecommuting since my company would not be able to afford the business service."
The obvious question is "what classifies as a VPN?" A VPN is a Virtual Private Network which usually is constructed using a secure IP layer such as IPsec. While it is easy to scan for IPsec usage (it has it's own protocol number - even as TCP and UDP has), it is much harder to scan for other types of VPN solutions.
Even encrypted HTTP, HTTPS, can be used to build a VPN-similar type of thing (think "VNC"). Since HTTPS is used to encrypt on-line banking traffic, e-commerce sites and such, they cannot just stop everyone from using HTTPS.
Furthermore, since the data (by definition) is encrypted, it is impossible to peek at the data to determine if a data stream is "a VPN" or just some other HTTPS transfer.
The conlusion is that they will have huge problems trying to enforce this.
Wrong. Wrong Wrong. When you sign up with an ISP, they are providing general purpose internet connectivity. When you buy a business account, you are buying that and:
1) Better service (i.e. technical support).
2) Perhaps a static IP address.
3) Web hosting, email hosting for multiple
accounts.
4) Some other item that adds value to the service
thus justifying the added cost to you.
Also, business class service is meant for situations where more bandwidth needs to be allocated for your use (such as with a web server that gets many hits).
Differentiating your servous based on what applications you use, if the application does not use any more bandwidth that any other regular users use, is just unacceptable.
I personnaly do have a business account, but that was because I was willing to pay for a static IP.
Have you tried UNIX today, its most satisfying...
What if I'm not using a VPN but just doing research on the web for work? Are the cable companies gonna stipulate that you can't do anything for a business from home, even browsing the web?
All that you're supposed to be doing with it is downloading "digital content" and associated advertisements from major media companies. You're a home user, right? That means that you aren't supposed to be able to think for yourself or want to do anything creative or interesting with your computer and your internet connection. Remember, it's a cable modem. That means you're supposed to use it like cable TV. You want to pretend that you're a thinking individual, well, in this country, you gotta pay extra for that, because that's not what the economy needs of its citizens.
-Rob
Here's the point: Business usage (phone, cable, whatever) CAN be more costly to the provider because these users will scream louder and demand quicker restoration of service when something goes wrong (line failure due to snowstorm, flooding, you name it). They also threaten to sue for lost business revenues due to the company's failure to restore said service in what they think is a timely manner. Residential customers don't bring that baggage.
So, they don't really care if you USE the line for business, because you won't be able to file suit as in the case above -- according to the TOS you weren't supposed to be using it for that purpose anyway. BUT, if you want them to treat your service as an essential component of running your business, you have to pay business rates...which is not wholly unfair IMHO.
It's not funny till someone gets hurt.
I invesigated Comcast cable a while back, as I'm out of range for DSL. Their terms of service were, in a word, unacceptable.
I suspect that you could get away with practically anything as long as nobody complained and you didn't generate too much traffic.
Oh, as to their "business solution"? DSL. Not an option. Near as I can tell, there is no such thing as "business class cable" Internet.
No high-speed internet for me. Sigh.
Welcome to the Turing Tarpit, where everything is possible but nothing interesting is easy.
They've all but said that outright. They don't sell bandwidth. They sell a high speed web surfing experience.
This should no longer surprise anybody here. Let's get over it.
My Heart Is A Flower
The choice is not using a different company. The decision is use broadband from THE company servicing your community under THEIR terms or revert to dial-up service.
*IF* you're lucky, you can "choose" between the monopoly cable company's service and the monopoly phone company's service. If you are REALLY lucky, you can get DSL from a CLEC or COVAD reseller. If you are insanely fortunate, you can get wireless service or your buddy next door has a T-1 you can tap into.
I live a few miles from AOL, mci/worldcom/uunet, and many other MAJOR data centers. Yet *my* choices are: Cable modem, overpriced IDSL service, ISDN, or modem. People living in spitting distance of the main MCI center can't even get my limited selection.
There is no choice, the broadband providers are well aware of that fact, and they are determined to keep it that way.
Let me get this straight, the company pays you enough that you can in turn pay $X for the service but they "can't afford" to additionally pay $X themselves (to make up the difference to the $2X price of business-class)? BS. Either you are exaggerating or the company is lying to you--they just don't want to pay for it.
I work for a large (3000+ people) company in the Philadelphia region. The company currently supports telecommuting with broadband through VPN. Currently, they pay $39.95 per month for connectivity, plus $30 per month for outsourced broadband routers/firewalls. (The latter part I think is stupid, but I digress.) So for each person telecommuting, they pay roughly $70 per month
Now, increase that highspeed access from $39.95 to $95.00, and they would have to pay roughly $125 per month per person. If only 300 out of the 3000 people here telecommute, that's a cost of $37,500 a month, or $450,000 a year just for broadband users. At the previous price, it would be roughly $252,000 per year. Almost 200k more. That's a lot of money to just "find" in your budget. So what happens? Comcast loses money because my company suspends all high-speed telecommuting. So now instead of getting their extra 200k a year, they get nothing, and the people who benefited from telecommuting no longer can.
You know, if Comcast wanted all these people/companies to shell out $50 more per month, the LEAST they could do is remove that 128kbps upstream cap they enforce for business accounts. Its really annoying to transfer large files to work or VPN to a server when you can't send out over 15K/sec, peak.
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?
Well (assuming you're with a cableco), that's not at all true. You contribute to paying for the overall bandwidth usage.
The issue here is that what cableco's want to do is charge by the byte, but they know that they need to market their product as flat rate to attract the mythical "average user" who does nothing but suck pay-per-view content from the cableco's portal (no, idiots, that's a cable TV customer, you already own that market).
So what they are doing (in the UK as well, where I am based) is writing clauses into the AUP's that are designed to prohibit the sort of things that high bandwidth users are likely to do, without actually mentioning bandwidth per se. The aim isn't primarily to stop those activities, it's to limit bandwidth usage either directly (by not bringing in traffic to servers) or indirectly (by punting the high usage customers).
The UK basically has three broadband providers, DSL from the monopoly telco, and cable modems from two cableco's. And that's it. The telco acts exactly like the cableco's highlighted here; abusive, obstructive, restrictive, incompetent and internally muddled. It's impossible to get a straight answer out of them on policies.
In contrast, the two UK cableco's are (currently) behaving strangely honestly. One of the two, NTL, brought in a blanket ban on all servers. In the outcry that followed, they reversed this, and instead made their policy clear; it's all about bandwidth (as above). They acknowledged that they would only pursue those customers who generated an unfair amount of external traffic, like were running a server that was constantly attracting more traffic than their cable could cope with, leaving packets to expire alone and unloved throughout the network. The other UK cableco, Telewest, recently sent out a huge email about their technical policies. It named names internally, it gave usage numbers, server details, it basically treated the customers as intelligent, informed people, and solicited feedback. "Tell us how you want us to develop your network," they said, and I think they meant it. They understand that a prerequisite to having customers is to have happy customers who aren't just sitting fuming and waiting for their contracts to expire. There will probably be some dissenting followups here, and it's certainly the case that NTL and Telewest do screw over some customers, but they are getting better.
So my point is that there are different ways of doing things. Marketing droids can be invited to consider that it's OK to talk about bandwidth usage upfront, as long as you make it clear that you're only concerned with extreme cases and not 95% of Joe Users. Technical guys can be made to realise that if you involve your customers and don't lie to them or dissemble, they will be more understanding when you have problems. Lawyers can be instructed to stick to the important issues when writing AUP's, and not to create sleepless nights for low usage customers who just want to set up secure remote access to their boxen.
Honesty, clarity. It's all we ask for, really. Target the users that are costing you money, do it directly, and don't make vague threats that will just piss off the 95% of low usage customers that you rely on to generate money.
Is that so hard to understand? NTL and Telewest in the UK get it.
If you were blocking sigs, you wouldn't have to read this.
Second, the network isn't going to give me any more bandwidth than I'm paying for, so it shouldn't matter what I'm doing with the bandwidth that I have.
Now, as far as the extras that a business account provides:
Tech support - don't need it, and they don't support Linux anyway.
Static IP address - the residential service gives me that anyway - and even if it didn't, I would be somewhat inconvenienced, but it's not something I care about.
Web hosting, email hosting, etc... - don't need it, don't want it.
other value added services - don't need them, don't want them, wouldn't use them.
So I have absolutely no use for the business service and I physically cannot use more bandwidth than their network will give me (which is what I'm paying for) so I don't see any reason for them to get all pissy about what kind of packets I'm sending over the bandwidth that I pay for.
Besides, I use Cox and I seriously doubt that they have the technical knowhow to navigate themselves out of a wet paper bag, much less figure out what applications I'm running on my computer at home.
Having briefly worked as tech support for @Home, allow me to show a brief glimpse of why providers may want to do this.
An inordinate amount of cable internet support calls are VPN related. If you thought that clueless people having trouble connecting to their AOL email was a tech support nightmare, you've not seen anything until you get someone unable to connect to a VPN. A typical call would go like: "Dammit, why can't I get online!" After asking a few questions and running some tests it's made clear that the connection is fine, and they're able to connect through their desktop machine, just not their laptop. "Okay," I'd say, "It's probably just an error in the settings somewhere." I'd then proceed to describe how to open up the relevant controls in NT4 (it was always NT4...) "What? Are you kidding?!" they'd scream "This is my companies laptop and we're not allowed to touch anything on it!!!!!" "That's a problem, then," I'd say. "You'll have to have your sys admin check the settings for you then." "You're fucking kidding me! I'm in Redmond, WA and the company is in Denver! I work from home!"
The story was always the same: dumbass company gives employess laptops so they can work from home, and told them they had to get a broadband internet service, but didn't configure the machines for even DHCP or give the employees the admin passwords to configure things. You'd get that call about 20 times a day.
I'm so fucking glad I'm back in research. :)