Slashdot Mirror
Comcast Forging Packets To Filter Torrents
An anonymous reader writes "It's been widely reported by now that Comcast is throttling BitTorrent traffic. What has escaped attention is the fact that Comcast, like the Great Firewall of China uses forged TCP Reset (RST) packets to do the job. While the Chinese government can do what they want, it turns out that Comcast may actually be violating criminal impersonation statutes in states around the country. Simply put, while it's legal to block traffic on your network, forging data to and from customers is a big no-no."
But when these huge companies work with other huge companies AND government agencies like the FBI and CIA, do you think you even have a chance in Hell?
Like many have said before me, we need to go pure encrypted communications to prevent this kind of violation. TOR, WASTE, and Linux based encryption techniques allows us these kind of tools to defend against attackers: our very providers of bandwidth.
Legal questions aside, is there some technical merit to sending a RST instead of just blocking the packets? Is it less expensive to the ISP or something? I don't understand why they're doing it.
For filtering of RST in the client you don't need raw sockets or re-creating a TCP stack; just a simple iptables rule is sufficient.
Of course this will not work when the RST is sent both ways and (in case of a p2p network) the guy at the other end does not have the filter.
In any case, it doesn't matter whether most bittorrent use is legal. It's not okay to filter a protocol that customers are paying to use (unless they filtered individual torrents, but that's too much work, and it's asking for lawsuits).
A cat can't teach a dog to bark.
You could configure your computer to reject RST packets, but then you'd end up leaving connections open all over the place and cause all sorts of other problems. It's not something that you can trivially work around.
How about just wait until some specified timeout and see if you receive any other packets? If someone sends RST, but you receive a bunch more packets, there's a very good chance the RST was faked. Better yet, wait for timeout1, then wait timeout2 for any more packets. (Since packets can be received out of order). Then if you receive more packets during timeout2, ignore the RST. I'd say that's pretty trivial. It could even be implemented on a NAT router so you wouldn't even have to modify your OS.
AccountKiller
If any ISP did, it would kiss away any hope of a DMCA safe-harbor claim. As an ISP or other such party, if you know about it, you're supposed to stop it, not throttle it. Not stopping it immediately upon discovery and confirmation IIRC constitutes complicity.
Quo usque tandem abutere, Nimbus, patientia nostra?
Have a look at the method on line 22330g ate/usr/src/uts/common/inet/tcp/tcp.c
http://cvs.opensolaris.org/source/xref/onnv/onnv-
Arash Partow's Philosophy: Be a person who knows what they don't know, and not a person who doesn't know.
There's a tough part of that issue though. When it comes to a legal standpoint they can't look at it as an opinionated issue, which is a problem. It's like a legal grey area that has to be defined in black in white-law is about strictly facts, not opinions (although the latter sways some parts of trials).- and-the-fcc-whats-being-done-to-preserve-it/ - note that the neutrality mentioned here was the exact same google requested for the wireless spectrum. It was not something they created outright. They simply requested the same fairness on wireless as wired networks are supposed to have. Please note as well another side that I'm guessing applies to the "against" net neutrality side is the blocking of zombie PCs. So I think this is a tough one to say how to feel about it. Of course I prefer net neutrality.
Morally - I/most of us don't like it. Factually, if they choose to degrade service, they can do so. The problem is that they might not allow a law to be partial to certain situations. Many companies already do it but how is part of the issue. If everyone's packets but mine have higher priority then the question is whether it can be considered an emotional non-factual decision. If it is just "they have priority" you have 0 in court. But if you have "it was malicious in nature" that is another story. That in itself is hard to pin on a corporation. For better explanation look here: http://www.lectlaw.com/def2/t032.htm - This is the legal definition of Tort. More specifically http://www.lectlaw.com/def2/t061.htm which is tortious wrongful interference. Note the difference between them, yet how close they run to malice. Read very carefully this line: businessman has no legal complaint concerning a loss resulting from lawful competition. Therefore if they don't enforce net neutrality 100% (which can cause its own problems), it can be considered completely lawful. If they do enforce it 100%, well VOIP seems to be a good example. Please note I am not a net neutrality expert not even a network tech, but I read up when I can. Please note that if we don't enforce net neutrality that QOS could be abused in order to bypass direct net neutrality abuse.
This engadget article seems to have some good info as well - http://www.engadget.com/2007/03/29/net-neutrality
I personally say that if we had the bandwith we are supposed to have that such things would not be an issue. If you have 25mb up/down having even decent quality audio while downloading wouldn't matter. That's my own opinion, though, and I have no factual basis to back that up other than saying that VOIP presumably only needs 128K upload/download range. Which is about 1.5mb or something. So no, unfortunately, its not a moral issue. It's a question of whether it is something a business is entitled to if it is a municipal business like cable, where common carrier stands, and other things. At least it seems that way to me. The question is whether comcast/etc is private or not it seems? Sorry I think I'm rambling, I'll stop here.
It shouldn't be. These companies are advertising access to the internet, there are decades old standards that describe how the internet is supposed to work, and "dropping packets because an router owner might not like the contents" isn't in any of the RFCs. There's a reason why Prodigy, AOL, MSN, Compuserve, and all the old proprietary networks had to become ISPs or become bankrupt, and that's because consumers demanded unrestricted networks. Giving us restricted networks but just calling them "internet access" is fraud.
However, I also have no problem with Comcast restricting the type of traffic that comes across their network.
This is all well and fine, if they actually said in their TOS that bittorrent traffic is not permitted. But they don't, do they?
Let's not pretend that most torrent traffic is legitimate...we all know it isn't. That's like suggesting legalization pot for everyone because it may help with some the side effects of chemo (there is no glaucoma benefit, btw). That argument has nothing to do with the general population.
The current drug laws work on the theory of "Some people use this substance for illegitimate purposes, so let's make it illegal even for those who want to use it legitimately.". I guess the same applies to bittorrent as well.
Frankly, blocking torrent traffic is the only sure way Comcast could secure themselves from lawsuits by copyright holders, which, I am sure, scares them a lot more than some nerds on Slashdot.
ISPs are common carriers, which makes them immune to such copyright lawsuits, in much the same way the RIAA won't sue AT&T if you decided to sing "Like a Virgin" over the phone. Under the DMCA all they have to do is take down alleged infringing content and notify alleged infrigers - if they do that, they have no liability.
hmm, this is interesting - I am not familiar with this arguement. Any lawyers out there that can verify this? Everyone knows that ISPs have been filtering the dickens out of traffic since the napster era, why haven't they been called out on this already? Also, the post office won't let me ship a can of gasoline to a friend who lives in small town with high gas prices - they consider this "hazardous." Could isps argue that certain traffic is hazardous to their infrastructure (i.e. clogs up the pipes) and refuse it on those grounds (assuming this whole common carrier thing really applies in the first place)?
ôó
If people are using the legitimate network services for legitmate uses it's not a DDOS attack. It's a network with not enough bandwidth. There is a difference.
10001001111001110110011000011101110
Interesting thought.
If the copyright holder decides not to prosecute someone is it still a copyright violation? after all many people distribute copyright material they do not explicitly own. Surely a copyright violation can only be deemed to have happened once the rights holder decides to take action.
Are these the same ISPs who also claim that YouTube and iPlayer are clogging the bandwidth? http://techdigest.tv/2007/08/uk_isps_send_bb.html It sounds like the ISPs have promised everyone "blazing fast internet" and can't make good on that promise because they misspent $200 billion that should have been building up internet infrastructure. http://www.pbs.org/cringely/pulpit/2007/pulpit_200 70810_002683.html Now they are just making excuses instead of product.
We are all just people.
Huh? Have you ever even set up a firewall? Assume you do a real one where the firewall system sits in the middle of all connections. There's various ways to handle the blocking of ports. One way is to outright block the port. Another way is to send something like an ICMP service unavailable (in response to UDP) or a TCP reset (in response to TCP). Either way, the firewall basically must forge the source address of the packet.
When I set up a firewall I often outright drop anything coming in from the internet destined for windows file sharing ports (135, 137, 138, 139, and 445 among others). The traffic simply never passes the firewall and just goes into a black hole. However, if the traffic came from the network I am firewalling (the "inside" so to speak) then I'll usually configure the firewall to respond with a TCP RST. Why? Because if you respond with a TCP RST then the Windows client will immediately recognize that it can't connect rather than waiting for 60 seconds or longer. If I accidently mistype an IP of some machine I really don't want to have to wait 60 seconds while Windows Explorer completely HANGS because there is basically no way to cancel a request.
By your logic, I should now be brought up on charges because I forged a TCP RST.
Now, in this case their firewalls aren't in the middle but are merely snooping on traffic. When they want to drop a TCP connection they simply send a RST to both ends which does the job nicely without having to have the firewall pass all traffic. If it drops a packet, it's not that big of a deal. If it goes down there's simply no longer a firewall.
What most people seem to be mad about is that Comcast is using a firewall on their traffic. But ask yourself what would you do if you were in Comcast's position. There is no way in hell they could afford to provide the full advertised downstream and upstream bandwidth 24/7. That's why your cable modem costs a whole lot less than a bandwidth-guaranteed T1. And it's not just for consumers. Businesses who just want an internet connection are now able to get cable modems as well and it's a huge money saver over a T1 because it means you get to burst at much faster speeds and aren't paying for the full bandwidth all the way to an internet backbone which you aren't even using anyway.
BitTorrent is by design a very greedy protocol. It is fully intended to suck up every last drop of available bandwidth. Comcast has a number of customers to serve with its limited uplink bandwidth. What it does have is pretty amazing but it's still nowhere near capable of saturating every subscriber's line simultaneously. When you got your cable modem service you agreed to this. That's what the whole "speeds may vary" footnote that accompanies cable and DSL advertisements is for.
Comcast is not in fact outright blocking BitTorrent traffic. It seems instead that they send a RST to both ends of BitTorrent TCP connections to force them to close. BitTorrent will turn around and make another connection with different peers. My guess is that they aren't killing all connections, just a random subset of them. This has the effect of throttling BitTorrent down without actually preventing anyone from using BitTorrent, just preventing BitTorrent from taking up all available network bandwidth.
What would you suggest that Comcast do? Not throttle anything? They'd have to increase their uplink bandwidth considerably. Do you suggest the government force them not to firewall anything? Now what.. who do you think is going to pay the added cost? It sure as hell isn't going to be Comcast, they'd sooner exit the business entirely, as would any other sensible business person.
The bottom line is that it really makes no difference what BitTorrent is being used for. Even if you're using it only to download the latest ISO of your favorite Linux distribution it still costs Comcast a lot of bandwidth. A lot more than if you were to just find a fast mirror with the ISO you want. I am pretty
For cable modems and DSL, the local distribution transmission technologies are asymmetric, but the upstream media from the head end or DSLAM on up normally has more slack, so the technology tends to limit the amount of resources P2P can consume. It's obviously better if you're uploading material that's being downloaded by somebody on your local distribution network, but for general applications that's unlikely - too few people want too many different files. (Large Universities are a special case, where the bulk of the traffic is probably for relatively popular material, students have more shared tastes than random neighborhoods, and upstream is usually faster and often symmetric.)
The "backbone" bandwidth, which is what costs broadband companies money based on traffic levels, is going to be more affected financially than technically - it's a small number of locations, and broadband companies can monitor it fairly easily so they can keep up with growth. The scalability issues are really critical here - if people usually upload material to other users of the same carrier and in the same geographical area, they're not touching the backbone for high-volume media, only for tracker support, and since _everybody_ on the consumer broadband networks is primarily an information consumer, not producer, the traffic's more likely to stay local, and the traffic ratios which affect what the broadband company pays for traffic are very skewed and P2P balances them a bit rather than exacerbating them. Overall backbone downstream traffic can still increase, but carriers that care about that should be encouraging their customers to use protocols that download locally when possible, and can put up their own P2P caching servers (i.e. fast user machines) if they want to reduce imports from outside.
Napster had centralized databases tracking who was downloading what songs, so if they wanted to they could easily enough have made sure that users stayed within their local networks whenever possible, especially for universities that had scaling problems. BitTorrent trackers can provide somewhat the same capability, if they want to. The fancy way to do it is to look at BGP autonomous system numbers to determine who's sharing with whom, but even just trying to keep systems in the same
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
I haven't noticed decreased speeds when grabbing torrents and I use Comcast. I grabbed an Ubuntu ISO just last week and it was speedy quick. I wonder if they are only throttling those who are using obscene amounts of bandwidth.
'Same speed C but faster'
I'm skipping the TCP RST as I mostly agree with what you are saying, though I would say that comcast doing it is MUCH more irritating than myself doing it. I agree with many posters above that it should call into question their common carrier status if they are only doing it to file sharing protocols. You can't have it both ways.
"But ask yourself what would you do if you were in Comcast's position. There is no way in hell they could afford to provide the full advertised downstream and upstream bandwidth 24/7. That's why your cable modem costs a whole lot less than a bandwidth-guaranteed T1. And it's not just for consumers. Businesses who just want an internet connection are now able to get cable modems as well and it's a huge money saver over a T1 because it means you get to burst at much faster speeds and aren't paying for the full bandwidth all the way to an internet backbone which you aren't even using anyway."
Therein lies the problem - at least where I live Comcast runs tons of commercials showing people cheering about the money saved with no loss going with them. Were I in Comcast's shoes and I were not able to provide that I wouldn't advertise it as such - especially if it was something I was artificially throttling through TCP resets (MUCH harder to defend in a lawsuit). Had they sold their service under a different idea then yea, I would fully agree. But at is they heavily commercial one thing, have their service contract vaguely say something else, and finally do something totally different from both and hope people bend over and take it because "what else are they to do - it costs too much money".
There is no reason to quote the rest of your stuff as I agree - Bittorrent is a bandwidth hog and Comcast has WAY oversold what their bandwidth can service. But then, that is their fault for advertising things they can not hope to even come close to covering. There is no other consumer market where that is acceptable. Lets face it, if Denny's ran commercials with normal ingredients as caviar, swallows nest, sea bass, truffles, and other high end items, put a small note in the bottom "ingredients may differ", and then you got spam, American cheese, and old lettuce there would be a VERY strong legal case against them. No difference here - they shouldn't commercial what they will not give and the small print isn't going to save them. With them also heavily commercialing their home service for streaming videos this is only going to get worse.
That being said - I use Comcast and have had no real issues. In fact, I'm constantly surprised what I do doesn't get any note sent to me. This month I have over 70 gigs down and an unknown amount upstream and not a peep from them, this was not really a heavy or light month and I've been a customer for about 6 years now (and there have been months where I have gone WAY over that). I've had their service technicians be as courteous as can be expected (though since I generally knew what the issue was I just pretended to do what they wanted until I got to who I needed to talk too, I understand why the lower level people wouldn't just move me on and stayed very polite) and I even had my cable modem replaced at no charge or questions when I told them it "quit working" (I spilled a bottle of soda in it).
But, if I had the above happen to me I would be quite irritated - they sold me a service and I expect the service they advertised to be provided. I can pay the same price to the local DSL provider and have *none* of those issues though their advertised bandwidth is less you *do* actually get all of it (and it is greater than what many are reporting). That type of little finger to mouth rationalization doesn't work in almost any other field and I suspect it will not work if this type of thing goes to court. My guess is that I live in a fairly rural area and they do not have bandwidth issues so I get to hog all I want.
------- Sorry about the spelling, I suffer from two problems. Dyslexia makes it difficult to spell well, lazy makes it
Slap a filter on all your web sites and torrent trackers that keep Comcast customers out.
Give the reasons that all the bogus resets cause wasted connections and time and deny legitimate users from using the service effectively.
That's just the technical end. No effective net changing strategy will work on only that basis. It requires social fixes also.
Notify Comacst customers what's happening and why. Tell them the action is against Comcast, not them, that you're sorry for them, but have no other choice due to Comcast's actions. Tell them to contact Comcast to tell them to either remove the block or they'll change services or call a class action suit.
The Comcast users become collateral damage. It's a sad thing, but it's what happens sometimes. If it's presented to them in the right way, they'll become and loyal and effective allies.
It's worked before. Against Worldcom/UUNet, PSINet, the pipe into India via their country's long distance, network and satellite company affecting 90% of India, and others. It was called the Usenet Death Penalty. Look it up. It made news stories all over the world. The biggest, against Worldcom, was launched on a Friday evening so they couldn't react until Monday, and by Thursday afternoon John Sidgemore made them change their corporate policy to cut off their downstreams that were major spam sources (which was the reason all these were done). In all cases I/we got many emails from effected customers decrying the need for this, but supporting the action and us, most of them promising to step up complaints against the company involved.
A key is to get individuals participating in doing this based on a publicized suggestions from someone who doesn't participate. That makes the people doing it a temporary autonomous group, not an official body or organized group with a membership or leadership. The result of that is each individual has to be pursued one by one, and they can just drop off if and when they need to, and come back on at another point. Best way is to set aside a few people who aren't participating themselvess, but are holding forth the whys and wherefores, and acting as contacts for the affected users, the press, and inevitably the company.
It works, oh my yes. Combine technical and social tactics, and you'll have them by the nadgers. As big and bullying and rich and litigious as the companies are, they all rely on a user base. When that base threatens to jump ship, they listen and things get done.
The 70% to 80% figure doesn't hold water. The same was said about the increase in traffic on usenet binaries groups, and that was fought off in some cases and gave rise to companies advertising specifically to provide them in others. There's nothing in their TOS that says what sort of programs the users can and can't use, just as when they decided to start dropping and blocking alt.binaries.*. There's stuff about illegal activities which is good and for a good reason, but it's up to the company to prove that's going on. If they don't, forcing their customers to drop P2P connections regardless of content is denial of service, and that's illegal. Since their doing it to people who are paying them to provide the service their denying, it's also fraud. With those points made to the media prior to and during the action, and with some affected but supporting Comcast members having their word in, it'd be damn hard for Comcast to defend itself without looking like thugs, and if they don't defend themselves they look like hypocritical and greedy thieves.
I'm serious. This works a charm. Set up and laid out properly, its the perfect media fodder to garner support -- the little guys inside and out fighting the awful corporate ogre to take back the net. And, it stirs up righteousness more of the affected users, bring them on board, and it's enormous fun for those doing the actual fighting against the suits.
Not planned and executed properly, it falls apart when the press is able to make the action look like a blackmail attempt. P
"I may be synthetic, but I'm not stupid." -- Bishop 341-B
Oversubscription is what makes it possible for ISPs to offer 10Mbps service under $80.
Because the top ~5% of customers (ab)uses ~90% of the bandwidth, over-subscription reduces the ISPs' infrastructure costs for typical users by >90%.
So, they oversubscribe their services and charge us monthly for the service. What did we purchase? A line with a consumption limit? Did you find where Comcast is stipulating the consumption limit? It's not in the AUP/TOS. I've looked many times and even had a lawyer look at it once.
What do you get for your purchase?
Comcast has thus far been unwilling to define what is acceptable. And that's the problem all along.
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
If any ISP did, it would kiss away any hope of a DMCA safe-harbor claim. As an ISP or other such party, if you know about it, you're supposed to stop it, not throttle it. Not stopping it immediately upon discovery and confirmation IIRC constitutes complicity.
Actually Comcast did monitor traffic and in 2002 were taken to court for violating the 1984 Telecommunications ACT. I found it while googling. I've been tempted to post it on my blog but save it for later in case this raises it head again. I don't know what the verdict was. I've been sending letters to the lawyers representing the case and have searched for it. All I could find was an article on Infoworld or maybe that was PC World. Don't recall off the top of my head.
Anyway, it's illegal and they were slapped. If they did this for P2P, they would have BIG issues to deal with... again.
Has Comcast disconnected your Internet account? Same here. You can read about it at http://comcastissue.blogspot.com
While it's true that it was not tax dollars that directly went to telecommunications companies, it was still taxpayers that paid the money. The telecoms made promises to invest hugely in infrastructure in return for rules that resulted in huge profit increases. They did not honor those commitments, but pocketed the money instead. They are now in fact threatening again not to build any more infrastructure unless they can get more favorable regulations.
I'm not sure why the shills keep repeating the "it's cheaper overseas due to higher population density". That has been discredited over and over again. I'll repeat the numbers here for completeness:
Country - Broadband Penetration - Population Density
Iceland 26.7 3.0
Korea 25.4 483.0
Netherlands 25.3 399.0
Denmark 25.0 125.0
Switzerland 23.1 179.0
Finland 22.5 15.0
Norway 21.9 14.0
Canada 21.0 3.0
Sweden 20.3 20.0
Belgium 18.3 341.0
Japan 17.6 338.0
United States 16.8 31.0
No correlation. Do not listen to the telecom shills.
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia