Slashdot Mirror
Google Caught in Comcast Traffic Filtering?
marcan writes "Comcast users are reporting 'connection reset' errors while loading Google. The problem seems to have been coming and going over the past few days, and often disappears only to return a few minutes later. Apparently the problem only affects some of Google's IPs and services. Analysis of the PCAP packet dumps reveals several injected fake RSTs, which are very similar to the ones seen coming from the Great Firewall of China [PDF]. Did Google somehow get caught up in one of Comcast's blacklists, or are the heuristics flagging Google as a file-sharer due to the heavy traffic?"
After all, doesn't Google host more copyrighted content than any other person/company in the world? ;)
Is the title clear enough? I can't imagine any judge or jury saying Comcast is allowed to impersonate Google and tell Comcast customers they're not allowed to use Google's services or that Google's services are overwhelmed and shutting down connections. That's essentially what forged, fraudulent RST packets from a MITM attack are doing. That can't possibly be considered a legitimate business practice in court.
Call your city. Ask them to re-evaluate Comcast as the local Cable provider or do what my town did: offer RCN as a competing provider.
"...it could easily be one of those 'ends justify the means' kinds of situations."
The ends should justify the means. The problem is when you start thinking the ends justify ANY means.
20 bucks a month! Why not just get something like No-IP?
There's a lot of guesswork here about what providers may or may not be doing; are there any applications for actually testing ISPs? Such testing apps would discover traffic shaping, port filtering, connectivity, and other traffic modifications by the ISP. Something like a bandwidth tester on steroids.
Lately?
I have noticed this stuff happening for over a year or more. Of course I speak my mind on a lot of issues that goes against the grain. For instance, stuff like the domestic spying- I usually point out that it is far from domestic which get troll, flame bait, and overrated modifiers all the time. It has been a situation for a while now and I have a working theory on it.
The theory goes something like this. When we started seeing the politics sections appear (that was supposed to be temporary but stayed forever) I started seeing political motivated posts that were basically rehashes of some party line talking point getting moderated insightful while common sense posts about the topic in hand was being modded off topic, under rated or some other negetive moderation. I began watching and it appear that either an organized group or groups of people have signed up in order to press a particular view or the sites own administration is doing it to some extent. Judging by the constant links to political sites like media matters and moveon.org by posters themselves, I'm starting to think it is a group of ideolgs doing it.
Of course I can prove anything other then by saying it is my personal observations. But if you start looking at it in this light, you will likely see the trend happening too. Of course to what degree will probably depend on your political bias. But you should definitely see a pattern rising that will worsen coming to a major election time.
Putting an extraneous link in front of your posts like you did is spam. Having said that, putting the link into your signature is accepted practice here. It's less annoying and nobody will get upset.
They get fined, and a month later my bill goes up a couple of dollars to pay it off. No real penalty.
I have to go with the dutch situation because that is the one I know.
In holland you used to have PTT (Post, Telecom, Telegram) which was owned by the state and also had banking services. Basically they where huge, slow, old but worked and kept things under control. For instance Postbank does NOT charge end users for tranferring money and has a free debit card. Essentially for normal people banking in holland was FREE and paid an interest if you had a postive balance.
But no that was not good enough, we needed competition and PTT was split up into the mail segment, the phone segment (KPN) and the bank segment (postbank) (The whole story is a bit more complex)
KPN now is a commercial business competing on a free market. Yeah right, it was the state that lay down the copper network that they essentially got for free. How is any other business supposed to compete with that?
It is as laughable as competing the NS (dutch railway) which is now supposed to be a commercial company, but got all its infrastructure for free. Oh yeah, they got to pay a few million each year, how does this compare with the cost of installing a rail network thatruns right to major cities?
Free market and fair market are insane ideas by themselves, but the idea that you can have BOTH is so laughable it is to cry.
For telecoms the problems is the wire, who has the wire, controls the user. So either you put in very heavy regulation to make sure everyone can access those wires (not a free market) or you accept that those who happen to inherit the wires own the customer (not a fair market).
The idea that a new player in the market can just install their own network is idiotic, the costs are extreme and the benefits miniscule, plus do we really want anymore companies digging up roads?
We are in luck that years ago cable tv happened, else the telecoms would totally own the internet. Now at least we got two end-point networks in the ground, but as The Netherlands showed, until the phone network was forcibly opened and a third part could enter the market and start offering better service for less money only then did the cable companies start to improve theirs.
At least on the phone network you now got plenty of supplies, yes they use the underlying KPN network, but some of them are indeed competing by just selling you bandwidth and nothing else. You rent a pipe from them, and that is what you get.
Offcourse, you pay for that, and as long as Joe Average continues to only look at the initial price, companies that offer real quality with no hidden strings are going to lose out.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
The problems with a fake RST detector are two-fold. The RST bits are being set on TCP traffic sent in both directions on a connection, so even if you ignore RST teardowns, the other side will tear down the connection. What Sandvine boxes do is just flip the RST bits on TCP packets flowing through them, so the sequence numbers will appear correct in the connection tracking table because the TCP packet is a valid one from the other side of the connection.
If Comcast truly is using Sandvine boxes, then this could be a network controller station with the preset examples still in place. The Sandvine sales presentation shows how to load up the system with all the prefixes from AS36561, and then interfere with a tiny percentage of TCP traffic after the first few hundred packets are transferred. What this does is provide a way of denying they are completely blocking those packets, but will blow away any connection hoping to do streaming video or cruise around on a web page heavy in graphic content like a mapping function.
The business model after installing Sandvine boxes is to then extort regular payments from large content providers to allow access to their network. Comcast, SBC/ATT and a few other monopolistic ISPs would like to see both sides of a connection pay for traffic in both directions, not the current economic model where each side pays for their own access or transit.
What Sandvine boxes do is break the end-to-end model of the internet. Even a tiny percentage of broken connections will put an end to all the cool applications everyone is currently enjoying. Streaming video and audio sessions, VoIP calls, file downloads, p2p exchanges, search engines, mapping and geolocation, and heavy web content sessions like social networking sites. The only traffic that can survive this kind of interference are from applications that make repeated attempts at connection in case of unexpected interruptions, like SMTP.
P2P protocol designers are pretty agile and clever. In the face of regular faked TCP RST bits on a connection, they'll evolve the protocol to make shorter connections, and to make repeated attempts to reconnect when an unexpected RST is received. Expect tuning "knobs" in clients very soon now, on how resilient to make the connections or how many bytes to transfer before tearing down and rebuilding the connection. There could also be a way to limit the numbers of attempted connections so as to fly under the radar of systems like this. I can open any bittorrent client with a single popular file, and see over 1000 completed TCP connections within 2 to 3 minutes. Limiting the number of new connections per minute could throw a spanner in Sandvine's current design.
the AC
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
Nah, the basic problem is that the bigger the company, the higher the density of PHBs. Once you get to a certain concentration, you hit stupidity critical mass. From the outside it looks like malice, but it's really just highly focused incompetence.
Oh, if that were really the only problem.
There are two kinds of big mistakes you can make: those that are big for a company your size, and those that are just plain big. In a big company with lots of customers, small mistakes are multiplied by volume into just plain big mistakes. If you've got gross revenues of a million dollars, a mistake with a potential $100,000 impact is big for your business, but not that big. You can survive it, you can reestablish credibility with your customers (whom you know face to face) by personally eating a helping of crow in front of each and every one. If you're in a company a 100x as big, you're talking maybe a $10M impact that if laid to the account of any individual employee is a disaster beyond that individual's ability to make right.
That's why large companies can develop a special kind of stupidity, preferring a status quo that is certainly wrong to any alternative that is only probably right. Individuals protect themselves using exactly the same strategy that schooling fish employ. Any decision has to have so many fingerprints on it that firing the people who can be tied to a mistake is like cutting off your right arm. That's why big defense contractors are probably the most bureaucratic organizations on the planet. Ordinary mortals have to make decisions that can have impacts measured in hundreds of millions of dollars. In any such situation, you obviously need a form of collective responsibility, the question is what form it takes. It's all to easy to develop an organization that protects individuals by being unable to detect and respond to most problems. We didn't know about it, if we had we probably couldn't do anything about it, and if we could have, it wasn't my job.
The problem is not that a typical PHB is necessarily stupid. The problem is that organizations are built in a way that rewards people for acting in a stupid way. But stupidity is all too common. Even stupid people can manage to be cunning in bad organizations, because they are problems in an organization built around willful blindness to problems. It's more of a challenge for intelligent people I suppose, because it's hard for people with imagination to find much satisfaction in what it takes to get ahead in these places. It has even been suggested that sociopaths make good managers, which I doubt. But I can well believe that feigned stupidity is better in some cases than the real thing.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
It's far more likely that Google, rather than imitate Comcast's packets, would instead alter some subset of their traffic in a way that would make it more likely it would trigger Comcast's filtering. No need to fake the interference--it's actually there. Just figure out how to trigger it and you have your talking point.
Build a man a fire, he's warm for one night. Set him on fire, and he's warm for the rest of his life.
It just started hitting me within the last month or two, and it's so bad now that I've literally had to bring Speakeasy in and move my Subversion, FTP & web servers over to that connection. I know Comcast doesn't officially support servers, but I've been running all kinds of them without issue until just recently.
;-)
You know, since providers and governments are breaking TCP/IP with these strategies, I think it warrants some sort of firewall extension to run heuristics on RST packets and try to determine which ones are suspect & should be dropped. Then it's just a matter of getting every "guy on the other end" to use it.
Pi Ran Out
They dont try and shape traffic because they dont want to shape traffic. Its not just about the bandwidth used by P2P, its also about the fact that P2P is used for so much piracy. Why bother to pay Comcast $$$ for HBO when you can download the shows you wanted from HBOTorrents.com (or other BitTorrent site). Also, it wouldn't surprise me if there are back room secret deals going on where the big media corps are telling Comcast that they have to do their best to make illegal file sharing on their networks unusable and in return they get access to the channels & content from the big media corps at better rates (ala the Microsoft "sell only windows or else we charge you more for it" back room deals that are rumored to exist)