BitTorrent Devs Introduce Comcast-Proof Encryption

Dean Garfield writes "An article at TorrentFreak notes that several BitTorrent developers have proposed a new protocol extension with the ability to bypass the BitTorrent interfering techniques used by Comcast and other ISPs. 'This new form of encryption will be implemented in BitTorrent clients including uTorrent, so Comcast subscribers are free to share again. The goal of this new type of encryption (or obfuscation) is to prevent ISPs from blocking or disrupting BitTorrent traffic connections that span between the receiver of a tracker response and any peer IP-port appearing in that tracker response, according to the proposal.'"

Do arms races ever work?

[pembo13]

Unless one side suddenly blows away the other, I don't see this ending. It may breed innovation, but said innovation only seems useful for this one problem.

Re:Do arms races ever work?

[webmaster404]

Well, its not an "end-all" solution however it solves the immediate problem. However chances are in 10-15 years we won't even be using Torrents we will have moved on to another form of P2P.

Re:Do arms races ever work?

[moderatorrater]

Do arms races ever work? Depends on your objective. Generally, arms races preserve the status quo, which, in this instance, is exactly what they're trying to do.

Re:Do arms races ever work?

[timmarhy]

yes, whats the point to anything if it's not a 100% bullet proof solution? you may as well crawl back in your hole and not post on /. because whats the point right?

Re:Do arms races ever work?

[rale,+the]

Comcast's bittorrent filtering has almost certainly cost them money in the form of hardware and software to implement it. If continual updates to the protocol make it more difficult and expensive to filter, then theres always the chance that ISPs could decide it's actually a better investment in the long run to upgrade their networks, rather than upgrade their filtering. That could just be wishful thinking, tho...

Re:Do arms races ever work?

[irc.goatse.cx+troll]

Define 'connection'.

All you would need to do to circumvent that is use something stateless like UDP. If they want to limit UDP to something like no more than 100 different IP's sending you packets within a set time period, they just created an amazingly simple DoS attack against all of their customers.

Even without udp you could just make sure you fully close all your connections as soon as possible, if not sooner (i.e kill slow clients to make room for fast ones).

Also setting this too low could limit legit use, like when you start up your computer and have a burst of all your software checking for updates, checking for mail, rss feeds/podcasts/etc going off, all your IM clients connecting to their various servers, etc.

Re:Do arms races ever work?

[azgard]

Depends on your objective. Generally, arms races preserve the status quo, which, in this instance, is exactly what they're trying to do. The question is, what is the status quo? Is it the filtered or the unfiltered internet?

Re:Do arms races ever work?

[madsenj37]

1. Evolution is an arms race. Viruses and bacteria attack us and we adapt, so they adapt, creating a cycle.

2. Free markets are an arms race. When one business evolves, the other must to survive or perish.

Re:Do arms races ever work?

True, but we don't use eDonkey or Napster anymore.

Re:Do arms races ever work?

[deKernel]

Yes they can be won. Case in point: the U.S. beat the old Soviet Union. Now some will tell you that the Russia of today is still a threat, and they are correct. But they are not the same threat as they were during the 60's and 70's.
You have to fight the fight of today in hopes that the win of tomorrow will result in a brighter future. Throwing up your hands should never be an option. If you want a brighter future, you have to work for it because it will never happen without that hard work.

Re:Do arms races ever work?

[Zebra_X]

"Or they could just do the sensible thing, cut out all the bullshit "unlimited" advertising and start selling customers a set block of gigabytes."

I can assure you, you don't want this. You assume that the ISP's are going to give you a "reasonable" block of data to transfer on a monthly basis and a reasonable price - they are not. They will use this pricing scheme to "extract value" from their customer base in the form of quotas that are properly tiered so as to be just below the common usage tier. The result will be many customers need to go a step higher, and are charged more, for considerably less than they had access to before. Do you really want to worry about whether the next movie you get off of iTunes is going to pop your quota? Or the next stream you setup?

Honestly, bandwidth in the US is what is causing a great deal of innovation at the moment - look at iTunes and Netflix now offering entire movies as either downloads or streaming. Caps will only stifle the adoption and innvoation of this type of technolgy. Customers will think twice about the double cost of streaming a video - the cost to their cap, and the cost of the service. There are I'm sure other bandwith based applications out there that we have not even thought of.

The answer is just in disclaiming that running certain types of services like bittorrent coupled with excessive transfer on a connection can lead to service degredation, not termination. They just need to put a process in place to handle this situation. Time warner claims that "5% of their customers use 50% of their bandwidth" - well - that seems pretty damn easy to fix doesn't it? Exceed a certain monthly transfer rate, send out a warning via e-mail - usage continues - put a cap that is far lower than their original amount.

In addition they don't really say that they are running out of bandwidth, so I'm not sure I see where the problem is.

Re:Do arms races ever work?

[ScrewMaster]

In addition they don't really say that they are running out of bandwidth, so I'm not sure I see where the problem is.

They're not ... they're running out of shareholder satisfaction. Their customers are demanding more capacity, and their shareholders are demanding more money now. The two are diametrically opposed, with the ISP squarely in the middle. Either we adjust our expectations downward, or the shareholders do.

Who is the most like to get what he wants?

Re:Do arms races ever work?

[Just+Some+Guy]

Remember that Comcast was throttling bandwidth to cut costs on network upgrades so why would they spend exponentially more on new specialized crypto hardware and software to MITM the handshakes on bittorent sessions if they are too cheap to even upgrade their network?

That's a very important point. Comcast is going to have to spend $X to make their network tolerable, either by buying blocking P2P and other bandwidth-hungry application, or by expanding capacity. The first method gets them a nice, controlled, slow network and the hatred of all their potential customers. The second gives them a wild-and-woolly, fast network their customers love (and therefore more customers). So, again, given $X: do you invest it to lose business or gain business? That's really the choice here.

Given Comcast, they'll probably use it to put ultrasonic speakers on their modems so that teens don't want to use them, then five years lateer ask Congress for a bailout because they're uncompetitive.

Re:Do arms races ever work?

Generally, arms races preserve the status quo, which, in this instance, is exactly what they're trying to do.

In an arms race, more and more resources are spent, until the part with the least resources succumb. That is what happened to the Soviet Union. Now, in the case of bittorrent traffic, the unlimited herd of torrent-lusting geeks on the internet will have more resources than the MPAA. I am happy to say we'll win the arms race eventually. Their only chance is to do a wargame and win by not playing the game.

Another volley herd in The Pirate Bay

[corsec67]

Too bad we even have to fight this forgery by Comcast, but a technical option has its advantages, since a legislative option might get watered down by lobbyists and congress.

Encryption is always a good thing. The more people that use encryption, the less eavesdropping there will be.

How about, "if you have nothing to hide, hide it anyways"?

Re:Another volley herd in The Pirate Bay

[webmaster404]

How about, "if you have nothing to hide, hide it anyways"?

How about, if you have nothing to hide, someone either the government, your boss, Etc. will twist it to either sell your info or make you look like a criminal, so hide it.

Re:Another volley herd in The Pirate Bay

[mdmkolbe]

If I have nothing to hide, you have no good reason to read it.

Re:Traffic Analysis

[Azh+Nazg]

That's nice, except that blocking encrypted protocols blocks quite a bit more than BitTorrent. . . Secure banking over SSL, SSH, VPNs, and a whole plethora of other protocols. Unless an ISP is willing to go from Internet Service Provider to Web Browsing Service Provider, it would be foolish to block encrypted protocols.

doesn't work

[nguy]

Comcast will now probably simply impose soft traffic caps and soft caps on the number of connections users can make.

Re:doesn't work

[Wildclaw]

Actually they are doing it because they have an outdated badly scaling last mile network and don't want to spend the nescessary capital to improve it.

There is a reason that it only is cable companies talking about bandwidth caps, and not the dsl companies.

Re:I wonder...

[Kadin2048]

Well currently the state of the art is in favor of encryption, rather than cryptanalysis, so I don't think that the advantage is automatically Comcast's. They could probably do some fairly sophisticated traffic analysis, but at the end of the day, they're not actually going to break the encryption and get at the contents, and they can't block all encrypted traffic because it's too critical for other purposes.

They can force the BitTorrent devs to produce a new version every few months, but in the long run I think they're on the losing end of the war -- if they want to stay in the data-transportation business, and assuming there aren't any major breakthroughs in cryptanalysis that render modern public-key technologies useless.

Re:Traffic Analysis

[budgenator]

that's what the cableco's really want, they can easily oversubscribe the system when all you can do is browse the web and Email.

Re:Traffic Analysis

Secure banking still isn't going to look like BitTorrent under traffic analysis.

Ha! Ha!

[stox]

Now Comacast will need to keep a list of connections in order to guess that a torrent is running, instead of just looking at the packet. Good luck on that without a massive infrastructure upgrade.

Re:Traffic Analysis

[Vectronic]

Why not? Sure the connection between client and bank wouldnt, but what about between banks? thats a hell of a lot more data being transfered back and forth... not to mention that its sort of the same concept, a bunch of peers all sharing data, some already contain the same data, some dont...

But that doesnt mean I dont agree with you, with only banks specifically though, im sure they would have re-created the banks networks to avoid this dilemma... only that by traffic analysis alone, I could easily see it failing...

Re:Traffic Analysis

[jonwil]

Banks dont use consumer grade internet connections to talk to each other.

Re:Holy crap, a CCIE!

I for one find anyone flaunting certification X to be an annoying twat

Re:Traffic Analysis

[Not_Wiggins]

I think you may have missed the point of the GP post.
The point wasn't to block encrypted traffic just because it is encrypted. It would be to do traffic shaping, so that a connection generating dozens or hundreds of simultaneous encrypted connections to different destination IP's might be targeted; it is a traffic pattern would most likely be generated by a P2P program and not by normal internet use by a family.

Re:FTP.

[RedWizzard]

I agree that normal browsing and P2P are going to look obviously different so hiding P2P within HTTP is not going to be too difficult to detect. However, P2P could look a lot like an FTP download. How's traffic analysis going to be able to tell the difference between a P2P movie download that looks like FTP from real and legit FTP? In one case you have one or two connections to a single server. Traffic during a download will be in one direction only. In the other case you have connections to multiple destinations. There is significant traffic in both directions to each destination. Do those sound similar at all?

Ultimatly it wont stop comcast

[jonwil]

If they aren't already doing it (I dont know the exact technical details of what they are doing), ISPs like Comcast will simply start looking for anyone uploading large amounts of data (especially if they are uploading to a bunch of different people at once) and block that.

First Blood?

[EdIII]

I'm surprised it took this long for the Bittorrent Devs to respond. Encryption is not a complete solution, as I have stated before, but it is a beginning. That is for certain .

It's going to get a lot more interesting from here on out. In the end, it will only benefit the consumers since they will receive technology that allows them to communicate a little more privately, and perhaps with a little luck, more anonymously too. One could only hope that TOR/Freenet technologies become as ubiquitous in their use as email. Perhaps a hybrid system with elements of Freenet, TOR, and Bittorrent all wrapped up into one would do the trick. I certainly think so.

I think, actually I know, that Comcast has fired the first shot in a losing battle.

I also just can't help pointing out the similarities to the Drug War. A million or so people in prison, and yet there are still plenty of users and suppliers. I would almost say it has effectively made no difference in the amount of people using drugs, or selling them. Especially, since the amount of drugs being sold and used in prisons is even higher then on the street.

So what is the point? If history has taught us anything, it is that governments (corporations even more so) will consistently fail at their attempts to limit/eliminate popular behavior. The elements may change from time to time, but the end result is always the same. The people will find a way to continue their behavior .

"Greetings, Professor Falken. Strange game. The only winning move is not to play."

Re:First Blood?

[dave562]

The point is to generate revenue by exploiting people's natural tendencies. Think of all the fines to be collected. The reconnection fees. The court fees. The jobs generated tracking torrent users. The training programs to be created to teach the fascists what they are looking for. Just like with the war on drugs, the point isn't to fix the problem. The point is to so fully integrate the "problem" into the system that it serves as a source of energy for and an excuse for the continued existence of the system itself.

Re:First Blood?

[EdIII]

Eating up crazy resources beyond the convections of a normal average daily internet regiment

ISP's are inundated with mass amounts of data chocking off more important services

I'm sorry, but you are dead wrong on that one. 100% Absolutely, Positively, Infinitely WRONG. I hear a lot of people say that. I cannot possibly be wrong in my usage of my connection for the following reasons:

1) I pay for it.
2) It is unlimited.

unlimited (n-lm-td) adj. 1. Having no restrictions or controls: an unlimited travel ticket. 2. Having or seeming to have no boundaries; infinite: an unlimited horizon. 3. Without qualification or exception; absolute: unlimited self-confidence.

They set those terms, not me. They have continually advertised a position that was in fact the opposite of their true intentions. All that matters is the contract here though, and that states unlimited.

I don't know if English is your first language, since your use of grammar is a little off, which I don't say in a negative way at all. I just don't understand what you mean by "convection".

You say "normal average daily internet regiment". That is in of itself, an observation only. It is meaningless to the discussion since it just a statistic. No one is actually bound by contract, or any verbal representations by any ISP that they must maintain a normal level of use. Unlimited means that you cannot apply any limitations on the usage; "Normal" is a limitation.

You also talk about more important services. There are no "more important services". Everybody is unlimited, therefore all traffic is equally unlimited. The ISP must therefore treat all traffic the same according to the representations of an unlimited contract.

Now if at some point in the future, the ISP offers for people to voluntarily apply QOS principles to their network traffic, that is in the best interests for everyone. I have no problem being asked, nicely, to apply a QOS tag to all my communications, as it only helps me in the end. I also like the idea of being nice and cooperating with my neighbor, so that under heavy load conditions, his VOIP sessions will get the priority he needs. The contracts could redone to reflect this in the future.

What about the collateral damage?

[blake182]

One of the things I'm curious about is what kind of collateral damage this kind of thing does to legitimate traffic. Oddly enough, I couldn't get to expedia.com, transformers.com (hey, I have an eight-year-old), and store.apple.com when I first got Comcast. A couple of months later, when the news first broke that they were screwing with the traffic, those sites suddenly started working. Nothing changed at my house, and all of them started working at once.

Possibly coincidence. Possibly not.

Re:Traffic Analysis

[timmarhy]

i would argument there is no such thing as "normal" internet use. it's a very personal thing that no 2 people are likely to do the same.

Re:Holy crap, a CCIE!

[tpz]

This is anecdotal at best, but here goes:

Most of the best IT people I've ever worked with have no certs.
Most of the worst IT people I've ever worked with have one or more certs.

Go figure.

Technical question

[Man+On+Pink+Corner]

Why does BitTorrent use TCP at all? If it used UDP, there would be many ways to detect and ignore forged packets.

Non-trivial applications are almost always better off managing their own connection state in my experience. A lot of TCP/IP networking code seems to be written to work around the quirks of TCP connections rather than to take advantage of them. UDP is clearly the better choice in cases like this.

Re:Won't work: They clamp on traffic per flow

[shish]

The only way around this is to open multiple connections to different addresses, transfer small amounts per connection, and then shut it down, opening the next connection to a different endpoint. It requires a total reengineering of P2P

Isn't that the very defenition of P2P to begin with? What needs reengineering about it?

Re:FTP.

[RedWizzard]

I don't necessarily know what I'm talking about, but wouldn't a single P2P download look similar to a ton of small FTP downloads and uploads to and from various locations? That case would certainly look a lot more similar, at least for passive FTP. But it's a very unusual usage profile for FTP.

Re:Comcast makes $$$$$ disrupting seeds

[adri]

Uhm, only in the case of financial bilateral peering agreements. Don't misunderstand the overall problem - its financial - with other issues such as "network capacity", "available upstream bandwidth on the DOCSIS cable modem infrastructure" and similar issues.

Even massive amounts of P2P between their clients, not ever leaving their network, costs them money.

Adrian
(No CCIE, but I've been working with SP networks of sorts since 1997.)

Re:Traffic Analysis

[TheLink]

How do they detect encryption?

If it's the entropy, jpg and bzipped files have similar entropy too.

Are they interfering with those downloads as well?

How about https?

That would be suicide...

[Joce640k]

If they ever do manage to completely block P2P then they might find themselves looking at a bunch of customers who only want 300kbit connections instead of 20mbits. What are they going to do? Slash their prices to the same as the small ISPs who can offer cheaper/slower connections? I think not.

Re:That would be suicide...

[ZombieRoboNinja]

My guess is they'll do what they do now, and charge the same price for ANY connection that doesn't require dialing in with a modem.

90% of people with broadband probably only need 300kbit anyway, for browsing the Net and checking email. But they end up paying $40+/mo for faster, "unlimited" connections, because cable companies have monopolies or oligopolies on access and they don't offer low-bandwidth plans.

Heck, my parents (in rural New Jersey) are still paying Comcast $45/mo for ONE-WAY CABLE, meaning they need to dial in with a phone modem and send outgoing data at 56k. From what I hear, Comcast could upgrade our area to real 2-way cable just by spending a couple grand to update some hardware on their end. Why don't they? No competition, and thus no incentive to provide a non-terrible user experience.