Slashdot Mirror
Comcast Blocks Web Browsing
An anonymous reader writes "A team of researchers have found that Comcast has quietly rolled out a new traffic-shaping method, which is interfering with web browsers in addition to p2p traffic. The smoking gun that documents this behavior are network traces collected from Comcast subscribers Internet connections. This evidence shows Comcast is forging packets and blocking connection attempts from web browsers. One has to hope this isn't the congestion management system they are touting as no longer targeting BitTorrent, which they are deploying in reaction to the recent FCC investigations."
Throttling wouldn't be so bad if you could just opt out of it. The ISP providing my home Internet connection throttles your performance by default, but if you visit one their website, you can change the settings to unthrottled, and then upload and download gigabytes and gigabytes of music and films each both with no problem. The ISP figures most people aren't going to bother changing their settings, but the people who really love file-sharing are still free to do so.
How come they still have customers? Are they a de facto monopoly? Where are the class action lawsuits and the antitrust regulations then?
Karma cannot be described by words alone.
...I wanted to have First Post but I had to find an available proxy to get through my ISP's traffic shaping technology
Stock prices continually look grim for CMCSK.
The dangers of knowledge trigger emotional distress in human beings.
Now I remember what this week's news were missing... Some Comcast throttling articles.
Triple play! Where you get your phone, internet, and television all on one bill! Next up! Comcast Quadruple Play! Where you get the bill for the complete STD test after Comcast finishes pwning you in the ass too!
'Number-memorizing Chinese people.'-Anon
Does Comcast have a death wish? It sounds like something out of Dilbert.
What do you expect? You can't have bandwidth hogs abusing the service by accessing web content not approved by the Comcastâ PremiumUltraProPlusPackageâ!
This sort of behavior does not bode well at all for the future of open source governance.
Eclipse in the UK, since taken over by Kingston Communications, will packet shape you so hard, that even if only downloading a linux iso from p2p at 33kbps,they will disrupt all your connections, such that web browsing becomes a pre broadband experience. Don't use p2p and all plays nice again.
so nothing new in this here in the UK
When ISPs were just targetting the minority of users who use P2P (and then under the excuse of stopping piracy/ thinking of the children/ protecting us from terrrists) there would never be enough backlash from their users to stop this kind of abuse.
However if they start screwing with http, then suddenly every Joe Sixpack will be up in arms about traffic shaping, and maybe the pressure will be sufficient to actually bring about some change.
My sincere thanks, Comcast, for bringing this issue into the mainstream.
NOT COMCASTIC
What is the 207.68.173.231 address they were having problems with? Some MSN host?
So we're going to go from the known party term c*ckblocking to Comcasting.
You are in a maze of little twisting passages, all different.
Responding on behalf of hosts that don't (aren't supposed to) exist isn't necessarily a bad thing. It can save on the 45 second timeout for customers, and can help keep FW state tables smaller.
That being said.. spoofing addresses to return RST commands and etc. just SUCKS.
I wish DSL providers would improve their coverage. Many people don't have a choice of anything BUT Comcrap.
-- You can't idiot-proof anything, because they're always coming out with better idiots.
Comment removed based on user account deletion
Time to crack out the champagne and christen the good ship Tubetanic as she sets off on her voyage to provide a data-haven in international waters?
I'm ready. No, seriously, I only just put this pirate costume on.
CableVision has been having the same disruptions as Comcast.
It disrupts BT, P2P distribution, and even Tor when just being used as a client! At first it works, then connections slowly die off and new ones cannot be opened. It happens most aggressively during prime-time, but it also is done any-time-of-day. Fortunately the telephone still works as it's UDP based...once they start filtering that, it'll only be a matter of time until someone dies because 911 doesn't work.
1. It is a darn good read. Concise, short and to the point.
/. headline had me thinking one thing - but reading the article clarified my one knee jerk reaction: "You cannot browse the web - at all!?"
2. They are using firefox.
3. The Slashdot headline is not completely accurate.
The
Reading the article I got the idea that is not exactly the case...
Seven Days with Ubuntu Unity
But it sounds like Sandvine should ship them a newer load - perhaps they should beef up their SQA team.
I am getting torrent speeds around 200K/second. Is filtering specific to some region or bittorrent client? Does Mac TCP stack confuse it in some way? It seems to me that they face a mass exodus of customers to AT&T if they really break torrents for everyone.
Granted, the person on the other end of the phone doesnt know or care about such issues as net neutrality. But she did ask why I was cancelling, and she did type in my response. So hopefully someone down the line will read it. But even if they dont, at least I know that my money will not be going to a company I despise.
It can be go tiem now plees?
I couldn't get to *some* of the hosts at the College I work at around 7am Saturday morning (EDT). Some were fine. That's for ssh, http, https, and even vpn. I could ping all the hosts and ping could get through, but no tcp connections I tried. I tried going the opposite direction from those hosts later back to my linux box via ssh at home and couldn't get through either. The at 2pm eastern everything just started to work again.
I upload & download tons on Comcast's network. OTOH I don't pirate software or music. Really, I make heavy use of the bandwidth given me (routine full load) and I've never received any of these notices, any sort of throttling or anything else. Is there a site with all the assumed proff of all this Comcast badness going on that I can look at?
I'd be impressed if the loudest complainers weren't some sort of thieving pirate.
Okay, I'm not specifically a network engineer, but I like to think that I'm not network stupid. To me, this would sound suspiciously like someone trying to perform a denial of service attack.
Now, I can understand being irritated at forged packets coming back as a result, but at the same time, isn't it reasonable to expect Comcast to do something to shut down connections coming from this host? Frankly, I'm a little surprised that Comcast didn't shut off the connection altogether.
Am I missing something?
thats a might interesting business tactic there:- hose the horrible customers who pay the comcast wages.
running on the assumption that Comcast is not run by brain dead half arsed idiots, then there must be some logical explanation for such bizzare moves recently.
top of the list is the assumption that the majority of their users will not be affected by this and that they will no doubt happily lose the users that are. this is the kind of logic I have heard before from ISPs.
1. sell unlimited internet connection that due to the powers of obfuscated and cunning advertising is actually limited to XGb a month
2. limit the users that dare use more then they deem is reasonable for everyday use
3. quietly ban, drop or otherwise lose the 5% of horrible users who take 95% of the bandwith
4. ??
5. ??
6. too obvious
but in todays media rich net such tactics are not really viable. and such underhand tactics (by which I mean undeclared, unacknowledged throttling and limiting) are always going to be caught and trumpeted around the 'net. Comcast *must* know this, so therefore there is some rationale behind their moves that seems reasonable from their point of view. But for the life of me I cannot see it.
Just use gopher.
Must be. I'm in southwest virginia and can't get a torrent to get over 15kb/s, and strangely my upload speeds are in the 50s.
Absolute power corrupts absolutely. indymedia
The biggest objection to what Comcast was doing was that they were generating reset packets that didn't originate with either host.
Now, this article seems to say that they will generate reset packets for hosts that don't even exist on the internet. This may be a kind of throttling, but it is sill FORGERY, and shouldn't be allowed at all.
If I have nothing to hide, don't search me
How did you discover the FIOS rollout schedule for your location? I'm contemplating moving my household and I would definitely use the current/future availability of FIOS to help me choose my destination. However, I can't figure out where to look to find a map that says "This is where you can get it, this is where you can get it in 6 months, and this is where you're out of luck."
So how did you figure this out?
This is a bit off-topic, but it does have to do with comcast.
Last month I called comcast to tell them I did not want to be called, mailed, or emailed by them or any of their 'partners'. I called in response to a mailing from comcast that provided a phone number for opting out. FWIW, I have been receiving junk mail (post and electronic) from comcast encouraging me to get internet service from them, despite the fact that I have been a comcast internet customer since it was RCN.
Yesterday I received my monthly comcast bill, and on the bill was a $1.99 charge for "change of service". I called comcast, since I recalled making no changes to my service in the past decade. The telephone operator said "that charge is for when you called to opt-out of the comcast and partner mailings". She quickly followed with "we can remove that charge with a credit to your next statement".
Sigh.
$1.99 is not much, and almost not worth the time calling about it. But the attitudes and practices behind the fee are what get my goat.
Are visits from other ISPs to comcast controlled locations also shaped?
For instance, if I am playing a game against someone whose hosting, and they are on comcast, are my packets shaped too?
Not the best example, could be ssh for instance, (far more likely for me), or any one of a number of reasons, none of which are didgy in the least.
A learning experience is one of those things that say, 'You know that thing you just did? Don't do that.' - D. Adams
I wonder what Comcast's network would look like if they spent as much money improving bandwidth as they apparently do "shaping" (damaging) the traffic already on their wires.
The difference in performance is blatantly obvious. I run legal bittorrents sharing shows authorized for trade by the bands. If I have utorrent running, browsing actively on more than 2 tabs is pointless. Pages loading slowly under those circumstances instantly deliver if I shut off utorrent.
Wasn't there a story up a couple weeks ago about the FCC finding Comcast's actions to be illegal but lacking the appropriate authority to actually do anything about it?
And since someone asked, yes, Comcast is the only cable option in my area.
I've definitely noticed this happening. I get TCP Resets on my comcast link on random web pages all the time for no apparent reason. Doesn't matter what the server is.
In the next few weeks Verizon will be rolling out fibre to my neighborhood. And while Verizon may have its own issues, it will be interesting to see what Comcast has to say when I start to think about shifting ISPs.
I am Slashdot. Are you Slashdot as well?
Urm.... have you tried setting your upload cap? My line maxes out (admittedly, UK cable) at about 600kb/s *BUT* only if i lock the upload to around the 20-25kb/s region... Allow it to go unrestricted and it'll eat all your timeslots on the cable with upload packets forcing your downstream rate to suffer...
Programming is an Art. I am an Artist. Does that mean I get to wear a daft hat?
Let me first say that I dislike comcast and as soon as there is some real competition I will drop them. I.E. when FiOS comes to town, fuck comcast.
That being said, they are in a bad position of having to provide high speed service to a lot of people cheaply.
The 70 year old grandmother pays as much as the P2P users but the P2P software is designed to maximize throughput typically at the expense of the other network users. So, while someone is "gaming" the network to get better bandwidth, granny is having a hard time downloading pictures of her grandkids.
There are times when there are no "good" answers to a problem, only degrees of less bad. I'm not trying to defend Comcast, per se', I'm just trying to have an open mind about the issue. Bandwidth throttling/shaping is a necessary part of network management, I don't have a problem with it as long as it is applied fairly and without prejudice.
Sending 100 syn packets per second to an invalid internet address... that would seem like a big red someone stupid is trying (or testing) a DOS syn attack flag to any ISP worth their salt. They basically were trying to create 100 outbound connection attempts per second for an extended period of time, I would be more annoyed if the ISP didn't catch something like that, only need a few hosts to build up a nice syn attack and overrun someone's tcp stack.
To me it seemed rather obvious: http://slashdot.org/comments.pl?sid=501572&cid=22882416
Comcast craps out at 100 connection attempts per second.
XP SP2 craps out at 10 connection attempts per second.
This is merely DDoS protection against infected customer machines, not even necessarily for their own infrastructure.
You will not ever hit this limit by browsing the web, like the headline suggests.
...all they will need is one rule: DENY ALL.
alias possession='chmod 666 satan && ls
please someone correct me, but this appears like comcast is knocking down SYN floods. If this is the case, it is a good thing. In fact, if they stopped all connections both ways to some tool who is slamming the network with a bunch of crap at peak time for a limited time on each offense, wouldn't that be a good thing ?
My brother has comcast and up until recently, we used iChat to video conference. Nothing changed in either of our setups, and yet he is no longer able to participate in any audio or video conferences with me or anyone. Both ends just report that the other party did not respond.
What's the best method to see these RST packets?
Just wait till they do the same thing with TV/phone: Hundreds of channels* Free unlimited long distance** *If you watch your TV more than 20 hours a month we'll cut you off **As long as you don't place a lot of really long distance calls. Then we'll throttle them so you only get every 3rd word
"Always forgive your enemies; nothing annoys them so much." - Oscar Wilde
He criticizes Comcast all the time and is in favor of Net Neutrality. There IS a movement to put those people in line.
Me: they are a shit company.
Which will affect your poor grannie too.
It's sorta funny, but two nights ago I had my first ever real problem with Comcast in about 2 years. I spent 22 minutes on hold and another half-hour talking to a somewhat competent Indian lady (who would nevertheless get flustered if I tried to "fast forward" her script lol). Since I had already "power cycled" my modem twice before I called with no effect, I'm slightly mystified as to what, if anything, she did on her end, but my connection isn't dropping packets anymore...
There is simply too much glass..
We synthetically generated TCP SYN packets at a rate of 100 SYN packets per second using the hping utility ... The IP Time to Live (TTL) field for these forged TCP RST packets is consistently set to 255
So, when new connection requests are issued at the rate of 100 per second, the first router is resetting some of those requests.
The application is issuing new connection requests at a prodigious rate. The router determines that this is beyond the capacity for the router, or perhaps beyond some limit imposed on that router by the internal network. Or, perhaps, it is beyond a rate parameter that is used to detect DOS attacks.
When such a limit is exceeded, there are a few reasonable responses for the router to choose from: It can drop random packets; It can drop random SYN packets; it can drop packets from the attacking host; or it can NAK/RST some of those SYN packets. All of those are legitimate router responses. The reset packets are not "forged". They are legitimate responses in the protocol. The primitive operation is called a "provider disconnect indication".
I don't see any problem in the protocol here. And, I don't see any problem in the router behavior. The router is just protecting itself and the network from overload conditions. By selecting to disconnect calls from a host that is using far more resource than other hosts, it is just protecting the other hosts from a DOS attack by that first host.
The title of the summary should be "Local routers defend agaist DOS attack".
Yes, but it is probably a monopoly granted by your municipality. If you look closely at your bill, you will see something called a "municipal service fee" or some such nonsense. It may be a significant percentage of your total bill.
This municipal monopoly benefits you slightly by giving you a broadcast of board meetings and school lunch menus, but this monopoly greatly benefits incumbent politicians by giving them hours of free advertising with zero dissenting viewpoints where they can keep telling you how wonderful they are without having to tax you for the privilege.
Bit by bit internet service providers are chipping away at services people have taken for granted the same way the government is chipping away at our civil rights. People just become accustomed to it and lack of choice and value becomes the new standard.
Canceling doesn't matter. You will just bounce between the same kind of companies with the same goal: give the customer less for the same (or more) money. Corporations have figured out that the government either doesn't understand how to regulate them or is in bed with them and sharing the profits. So there is really no reason to give customers what they paid for. All they have to do is just keep changing the terms of service, and as one company gains an edge in providing less service their competitors will follow right along with them.
Even boycotting has no point. Our nation is so large with so many consumer that even if a million people turned off their internet service today their loss would just be absorbed and the companies will move on. Much like air travel internet service is becoming a necessity to people and that's where the corporations gain free reign to increase prices and reduce service and quality.
Get used to it. The future is one without choices.
For the last couple of weeks certain pages have been behaving exactly like this for me (Sadly, I am a comcast customer, there is no other option in my building). Specifically, the ESPN "Scoreboard" pages usually timeout 2 or 3 times before they actually load up. These pages likely generate a lot of AJAX requests for each game on this page, so that would create quite a few TCP connections...
I'm going to be an anonymous coward here because I don't want people emailing me and there is pending litigation that we have all but won. Waiting on settlement at this time.
We sued comcast. What? How? Eh?!?
Check your EULA that you signed when first getting service. If you are a business customer this REALLY affects you. Their "shaping" technology actually caused a shitload of false positives on a bunch of alarms. Our sent packets to security equipment wasn't always returned so we started to get a lot of "failure to connect". Well... a lot of what we manage are fall back systems that when they come online take over for other sites.
Well... these different locations of hardware were not able to communicate correctly because they were identified as P2P. We use encrypted packets of random data to doubly ensure that it's authentic communication.
This set off a chain of events as the shaping got worse and worse. Originally we thought it was our network code. We couldn't reproduce it and noticed our satellite connection didn't have this issue.
Our amazing network engineers took 2 months to track down the issue and it was their shaping technology blocking or resetting our connections at almost a 90% success ratio. Now while we preferred having 24/7 connections to our equipment this was no longer possible unless we altered our code significantly.
So we looked at our EULA and sure enough there was no mention of interception of data and packet shaping. In fact, our contract said they wouldn't do anything without notifying and getting our approval first.
We sued. We won. Now we're waiting judgment for lost revenue, breaking of contract etc.
I STRONGLY recommend every business out there who has remote equipment that does more than "ping" for responses and are having trouble to check your Agreement. Screw cancelling your subscription. Sue the pants off of them.
A quick solution is to just drop the RST's coming back with a TTL of 255 (something > 250 would work fine too). Unless they are sending a reset to the destination host as well, this is a quick-fix for anyone with a Linux or BSD firewall. Similar to how the Chinese firewall can be evaded.
Don't forget to vote!
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
While I was waiting on possession of my new place, I rented a place that had a bunch of people sharing the internet connection. One of the guys there used to Blitzkreig our connection with torrents, so that my ping times (to google, etc) went frmo 70ms to 800ms
Unfortunately, the landlord knew shite about internet, and the roomie was an arrogant prick who stated the internet wasn't slow until I moved in with my weird Linux crap (nvm that half the time other people were experiencing slowdowns, my computers were *off*).
If I could have throttled his torrenting ass, I would have, at least then I could have browsed normal sites without a massive lag or timeout issues.
The usage in this respect is not mentioned even in the Wikipedia article, not mentioning Britannica or that Princeton dictionary that pops up when you define: the term in Google.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Forging RSTs is one thing.
But per the article they are even forging the SYN/ACK response to a SYN connection request. (Hell, to ssh connections even!) This meets the definition of an impersonation attack. Much more closely than the definition of traffic shaping, anyway.
(Coming soon - Comcast hires mobsters to whack every third customer, but "it's not homicide, it's traffic shaping!")
Did anyone realize that none of the IP address's listed IN TFA belong in comcasts range?
I've been saying that for years...it's COMCRAPTIC! I am so glad I fired them and got FIOS the moment it was available.
The company IP2Location will determine not only the geographic location of your visitors, but also their ISP.
Support Right To Repair Legislation.
Don't the Chinese Communists do the same type of traffic inhibit with RST packets ?
Approximately 2 - 3 weeks ago, I started getting randomly disconnected while playing WoW, and in game, my ping times would be in the 3000s of ms, and higher, randomly. My connection has been through Comcast for 2 years, I have a simple LAN at home, etc.
I troubleshooted(troubleshot?) everything on my end. Everything. Checked my router (Linksys WRT54GS). Connected directly to the cable modem. Tried different boxes here at home.
Something that felt "strange" about the predicament was that my neighbor's wireless would work fine - and he/she/it (who knows?) has Comcast! I could log on and my ping time would be normal (it would be back at the latency I was gettting "pre-2/3-weeks-ago")!
Finally, I ended up chatting with Comcast support. Yes, I've power cycled my modem. Yes, I've connected directly to the modem. The technician said that my modem was not reporting excess dropped packets and appeared to be fine.
Magically, after being done with the web chat (the tech recommended I place the modem before a cable split in my apt - even though it had been where is was for the aforementioned 2 years before with no problem), everything worked!
My guess is that: I VPN into my home box from work all day, so I'm sure that shows up as "evil" to their monitoring systems. (I don't torrent - who has time? I'm busy playing WoW, though that does use a torrent connection for updates...)
Additionally, my VPN connection would randomly time out, too, in the same manner as the WoW thing - which felt like lost packets.
I can't believe that this all makes sense now; they're forging RST packets on regular TCP connections now. Goddamn it.
My connection was nearly useless all of saturday. Funny thing is that my vonage and mail server (on nonstandard port) continued to work flawlessly. All http(s) was borked for most of the day, however.
Comcast has been during peak usage times, killing everything I browse that it isn't in an obvious cache server.
I ran around checking all my machines thinking I had a bot eating bandwith. But nope, everything fine again later when I hopped on.
Verizon is just as bad. I could get DSL if they removed the POS repeater that they put too close to CO. Lazy bastards have not fixed it let alone have any plans to bring in fios.
I couldn't get to just about any website I tried... weather.com... cnn.com... aviationweather.gov... all I wanted to know was what the goddamn weather was going to do, and I couldn't get anywhere.
I rebooted my router and every PC in the house, and still nothing. Called Comcast, they said everything looked fine from their end...
Now I know what was really going on...
I'd say I can't wait for Fios, but they are probably just as bad..
If we use UDP for all traffic (yes, this would require a lot of development), then it would be a lot harder to reset this traffic. Or we could go forward instead of backwards and switch to SCTP but that runs the risk of Comcast adapting to that and resetting SCTP sessions. The ultimate would be to use IPsec, along with a better algorithm to handle lost packets (instead of doubling the time delay between each resend, just increment it slightly, with a 1 minute ceiling).
now we need to go OSS in diesel cars
In the early days of the Internet (by which I mean 1981-1983, not 1997) there were ICMP Source Quench messages. This provided a way for routers to say to an end node "Slow Down." Back when I was working on congestion control, I had our TCP implementation (a modified 3COM UNET; this was before Berkeley got into TCP) set to cut down the size of the congestion window when a Source Quench was received. I took the position that Source Quench messages should be sent before the packet-drop point was reached, so that a well-behaved TCP should never have a packet dropped for congestion reasons.
This didn't catch on, though. There was concern that sending Source Quench messages would choke the network, since as the network congests, routers need to send more Source Quench messages. That sort of behavior creates an unstable condition. And coming up with a generally applicable Source Quench policy was hard. Eventually, ICMP Source Quench was deprecated.
Without Source Quench, there's not much a router can say to an end node about congestion. A router can still send ICMP Destination Unreachable messages, though. What Comcast ought to be doing if they want to reject a connection is to send back ICMP Destination Unreachable, Code 13 (communication administratively prohibited). That's a legitimate action by a router, and it makes it clear who's complaining. Some firewalls will send such messages, so they're not unheard of; however, some NAT boxes don't translate them properly, so they may not reach home clients.
But faking a TCP RST, or worse, sending an ACK for something that didn't reply at all, is just wrong.
...I had a problem saturday morning where I could only access google and yahoo. Every other site I tried failed.
I'm still waiting for FIOS to come to town. It sucks because Comcast has the monopoly for most neighborhoods in my area.
I've been experiencing this for at least a week, exactly how the article described. I had no idea where to attribute the problem, thinking my router might be dying or something, but this is pretty clear now. I'm just glad that I'll be moving out of the Comcast area in the next few months. YAY!
Reviewing just the first hour of video games.
Comment removed based on user account deletion
They interfered with mine until I flashed my Linksys router with a Open Source WRT Firmware.
I went from getter bursts of 12mbps and avg of 5mpbs to bursts of 33mbps and a avg of 20mbps.
Not sure why it would be such a drastic change, until I remember last year I called them up because I couldn't web browse, and they said they changed something that required all Linksys Routers to be restarted.
To me, it sounds like they simulated a SYN based attack instead of normal traffic. HTTP, SMTP, POP, IMAP, SSH, etc do not send 100 SYN packets per second.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
This crap has to come to a halt. Not just Comcast's antics, but ISPs in general. If an ISP is going to block ports, traffic shape, or otherwise impose restrictions on internet connections, they should be required to advertise those restrictions more prominently than the features of the service. It's not right to bury restrictions on page 30 of a TOS agreement. If you're going to advertise your service as 50 times faster than a dial-up connection or advertise "blazing speeds" and low prices, they should also be required to advertise their service's restrictions just as prominently or more so. The same thing goes for "unlimited bandwidth". If they're going to advertise unlimited bandwidth, they should never be able to cite excessive usage as a reason to cut someone off. Our world should not be run by marketing and PR people. "Liar" should not be a viable career path.
It used to be they just blocked google.
Now, they're blocking web traffic.
whenever I'm trying to download torrents, firefox doesn't load pages. I turn off the torrents, and suddenly it works again.
This, I'm sure has got to be a complete breach of service contract.
Though this sort of behavior isn't new. ISPs have always messed with the connections of heavy users to make them want to leave the ISP.
They're using their grammar skills there.
Excellent points. I have to wonder if people would be so up-in-arms if Comcast was dropping SYN packets instead of forging RST packets.
Don't get me wrong, Comcast is still a slimy grease ball of a company. BUT, for the reasons outlined in the previous post, I don't think anyone can proclaim this to be the smoking gun that proves Comcast is the devil incarnate.
If we RTFA, we won't be outraged. Without outrage, who are we?
They are doing the packet forgery as a method to protect access and copying of copywritten works.
So your providing a workaround is a violation of the DMCA and you are guilty of a felony with a 5 year Federal sentence.
* for the first 6 months, then only $199.99 each month thereafter
Besides their apparent sadism by implementing filters and such (same RIAA/SCO business model, just change "Sue customers" to "prevent from using what they paid for"), Their advertised offers always have very tiny fine print, hidden in the margins and borders of the mass mailings, mentioning that oh yeh, the price quoted above in the bold 1000pt font is good only for a couple months before we double or triple it, and you are still locked in to us for a year! That is the main reason Im staying away from them. Besides, I got higher up/down bandwidth AND static IPs (something else comcast WONT do) for a MUCh cheaper price from DSL Extreme</happycustomershamelessplug>. If you sign up, feel free to use me as a referral (username there same as here).
tm
Support TBI Research: http://www.raisinhope.org
As a Comcast subscriber, I can tell you that I am getting time outs and other connection issues with web radio, http browsing, VPN connectivity...all on my supposedly 6 MB connection. None of these troubles were there just 2 months ago and I have had this connection for 3 years.
[RIAA] says its concern is artists. That's true, in just the sense that a cattle rancher is concerned about its cattle.
So, I guess this is why Comcast customers in the Pennsylvania, New Jersey, and Delaware area completely lost their Internet access the morning of Saturday, April 5, 2008? For Comcast, does throttle equal choke?
As a FiOS user (and very satisfied, aside from the port 80 blocking) I don't really care, but as a former Comcast customer and for those of you that are locked into Comcast...
Comcast has their own "Comcastic!" word for describing the Comccast experience. Why not turn it into a sarcastic meme of "fantasic!". Better yet, with specific application to losing bits.
Examples:
My Hard-drive crashed. Comcastic!
We had a Comcastic terminator on this 10base-2 cable which was causing the problem.
I sent they money, but western union got a bit Comcastic.
Steven Hawking thinks black holes have Comcastic properties.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
from someone, their ISP starts shaping and blocking traffic. What is this world coming to??
wow, I had not thought of, you may be on to something.
I recall that spammers actually violated the law when they forged IP addresses. Such conduct is illegal under US Federal Law.
Why isn't Comcast being prosecuted?
Andy Out!
Oh sure, so now they're not messing with just BitTorrent, they're messing with everything else? Awesome.
I'm not sure if this is related but I noticed yesterday my connection to Kingdom of Loathing timed out a few times and I know it wasn't a peak time for that game. Really trying not to put the tin foil hat on here.
Insert Sig Here
It makes me wonder if their new network management tool had failed at some point because my local Comcast number was completely overloaded (getting "the call could not be completed as dialed" telco messages). Obviously something had broke, and even my father called me before I woke up on Saturday about the problem.
si vis pacem, para bellum..."if you wish peace, prepare for war"
Coincidentally, I was troubleshooting a connection to our server in Asia on Saturday. I have seen absolutely same behaviour as in port 80 trace in article - and on the other side of the connection web server also was getting a reset. We do not have Comcast in our path but there are a lot of hops on level3 network.
Not sure what is the exact nature of relationship between level3 and comcast but they sure are partners.
it was to enhance the overall user's experience. -_-
Comcast: Because F*** You, That's Why
How is one to know that? All I see are packets that seem to be coming from my peers with whom I'm communicating, and yet via out of band communications we can verify that they are not being sent by them. The logical solution is to in fact filter them out as invalid. I didn't receive any written notice with each packet stating that it was part of an access control mechanism that I had to respect. They're packets and I can do what I want with them... including ignoring them. Can't I?
My problem with filtering like that is that the filtering only works on your end, and if comcast is bidirectionally sending RST then the other end will back off even though you don't.
Gravity Sucks
That isn't your ISP, by default linksys routers track old connections for 5 days which causes the router to slow down considerably and eventually hang if you use bittorrent or anything else that opens lots of connections. Switching to the latest dd-wrt or hyperwrt fixes that issue.
> From Wikipedia: Advertising is a form of communication whose
> purpose is to lie and deceive...
That wikimedia seems perfectly content to allow that sort of idiocy to stay while being anal retentive about the quality in less important areas is why Wikipedia will never be seen as a primary source of information. It's great if you want to know some pendantic trivia point about the Transformers, not so great if you want actual knowledge about the real world.
Democrat delenda est
I read TFA, and they mention that Firefox would show the "The connection was reset" page when Comcast reset your connection. Recently, my connections have been reset (quite randomly) while loading pages in Firefox. However, my ISP is Zoomtown (through Cincinnati Bell). Could the same thing be going on here?
I am an Earthlink high-speed subscriber with the "last mile" provided on Comcast Cable in the Seattle area.
I rarely notice any long-term "problems" but I and the folks running a particular website (a low volume one at that) have been working trying to find the reason I CONSTANTLY get repeated resets trying to access their site (hosted on Digital River, a local competitor...)
I don't get the resets on any other IPs, only others on Comcast get ANY, and the DR hosted site is NOT even seeing my requests.
It looks like I may just have found the "problem" and it may be Comcast blocking my access even though I am not THEIR customer directly.
Thing is, what in Hell can we do about it???
--Tomas
> ..seem to suggest that it is much more valuable for them to have
> the offenders leave rather than be customers.
This is as old as the ISP. The thumb rule is half your resources will get consumed by about 5% of the customers if you don't take measures. It isn't a hard decision folks, chase off that 5% over a few months and you will still have net subscriber growth while putting off the next major plant upgrade far enough the continual dropping equipment prices will work in your favor. Even better is to continually identify the hogs and chase em off to your competitors.
This cold hard reality will continue to exist so long as we insist on flat rate Internet. Sounds nice but all users are not equal. So long as they all pay the same the only way to win is to find ever more clever ways to chase off the ones that cost you more money than they pay without running afoul of regulators and class action suits.
Democrat delenda est
They're not just sending RSTs. read teh whole article, you've got routers sending SYN/ACK packets as well, pretending to be the destination host... even when that host does not exist. That's the part that's forgery.
Of course these providers have improved their services. The problem is they have not improved them quite as well as they could have. And a lot of the ways they are "improving" them focues on ways to extract more money out of the customers, rather than providing a service that increases the value to customers. Would you expect any less of a business motived exclusively by revenue growth?
One big problem is that these companies are sitting on "gold mines" that were established for them (or for the company they bought out) through exclusive monopolies on the infrastructure. Although they invested in this infrastructure, they benefitted from government guarantees of an exclusive regulated monopoly. Now, with most of the regulation lifted, they are using this infrastructure they "inherited" to gouge customers (as opposed to supplying a regulated service that would be sufficient to pay back the investment). At the same time, they know competitors are basically unable to overbuild, not because of any exclusivity, but merely because it doesn't make sense to invest in another infrastructure (because the new builder would know they could at best get 50% of the customer base).
IMHO, the people have a "lien" in that infrastructure because of having guaranteed the exclusivity in the past. That "lien" should be exercised in the form of maintaining a level of regulation on the infrastructure that permits fair, equal, and neutral use, as well as pricing that is fair and does not gouge consumers.
It's bad enough that we have such a poor service from companies like several cable companies and many telephone companies in terms of how the internet layer services are rendered over the infrastructure. If we had fair access to the infrastructure by other providers of internet layer service, then competition would at least allow someone that does a better job to offer services, if not encourage others to do better to keep customers happy.
Long ago, AT&T was broken up between local service and long distance service because at the time it was seen that long distance would be better provided through competition. This was in fact correct and it did improve long distance through better offerings, better pricing, etc. But the split wasn't quite right in terms of today's needs. What we need today for telephone and cable service is a split that separates the ownership and management of the infrastructure, and the companies that can offer services over that infrastructure. We are already seeing this point of split taking place in many areas for electrical power service. In many areas, people can contract to get their electric power from any of a number of power providers (some that actually generate power, and some that merely buy it on the generation market). This has opened up options we would not have otherwise even seen, such as greener power preferences.
What I propose is that governments in all areas support (even financially) the development of an all new fiber based infrustructure. Instead of this being a branched fiber structure like Verizon FiOS, this infrastructure install a minimum of 4 fibers from each home (maybe more for businesses) all the way to a central office connection facility. This infrastructure, including the central office facilities, will be owned by the local government (or liened or otherwise regulated by it), and operated in a fully fair and neutral way. The home owner/renter can then acquire services from any company prepared to connect service to them through one or more of these fiber circuits. Legacy/incumbent providers of information/entertainment service like Comcast, and telco service like Verizon, can make use of this by being one of these providers. They would be able to offer any services they want through that fiber connection (which is plenty sufficient for a huge amount of service on just 1 of the 4 fibers). They could even choose to subcontract
now we need to go OSS in diesel cars
Well, my Comcast internet connection went down very early on Saturday morning for a few hours, and when it popped back up, normal web browsing seemed marginally faster, but bittorent traffic seems dramatically affected. One torrent with over 150 seeders and 500 or so peers has been at a standstill for days (with an availability rating of over 40, so it's not that others don't have the files too).
Wouldn't surprise me if this is related.
--- At my sig, unleash hell.
If you'd read the article, you'd know that Comcast forges the three way handshake and then sends an RST. The real destination doesn't see any traffic at all. Dropping the RST would accomplish nothing.
Comcast: "Okay, Okay, we were wrong you were right. Hands off p2p. We'll stop trying to bend you over and screw you with our 12" Tool O' Traffic Management. We get it. Now close your eyes and open your mouth..."
Yes! It's CrapCastic High-Speed Disconnect!!
You cannot truly appreciate Dilbert until you read it in the original Klingon.
I am referring to dropping the packet on the subscriber side, not on the destination side. It should be an easy ACL to drop packets with the RST bit set when the TTL is greater than a certain threshold. If I wasn't lazy, I would go write the iptables rule for it now.
Why did this get modded insightful? ISP's should monitor the network for up time only. No legitimate Intrusion Protection System would rely on forged packets. The hacker would ignore the forged packets.
Comcast has been doing this for months and few people noticed... I started noticing problems getting to certain websites... Either they were really slow or not working at all. Checking online forums I'd see no one else reporting the same problems I was seeing... Then it dawned on me to switch DNS servers to something other than the ones Comcast provides. Soon as I switched to Opendns server suddenly a whole slew of websites that I couldn't reach before or that were slow were available and working. And some even loading pages faster...
Comcast keeps diddling with their service, poisoning their own DNS servers, interfering with BitTorrent, and not more actively blocking websites.
This begs the next question, was Comcast taken over by the Chinese government and we never heard about it?
If it wasn't for many of us that don't have another choice, as they go around eating up local mom and pop ISPs.
So our only choice is DSL, which currently isn't much of a choice.
---- Booth was a patriot ----
I have my cellphone set up as a wi-fi router. If my data rate is too high over the phone, the connection gets chopped. If I run a low data speed, all is fine. So, it seems to be the same.
http://systems.cs.colorado.edu/mediawiki/index.php/Broadband_Network_Management A note regarding our findings: Further experiments have led us to believe that our initial conclusions that indicated Comcast's responsibility for dropping TCP SYN packets and forging TCP SYN, ACK and RST (reset) packets was incorrect. Our experiments were conducted from behind a network address translator (NAT). The anomalous packets were generated when the outbound TCP SYN packets exceeded the NAT's resources available in it's state table. In this case, TCP SYN, ACK and RST packets were sent. We would like to thank Don Bowman, Robb Topolski, Neal Krawetz, and Comcast engineers for bringing this to our attention. We sincerely apologize for any inconvenience that this posting may have caused.
Nothing to see here, except for overzealous "researchers" and lots of righteous indignation from the slashbots.
http://systems.cs.colorado.edu/mediawiki/index.php/Broadband_Network_Management
A note regarding our findings: Further experiments have led us to believe that our initial conclusions that indicated Comcast's responsibility for dropping TCP SYN packets and forging TCP SYN, ACK and RST (reset) packets was incorrect. Our experiments were conducted from behind a network address translator (NAT). The anomalous packets were generated when the outbound TCP SYN packets exceeded the NAT's resources available in it's state table. In this case, TCP SYN, ACK and RST packets were sent. We would like to thank Don Bowman, Robb Topolski, Neal Krawetz, and Comcast engineers for bringing this to our attention. We sincerely apologize for any inconvenience that this posting may have caused.
*fist shaking* Lay down more fscking pipe ya cheap bastards so's we can transfer information at decent speeds for fracks sake already!! */fist shaking*
It appears as if the researchers have messed up and their "study" is completely invalid: "A note regarding our findings: Further experiments have led us to believe that our initial conclusions that indicated Comcast's responsibility for dropping TCP SYN packets and forging TCP SYN, ACK and RST (reset) packets was incorrect. Our experiments were conducted from behind a network address translator (NAT). The anomalous packets were generated when the outbound TCP SYN packets exceeded the NAT's resources available in it's state table. In this case, TCP SYN, ACK and RST packets were sent. We would like to thank Don Bowman, Robb Topolski, Neal Krawetz, and Comcast engineers for bringing this to our attention. We sincerely apologize for any inconvenience that this posting may have caused."
Logging into Giganews yesterday, Comcast's outsourced USENET provider for New England, I was provided a Authorization denied message when starting more than one session.
Seems some trimming one way or another is getting done across the board.
If you have an LG phone with bluetooth and a computer with bluetooth, I highly recommend that you google BitPim.
If you click the broadband link, they admit they were wrong. Non-story.
Reduce, reuse, cycle
Can't blame British Rail for this one. TFA now says they made a mistake:
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
Snap.
Seven Days with Ubuntu Unity
I was about to point out that the article headline was misleading because the authors claimed that this only happened when using a P2P app: When Comcast tries to filter the P2P packets, as a side effect browsing was also affected because (they presumed) the flood of reset packets was interfering with the connection. Turns out, though, that they did some bad science (note to self - reconsider applying to the University of Colorado at Boulder IT course). Their NAT router was the problem and they've since retracted the claim: QUOTE: A note regarding our findings: Further experiments have led us to believe that our initial conclusions that indicated Comcast's responsibility for dropping TCP SYN packets and forging TCP SYN, ACK and RST (reset) packets was incorrect. Our experiments were conducted from behind a network address translator (NAT). The anomalous packets were generated when the outbound TCP SYN packets exceeded the NAT's resources available in it's state table. In this case, TCP SYN, ACK and RST packets were sent. We would like to thank Don Bowman, Robb Topolski, Neal Krawetz, and Comcast engineers for bringing this to our attention. We sincerely apologize for any inconvenience that this posting may have caused.
Read the article now... and change the title to include "retracted"