Comcast Blocks Web Browsing

An anonymous reader writes "A team of researchers have found that Comcast has quietly rolled out a new traffic-shaping method, which is interfering with web browsers in addition to p2p traffic. The smoking gun that documents this behavior are network traces collected from Comcast subscribers Internet connections. This evidence shows Comcast is forging packets and blocking connection attempts from web browsers. One has to hope this isn't the congestion management system they are touting as no longer targeting BitTorrent, which they are deploying in reaction to the recent FCC investigations."

Throttling

[CRCulver]

Throttling wouldn't be so bad if you could just opt out of it. The ISP providing my home Internet connection throttles your performance by default, but if you visit one their website, you can change the settings to unthrottled, and then upload and download gigabytes and gigabytes of music and films each both with no problem. The ISP figures most people aren't going to bother changing their settings, but the people who really love file-sharing are still free to do so.

Re:Throttling

[danielsfca2]

That's nice, be glad you're in Verizon territory. Unfortunately for those of use in AT&T territory, there will never be FTTH. They've said so. Why? Because they're the monopoly and they have no competition to fear, of course!

Here, it's your choice of Comcast (which is fast, but expensive, and apparently they're IN UR TCP STREAM, RESETTIN UR CONNECTIONS)... or crappy 1-2meg DSL which is cheap and slow.

Re:Throttling

[noc007]

No offense to you, but much offense intended towards all telcos, they shouldn't have squandered the $200,000,000,000 they made from the 1996 Telecommunications Act that was intended to bring FTTH. Be livid; Google one of the following:
"$200 billion" telecommunications scandal
"$200 billion" telecommunications rip-off

Re:Throttling

[electrictroy]

I love to hate on Corporations as much as the next guy, but there is such a thing as "truth" and integrity. The Telcos were not given $200 billion of taxpayer dollars. They were given tax breaks which allowed them to keep more of their money (in the same way I was given a ~$6000 standard deduction, which let me keep more of MY money).

They did not just sit on the money. They reinvested it in upgrades of other services such as:

- Rewiring analog lines with digital lines (cleaner phone calls/faster internet)
- Improving cell phone communications by upgrading to a digital network.
- Providing upgrades to DSL over standard lines.
- Not declaring bankruptcy during the 2000 dot-com collapse, because they had cash reserves to save them.

So the $200 billion was the *corporation's* money, not taxpayer money, and it was spent to upgrade many of the things we take for granted today (clean digital calls, ubiquitous cell availability, and high-speed DSL to the home). In my own area, I've seen my internet increase from 24 kbit/s on dirty analog lines to 53k on clean digital lines. I've seen cellphone costs drop from $60 a month to $5 a month so that even I can afford it, and in just the last few months, I got 3000k internet.

It would be dishonest of me to sit here and say the corporations have not done a damn thing since 1996.

I would be lying.

Re:Throttling

[LunaticTippy]

I have cell service for $6.66/month. It even includes web access, but not a whole lot of minutes. I got mine through Virgin Mobile prepaid.

I'm not sure it's all bad...

[iceT]

Responding on behalf of hosts that don't (aren't supposed to) exist isn't necessarily a bad thing. It can save on the 45 second timeout for customers, and can help keep FW state tables smaller.

That being said.. spoofing addresses to return RST commands and etc. just SUCKS.

I wish DSL providers would improve their coverage. Many people don't have a choice of anything BUT Comcrap.

Re:Are you serious?

[esocid]

Yes.

I unfortunately have them because they have a contract with the city I live in and no one else has any lines near me. I checked for FiOS but it isn't available yet either. It was almost as bad as when I lived in an apartment complex that had a deal with NTC, which I believe is illegal now, which forced me to pay for their service. Looking back on it, I wish I could get NTC over Comcast.

Cancel

[Badbone]

Im tired of Comcast pulling stunts like this too. So today I did something about it. I cancelled my Comcast service. Completely cancelled. And when I called to cancel, I let them know exactly why.

Granted, the person on the other end of the phone doesnt know or care about such issues as net neutrality. But she did ask why I was cancelling, and she did type in my response. So hopefully someone down the line will read it. But even if they dont, at least I know that my money will not be going to a company I despise.

Re:Are you serious?

[Rakishi]

They're probably a government mandated monopoly in many places which isn't a horrible system per say. The problem is that the government is doing jack shit to uphold it's end of the bargain which is to keep comcast in check. A company given an artificial monopoly will abuse it, directly or indirectly, and if you give a company a monopoly then you better also take the effort to keep them in check.

I have heard, for example, that roadrunner in NYC needs to provide satisfactory service to customers due to it being a government created monopoly. Sure they won't mention this but I have heard of at least one person making enough noise (ie: contacting every politician within 50 miles, among other things) to have roadrunner cave in (well first they begged him to switch to dsl then they caved in).

They are still forging packets

[corsec67]

The biggest objection to what Comcast was doing was that they were generating reset packets that didn't originate with either host.

Now, this article seems to say that they will generate reset packets for hosts that don't even exist on the internet. This may be a kind of throttling, but it is sill FORGERY, and shouldn't be allowed at all.

FIOS availability

[BenEnglishAtHome]

Fios will be in my town by June,

How did you discover the FIOS rollout schedule for your location? I'm contemplating moving my household and I would definitely use the current/future availability of FIOS to help me choose my destination. However, I can't figure out where to look to find a map that says "This is where you can get it, this is where you can get it in 6 months, and this is where you're out of luck."

So how did you figure this out?

Re:FIOS availability

[Missing_dc]

I hear you. I gave up a beautiful house on the Choctawatchie bay in NW FL for a trailer 1/2 the size and 3/4 the rent that was 15 miles further from the beach just so I could have broadband, and that was 6Mbps service from Cox.

Re:FIOS availability

You know FiOS is coming in six months when a sales guy pretending to be an installer shows up at your door and tries to trick you into signing an "information request form" that is really a sales agreement. If you ask to keep a copy of the form he wants you to sign to look over he will refuse -- and no matter how plainly worded the purchase agreement is he will insist it is just an information request.

If enough people stupidly sign the form, FiOS shows up about six months later and everyone who signed it gets a bill.

Re:FIOS availability

[ciscoguy01]

In Orange County, CA there are literally hundreds of boxes with AT&T on them being installed on the sides of streets. They are working on them continuously. I assume that is FIOS going in, and they are really working hard, it's *everywhere*.

After the way AT&T whined about the condition of their copper plant and how they couldn't give us DSL during the DSL rollout (because they were too cheap to fix it), this is a giant change. It may have to do with the UVERSE TV rollout I have been getting bill inserts about.

Course since it IS AT&T it will probably have too many problems and gotchas, and I will likely be trapped on DSL for the time being, since I have a grandfathered static IP.

Re:FIOS availability

[It+doesn't+come+easy]

Unfortunately, AT&T's "version" of FIOS isn't truly FIOS. They take fiber to the boxes you see them working on but from there to your house it is still the old copper. The result is essentially the same internet speed you see now. They may be able to essentially double the practical speed but there's no way they will ever be able to get to Verizon's 20mbps symmetrical service. And I also heard that AT&T will be reserving most of the added capacity for their HDTV channels (their technology sends up to 3 HDTV channels down the wire to your house at any given time -- and even then they have to reduce the quality in order to get three channels over the copper -- it also means you will not be able to watch/record more than three channels at the same time at any given time -- might be somehwat of a limit for large households). There's lots of technical details around AT&T's approach verses Verizon but sad to say AT&T's version is already obsolete and they haven't even gotten it out the door.

Isn't 100 syn packets a second a bit abnormal?

[InsaneGeek]

Sending 100 syn packets per second to an invalid internet address... that would seem like a big red someone stupid is trying (or testing) a DOS syn attack flag to any ISP worth their salt. They basically were trying to create 100 outbound connection attempts per second for an extended period of time, I would be more annoyed if the ISP didn't catch something like that, only need a few hosts to build up a nice syn attack and overrun someone's tcp stack.

Re:The methodology looks suspect

[peachstealingmonkeys]

Comcast is doing Syn-proxy. Obviously they are still tunning the parameters and figured out that less then 100 Syn/sec is enough for a regular user to upload/download. However now Comcast will have to face the 'perception' problem. Not a lot of users, even the "Student PHD", realize the amount of trash traffic that exists on the Internetz. Comcast is doing its job to reduce the amount of syn-floods originated from zombie machines by placing some sort of a TCP state aware system (Cisco Guard comes to mind, but there might be something else in place - Sandvine.. d'oh).

Re:Comcast: we hate our customers

[hhawk]

I think most users have so little idea of what a connection should work like, that if a page doesn't load, they will simply hit reload a few times.

What seems interesting to me, is would this take away their common carrier status? If they blocked specific web sites or types of content, then I think it would, but if this is done randomly, then I would think it wouldn't.

What would be interesting is if they never blocked sites they owed, or sites from which they recieved fees from, etc.

I have no problem with tiered pricing. Today it's often based on speed, but I what would be better is service level based on some packet metric. When I eat at a cheap buffet I don't mind that the food isn't at 4 star quality levels. But when I drop $100 on a meal, I expect it arrive on time and be perfectly suited to my needs.

I've been experiencing this

[hansamurai]

I've been experiencing this for at least a week, exactly how the article described. I had no idea where to attribute the problem, thinking my router might be dying or something, but this is pretty clear now. I'm just glad that I'll be moving out of the Comcast area in the next few months. YAY!

Re:Are you serious?

[not_anne]

In the city I live in (Sacramento, CA) there four large cable companies: Charter, SureWest, Frontier, and Comcast. All four have franchise agreements with the city. There are a few smaller cable companies too, but I don't remember their names offhand.

Cable franchise agreements are controlled by the municipality, not the company. This agreement allows a company (under strict guidelines) to do business in the municipality. If your municipality chooses to allow only one cable company to do business there, blame the municipality for their crappy franchise agreement, not the cable company.

In the case of Sacramento, there's no monopoly, and so consumers have lots of choices for broadband internet, TV and phone services. Choice is good for everyone.

Re:Are you serious?

[Miseph]

Which makes it a "smaller city". In my experience, people from cities like Los Angeles or New York just assume that everyone else does too, and that if they don't they're a) some kind of freak and b) have all the same problems and options. I'm pretty sure that there are many, many /.ers out there who simply can't comprehend the fact that most Americans have absolutely no choice in who provides their broadband.

Re:Comcast: we hate our customers

[thrillseeker]

Comcast does not have common carrier status, nor do they want it.

Then it's an excellent opportunity then for some do gooder to bring a class action against them for not actively preventing access to illegal content - think of the children.

Maybe they want it after all.

Re:The methodology looks suspect

[hxnwix]

On a charter cable connection in St. Louis, I find that my download speeds are dependent on the upstream speed of the peer on the other side of the connection. When I grab stuff from good mirrors, I am accustomed to seeing a steady 6 megabits, regardless of time of day. To my knowledge, charter performs no shaping nor reset forgery.

So, essentially, comcast sucks so hard that they have to break their network to save it. They're fucked; find a new ISP.

Earthlink on Comcast cable resets

[SmoothTom]

I am an Earthlink high-speed subscriber with the "last mile" provided on Comcast Cable in the Seattle area.

I rarely notice any long-term "problems" but I and the folks running a particular website (a low volume one at that) have been working trying to find the reason I CONSTANTLY get repeated resets trying to access their site (hosted on Digital River, a local competitor...)

I don't get the resets on any other IPs, only others on Comcast get ANY, and the DR hosted site is NOT even seeing my requests.

It looks like I may just have found the "problem" and it may be Comcast blocking my access even though I am not THEIR customer directly.

Thing is, what in Hell can we do about it???

--Tomas

Re:Comcast: we hate our customers

[jmorris42]

> No, they have a monopoly and friendly government regulators.

Industries almost always end up with 'friendly government regulators.' Raise your objections to that truth all you want, they don't matter. Doesn't matter whether the regulators, current administration, general population, etc. is 'progressive' enough, etc. The industry being regulated has an intense interest and the general population doesn't. NO small band of activists can match the self interest of a powerful industry and there rarely much interest in regulating weak industries.

It is a basic limit of the power of government. It would be more productive to consider ways to constrain industries which do not suffer this defect. I won't speak the name of the most effective method, for it is a word of power and would cause much wailing in a crowd such as this.