Slashdot Mirror

← Back to Stories (view on slashdot.org)

Comcast Blocks Web Browsing

Posted by CmdrTaco on from the because-they-can dept.

An anonymous reader writes "A team of researchers have found that Comcast has quietly rolled out a new traffic-shaping method, which is interfering with web browsers in addition to p2p traffic. The smoking gun that documents this behavior are network traces collected from Comcast subscribers Internet connections. This evidence shows Comcast is forging packets and blocking connection attempts from web browsers. One has to hope this isn't the congestion management system they are touting as no longer targeting BitTorrent, which they are deploying in reaction to the recent FCC investigations."

25 of 502 comments (clear)

  1. Throttling by CRCulver · · Score: 5, Interesting

    Throttling wouldn't be so bad if you could just opt out of it. The ISP providing my home Internet connection throttles your performance by default, but if you visit one their website, you can change the settings to unthrottled, and then upload and download gigabytes and gigabytes of music and films each both with no problem. The ISP figures most people aren't going to bother changing their settings, but the people who really love file-sharing are still free to do so.

    1. Re:Throttling by Anonymous Coward · · Score: 5, Insightful

      Why should you or anyone opt out? If they can't give you the bandwidth they promise you in your contract - they shouldn't have advertised it as such in the first place.

    2. Re:Throttling by value_added · · Score: 5, Informative

      Throttling wouldn't be so bad if you could just opt out of it.

      Indeed. If we were talking about throttling.

      Which we're not.

      If the article didn't make that clear, this wiki link might help.

    3. Re:Throttling by JustinOpinion · · Score: 5, Insightful

      The ISP providing my home Internet connection throttles your performance by default, but if you visit one their website, you can change the settings to unthrottled Wow... so you have to explicitly opt-in to receive the service that you paid for? You have to know about this throttling, visit a specific page, and flip a switch, in order to get non-degraded service. Is that even legal?

      The fact that ISPs are doing this is scary. The fact that customers accept it is also scary.

      The ISP figures most people aren't going to bother changing their settings, but the people who really love file-sharing are still free to do so. Which seems kind of strange. The "problem users" are those savvy ones who transmit tons of data, who are the same ones who will probably change this setting. What's the point in throttling the non-savvy users who just do light web-browsing anyway?
    4. Re:Throttling by noc007 · · Score: 5, Interesting

      No offense to you, but much offense intended towards all telcos, they shouldn't have squandered the $200,000,000,000 they made from the 1996 Telecommunications Act that was intended to bring FTTH. Be livid; Google one of the following:
      "$200 billion" telecommunications scandal
      "$200 billion" telecommunications rip-off

    5. Re:Throttling by danielsfca2 · · Score: 5, Insightful

      Thank you for pointing that out.

      They love to moan (especially ATT) about how they can't afford fiber, when the truth is they are too busy rubbing our billions of tax dollars all over their fat sweaty bodies.

      "We already got paid, why should we invest in infrastructure?"

      We need either a carrot or a stick for the telcos in this damn country. The carrot would have been making them ACTUALLY DO FTTH before giving them a big fat check. The stick would be forcing them to make good on it now or else face criminal charges of defrauding the US public, and/or fining them $200Bn.

      Instead, we've chosen neither--to let them do whatever the hell they want, forever, with no consequences.

    6. Re:Throttling by Fulcrum+of+Evil · · Score: 5, Insightful

      So the $200 billion was the *corporation's* money, not taxpayer money, and it was spent to upgrade

      No, since it was a tax break, it was taxpayer money. The fact that it stayed in the corporation's bucket instead of making a trip to the feds nad back again is irrelevant.

      It would be dishonest of me to sit here and say the corporations have not done a damn thing since 1996.

      Mostly, they've consolidated their position and worked to make competition impractical, preferrably illegal. Screw them - build FTTH, revoke their last mile right of way, and make them rent the service like anyone else who wants to.

      --
      "We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
  2. Damn... by Starturtle · · Score: 5, Funny

    ...I wanted to have First Post but I had to find an available proxy to get through my ISP's traffic shaping technology

  3. UK ISPs do this all the time by Anonymous Coward · · Score: 5, Informative

    Eclipse in the UK, since taken over by Kingston Communications, will packet shape you so hard, that even if only downloading a linux iso from p2p at 33kbps,they will disrupt all your connections, such that web browsing becomes a pre broadband experience. Don't use p2p and all plays nice again.

    so nothing new in this here in the UK

  4. Thankyou Comcast. by Anonymous Coward · · Score: 5, Insightful

    When ISPs were just targetting the minority of users who use P2P (and then under the excuse of stopping piracy/ thinking of the children/ protecting us from terrrists) there would never be enough backlash from their users to stop this kind of abuse.

    However if they start screwing with http, then suddenly every Joe Sixpack will be up in arms about traffic shaping, and maybe the pressure will be sufficient to actually bring about some change.

    My sincere thanks, Comcast, for bringing this issue into the mainstream.

  5. Let me be the first to say by rmdir+-r+* · · Score: 5, Funny

    NOT COMCASTIC

  6. Read the featured article by AndGodSed · · Score: 5, Informative

    1. It is a darn good read. Concise, short and to the point.
    2. They are using firefox.
    3. The Slashdot headline is not completely accurate.

    The /. headline had me thinking one thing - but reading the article clarified my one knee jerk reaction: "You cannot browse the web - at all!?"

    Reading the article I got the idea that is not exactly the case...

    --

    Seven Days with Ubuntu Unity

    1. Re:Read the featured article by Lyrael · · Score: 5, Funny

      Ah, you must be new here. All *I* got from reading the /. headline was 'Comcast are evil, fire insults at will.'

  7. Re:Are you serious? by j_166 · · Score: 5, Insightful

    "Are they a de facto monopoly?"

    In my town they are. Oh, excuse me. They are "Franchised" by the township. Huge difference, apparently. Not in practice though.

  8. Cancel by Badbone · · Score: 5, Interesting
    Im tired of Comcast pulling stunts like this too. So today I did something about it. I cancelled my Comcast service. Completely cancelled. And when I called to cancel, I let them know exactly why.

    Granted, the person on the other end of the phone doesnt know or care about such issues as net neutrality. But she did ask why I was cancelling, and she did type in my response. So hopefully someone down the line will read it. But even if they dont, at least I know that my money will not be going to a company I despise.

    --
    It can be go tiem now plees?
  9. How is this a bad thing? by KingSkippus · · Score: 5, Insightful

    We synthetically generated TCP SYN packets at a rate of 100 SYN packets per second using the hping utility...In this section, we present our network traces that show the network behavior while the TCP SYN packets are being sent. All traces were collected during peak usage hours (7-9pm local time).

    Okay, I'm not specifically a network engineer, but I like to think that I'm not network stupid. To me, this would sound suspiciously like someone trying to perform a denial of service attack.

    Now, I can understand being irritated at forged packets coming back as a result, but at the same time, isn't it reasonable to expect Comcast to do something to shut down connections coming from this host? Frankly, I'm a little surprised that Comcast didn't shut off the connection altogether.

    Am I missing something?

  10. You CAN opt out by Anonymous Coward · · Score: 5, Funny

    Just use gopher.

  11. comcast charges for opting out by poptart · · Score: 5, Informative

    This is a bit off-topic, but it does have to do with comcast.

    Last month I called comcast to tell them I did not want to be called, mailed, or emailed by them or any of their 'partners'. I called in response to a mailing from comcast that provided a phone number for opting out. FWIW, I have been receiving junk mail (post and electronic) from comcast encouraging me to get internet service from them, despite the fact that I have been a comcast internet customer since it was RCN.

    Yesterday I received my monthly comcast bill, and on the bill was a $1.99 charge for "change of service". I called comcast, since I recalled making no changes to my service in the past decade. The telephone operator said "that charge is for when you called to opt-out of the comcast and partner mailings". She quickly followed with "we can remove that charge with a credit to your next statement".

    Sigh.

    $1.99 is not much, and almost not worth the time calling about it. But the attitudes and practices behind the fee are what get my goat.

  12. Re:Are you serious? by LoudNoiseElitist · · Score: 5, Informative

    I find it interesting that more people don't realize this. I'm tired of getting "USE SOMEONE ELSE" every time this issue comes up, and people simply do not realize that MANY smaller cities are literally stuck with Comcast until sometime towards the end of the second coming. It was great when it was the only way my city could even get cable 30 years ago, but now it's a mess, and Comcast is raping us for it.

  13. Re:FIOS availability by sYkSh0n3 · · Score: 5, Funny

    Sound like me. My housing arrangements have been based around broadband availability since i moved out on my own. I probably have it as a slightly higher priority than is reasonable though.

    "Oh, I can get 50MB/s broadband here? Of course I'd love to live under this bridge...on the train tracks....next to the paper mill...downwind of the sewage treatment plant."

  14. Re:Are you serious? by 99BottlesOfBeerInMyF · · Score: 5, Informative

    How come they still have customers?

    Their service is terrible and unreliable and they treat their customers like shit. This makes them a slightly better option than the local phone company.

    Are they a de facto monopoly?

    No. They are part of a government enforced duopoly. In most locations in the US only three companies have the legal right to use the right of ways that allow them to connect a line to your house. These companies are given an exclusive contract in most cases. They are:

    • The local power distribution monopoly. (Usually they stick to power but in a few cases they've started to roll out internet access over the power lines. The absurdity of such a plan speaks to how terrible the other options for internet in the U.S. are.
    • The local Cable company - provides cable TV and has expanded to internet access and phone service. In many places they are the only option for high speed internet. Right now I'm paying about $50/month for internet access from them and it comes with "free" cable TV. Of course it isn't free. In fact, internet without cable TV costs $60/month from them.
    • The local phone company - they have less coverage and the cheapest high speed DSL line I can get from them is $80 and comes with "free" local phone use. The phone company is the longest standing antitrust abuser and they treat all their customers like crap. Besides being more expensive they want you to give them all your personal information on a web form, just to see if they will provide service in your area. When I tried it, the Web form was broken and only worked in IE for Windows. Calling one the phone got me 20 minutes of muzac and then transferred to several people before anyone knew what DSL was.

    In short, internet access options in most of the US sucks. We've already paid more per person in tax subsidies to the network providers than many other countries. Sweden, for example has slightly less population density and had a huge embezzling scandal in their national internet drive. They paid half as much per person as people in the US, have on average ten times faster connections, better uptime, and pay about half as much per month as US citizens.

    The phone companies and the cable companies have lobbyists who legally bribe our politicians with campaign contributions. As a result, the good of the people isn't even considered. It is just a battle of whether a given law will give money to the cable company or the phone company. Either way citizens get the shaft.

    Where are the class action lawsuits...

    There are numerous ones making their slow progress through the courts, usually to end in a private settlement. One might actually go through sometime this decade, but the politicians has also been working on passing laws to grant retroactive immunity to network operators for malicious, illegal abuses under the guise of national security. There is little hope.

    ...and the antitrust regulations then?

    The antitrust regulators are appointed by the executive branch. Both candidate's parties in the last two elections received huge donations from hundreds of private companies and for some reason antitrust regulators i the US show little or no interest in prosecuting even blatant antitrust abuses. (In the case of Microsoft, they had already been convicted and the new appointees, changed the punishment from being broken up, to a small fine and a pat on the back.)

  15. Local routers defend agaist DOS attack by natoochtoniket · · Score: 5, Informative

    We synthetically generated TCP SYN packets at a rate of 100 SYN packets per second using the hping utility ... The IP Time to Live (TTL) field for these forged TCP RST packets is consistently set to 255

    So, when new connection requests are issued at the rate of 100 per second, the first router is resetting some of those requests.

    The application is issuing new connection requests at a prodigious rate. The router determines that this is beyond the capacity for the router, or perhaps beyond some limit imposed on that router by the internal network. Or, perhaps, it is beyond a rate parameter that is used to detect DOS attacks.

    When such a limit is exceeded, there are a few reasonable responses for the router to choose from: It can drop random packets; It can drop random SYN packets; it can drop packets from the attacking host; or it can NAK/RST some of those SYN packets. All of those are legitimate router responses. The reset packets are not "forged". They are legitimate responses in the protocol. The primitive operation is called a "provider disconnect indication".

    I don't see any problem in the protocol here. And, I don't see any problem in the router behavior. The router is just protecting itself and the network from overload conditions. By selecting to disconnect calls from a host that is using far more resource than other hosts, it is just protecting the other hosts from a DOS attack by that first host.

    The title of the summary should be "Local routers defend agaist DOS attack".

  16. How to truly beat comcast. by Anonymous Coward · · Score: 5, Informative

    I'm going to be an anonymous coward here because I don't want people emailing me and there is pending litigation that we have all but won. Waiting on settlement at this time.

    We sued comcast. What? How? Eh?!?

    Check your EULA that you signed when first getting service. If you are a business customer this REALLY affects you. Their "shaping" technology actually caused a shitload of false positives on a bunch of alarms. Our sent packets to security equipment wasn't always returned so we started to get a lot of "failure to connect". Well... a lot of what we manage are fall back systems that when they come online take over for other sites.

    Well... these different locations of hardware were not able to communicate correctly because they were identified as P2P. We use encrypted packets of random data to doubly ensure that it's authentic communication.

    This set off a chain of events as the shaping got worse and worse. Originally we thought it was our network code. We couldn't reproduce it and noticed our satellite connection didn't have this issue.

    Our amazing network engineers took 2 months to track down the issue and it was their shaping technology blocking or resetting our connections at almost a 90% success ratio. Now while we preferred having 24/7 connections to our equipment this was no longer possible unless we altered our code significantly.

    So we looked at our EULA and sure enough there was no mention of interception of data and packet shaping. In fact, our contract said they wouldn't do anything without notifying and getting our approval first.

    We sued. We won. Now we're waiting judgment for lost revenue, breaking of contract etc.

    I STRONGLY recommend every business out there who has remote equipment that does more than "ping" for responses and are having trouble to check your Agreement. Screw cancelling your subscription. Sue the pants off of them.

  17. Re:Comcast: we hate our customers by dkleinsc · · Score: 5, Insightful

    Does Comcast have a death wish? No, they have a monopoly and friendly government regulators.
    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  18. Re:FIOS availability by Anonymous Coward · · Score: 5, Informative

    http://www.dslreports.com/gmaps

    See the mash-ups menu for some FIOS info.