ISPs Throttling BitTorrent Traffic, Study Finds

hypnosec writes "A new report by an open source internet measurement platform, Measurement Lab, sheds light onto throttling of and restriction on BitTorrent traffic by ISPs (Internet Service Providers) across the globe. The report by Measurement Lab reveals that hundreds of ISPs across the globe are involved in the throttling of peer-to-peer traffic, and specifically BitTorrent traffic. The Glasnost application run by the platform helps in detecting whether ISPs shape traffic. Tests can be carried out to check whether the throttling or blocking is carried out 'on email, HTTP or SSH transfer, Flash video, and P2P apps including BitTorrent, eMule and Gnutella.' Going by country, United States has actually seen a drop in throttling compared to what it was back in 2010. Throttling in the U.S. is worst for Cox at 6 per cent and best for Comcast, Verizon, AT&T and others at around 3 per cent. The United Kingdom is seeing a rise in traffic shaping and BT is the worst at 65 per cent. Virgin Media throttles around 22 per cent of the traffic while the least is O2 at 2 per cent. More figures can be found here."

Countermeasures

I've always wondered what it would be like to fight back against some of these throttling mechanisms. Since they rely on breaking tcp/ip (Actually forging packets between you and a third party) I think it would be fair game to poke back at some of these systems.

Since these are "carrier grade" monitoring and throttling solutions sold by "enterprise" software developers, we can safely assume that they're crap. I'm sure the developers think they're secure, since they're "invisible" passive monitoring/insertion systems. Why is this important? I bet you could crash any and all of pretty easily. I bet it will be as easy as generating some "interesting" traffic, then inserting lots of invalid/random garbage in fields/payloads that the throttling system might inspect.

This simple "technique" has been known to crash IDS/passive monitoring systems pretty much since they've been around. For whatever reason, nobody thinks that passive monitoring systems can be the targets of attack simply because they're "invisible" and don't respond to direct requests on the network being monitored.

If not outright crashing, you could attempt to bog down said throttling systems. It might not be hard to create a torrent client that generates a lot of noisy garbage that would cause an asymmetric load on said throttling system.

Re:I will use what I buy

[CheshireDragon]

Insurance companies?
I pay outrageous premiums then someone backs into my bumper and causes a small dent. I want this dent fixed so I call my insurance to file a claim and they pull a bitch fit because they have to pay 300$(US) for the dent. Then they demand I pay the 500$ deductible and my rates go up. SO, instead I say 'fuck off' to the insurance company and then pay the 300$ myself to get the dent fixed.




Shall I start in on the medical insurance?




How about the pharmaceutical companies?




How about the food industry?




Are you sure ISP are the only ones like this?

Re:Good

[kyrio]

Dear God, the above comment needs to get modded up to the max. It's no different from the morons who go on about population density in Canada being the reason for ancient speeds and horrible prices.

No, you dipshits, if that was the case, some of the provinces east of Ontario wouldn't have 100/100 connections in cities of 1000 people for less than $100/m. If "horrible" population density was really the case, Toronto, which contains 1/6th of the population of Canada in a tiny* city, would have unlimited, unfiltered transfer on gigabit connections to the home for less than $50/m. Yes, I know you can get 100Mbit connections in some parts of the west, and it costs a fortune too.

I throttle my own uploads anyhow

[Megane]

I limit my total upstream because performance really sucks if you use up more than about 85% or so of your upload speed. The reason is that ACKs will start to get dropped (unless you have a router with a good QoS algorithm). I set my limit to 20KB/sec (I have 6Mb down/~600Kb up, so that's about 33%), and just let it sit longer until I hit my ratio.

I wonder how many people think they're being throttled when actually they don't limit their upload speed and are completely fucking up their connection with lost ACKs and retransmits.